[GUIDE] root, unlock, kk and flash back to jb [READ OP!!!]

Status
Not open for further replies.
Search This thread
By:
Advanced…
bweN diorD

bweN diorD

Senior Member
Jun 12, 2011
3,820
2,140
************WARNING*************
this guide only works completely if you did NOT take the 183.46.15 update rolling out around 9/9/14
LOOK AT YOUR SYSTEM VERSION AND MAKE SURE YOU ARE NOT ON 183.46.14or15 BEFORE POSTING, if you are, THE BOOTLOADER UNLOCK AND ROOT WONT WORK, PERIOD, END OF DISCUSSION.
YOU HOSED YOURSELF BY NOT DOING THIS BEFORE UPDATING, THE TOOLS ARE NOT BROKEN.

if you are already unlocked, the relevant parts of this guide will still work as described.


So, you have a Droid Razr Maxx HD or HD, xt926, and want to root, unlock the bootloader, and go back to JB, possibly.
Well this is the guide for you!

***you should backup data before any flash or mod
***the current condition of your phone is irrelevant (root etc). the script will flash from any version, to KK (data wipe option recommended)


first, you need to be on KitKat to root and unlock the bootloader,
if you are not, flash version 1.4 or 1.41 of this in fastboot.
moto drivers if you need them.
to get into fastboot, power off the phone, hold both volume buttons and power until the pre-boot menu comes up then release and choose "fastboot"
alternatively, you can use @SamuriHL's method if that strikes your fancy.
(PLEASE DONT ASK QUESTIONS ABOUT @SamuriHL'S SCRIPT HERE, use his forum.)

after booted etc, put this app, this app, and SU zip on your storage or sd card.

open the "tr" app and follow the directions to root your phone.
when complete and rebooted,
open the Motopocalypse app and follow the directions to unlock your bootloader.
when complete and rebooted,
we are going to need a custom recovery (just because they are great :))
go here or here to get the only recovery compatible with KK (they are also in a sub folder of the flash tool)
to flash these per the op's instructions, you will need adb and fastboot.
if you don't have it installed,
open the directory from my flash tool posted above, hold shift, right click, and choose "open command prompt here". this will use the adb and fasboot in my script to install the recovery, using the commands in @dhacker29's op. just make sure you moved the recoveries out of the sub folder and into the main one, or it will fail.
here is a more complete step by step i made for another user. just change the file name if you are flashing twrp.
if you aren't comfortable using the commands to install the new recovery, alternatively, you can put the recovery on your storage and use Flashify to install it.

after flashing your new recovery, (3 button trick from above, and select "recovery")
boot back into recovery, and flash the SU zip from above. this will give you a properly working root (towel is great but has some faults)

now you have a fully functional razr hd or maxx hd with root and an unlocked bootloader on KitKat.

for those of you who just wanted to unlock and want to go back to JB, or just want to go back to JB for any reason after unlocking.
flash this in rsd (many tutorials on how to use RSD can be found on Google)
i already edited the stock file so you dont have to do it :)

now you want root again?
now that you are unlocked, forget all of those old exploits, (yes, they still work if you choose to use them) from now on, you can just install a custom recovery and flash the SU zip i gave you in recovery.


i hope this helps you, i will be updating it as needed.
 
Last edited:
  • Like
Reactions: yoshkapundrick, adelson.reis, tvlovers and 18 others
M

muppetsuppet

New member
Jun 29, 2014
2
0
I'm completely new to unrooting and unlocking, so, please bear with me. When kitkat came out, my battery life suffered, and I learned about this exploit, I decided it was time to learn how to unroot and unlock so I could go back to jellybean.

Long story short, I gained root access, unlocked the bootloader, and got status code 3. Last night, I downloaded RSD Lite, booted into fastboot AP mode, and I must have missed a step or screwed something up, because I got the following errors:

--RSD lite said: "3/23 flash partition "gpt_main0.bin" -> Phone returned FAIL".
--The phone's flashboot screen says: "flash failure, usb connected, downgraded security version, update gpt_main version failed, preflash validation failed for GPT."

My phone was stuck in fashbot ap mode for a little while, and I could not restore the recovery img file I had saved with flashify, because it was no longer in the sd card directory. Not sure what's going on there, but whatever. Fortunately, I was able to wipe all data, and reboot into normal mode after holding all three buttons, but it was pretty scary for a while. Now, however, if I power off now, the only way I can get the phone to reboot properly is using the three button method. If I try to power on normally, I just get the flashboot AP screen, and a flash failure.

As I read through everything again and again, I think that perhaps I skipped the adb step, though rsd still went through its motions. I initially tried to pull the zip/rar file thru flashify, but flashify gave me an error and wouldn't work with it.

All this being said, wondering if anyone advise a best course of action at this point? Can I just go back to the adb step and use rsd again? Or, should I somehow flash a recovery back to kitkat and start over, even though my copy apparently went kaput? I could possibly grab a flashify file from my wife's phone, which is also the XT907, but not sure if it really works that way...Sort of nervous about tinkering further since I'm so new to this and apparently have a lot to learn. Alternately, I could try house of moto.

Thank you!
 
SamuriHL

SamuriHL

Senior Member
Aug 5, 2010
3,418
2,200
You can't downgrade the GPT or TZ partitions. That's why my RSD Script Generator and House of Moto utils create a UNIVERSAL script for downgrading. It skips those partitions.
 
  • Like
Reactions: bweN diorD
M

muppetsuppet

New member
Jun 29, 2014
2
0
SamuriHL said:
You can't downgrade the GPT or TZ partitions. That's why my RSD Script Generator and House of Moto utils create a UNIVERSAL script for downgrading. It skips those partitions.
Click to expand...
Click to collapse

I think I get the jist of what you're saying, and while I understand what a partition is, I'm not sure what a GPT or TZ partition is, specifically. Regardless, it sounds like you're saying the best course of action now is to go the RSD script generator route?

My goal is just to get back to a stable OS, and eventually downgrade to JB, version 98.18.94.XT907, as any other version sent my phone into involuntary power offs. Whether that means I install KK first then go down, or go straight to JB doesn't matter too much.

Would another option be to use my wife's flashify recovery? We have the same phones...
 
SamuriHL

SamuriHL

Senior Member
Aug 5, 2010
3,418
2,200
No, you can't flash things from other phones. So we can just drop that idea.

Yes, my RSD Script Generator is the quickest way. Use it with the 9.30.1 FXZ (what you're calling 9.18.94 as they are the same version, but, the FXZ is 9.30.1), then flash the UNIVERSAL script that's generated with RSD. Done, and on JB as you wish.
 
  • Like
Reactions: Trebuchette and bweN diorD
M

ModernZombie

New member
Nov 14, 2011
4
0
Issues with script

I am having trouble with the rooting script. I am running into the error 'Preflash validation failed' in the Dan Rosenberg script, and then trying to boot the phone takes me to AP Fastboot with 'No valid PIV block in SP for system / piv validation failed (system)'.

My guess is that this is because I casually downloaded the 1.4 version of the script instead of the 1.41, so maybe that utility will work better. I will update this thread as I continue to troubleshoot.

---------- Post added at 07:05 PM ---------- Previous post was at 06:59 PM ----------
ModernZombie said:
I am having trouble with the rooting script. I am running into the error 'Preflash validation failed' in the Dan Rosenberg script, and then trying to boot the phone takes me to AP Fastboot with 'No valid PIV block in SP for system / piv validation failed (system)'.

My guess is that this is because I casually downloaded the 1.4 version of the script instead of the 1.41, so maybe that utility will work better. I will update this thread as I continue to troubleshoot.
Click to expand...
Click to collapse


When I run the script it seems to enter a loop where it runs 'writing system' and 'sending system' again and again...

---------- Post added at 07:09 PM ---------- Previous post was at 07:05 PM ----------
ModernZombie said:
I am having trouble with the rooting script. I am running into the error 'Preflash validation failed' in the Dan Rosenberg script, and then trying to boot the phone takes me to AP Fastboot with 'No valid PIV block in SP for system / piv validation failed (system)'.

My guess is that this is because I casually downloaded the 1.4 version of the script instead of the 1.41, so maybe that utility will work better. I will update this thread as I continue to troubleshoot.

---------- Post added at 07:05 PM ---------- Previous post was at 06:59 PM ----------




When I run the script it seems to enter a loop where it runs 'writing system' and 'sending system' again and again...
Click to expand...
Click to collapse

Nevertheless the script seems to have succeeded and my booting issues are over. Using the 1.41 version of the script fixed my issue. Hopefully that helps someone who has the same problem that I did.
 
SamuriHL

SamuriHL

Senior Member
Aug 5, 2010
3,418
2,200
I'm glad you were able to use Bwen Diord's updated util to fix it. Goes to show you should always make sure to use the latest version of whatever util you're using. :)
 
  • Like
Reactions: bweN diorD
bweN diorD

bweN diorD

Senior Member
Jun 12, 2011
3,820
2,140
SamuriHL said:
You can't downgrade the GPT or TZ partitions. That's why my RSD Script Generator and House of Moto utils create a UNIVERSAL script for downgrading. It skips those partitions.
Click to expand...
Click to collapse

see what happens when i take a 3 hour drive to NJ lol i missed all the fun.
i did edit that file, i must have missed a line, ill fix it right away.
 
bweN diorD

bweN diorD

Senior Member
Jun 12, 2011
3,820
2,140
ModernZombie said:
I am having trouble with the rooting script. I am running into the error 'Preflash validation failed' in the Dan Rosenberg script, and then trying to boot the phone takes me to AP Fastboot with 'No valid PIV block in SP for system / piv validation failed (system)'.

My guess is that this is because I casually downloaded the 1.4 version of the script instead of the 1.41, so maybe that utility will work better. I will update this thread as I continue to troubleshoot.

---------- Post added at 07:05 PM ---------- Previous post was at 06:59 PM ----------




When I run the script it seems to enter a loop where it runs 'writing system' and 'sending system' again and again...

---------- Post added at 07:09 PM ---------- Previous post was at 07:05 PM ----------



Nevertheless the script seems to have succeeded and my booting issues are over. Using the 1.41 version of the script fixed my issue. Hopefully that helps someone who has the same problem that I did.
Click to expand...
Click to collapse

it is supposed to write the system over and over and over, it breaks it down into small blocks and send then writes a little at a time.
thats how it is supposed to work.
 
bweN diorD

bweN diorD

Senior Member
Jun 12, 2011
3,820
2,140
he must not have used my file

Code: 
<?xml version="1.0"?>
<flashing>
  <header>
    <phone_model model="VANQUISH_CFC_IFLASH" />
    <software_version version="vanquish_vzw-user 4.1.2 9.8.1Q-94-1 57 release-keysVANQUISH_BP_100730.151.64.17P" />
    <interfaces>
      <interface name="AP" />
    </interfaces>
  </header>
  <steps interface="AP">
    <step operation="flash" partition="sbl1" filename="sbl1.mbn" MD5="BB624DBDA3BE7B433AFC4D0123B33491" />
    <step operation="flash" partition="sbl2" filename="sbl2.mbn" MD5="68CB15F37E13BBD8277EB3429FCC871D" />
    <step operation="flash" partition="sbl3" filename="sbl3.mbn" MD5="86C984B56AE4EE83AB0AE2B7525CCF1E" />
    <step operation="flash" partition="rpm" filename="rpm.mbn" MD5="0C3F4FF07D3B5037E17B8EFE5F4C66EE" />
    <step operation="flash" partition="aboot" filename="emmc_appsboot.mbn" MD5="F9F828A07EFF5ACA78C51E60EC6A0391" />
    <step operation="reboot-bootloader" />
    <step operation="flash" partition="sbl1" filename="sbl1.mbn" MD5="BB624DBDA3BE7B433AFC4D0123B33491" />
    <step operation="flash" partition="sbl2" filename="sbl2.mbn" MD5="68CB15F37E13BBD8277EB3429FCC871D" />
    <step operation="flash" partition="sbl3" filename="sbl3.mbn" MD5="86C984B56AE4EE83AB0AE2B7525CCF1E" />
    <step operation="flash" partition="rpm" filename="rpm.mbn" MD5="0C3F4FF07D3B5037E17B8EFE5F4C66EE" />
    <step operation="flash" partition="aboot" filename="emmc_appsboot.mbn" MD5="F9F828A07EFF5ACA78C51E60EC6A0391" />
    <step operation="flash" partition="boot" filename="boot.img" MD5="70A4C7CC93E3C2CBC37B6DAA6BDA2E74" />
    <step operation="flash" partition="system" filename="system.img.ext4" MD5="9D7F66A977550FF3496EBDAD79511CDE" />
    <step operation="flash" partition="recovery" filename="recovery.img" MD5="0B2F9307E348E9CA0A0B11A29BCA28C1" />
    <step operation="flash" partition="modem" filename="NON-HLOS.bin" MD5="82BE40595235096DCE6E20796DD39444" />
    <step operation="flash" partition="devtree" filename="device_tree.bin" MD5="01CCD38F085EBEFE1080223FC62A5415" />
    <step operation="flash" partition="logo" filename="logo.bin" MD5="6463DC057ABF889F3B83A4D3DA4CDD1E" />
    <step operation="flash" partition="cdrom" filename="cdrom" MD5="E01BB8745EE1529BD1DB7289EE38B2E1" />
    <step operation="erase" partition="modemst1" />
    <step operation="erase" partition="modemst2" />
    <step operation="flash" partition="fsg" filename="fsg.mbn" MD5="9E38AECE800CB17548D62D4457100AF8" />
    <step operation="erase" partition="cache" />
    <step operation="erase" partition="userdata" />
    <step operation="erase" partition="tombstones" />
  </steps>
</flashing>
 
bweN diorD

bweN diorD

Senior Member
Jun 12, 2011
3,820
2,140
SamuriHL said:
Looks good to me. This is why I just released a new tool that's really, REALLY hard to screw up. It's painfully easy.
Click to expand...
Click to collapse

well if they would just use what i provided, its cut and dry.
short of completely redoing the script and adding in every function from jb to kk, unlocking, and back to jb with auto install of the recoveries and root. well im not doing all that. the steps are well laid out, if they cant follow the directions, that's not my fault.

it gets frustrating when you spend time making something for the sole benefit of others, and they cant take five minutes to read the directions, then come running for help like its not working properly....
 
C

cmh714

Senior Member
Jul 4, 2009
754
391
Google Pixel 3 XL
Samsung Galaxy Tab S7 / S7 Plus
bweN diorD said:
well if they would just use what i provided, its cut and dry.
short of completely redoing the script and adding in every function from jb to kk, unlocking, and back to jb with auto install of the recoveries and root. well im not doing all that. the steps are well laid out, if they cant follow the directions, that's not my fault.

it gets frustrating when you spend time making something for the sole benefit of others, and they cant take five minutes to read the directions, then come running for help like its not working properly....
Click to expand...
Click to collapse

Get used to it if you want to do this....
 
Status
Not open for further replies.

Similar threads

krystianp
Root and bootloader unlock on stock KK
Replies
776
Views
185K
R
Rexkh
D
[TUTORIAL] How to Flash Stock Motorola Fastboot files
Replies
105
Views
176K
R
Rexkh
Orphee
[HOWTO] Remove The Unlocked Bootloader Warning logo
Replies
187
Views
174K
fosgate3
fosgate3
dragonhart6505
[Tutorial] Unlock VZW Razr M/M HD (XT907/XT926) for U.S. Carriers *CDMA WS METHOD*
Replies
241
Views
131K
F
fred410
radiohead7778580
Modem Unlock Flash Update NEW 12/15 WIPE or NO WIPE
Replies
179
Views
58K
Xplorer4x4
Xplorer4x4

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 21
    bweN diorD
    bweN diorD
    ************WARNING*************
    this guide only works completely if you did NOT take the 183.46.15 update rolling out around 9/9/14
    LOOK AT YOUR SYSTEM VERSION AND MAKE SURE YOU ARE NOT ON 183.46.14or15 BEFORE POSTING, if you are, THE BOOTLOADER UNLOCK AND ROOT WONT WORK, PERIOD, END OF DISCUSSION.
    YOU HOSED YOURSELF BY NOT DOING THIS BEFORE UPDATING, THE TOOLS ARE NOT BROKEN.

    if you are already unlocked, the relevant parts of this guide will still work as described.


    So, you have a Droid Razr Maxx HD or HD, xt926, and want to root, unlock the bootloader, and go back to JB, possibly.
    Well this is the guide for you!

    ***you should backup data before any flash or mod
    ***the current condition of your phone is irrelevant (root etc). the script will flash from any version, to KK (data wipe option recommended)


    first, you need to be on KitKat to root and unlock the bootloader,
    if you are not, flash version 1.4 or 1.41 of this in fastboot.
    moto drivers if you need them.
    to get into fastboot, power off the phone, hold both volume buttons and power until the pre-boot menu comes up then release and choose "fastboot"
    alternatively, you can use @SamuriHL's method if that strikes your fancy.
    (PLEASE DONT ASK QUESTIONS ABOUT @SamuriHL'S SCRIPT HERE, use his forum.)

    after booted etc, put this app, this app, and SU zip on your storage or sd card.

    open the "tr" app and follow the directions to root your phone.
    when complete and rebooted,
    open the Motopocalypse app and follow the directions to unlock your bootloader.
    when complete and rebooted,
    we are going to need a custom recovery (just because they are great :))
    go here or here to get the only recovery compatible with KK (they are also in a sub folder of the flash tool)
    to flash these per the op's instructions, you will need adb and fastboot.
    if you don't have it installed,
    open the directory from my flash tool posted above, hold shift, right click, and choose "open command prompt here". this will use the adb and fasboot in my script to install the recovery, using the commands in @dhacker29's op. just make sure you moved the recoveries out of the sub folder and into the main one, or it will fail.
    here is a more complete step by step i made for another user. just change the file name if you are flashing twrp.
    if you aren't comfortable using the commands to install the new recovery, alternatively, you can put the recovery on your storage and use Flashify to install it.

    after flashing your new recovery, (3 button trick from above, and select "recovery")
    boot back into recovery, and flash the SU zip from above. this will give you a properly working root (towel is great but has some faults)

    now you have a fully functional razr hd or maxx hd with root and an unlocked bootloader on KitKat.

    for those of you who just wanted to unlock and want to go back to JB, or just want to go back to JB for any reason after unlocking.
    flash this in rsd (many tutorials on how to use RSD can be found on Google)
    i already edited the stock file so you dont have to do it :)

    now you want root again?
    now that you are unlocked, forget all of those old exploits, (yes, they still work if you choose to use them) from now on, you can just install a custom recovery and flash the SU zip i gave you in recovery.


    i hope this helps you, i will be updating it as needed.
    View
    3
    bweN diorD
    bweN diorD
    SamuriHL said:
    The partition table was changed between JB and KK, along with the bootloader. That being said, what you want is this:

    http://www.droidrzr.com/index.php/topic/50095-how-tomobile-downgrader-flash-back-10-07-15-14/

    *READ FULLY before touching anything*. It is not my utility and it's not something I've used but appears to do what you want.

    Be aware that your nandroid isn't going to help you in this situation.
    Click to expand...
    Click to collapse

    ahh yes, i forgot there might be a partition issue also.
    exactly why i call those with superior knowledge lol :)

    thanks
    View
    2
    SamuriHL
    SamuriHL
    No, you can't flash things from other phones. So we can just drop that idea.

    Yes, my RSD Script Generator is the quickest way. Use it with the 9.30.1 FXZ (what you're calling 9.18.94 as they are the same version, but, the FXZ is 9.30.1), then flash the UNIVERSAL script that's generated with RSD. Done, and on JB as you wish.
    View
    2
    SamuriHL
    SamuriHL
    Looks good to me. This is why I just released a new tool that's really, REALLY hard to screw up. It's painfully easy.
    View
    2
    SamuriHL
    SamuriHL
    The partition table was changed between JB and KK, along with the bootloader. That being said, what you want is this:

    http://www.droidrzr.com/index.php/topic/50095-how-tomobile-downgrader-flash-back-10-07-15-14/

    *READ FULLY before touching anything*. It is not my utility and it's not something I've used but appears to do what you want.

    Be aware that your nandroid isn't going to help you in this situation.
    View

New posts