The S5 Bootloader Unlock is here! Huge thanks to @beaups for the research and sourcecode and tool, @ryanbg for researching this method in the firstplace, @autonomousperson For compiling the source to a app for us all, @haggertk for his CID and aboot! @jrkruse for innovating methods, one click apps, and MM methods @magic_man185 for recompiling the binary to disable SD requirements for MM, and everyone else for being patient for me being slow! Also thank you all for being a great supportive community!
I Have Updated the OP Hoping this is less messy and hopefully neater to deal with
DO NOT ASK ABOUT ROMS, KERNELS, OR OTHER THINGS. THIS IS ONLY FOR UNLOCKING THE BOOTLOADER. WE WILL LAUGH AT YOU IF YOU ASK ANYWAYS!!!
EMMC 15 Unlocking Bootloader
EMMC 15 Updating Unlocked Bootloaders Or Downgrading
For Rooting EMMC 11 Phones
All the methods below are only preserved for historical purposes!!! Please use the new methods above!
*REQUIRES ROOT*
If you don't have root, please goto @jrkruse thread here
https://xdaforums.com/verizon-galax...ot-method-t3561529/post71202995#post71202995/
For Method 4
You must make sure first of all you have authorized your computer in developer options and that USB debugging is on, you could also using adb tools use adb wireless if your device is configured for this!
You also on screen must grant ADB root access, please make sure of this!
Make sure you have a blank sd card, EVERYTHING on it WILL BE WIPED as a backup for the bootloader!
*If you have no root access OR SAFESTRAP you must proceed to the rooting thread, nothing below works without root*
Method 1: Primary Method (Old thanks @jrkruse) For PB1, PD1, PF4, PG2, PJ2, PL1, QA1 (MARSHMALLOW)*REQUIRES SAFESTRAP
Method 2: Unlocker via Safestrap (Old thanks @jrkruse) For OE1, OK3, PB1 (LOLLIPOP)
Method 3: ADB For 4.4-5.0 (OLD, OUTDATED)
Method 4: On Device For 4.4-5.0 (OLD, OUTDATED)
Photo of what your Bootloader should say
TWRP 3.0.0 Flashable recovery zip. Can be flashed in safestrap or flashfire if you have not installed it yet
TWRP_3.0.0-0-klte-klte.zip
International Rom Patch For Data And MMS. Flash right after you flash the rom.
VZW_5.0_International_Rom_Patch_No_Boot.zip
VZW_5.0_International_Rom_Patch_VZW_BOOT.zip
Download this files
PB1_Firmware_Only_NK2_Kernel.tar.md5
TWRP_Prepare.zip
SafeStrap_PB1_Bootloader_Unlock_AIO.zip
SafeStrap_PD1_Bootloader_Unlock_AIO.zip
SafeStrap_PF4_Bootloader_Unlock_AIO.zip
SafeStrap_PG2_Bootloader_Unlock_AIO.zip
SafeStrap_PJ2_Bootloader_Unlock_AIO.zip
SafeStrap_PL1_Bootloader_Unlock_AIO.zip
SafeStrap_QA1_Bootloader_Unlock_AIO.zip
S5_KLTE_USA_VZW.pit
In TWRP Flash TWRP_Prepare.zip
Reboot to Download Mode
In Odin Under AP slot load PB1_Firmware_Only_NK2_Kernel.tar.md5
Now in Odin Under PIT load S5_KLTE_USA_VZW.pit If you have a 32gb phone instead of 16gb phone skip this step
Click Start
When finished on reboot watch for Safestrap Splash Screen and enter Safestrap
Now goto Power Menu/Reboot Menu and reboot to Download Mode
Make sure in download mode the current binary is Official. If it is not reflash In Odin Under AP slot load PB1_Firmware_Only_NK2_Kernel.tar.md5
Now in Odin Under PIT load S5_KLTE_USA_VZW.pit
Click Start on reboot enter Safestrap reboot back to download mode and make sure binary status is Official
If Binary Status is Official Pull battery restart and enter SafeStrap
Flash: (Choose 1 Whatever One You Choose Is The Firmware And Bootloader Version You Will Be On)
SafeStrap_PB1_Bootloader_Unlock_AIO.zip
SafeStrap_PD1_Bootloader_Unlock_AIO.zip
SafeStrap_PF4_Bootloader_Unlock_AIO.zip
SafeStrap_PG2_Bootloader_Unlock_AIO.zip
SafeStrap_PJ2_Bootloader_Unlock_AIO.zip
SafeStrap_PL1_Bootloader_Unlock_AIO.zip
SafeStrap_QA1_Bootloader_Unlock_AIO.zip
Phone will Power Off.
Pull Battery enter TWRP recovery Wipe Data and System and Flash A Rom That matches Firmware For example PB1 would be a 5.0 rom PD1 Or PF4 would be 6.0.1 Rom
Notes:
If You Bricked Your Device somehow someway
To make the SD card usable again, format using android!
Or keep it as a backup
IF YOU FLASH STOCK BACK TO THE PHONE, IT WILL RELOCK THE BOOTLOADER, Requiring your run the script ONCE and it will be unlocked again
Source Located @ https://github.com/beaups/SamsungCID
Sourcecode
https://github.com/beaups/SamsungCID
eMMC 11 is non-exploitable
http://xdaforums.com/verizon-galaxy-s5/development/toshiba-11-series-bootloader-unlock-t3349346
I Have Updated the OP Hoping this is less messy and hopefully neater to deal with
DO NOT ASK ABOUT ROMS, KERNELS, OR OTHER THINGS. THIS IS ONLY FOR UNLOCKING THE BOOTLOADER. WE WILL LAUGH AT YOU IF YOU ASK ANYWAYS!!!
EMMC 15 Updating Unlocked Bootloaders Or Downgrading
For Rooting EMMC 11 Phones
All the methods below are only preserved for historical purposes!!! Please use the new methods above!
Warnings
READ THE ENTIRE OP AND THE POST BELOW BY @jrkruse BEFORE DOING ANYTHING AT ALL!!!!!!!!!!
THIS IS ONLY FOR THE VERIZON S5. DOES NOT WORK FOR AT&T!!!!!
This is for users with 15' Sasmung eMMC's not users with 11 Toshiba eMMC's. You can check this by reading the file
/sys/block/mmcblk0/device/cid
Just the first 2 15xxxxxxxxxxxxxxxxxxxxxx or 11xxxxxxxxxxxxxxxxxxxxxxx(my number of x's are random, just read the first 2)
We still are unsure if changing the CID causes app store, verification, activation, provision, or other issues, everything you do is at your own risk!(Pretty sure it's safe)
REACTIVATION LOCK MUST BE TURNED OFF. YOU'VE BEEN WARNED
Starting notes
READ THE ENTIRE OP AND THE POST BELOW BY @jrkruse BEFORE DOING ANYTHING AT ALL!!!!!!!!!!
THIS IS ONLY FOR THE VERIZON S5. DOES NOT WORK FOR AT&T!!!!!
This is for users with 15' Sasmung eMMC's not users with 11 Toshiba eMMC's. You can check this by reading the file
/sys/block/mmcblk0/device/cid
Just the first 2 15xxxxxxxxxxxxxxxxxxxxxx or 11xxxxxxxxxxxxxxxxxxxxxxx(my number of x's are random, just read the first 2)
We still are unsure if changing the CID causes app store, verification, activation, provision, or other issues, everything you do is at your own risk!(Pretty sure it's safe)
REACTIVATION LOCK MUST BE TURNED OFF. YOU'VE BEEN WARNED
Starting notes
*REQUIRES ROOT*
If you don't have root, please goto @jrkruse thread here
https://xdaforums.com/verizon-galax...ot-method-t3561529/post71202995#post71202995/
For Method 4
You must make sure first of all you have authorized your computer in developer options and that USB debugging is on, you could also using adb tools use adb wireless if your device is configured for this!
You also on screen must grant ADB root access, please make sure of this!
Make sure you have a blank sd card, EVERYTHING on it WILL BE WIPED as a backup for the bootloader!
*If you have no root access OR SAFESTRAP you must proceed to the rooting thread, nothing below works without root*
Methods
Method 1: Primary Method (Old thanks @jrkruse) For PB1, PD1, PF4, PG2, PJ2, PL1, QA1 (MARSHMALLOW)*REQUIRES SAFESTRAP
Download these files
Bootloader_Unlock_Safestrap.apk
VZW_BPB1_ODEX_DEODEX_V9.zip
G900V_Firmware_PB1.tar.md5
S5_KLTE_USA_VZW.pit
Download and install VZW_BPB1_ODEX_DEODEX_V9.zip
Reboot to Download Mode
In Odin Under AP slot load G900V_Firmware_PB1.tar.md5
Now in Odin Under PIT load S5_KLTE_USA_VZW.pit If you have a 32gb phone instead of 16gb phone skip this step
Click Start
After Phone reboots pull battery reboot to download mode (pwr+voldwn+home) and make sure current binary status is official If not In Odin Under AP slot load G900V_Firmware_PB1.tar.md5 and Odin Under PIT load S5_KLTE_USA_VZW.pit If you have a 32gb phone instead of 16gb phone skip this step
Click Start
If current binary is official reboot phone and enter Rom Setup. There is no need to setup any accounts unless you plan on running this rom
Download and install Bootloader_Unlock_Safestrap.apk
Open Safestrap app and install the safestrap recovery to the system
Open safetrap app and click Reboot To Recovery Button
Flash: (Choose 1 Whatever One You Choose Is The Firmware And Bootloader Version You Will Be On)
SafeStrap_PB1_Bootloader_Unlock_AIO.zip
SafeStrap_PD1_Bootloader_Unlock_AIO.zip
SafeStrap_PF4_Bootloader_Unlock_AIO.zip
SafeStrap_PG2_Bootloader_Unlock_AIO.zip
SafeStrap_PJ2_Bootloader_Unlock_AIO.zip
SafeStrap_PL1_Bootloader_Unlock_AIO.zip
SafeStrap_QA1_Bootloader_Unlock_AIO.zip
Phone will Power Off.
Pull Battery enter TWRP Recovery (volup+pwr+home) Wipe Data and System and Flash A Rom That matches Firmware For example PB1 would be a 5.0 rom PD1 Or PF4 would be 6.0.1 Rom
Bootloader_Unlock_Safestrap.apk
VZW_BPB1_ODEX_DEODEX_V9.zip
G900V_Firmware_PB1.tar.md5
S5_KLTE_USA_VZW.pit
Download and install VZW_BPB1_ODEX_DEODEX_V9.zip
Reboot to Download Mode
In Odin Under AP slot load G900V_Firmware_PB1.tar.md5
Now in Odin Under PIT load S5_KLTE_USA_VZW.pit If you have a 32gb phone instead of 16gb phone skip this step
Click Start
After Phone reboots pull battery reboot to download mode (pwr+voldwn+home) and make sure current binary status is official If not In Odin Under AP slot load G900V_Firmware_PB1.tar.md5 and Odin Under PIT load S5_KLTE_USA_VZW.pit If you have a 32gb phone instead of 16gb phone skip this step
Click Start
If current binary is official reboot phone and enter Rom Setup. There is no need to setup any accounts unless you plan on running this rom
Download and install Bootloader_Unlock_Safestrap.apk
Open Safestrap app and install the safestrap recovery to the system
Open safetrap app and click Reboot To Recovery Button
Flash: (Choose 1 Whatever One You Choose Is The Firmware And Bootloader Version You Will Be On)
SafeStrap_PB1_Bootloader_Unlock_AIO.zip
SafeStrap_PD1_Bootloader_Unlock_AIO.zip
SafeStrap_PF4_Bootloader_Unlock_AIO.zip
SafeStrap_PG2_Bootloader_Unlock_AIO.zip
SafeStrap_PJ2_Bootloader_Unlock_AIO.zip
SafeStrap_PL1_Bootloader_Unlock_AIO.zip
SafeStrap_QA1_Bootloader_Unlock_AIO.zip
Phone will Power Off.
Pull Battery enter TWRP Recovery (volup+pwr+home) Wipe Data and System and Flash A Rom That matches Firmware For example PB1 would be a 5.0 rom PD1 Or PF4 would be 6.0.1 Rom
Method 2: Unlocker via Safestrap (Old thanks @jrkruse) For OE1, OK3, PB1 (LOLLIPOP)
1. Flash this Samsung_Bootloader_Unlocker.zip in safestrap or flashfire
2. Reboot phone click on SamsungUnlocker app
3. Wait and make sure to grant SuperSu access. This may take a few seconds to come up
4. type yes in the terminal screen when it ask you (Yes/No) Hit enter on the keyboard
5. wait for phone to power off
6. reboot to bootloader and verify it says MODE: Developer
7. Flash Twrp recovery using Odin
8. Your done!
2. Reboot phone click on SamsungUnlocker app
3. Wait and make sure to grant SuperSu access. This may take a few seconds to come up
4. type yes in the terminal screen when it ask you (Yes/No) Hit enter on the keyboard
5. wait for phone to power off
6. reboot to bootloader and verify it says MODE: Developer
7. Flash Twrp recovery using Odin
8. Your done!
Method 3: ADB For 4.4-5.0 (OLD, OUTDATED)
This Method is old and outdated, Do not use unless the new method isn't working!!!
1. Download https://github.com/beaups/SamsungCID/blob/master/samsung_unlock
2. Download View attachment adb.7z
3. Extract adb to /adb
4. Extract samsung_unlock
5. Put samsung_unlock inside the adb folder
6. Launch adb tools
7. Select push file
8. Source is samsung_unlock
9. Destination is /data/local/tmp/
10. Select the option for Pull
11. Source is /sys/block/mmcblk0/device/cid
12. Destination is cid.txt
13. Select the option for adb shell
14. Continue after the warning
15. type the following
Device will shut down, manually reboot
16. once it reboots, in adb tools connect to the shell again
17. Enter the following commands
18. once this is done, you can type exit twice to return to the menu of adb tools
19. Select reboot
20. Reboot to bootloader
21. Verify you now have a dev edition
1. Download https://github.com/beaups/SamsungCID/blob/master/samsung_unlock
2. Download View attachment adb.7z
3. Extract adb to /adb
4. Extract samsung_unlock
5. Put samsung_unlock inside the adb folder
6. Launch adb tools
7. Select push file
8. Source is samsung_unlock
9. Destination is /data/local/tmp/
10. Select the option for Pull
11. Source is /sys/block/mmcblk0/device/cid
12. Destination is cid.txt
13. Select the option for adb shell
14. Continue after the warning
15. type the following
Code:
su
cd /data/local/tmp/
chown root.root samsung_unlock
chmod 777 samsung_unlock
./samsung_unlock
Device will shut down, manually reboot
16. once it reboots, in adb tools connect to the shell again
17. Enter the following commands
Code:
su
cd /data/local/tmp/
./samsung_unlock
18. once this is done, you can type exit twice to return to the menu of adb tools
19. Select reboot
20. Reboot to bootloader
21. Verify you now have a dev edition
Method 4: On Device For 4.4-5.0 (OLD, OUTDATED)
This Method is old and outdated, Do not use unless the new method isn't working!!!
1. On your device download https://github.com/beaups/SamsungCID/blob/master/samsung_unlock
2. Move to your root directory of your internal storage(if you can't figure out where that is, you shouldn't be doing this)
3. Using a root file explorer goto /sys/block/mmcblk0/device
4. Copy the file cid to your internal storage(this is a backup of your old cid, if it fails to copy, just open it as text and copy paste the text)
5. open a terminal emulator app
6. type the following
7. Device will poweroff, focefully power on
8. Enter the terminal again and enter the following commands
9. Once completed reboot to bootloader using your favorite way
10. Verify you are a Developer edition phone now
1. On your device download https://github.com/beaups/SamsungCID/blob/master/samsung_unlock
2. Move to your root directory of your internal storage(if you can't figure out where that is, you shouldn't be doing this)
3. Using a root file explorer goto /sys/block/mmcblk0/device
4. Copy the file cid to your internal storage(this is a backup of your old cid, if it fails to copy, just open it as text and copy paste the text)
5. open a terminal emulator app
6. type the following
Code:
su
cd /storage/emulated/0/
chown root.root samsung_unlock
chmod 777 samsung_unlock
./samsung_unlock
7. Device will poweroff, focefully power on
8. Enter the terminal again and enter the following commands
Code:
su
cd /storage/emulated/0/
./samsung_unlock
9. Once completed reboot to bootloader using your favorite way
10. Verify you are a Developer edition phone now
Photo of what your Bootloader should say
Working TWRP and International Rom Patch
TWRP 3.0.0 Flashable recovery zip. Can be flashed in safestrap or flashfire if you have not installed it yet
TWRP_3.0.0-0-klte-klte.zip
International Rom Patch For Data And MMS. Flash right after you flash the rom.
VZW_5.0_International_Rom_Patch_No_Boot.zip
VZW_5.0_International_Rom_Patch_VZW_BOOT.zip
Directions To Update Or Downgrade Bootloaders
If you have already Unlocked your bootloader and are running TouchWiz Rom(Stock kernel)
If you have already Unlocked your bootloader and are running TouchWiz Rom(Stock kernel)
Download this files
PB1_Firmware_Only_NK2_Kernel.tar.md5
TWRP_Prepare.zip
SafeStrap_PB1_Bootloader_Unlock_AIO.zip
SafeStrap_PD1_Bootloader_Unlock_AIO.zip
SafeStrap_PF4_Bootloader_Unlock_AIO.zip
SafeStrap_PG2_Bootloader_Unlock_AIO.zip
SafeStrap_PJ2_Bootloader_Unlock_AIO.zip
SafeStrap_PL1_Bootloader_Unlock_AIO.zip
SafeStrap_QA1_Bootloader_Unlock_AIO.zip
S5_KLTE_USA_VZW.pit
In TWRP Flash TWRP_Prepare.zip
Reboot to Download Mode
In Odin Under AP slot load PB1_Firmware_Only_NK2_Kernel.tar.md5
Now in Odin Under PIT load S5_KLTE_USA_VZW.pit If you have a 32gb phone instead of 16gb phone skip this step
Click Start
When finished on reboot watch for Safestrap Splash Screen and enter Safestrap
Now goto Power Menu/Reboot Menu and reboot to Download Mode
Make sure in download mode the current binary is Official. If it is not reflash In Odin Under AP slot load PB1_Firmware_Only_NK2_Kernel.tar.md5
Now in Odin Under PIT load S5_KLTE_USA_VZW.pit
Click Start on reboot enter Safestrap reboot back to download mode and make sure binary status is Official
If Binary Status is Official Pull battery restart and enter SafeStrap
Flash: (Choose 1 Whatever One You Choose Is The Firmware And Bootloader Version You Will Be On)
SafeStrap_PB1_Bootloader_Unlock_AIO.zip
SafeStrap_PD1_Bootloader_Unlock_AIO.zip
SafeStrap_PF4_Bootloader_Unlock_AIO.zip
SafeStrap_PG2_Bootloader_Unlock_AIO.zip
SafeStrap_PJ2_Bootloader_Unlock_AIO.zip
SafeStrap_PL1_Bootloader_Unlock_AIO.zip
SafeStrap_QA1_Bootloader_Unlock_AIO.zip
Phone will Power Off.
Pull Battery enter TWRP recovery Wipe Data and System and Flash A Rom That matches Firmware For example PB1 would be a 5.0 rom PD1 Or PF4 would be 6.0.1 Rom
[FIX] MM Users. Wifi not working? Hardkeys not working???
View attachment 3772847
Unzip recover.zip place on internal storage flash in TWRP choose install image then choose recovery.img and flash to recovery
power off device
reboot to bootloader and reflash PD1_Firmware_Modem_HLOS_No_Aboot.tar.md5 in odin uncheck auto reboot when done pull battery reboot back to recovery wipe data and cache and system reinstall rom.
Unzip recover.zip place on internal storage flash in TWRP choose install image then choose recovery.img and flash to recovery
power off device
reboot to bootloader and reflash PD1_Firmware_Modem_HLOS_No_Aboot.tar.md5 in odin uncheck auto reboot when done pull battery reboot back to recovery wipe data and cache and system reinstall rom.
Notes:
If You Bricked Your Device somehow someway
1. Download the following image https://www.androidfilehost.com/?fid=24562946973631519
2. Download https://sourceforge.net/projects/win32diskimager/
3. Attach a micro sdcard(min 16GB class 10, others may work but unsure) to your PC via a reader
4. Backup all data on the micro sdcard, EVERYTHING WILL BE ERASED
5. Extract the image from the zip
6. Select write option, select the img file, select SDcard
7. Now write
8. Pop the Sdcard into the phone, and try and power it up
9. When you do open download mode
10. Goto odin and flash a FULL STOCK TAR
11. Start from scratch
To reuse the card it will need to be formatted using fdisk, diskpart, or android
2. Download https://sourceforge.net/projects/win32diskimager/
3. Attach a micro sdcard(min 16GB class 10, others may work but unsure) to your PC via a reader
4. Backup all data on the micro sdcard, EVERYTHING WILL BE ERASED
5. Extract the image from the zip
6. Select write option, select the img file, select SDcard
7. Now write
8. Pop the Sdcard into the phone, and try and power it up
9. When you do open download mode
10. Goto odin and flash a FULL STOCK TAR
11. Start from scratch
To reuse the card it will need to be formatted using fdisk, diskpart, or android
If you have issues flashing modems, firmware, or anything
jrkruse said:Ok here is the solution
The Stock Boot.img and Stock Recover.img that match your firmware must be flashed before any firmware can be updated on your phone. What I mean by firmware is the things other than images that are flashed in odin like the modem.bin. If your just wanting to flash a custom boot or recovery image then you can just flash them you and dont need to do any of this.
So after the Stock and Recovery images are flashed the phone needs to return to a power off state. Then a reboot to stock recovery and wipe the cache. Then reboot the phone and the goto bootloader mode from there.
After doing this the phone will allow firmwares to be flashed through odin.
Instructions
Flash the Kernel_Recovery Only either odin package or zip package in custom recovery
If using Odin uncheck reboot now then flash Kernel_Recovery package pull battery Reboot to recovery (Pwr+Hme+VolUp) wipe cache reboot phone then reboot back to bootloader and flash whatever your wanting to upgrade.
Reboot phone make sure your changes applied the you can flash your custom recovery again
If Flashing In recovery, flash the zip then reboot to recovery which will now be stock recovery and wipe cache and then power off Do not reboot, the phone must go to a poweroff state
Reboot phone then reboot to bootloader and use odin to update what ever your needing to do
Reboot Phone make sure your changes took. Then reboot back to odin and flash custom recovery or use flashfire or safestrap to flash the custom recovery zip.
If for some reason the bootloader becomes locked again simply do the unlock procedure again
https://www.androidfilehost.com/?w=files&flid=53300
To make the SD card usable again, format using android!
Or keep it as a backup
IF YOU FLASH STOCK BACK TO THE PHONE, IT WILL RELOCK THE BOOTLOADER, Requiring your run the script ONCE and it will be unlocked again
Source Located @ https://github.com/beaups/SamsungCID
beaups said:its done
If any bounties applicable, please donate to "make a wish foundation" or @ryanbg (he's getting married)
--beaups
Sourcecode
https://github.com/beaups/SamsungCID
eMMC 11 is non-exploitable
http://xdaforums.com/verizon-galaxy-s5/development/toshiba-11-series-bootloader-unlock-t3349346
Last edited: