FORUMS
Remove All Ads from XDA

Sonim XP8 (Root?)

25 posts
Thanks Meter: 2
 
By ctradio, Junior Member on 7th October 2018, 02:36 AM
Post Reply Email Thread
13th June 2019, 12:47 AM |#11  
Junior Member
Flag Phoenix
Thanks Meter: 1
 
More
Firmware update soon.. ??
In May, I sent of another email to Sonim Tech support asking about firmware. I did get a response back. Granted it was rather vague, but it was an answer. Further granted, is is now mid June and no updates in sight including one that allows the viewing of PDF's. grrrr.

The support guy did mention that AT&T is going to be one of the first providers to get the update. That sucks for me because I got my unit direct. He also said the month of May was a non-official time frame.

So still waiting and no success story yet posted of anyone unlocking this little beastie.
16th June 2019, 07:05 AM |#12  
Member
Thanks Meter: 0
 
More
https://www.att.com/devicehowto/tuto...odel=XP8XP8800

No idea how to update manually, though...
17th June 2019, 07:57 PM |#13  
Junior Member
Thanks Meter: 1
 
More
Quote:
Originally Posted by Phuhque

In May, I sent of another email to Sonim Tech support asking about firmware. I did get a response back. Granted it was rather vague, but it was an answer. Further granted, is is now mid June and no updates in sight including one that allows the viewing of PDF's. grrrr.

The support guy did mention that AT&T is going to be one of the first providers to get the update. That sucks for me because I got my unit direct. He also said the month of May was a non-official time frame.

So still waiting and no success story yet posted of anyone unlocking this little beastie.

No idea how to update manually, though...[/QUOTE]

Thanks for the news , but no working to ATT from France , until in OTA .
Wait and see if dual sim working clean ....
18th June 2019, 07:01 AM |#14  
Member
Thanks Meter: 17
 
More
Has anyone seen this video? There's a part in the video where as the guy turns it on, and there is a prompt to re-lock the bootloader(which, of course, implies that the bootloader is unlocked); I don't know how this really helps, but it might give someone more experienced than I something to grab at. I should mention that it is mentioned as a pre-production model of the Sonim XP8, so it probably won't apply to models that most people have, but it's something to look at.
5th September 2019, 07:36 PM |#15  
Member
Thanks Meter: 0
 
More
Sonim XP8
I know that Verizon is now selling the Sonim XP8. Does anybody happen to know if it is possible to use both SIM card slots with this device after it is unlocked?

Being able to use BOTH AT&T AND Verizon would be a huge benefit to me.
15th October 2019, 10:06 PM |#16  
Junior Member
Flag Tyler tx
Thanks Meter: 0
 
More
is there any root yet ive tried about every root apps i cant even find working drivers for this phone
17th October 2019, 12:03 AM |#17  
Member
Thanks Meter: 3
 
More
Quote:
Originally Posted by Thecctech

is there any root yet ive tried about every root apps i cant even find working drivers for this phone

Drivers are not an issue.. It's using Qualcomm reference designs from the S660 dev kit where most generic Qualcomm drivers should work with minimal modification.

This is a good thing! Most of the root apps are using a collection of known exploits where only vulnerable devices would fall victim. You would have to use an exploit that's more recent then the security patch level installed but you also have to remember - if you can do it that easily then an attacker can do it just as easily too! I personally believe that the association between root and device/firmware level vulnerabilities is the reason why most see root in a negative context today.

As far as I'm concerned - we only have 2 "correct" ways to achieve root.
1. Obtain (or compile) either a Debug or Engineering firmware variant from AT&T that includes the native su packages for adb root. This is usually not an option for us individuals.
2. Unlock the bootloader and use a patched boot image.. Works great! To unlock the bootloader takes a bit of work though and flashing still requires EDL so with that I have not been able to make a public instruction set yet.

Could be in the next few days.. Could be in the next few months.. I'm honestly not sure. Mostly just a matter of collecting images, testing, and finding time.
The Following User Says Thank You to smokeyou For This Useful Post: [ View ] Gift smokeyou Ad-Free
19th October 2019, 02:23 AM |#18  
Member
Thanks Meter: 3
 
More
Enjoy!

XP8 Android Root Theory - Magisk over EDL
EDL is a must since Fastboot is not an option. I spent a bit of time getting it unlocked only to find their fastboot implementation kind of sucks anyways (likely by design) - commands failing randomly along with random reboots. That's ok though because I'm not sure how relevant locked bootloaders are in an EDL enabled world anyways. All is covered since Magisk works fine with AVB and we have EDL as a flashing alternative. Please see Android Boot Flow > LOCKED Devices with Custom Root of Trust for more information.

Works on 7.1.1 however 8 is recommended as Oreo takes full advantage of the A/B system layout allowing for additional restore capabilities.

Step 1 - Pull Boot.img
We need to pull the boot.img in order to feed it to magisk later for patching. It's also good to keep on hand for if/when you need to restore for any reason.
1. Create an XML file with the data below
Code:
<?xml version="1.0"?>
<data>
<program start_sector="262144" sparse="false" readbackverify="false" physical_partition_number="0" partofsingleimage="false" num_partition_sectors="131072" label="boot_a" filename="boot.img" file_sector_offset="0" SECTOR_SIZE_IN_BYTES="512"/>
</data>
2. Boot to EDL mode and load firehose programmer
Code:
QSaharaServer.exe -p \\.\COM<#> -s 13:prog_emmc_ufs_firehose_Sdm660_ddr.elf
3. Backup boot.img using the following command
Code:
fh_loader.exe  --convertprogram2read --port=\\.\COM<#> --sendxml=<xmlfile.xml> --lun=0  --memoryname=emmc --noprompt --reset
Or visit the XP8 carrier firmware thread for full system backup steps.
https://forum.xda-developers.com/sho...45&postcount=6

Step 2 - Magisk Patch
1. ADB push boot.img /storage/self/primary/Download/
2. Install Magisk Manager and apply patch to boot.img
2a. Download from https://forum.xda-developers.com/app...mless-t3473445
2b. Extract and run adb install magisk.apk
2c. Open Magisk app and apply patch to boot.img
3. ADB pull /storage/self/primary/Download/magisk_patched.img

Step 3 - Restore
1. Change the filename attribute in the XML to reflect newly created magisk_patched.img as shown below
Code:
<?xml version="1.0"?>
<data>
<program start_sector="262144" sparse="false" readbackverify="false" physical_partition_number="0" partofsingleimage="false" num_partition_sectors="131072" label="boot_a" filename="magisk_patched.img" file_sector_offset="0" SECTOR_SIZE_IN_BYTES="512"/>
</data>
2. Boot back into EDL mode and load firehose programmer
Code:
QSaharaServer.exe -p \\.\COM<#> -s 13:prog_emmc_ufs_firehose_Sdm660_ddr.elf
3. Apply magisk_patched.img using the following command
Code:
fh_loader.exe --port=\\.\COM<#> --sendxml=<xmlfile.xml> --lun=0  --memoryname=emmc --noprompt --reset
Disclaimer
-Devices with locked bootloaders will display a custom OS warning at boot
-Tested on AT&T branded devices only - please provide system dump for validation on other builds
-I have not identified any JTAG procedures and I can not help if you hard brick your device!
-This guide only touches boot_a and should be relatively safe since boot_b remains unmodified. I'm pretty sure this is enough to restore the original boot.img to boot_a under a failure scenario.. But I'm not really qualified enough to say definitively either.
-Take great caution - this is raw emmc access and critical system data! You are proceeding at your own risk!

Factory Images and OTA Files
Full 8.1 System Image
XP8_ATT_USER_8A.0.5-11-8.1.0-10.54.00
OTA Updates
XP8_ATT_USER_N10.01.75-O10.49.00
XP8_ATT_USER_O10.49.00-O10.54.00

Flash tools here - programmer (elf) file provided by eleotk!

Automatic OTA without AT&T service:
Purchase a blank AT&T SIM card ($5)
Start online prepaid activation - complete pages 1 & 2
**SIM Card is now partially active without funding - do not complete page 3 (payment)***
*#*#368378#*#* > Clear UI > Check for updates in settings

XP5s
Sprint Image: XP5SA.0.2-03-7.1.2-29.03.00
Works the same. Tested with unmodified Sprint firmware. Like most other apps, the Magisk manager app is unusable since the XP5s has no touch screen - I had to patch the boot image on another device. You can plug in a USB mouse however the cursor does not seem to invoke in-app tap's.

Need to use the appropriate Firehose loader (prog_emmc_firehose_8920.mbn) and replace the boot image location according to the XP5s GPT (start_sector="790528").
The Following User Says Thank You to smokeyou For This Useful Post: [ View ] Gift smokeyou Ad-Free
20th October 2019, 12:46 AM |#19  
Member
Thanks Meter: 2
 
More
Great, thanks alot for instructions, @smokeyou!

In order to be able to boot into patched boot image, does it require to have unlocked bootloader? Assuming I can upgrade my phone to build 8A.0.5-10-8.1.0-10.49.00, but have my bootloader locked, can I still use your instructions? Can you clarify it?
-albertr
The Following User Says Thank You to albert.r For This Useful Post: [ View ] Gift albert.r Ad-Free
20th October 2019, 03:15 AM |#20  
Member
Thanks Meter: 3
 
More
Quote:
Originally Posted by albert.r

Great, thanks alot for instructions, @smokeyou!

In order to be able to boot into patched boot image, does it require to have unlocked bootloader? Assuming I can upgrade my phone to build 8A.0.5-10-8.1.0-10.49.00, but have my bootloader locked, can I still use your instructions? Can you clarify it?
-albertr

Untested but should not be a problem. Bootloader unlocking only allows Fastboot flashing where this method uses EDL only.

Basically the same outcome though just without the option to use TWRP or custom recovery (easily).
The Following User Says Thank You to smokeyou For This Useful Post: [ View ] Gift smokeyou Ad-Free
22nd October 2019, 12:42 AM |#21  
Junior Member
Flag Tyler tx
Thanks Meter: 0
 
More
Well good to know well I have to wait as I'm not brave enough to embark I wish I can just pay someone to root it
Post Reply Subscribe to Thread

Tags
sonim-xp8

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes