A theory about unlocking Nokia 5.1 plus bootloader for free (for the most part)

Force of Fire

Member
Feb 28, 2020
6
1
3
According to this post. There are 3 partitions (efuse, sec1 and seccfg) storing the unlock status of the bootloader. So I theorize that we maybe can unlock the bootloader(without revealing the IMEI of the phone because the IMEI will be the same before and after unlocking the bootloader, so it will not show as a difference when using WinMerge). So if someone creates a full backup of the phone using SP flash tool. And then use a paid service to unlock the bootloader. And then create another full backup and compare the 3 partitions (efuse, sec1 and seccfg) before and after unlocking the bootloader using a hex diff tool like WinMerge.
1- you need to download SP flash tool from here. After the download. Install the USB driver just right click on "cdc-acm.inf" file and select "Install" in the appearing context menu.
2- open SP flash tool and select the Scatter File(PDA-0-214A-MT6771_Android_scatter.txt) and Download Agent(PDA-0-0040-0000-MTK_AllInOne_DA.bin) that exist in the same folder you downloaded.
image1-1.png

Go to the "Read back" tab and click on "add".
image2-1.png

And choose the location you want to save the backup. Change the length to 0x1b7800000. And then press OK.

After that click on "Read Back". Then power off your phone and connect your phone to PC with both volume keys pressed and holded.

When you see a progress bar moving, you can release both keys and wait for the procedure to complete
3- use a paid service to unlock the bootloader
4- repeat step 1 and 2 and create another backup after unlocking the bootloader
5- install and use 7-zip to extract the partition image from backups.
7zip.PNG

For the backup before unlocking the bootloader copy (efuse, sec1 and seccfg) to the folder named before-unlock. And for the backup after unlocking the bootloader copy the 3 files to after-unlock
6- download WinMerge from this link (it is a portable version) open WinMerge. After that press Ctrl+O after that click on options and change (*.bin;*.frx) to (*.bin;*.img) and then press OK
bootloder.png

after that click on compare
7- WinMerge will look like this (this is just an example).

You can jump to the next diff using Alt+down arrow, and you can jump to the previous diff by using Alt+ up arrow
8-you just need to screenshot every diff between the 3 files and send the images to me or post it on Imgur in the replays
I will try to patch the files using a hex editor based on the hex diff screenshots. And try to flash it to see if I am able to unlock my bootloader. it may or may not work, but it is worth to try
 

Attachments