Need help rooting coolpad legacy 3705A. Can't find any info anywhere.
- Thread starter djdruin
- Start date
Just a reminder as a new update for mPCS was pushed today, Do NOT update. This will update your devices security patch to August(even though it's October, really Metro? Can't even give up to date SecPatches?). I'm not 100% sure it's August just going by the build date of the file. It's most likely not android 10 as it's only 335.6MB.
Ok, so I've done a little research and digging around and I found a couple large stashes of firehose files. One of them has quite a large collection of 8953 programmer files. Among those I came across one named prog_emmc_ddr_debug_8953_mmx.mbn and it seems to actually boot but once booted it wont list any partitions or work like we want it to probably because its not necessarily for this particular device. Long story short, it seems to partially work and the board listing for msm8953 isn't entirely incorrect apparently. I still have like 12 or so other variants of the 8953 firehose to test but I thought this was someone interesting and hoped maybe someone else with more knowledge on firehose files had some insight as to why it partially works. Information on this device is sparse to say the least but hopefully this is something we can work with. Any insight on this would be greatly appreciated! I'm linking the firehose in question so that someone else can help figure this out. Thanks!
Edit: I dont have enough posts on the forum to link yet so PM for a google drive link for prog_emmc_ddr_debug_8953_mmx.mbn.
Anyone notice it doesn't come with a stock recovery?
Um.. not trying to be a n00b but has anyone tried to use the hardware keys to boot into recovery mode? Or even say using the ADB command to reboot recovery? Notice anything odd about the android logo and no other details or info what so ever. I would like to have root on the device, sure but i'd love to get a Recovery.img installed onto the device first and foremost. Unless there is a thread on XDA that i've missed due to wording the thread wrong or using a different information on the device. And just a small bit of reading their fine print. The CoolPad is owned by a company named: Yulong
So, since they really don't have much in software or even a footprint in the mobile phone game to be recognized as a brand to be listed on any site that i know of even by their mother company. I tried to look for a basic recovery that was made for Android P devices in general but i guess that would be the ideal method for the request.
Um.. not trying to be a n00b but has anyone tried to use the hardware keys to boot into recovery mode? Or even say using the ADB command to reboot recovery? Notice anything odd about the android logo and no other details or info what so ever. I would like to have root on the device, sure but i'd love to get a Recovery.img installed onto the device first and foremost. Unless there is a thread on XDA that i've missed due to wording the thread wrong or using a different information on the device. And just a small bit of reading their fine print. The CoolPad is owned by a company named: Yulong
So, since they really don't have much in software or even a footprint in the mobile phone game to be recognized as a brand to be listed on any site that i know of even by their mother company. I tried to look for a basic recovery that was made for Android P devices in general but i guess that would be the ideal method for the request.
It nagged me for about a week and now it's gone, they must have pulled it.
Send me a pm and I'll look into it.
It's stock recovery it's just a strange thing with Android pie. My Nexus 6P would also do it sometimes, and a couple Samsung phones I've had e.g note 8, or j7 also do this. Recovery is there though.
Coolpad has been around awhile, I had the Coolpad Quattro back in the day when that was a giant screen phone. They're a small company and they're terrible at QC because this ROM in riddled with bugs, none that are useful just frustrating.
Waiting on exploits. Any time you hear Android zero-day in the news would be a good time to check back
Unfortunately even though we're on a couple month old sec patch were there's only 2 notable exploits, neither of which were vulnerable to.
Tip: if you set the minimum width in developer settings to 600 you get the phablet UI in some apps. And this includes the desktop UI for chrome. Although it does make things small so if you don't have great eyes this may not be viable, and the gboard layout takes some getting used to.
Just got this phone today haven't done any updates jw if root is available yet? Seems like people are working on it but no luck so far anyway I could be of help I've rooted my fair share of devices
Not sure if anyone has found this or not but I got it into fastboot. U have to enter it through stock recovery. I believe it second to last option under locale. Computer is broke down so can't try now if anyone else does, plz let us all know if it works thanks......
Fastboot is accessible but refuses all useful commands, OEM unlock switch literally does nothing. As this is on pie, and has dm-verity enabled, the best way to go about doing this to find a CvE that we're vulnerable too. However since this phones secpatch is only a coulple months old, there have only been 2 worthy exploits, but we are not vulnerable to them. In order to root it before a zero-day exploit would to be able to find a zero-day on the device itself, which I don't have the expertise nor patience for.
What methods are you trying I just got this phone yesterday and I don't Wana waste time trying stuff ppl have tried and confirmed doesn't work
+ First, I tried all the generic one click crap(KingRoot, Kingo, Etc.) as always since it's a Chinese phone.
+ Tried a few gray area tools like MiracleThunder, Uni-Android tool and such, come up empty handed.
+ I've tried every firehose from similar hardware available and they all seem to be fruitless ruling out EDL mode.
+ Fastboot is available but actively refuses commands.
+ OEM Unlock is a dummy toggle.
+ Hidden activity for "The Factory Upgrade" I haven't looked so much into, as like recovery it's probably looking for a signed zip.
+ CVE-2019-2215 and CVE-2019-10529 are dead ends, seems the kernel was patched correctly. Any older exploits e.g Dirty Cow variants outright fail as it has kernel 4.9+
Other notes: The ROM is buggy as hell, so they messed up somewhere I just haven't found it yet.
Last edited:
I really appreciate everything you guys are doing. This phone is my daily driver and the glitches drive me crazy! Can't wait for root/customer recovery.
Hummm u thought of everything and then a few things I thought of before reading this been playing with it a little oem unlock being dummy toggle is a boost Mobile thing my Stylo 3 had same issue and zte warp 7 if I remember the model name right idk how boost does it but they take something out to make it dummy toggle cuz with Stylo for example the metro pcs version that toggle works I did a little digging on that part also has anyone tried getting into recovery I did and couldn't get any menus to come up no matter what I tried I was half awake but none the less I was also wondering about if it would be possible to push root via abd or something in that way? if all this is dumb then I guess just just ignore it I'm just throwing ideas out atm not too sure where to start to try to get root on this phone
Last edited:
Metro is trying to push updates again. The numbers in the filename are the same. So I think it's the same one they tried to push last time. I still advise against it. The older the sec patch the greater a chance we have of getting in.
---------- Post added at 01:46 PM ---------- Previous post was at 01:39 PM ----------
It's a button combo, I don't re!ember which I just use adb to reboot recovery, to get past the excliandroid into the recovery menus but adb is disabled other than sideload which still checks for the signature.
---------- Post added at 01:46 PM ---------- Previous post was at 01:39 PM ----------
It's a button combo, I don't re!ember which I just use adb to reboot recovery, to get past the excliandroid into the recovery menus but adb is disabled other than sideload which still checks for the signature.
This might be the wrong place to post, but couldn't find too much info elsewhere, so, any way to skip by activation? My phone was working fine on wifi, (never intend to get service) then applied an update, and now gives me continuous activation screen and will not allow me to get onto wifi any longer. Any help would be greatly appreciated!
Sent from my SM-N960U using Tapatalk
Sent from my SM-N960U using Tapatalk
Similar threads
Top Liked Posts
-
There are no posts matching your filters.
-
5
Well let's see you do something there buddy, obviously you're the expert on the subject.
Cracking enterprise level security isn't just clicking a button. and you ain't paying me. I have a stack of phones and other devices to work on and other more pressing things to do with my life. So, kindly, take your opinion and shove it, root will be released when it's released.4
+ First, I tried all the generic one click crap(KingRoot, Kingo, Etc.) as always since it's a Chinese phone.
+ Tried a few gray area tools like MiracleThunder, Uni-Android tool and such, come up empty handed.
+ I've tried every firehose from similar hardware available and they all seem to be fruitless ruling out EDL mode.
+ Fastboot is available but actively refuses commands.
+ OEM Unlock is a dummy toggle.
+ Hidden activity for "The Factory Upgrade" I haven't looked so much into, as like recovery it's probably looking for a signed zip.
+ CVE-2019-2215 and CVE-2019-10529 are dead ends, seems the kernel was patched correctly. Any older exploits e.g Dirty Cow variants outright fail as it has kernel 4.9+
Other notes: The ROM is buggy as hell, so they messed up somewhere I just haven't found it yet.32Picked up one of these today, we just started working on it a few minutes ago, I'll post the method once done. This could be hours, days, months, who knows, We do have fastboot and the Coolpad Kit from elsewhere on the forums so it shouldn't be hard. But we are working on it.
