FORUMS
Remove All Ads from XDA

[GUIDE] Downgrade from 3.13 (Sense 3.0) roms

167 posts
Thanks Meter: 58
 
By petarpLab, Senior Member on 2nd January 2012, 05:55 PM
Post Reply Email Thread
NOTE: This guide is for phones shipped with froyo and updated to the 3.x firmware! For phones shipped with gingerbread (even the lower versions) please read attn1's posts in this thread!

With the Sense 3.0 upgrade HTC patched against fre3vo, so we can no longer temproot to use misc_version on that firmware. Lucky us, a new exploit was issued @rootzwiki. This exploit was tested at #g2root (freenode) and was able to temproot a 3.13.161.3 firmware version.
The usual disclaimer applies: Everything you do is your responsibility, No one outside of you can be held accountable for any state you put yourself and/or your phone into. If you did not donate to EFF and rooting is illegal in you country, you should read this guide for intellectual purposes only (sorry dude/dudette).
If you meet troubles search for help at IRC: freenode, #g2root

make sure your phone is in 'charge only' mode and the 'fast boot' feature is turned off.

What you need:

tacoroot
misc_version NOTE: you need THAT version of misc_version. Earlier versions would not work.
flashgc for a goldcard
1.32 PD98IMG.zip

put all files in your platform-tools directory (unzip misc_version and tacoroot.sh)

Code:
adb push tacoroot.sh /data/local/tmp/tacoroot
adb push misc_version /data/local/tmp/
adb push flashgc /data/local/tmp/
adb push PD98IMG.zip /sdcard/
NOTE: the last command will take a long time

After all files are pushed you have to run tacoroot:
Code:
adb shell 
chmod 755 /data/local/tmp/*
/data/local/tmp/tacoroot --setup
This command will reboot the phone to recovery. Once it is done, use vol up/power then choose 'reboot' to reboot the phone. After it boots (it will bootloop, that's expected):
Code:
adb shell
/data/local/tmp/tacoroot --root
this command will kick you out of adb shell, so we need to return there and see the # sign of root access, after which we can change the main version, create a goldcard and undo tacoroot to boot he phone normally:
Code:
adb shell
cd /data/local/tmp
./misc_version -s 1.00.000.0
./flashgc
./tacoroot --undo
After these commands are done, the phone should get rebooted by tacoroot. After it boots, boot to bootloader to flash the 1.32 firmware:
Code:
adb reboot bootloader
Once in bootloader, use the vol buttons to go to 'bootloader' and the power button to execute. The rom will flash. Enjoy!

Credits:
Guhl and Scotty2 - they made all this possible. Guhl created and coded misc_version and lots of other good stuff to make unlocking our phones doable and safe.
the tacoroot team
skorgon for flashgc
Donate to EFF!!!!!! and RevSkills -
EFF has the power to keep rooting/unlocking legal.
revskills provides the goldcard solution and online goldcard creation.

Anti-credits:
paul for visionary - among the worst things that happened to the vision community over the years.
The Following 40 Users Say Thank You to petarpLab For This Useful Post: [ View ] Gift petarpLab Ad-Free
 
 
2nd January 2012, 07:05 PM |#2  
Andy's Avatar
Retired Forum Moderator
Flag UK
Thanks Meter: 5,428
 
More
Added this to the Main Dev Sticky Thread --> DHD Development Sticky Roll-Up Thread **Check this thread BEFORE posting**
2nd January 2012, 07:08 PM |#3  
jcase's Avatar
Retired Forum Moderator / Senior Recognized Developer - Taco Vendor
Flag Sequim WA
Thanks Meter: 15,891
 
10
Donate to Me
More
Really happy to see dev's putting tacoroot to use <3

Most up to date versions of tacoroot and burritoroot are opensourced here https://github.com/CunningLogic
The Following 3 Users Say Thank You to jcase For This Useful Post: [ View ]
2nd January 2012, 08:15 PM |#4  
attn1's Avatar
Inactive Recognized Developer
Thanks Meter: 1,825
 
More
Quote:
Originally Posted by petarpLab

With the Sense 3.0 upgrade HTC patched against fre3vo, so we can no longer temproot to use misc_version on that firmware. Lucky us, a new exploit was issued @rootzwiki. This exploit was tested at #g2root (freenode) and was able to temproot a 3.13.161.3 firmware version.
The usual disclaimer applies: Everything you do is your responsibility, no one can be held accountable for the state you put your phone into.
If you meet troubles search for help at IRC: freenode, #g2root

What you need:

tacoroot
misc_version NOTE: you need THAT version of misc_version. Earlier versions would not work.
flashgc for a goldcard
1.32 PD98IMG.zip

put all files in your platform-tools directory (unzip misc_version)

Code:
adb push tacoroot.bin /data/local/tmp/tacoroot
adb push misc_version /data/local/tmp/
adb push flashgc /data/local/tmp/
adb push PD98IMG.zip /sdcard/
NOTE: the last command will take a long time

After all files are pushed you have to run tacoroot:
Code:
adb shell 
chmod 755 /data/local/tmp/*
/data/local/tmp/tacoroot --setup
This command will reboot the phone to recovery. Once it is done, press vol up then power then choose 'rebot' to bot the phone normally. After it boots:
Code:
adb shell
/data/local/tmp/tacoroot --root
this command will kick you out of adb shell, so we need to return there and see the # sign of root access, after which we can change the main version and create a goldcard:
Code:
adb shell
cd /data/local/tmp
./misc_version -s 1.00.000.0
./flashgc
./tacoroot --undo
After these commands are done, the phone should get rebooted by tacoroot. After it boots, boot to bootloader to flash the 1.32 firmware:
Code:
adb reboot bootloader
Once in bootloader, use the vol buttons to go to 'bootloader' and the power button to execute. The rom will flash. Enjoy!

Credits:
the tacoroot team
skorgon for flashgc
Donate to RevSkills and EFF!

Good stuff, but that RUU can jam up newer GB-shipped ACES miserably.

Drop back to a 2.x based RUU instead of a 1.x.
2nd January 2012, 08:19 PM |#5  
OP Senior Member
Thanks Meter: 58
 
More
Quote:
Originally Posted by attn1

Good stuff, but that RUU can jam up newer GB-shipped ACES miserably.

Drop back to a 2.x based RUU instead of a 1.x.

attn1, can you please elaborate further on that? The reason I link to the 1.32 rom is that it is perfectly and safely unlockable by gfree.
The Following User Says Thank You to petarpLab For This Useful Post: [ View ] Gift petarpLab Ad-Free
2nd January 2012, 09:19 PM |#6  
vysus's Avatar
Senior Member
Thanks Meter: 57
 
More
Will it work with 3.12.405.1 too?
2nd January 2012, 09:29 PM |#7  
attn1's Avatar
Inactive Recognized Developer
Thanks Meter: 1,825
 
More
Quote:
Originally Posted by petarpLab

attn1, can you please elaborate further on that? The reason I link to the 1.32 rom is that it is perfectly and safely unlockable by gfree.


Devices shipped with later gingerbread hboots don't boot properly when downgrading to the Froyo hboots. It can take up to 1/2 hour for a normal boot, and flashing RUUs generally fails. We first noticed this on Inspires. Note: This problem only seems to be occurring on devices SHIPPED with GB, not on any of those upgraded to GB.

You can fix if you can temproot, gfree to cycle emmc (even if you can't s-off yet) and dd a current hboot back to the phone. It's a pain in the ass, and I've seen a lot of them - now on some original DHDs and not just Inspires. We've been fixing hboots from downgrades from virtually every older method, including my own.

Since then, we've not done full downgrades - I flash the signed firmware.zip from a very early OTA. This downgrades radio, boot and recovery only - no hboot.

upon reboot:
  • There is usb debugging support working
  • There is no video support for current GB roms - this is okay - we fix that later
  • The GB rom combined with the early froyo kernel will not allow gfree to set s-off, but it will allow emmc cycling, so I flash cwm with an early version kernel.
  • Reboot to recovery, and from there, mount system and data, run gfree to set s-off, supercid and sim unlock.
  • Once that's done, push a proper boot image, root files and correct wifi module back to the phone - again from recovery.

Here's the firmware.zip I have been using - no HBOOT - fortunately. http://tau.shadowchild.nl:/files/firmware.zip

So the GB ROM is never downgraded with an HBOOT that can do harm, gfree has done it's thing successfully, and no data is lost on most runs.

Sense 3 changes the picture entirely, as the downgrade firmware is incompatible. Those ROMS must be downgraded. But instead of going to Froyo for those shipped with GB, I strongly recommend downgrading to a 2.x Sense version of GB to avoid those booting issues.

I do not know WHY the newer devices don't work correctly with older hboots, but they don't. I suspect it's some firmware hook not impacted when we flash RUUs.

The WWE 2.50.405.2 RUU is perfectly rootable/s-off-able with the right custom recovery and the above firmware package. It's a popular build, so if we are using goldcard anyway, it's safest to just have everyone downgrade to that, or a comparable GB RUU supporting their own CID.
The Following 5 Users Say Thank You to attn1 For This Useful Post: [ View ] Gift attn1 Ad-Free
2nd January 2012, 09:36 PM |#8  
cihatcık's Avatar
Member
Flag Adana
Thanks Meter: 2
 
More
how is software no 3.13.707.4 work?
2nd January 2012, 10:15 PM |#9  
OP Senior Member
Thanks Meter: 58
 
More
vysus, cihatcık, tacoroot works on all current htc firmwares
The Following User Says Thank You to petarpLab For This Useful Post: [ View ] Gift petarpLab Ad-Free
2nd January 2012, 11:33 PM |#10  
cihatcık's Avatar
Member
Flag Adana
Thanks Meter: 2
 
More
Thankssssssss
3rd January 2012, 12:10 AM |#11  
Senior Member
Thanks Meter: 10
 
More
Quote:
Originally Posted by attn1

Devices shipped with later gingerbread hboots don't boot properly when downgrading to the Froyo hboots. It can take up to 1/2 hour for a normal boot, and flashing RUUs generally fails. We first noticed this on Inspires. Note: This problem only seems to be occurring on devices SHIPPED with GB, not on any of those upgraded to GB.

You can fix if you can temproot, gfree to cycle emmc (even if you can't s-off yet) and dd a current hboot back to the phone. It's a pain in the ass, and I've seen a lot of them - now on some original DHDs and not just Inspires. We've been fixing hboots from downgrades from virtually every older method, including my own.

Since then, we've not done full downgrades - I flash the signed firmware.zip from a very early OTA. This downgrades radio, boot and recovery only - no hboot.

upon reboot:

  • There is usb debugging support working
  • There is no video support for current GB roms - this is okay - we fix that later
  • The GB rom combined with the early froyo kernel will not allow gfree to set s-off, but it will allow emmc cycling, so I flash cwm with an early version kernel.
  • Reboot to recovery, and from there, mount system and data, run gfree to set s-off, supercid and sim unlock.
  • Once that's done, push a proper boot image, root files and correct wifi module back to the phone - again from recovery.

Here's the firmware.zip I have been using - no HBOOT - fortunately. http://tau.shadowchild.nl:/files/firmware.zip

So the GB ROM is never downgraded with an HBOOT that can do harm, gfree has done it's thing successfully, and no data is lost on most runs.

Sense 3 changes the picture entirely, as the downgrade firmware is incompatible. Those ROMS must be downgraded. But instead of going to Froyo for those shipped with GB, I strongly recommend downgrading to a 2.x Sense version of GB to avoid those booting issues.

I do not know WHY the newer devices don't work correctly with older hboots, but they don't. I suspect it's some firmware hook not impacted when we flash RUUs.

The WWE 2.50.405.2 RUU is perfectly rootable/s-off-able with the right custom recovery and the above firmware package. It's a popular build, so if we are using goldcard anyway, it's safest to just have everyone downgrade to that, or a comparable GB RUU supporting their own CID.

my desire hd just got a new mainboard from the repair center and it came with sense 3.0 vodafone branded ROM, in this case i should downgrade to sense 2.1 and then root/s-off with "hack ace"?
Post Reply Subscribe to Thread

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes