Credits and terms:
Exploit by beaups. Full guide, testing, and concept by jcase and beaups. Thanks to dsb9938 and dr_drache for support and testing. Thanks also to all of the regulars at teamandirc.
Both beaups and jcase will collect the applicable active bounties. Further donations are greatly appreciated and can be sent to:
beaups - Donate to beaups
jcase - Donate to jcase
dsb9938 - Donate to dsb9938
dr_drache - Donate to dr_drache
Thanks also to mdmower for commissioning Facepalm for this device, and testing.
You can also come by irc for support or just to say thanks: #FacePalm http://chat.andirc.net:8080/?channels=facepalm
While this process shouldn’t be too risky, bricks can happen. None of us will be accountable. If you are worried, don’t do it.
This is a pretty simple method, however, you will need to have a working adb and fastboot environment. This method will work on any operating system that supports adb and fastboot. You should understand how to use a terminal window in your O/S. If you don’t understand adb and fastboot, you probably don’t need S-off.
Lastly, the work herein should not be stolen, repackaged, one clicked, bat’d, etc. soffbin3 is not GPL and may not be reused, integrated into other work, reposted, or redistributed without our permission.
For this to work, you must be rooted and have superCID (unlock/custom recovery is optional), see the threads below for help and information regarding obtaining superCID, unlock, root, etc. Note these threads are provided for convenience only. Please look for support for them in each respective thread if you need it, do NOT clutter this thread with support requests regarding obtaining superCID and/or root! If you try this process without superCID, it will not work, and you may have issues!:
Droid Incredible 4G LTE SuperCID: http://forum.xda-developers.com/show....php?t=2214653
Once you have confirmed you have SuperCID, get started (read it through first so you understand it all):
1.) Download patcher and unzip it in your working directory:
2.) Download the RUU zip below:
adb reboot bootloader
fastboot oem rebootRUU
fastboot flash zip 2.17.605.2_rom.zip
6.) Immediately issue the following command:
fastboot oem boot
You may see some errors, just wait for the device to boot into Android (only now, you should be booted into Android with no eMMC write protection of any kind active).
7.) Issue the following commands to update the security partition with S-off flags (one command at a time!):
adb push soffbin3 /data/local/tmp/ adb shell chmod 744 /data/local/tmp/soffbin3 adb shell su /data/local/tmp/soffbin3 exit exit
adb reboot bootloader
If you need help or just care to say thanks, join us on IRC: #FacePalm http://chat.andirc.net:8080/?channels=facepalm