you are NOT supposed to typeam testing it on my 2.42...but i need help........
Whats CMD........sorry....I dont know that.................
and after this command
adb shell /data/local/tmp/fre3vo –debug*
I couldnt understand what to do next........................
sorry.......
am testing it on my 2.42...but i need help........
Whats CMD........sorry....I dont know that.................
and after this command
adb shell /data/local/tmp/fre3vo –debug*
I couldnt understand what to do next........................
sorry.......
adb shell /data/local/tmp/fre3vo –debug*I am trying my best to make the guide easier to follow. If you have any problems, there are alot of people who can help
adb shell /data/local/tmp/fre3vo –debug*
this was confusing some ppl, i was going to suggest it then you already changed it.. but now..
adb shell /data/local/tmp/fre3vo –debug /data/local/tmp/fre3vo -debug -start 10000000 -end 1FFFFFFF
what exactly did you type for that step?I JUST CANT UNDERSTAND..........i was following the guide
adb push fre3vo /data/local/tmp
adb push misc_version /data/local/tmp
adb shell chmod 777 /data/local/tmp/fre3vo
adb shell chmod 777 /data/local/tmp/misc_version
adb shell /data/local/tmp/fre3vo********* this is the step made me to wait
adb shell /data/local/tmp/misc_version
Approx how long does it take for each of the blind scans? I'm using the Ace toolkit and it's been sitting here:
613 KB/s (9796 bytes in 0.015s)
15 KB/s (15837 bytes in 1.000s)
fre3vo by #teamwin
Please wait...
Attempting to modify ro.secure property..
fb_fix_screeninfo:
....
... sync: 0
vmode: 0
Buffer offset: 00000000
Buffer size: 8192
For over 5 minutes....
Reboot your device, let it load up,
make sure debugging is enabled
and start from scratch
adb push fre3vo /data/local/tmp
adb push misc_version /data/local/tmp
adb shell chmod 777 /data/local/tmp/fre3vo
adb shell chmod 777 /data/local/tmp/misc_version
adb shell /data/local/tmp/fre3vo -debug -start FBB00000 -end FFFFFFFF
After the exploit is found, it may kill the adb process
disconnect your device, and plug it back in.
then continue...
adb shell /data/local/tmp/misc_version -s 1.32.405.6
adb reboot bootloader
note: I changed the hex address start since all but Volupia's device have found the exploit at either FBB6D400:C00, FBB6B00:1a00, or FBB80000:1000
The more addresses posted of a successful exploit can further decrease the target range thus speeding up the process.
Alternatively (If step 3 fails):
1. Open a command prompt (right click "Run as Administrator" is using Vista or W7) and locate the downgrade folder (type "CD C:\DHDDowngrade" minus the quotes in CMD)
2. Run the below commands (be sure to press enter after each line)
adb push fre3vo /data/local/tmp
adb shell chmod 777 /data/local/tmp/fre3vo
adb shell /data/local/tmp/fre3vo -debug -start FBB00000 -end FFFFFFFF
adb push fixsu.sh /data/local/tmp
adb push su /data/local/tmp
adb push busybox /data/local/tmp
adb shell chmod 777 /data/local/tmp/fixsu.sh
adb shell chmod 777 /data/local/tmp/su
adb shell chmod 777 /data/local/tmp/busybox
...ignore it
1. Format SDCard to FAT32
2. Download Goldcard Helper from Android Market
3. Open Goldcard Helper with the SDCard in the phone, and you will see the mmc2 reverse CID
Note: Do not use the Copy feature in the app as this will copy the wrong CID!
Alternate to the Goldcard helper app:
1. Open up a command prompt (Windows Key + R, type "CMD", press enter)
2. connect your phone as "charge only" and have usb debugging enabled
3. navigate the command prompt to the downgrade folder.
4. Type the following command:
5. Select and copy the cid
4. Go to http://psas.revskills.de/?q=goldcard
5. Enter your email address and the mmc2 reverse CID that is showing on the Goldcard Helper app then submit it
6. The img file will be emailed to you, download and save it somewhere you will remember
7. Download this hex editor - http://mh-nexus.de/en/downloads.php?product=HxD
8. Open HxD hex editor on your computer by right-clicking it and clicking 'Run as Administrator'
9. Mount your SD card to your computer, preferably using a card reader but you can use your phone as well
10. Go to 'Extra' menu > 'Open Disk'. Select Removable Disk (which should be your SD card) under Physical Disk (and NOT logical disk), uncheck 'Open as Readonly' and click OK
11. Go to the 'Extra' > 'Open Disk Image' and open the goldcard image downloaded in Step 6. . Select '512 (Hard disks/Floppy disks)' as the sector size when prompted and click OK
12. In the goldcard image tab, go to 'Edit' > 'Select All' and then 'Edit' >'Copy'
13. In the 'Removable Disk' tab, highlight offset (line) 00000000 to offset (line) 00000170 including the 00000170 line and go to 'Edit' menu > 'Paste Write'
14. Click 'File' > 'Save' and accept any warning that you get
Alternatively (If step 4 fails):
Run the below commands in CMD:
adb push misc_version /data/local/tmp
adb shell chmod 777 /data/local/tmp/misc_version
adb shell /data/local/tmp/misc_version -s 1.31.405.3
adb reboot bootloader
FAQs
Q. How do I run CMD?
A. Windows Vista and 7 users: Press Start, type CMD. You should see CMD sppear, right click and 'Run as Administrator'. Windows XP users: Press Start, Press 'Run', type CMD, then click OK.
Q. How do I enable USB Debugging?
A. On your Desire HD go to Settings -> Applications -> Development -> Enable USB Debugging
Q. Why do I keep getting CID error in bootloader?
A. This is most often a problem with your goldcard. First make sure you have created a goldcard using the guide at the top of this post. If you have created a goldcard, format the SDCard using FAT32 and try again making sure you have followed each step very carefully. Also, make sure you have the .bin file on your SDCard after doing the adb steps.
Q. When going into bootloader it says "no image or wrong image"
A. This message will be displayed when files it is looking for cannot be found. Leave it to continue and it will update. If it displays this message after searching for PD98IMG.zip, then the file is damaged or you do not have it on your SDCard.
Q. Do I have to disconnect the phone from the computer before booting into bootloader?
A. Yes....Simplez
Q. I have tried many times to create the goldcard, but continue to get errors.
A. This could be because you are continuously making mistakes, or your SDCard cannot be made into a goldcard, try another SDCard.
More will be added when needed
Hi,
I'm following the instructionc, my CMD seems to hang (already 20 minutes and counting...) Any idea? Already started over (emptied my SD card again and copied the ZIP file again)
p.s. I'm also on the latest 2.50.405.2
My computer is Windows 7 Enterprise (32 bit) and CMD is running as administator
THX
Looking good...
After running:
"apb shell" i'm getting the #
I guess it's rooted! Working great on my fully updated stock Desire HD (2.50.405.2)!
Could you please explain the latest steps?
Visit My thread here
Once 1.32 has finished installing, start at step 2 and run through the visionary method to root radio & eng s-off
then run the 2.36.405 ruu, install and run gingerbreak.
reboot, and you're fully rooted on gingerbread.