[BOOTLOADER][UNLOCK] working D620(r)

Status
Not open for further replies.
Search This thread

Zaaap72

Senior Member
May 2, 2012
311
321
Amberg
If you try it, do it on your own risk.
I'm not responsible if you brick your device.


On the Russian forum '4PDA' i found a link to stock and hacked bootloaders (aboot). There you can find a hacked bootloader for G2 mini D618
The original topic on 4PDA.ru is here!

I was able to hex analyse the bootloaders of six different LG phones.
The hacks all follow the same rules.

After the byte chain 20 00 EB 00 00 50 E3 E0 FF FF 0A the next 4 or 12 byte are replaced with allways the same 4 of 12 byte:

4 Byte: DF FF FF EA (Confirmed working)
or
12 Byte:00 00 A0 E3 00 00 50 E3 DD FF FF EA

I could not figure out a rule when they used the 4 Byte or the 12 Byte method because the 16 byte after the initial chain look nearly the same with slide differences.

So, i patched the aboot.bin of my D620r, which is the same aboot as D620 in both ways.

There seams to be other about.img for d620 / d620r out there.
I can NOT confirm that this method works for them.


I can confirm that the 4 Byte modified aboot.img unlocks the bootloader and you can use custom kernels with it.

If you want to try on your own: (Do it on your own risk)
Code:
Get aboot.img and abootb.img:
Use "ADB SHELL" or a Terminal Emulator:
dd if=/dev/block/platform/msm_sdcc.1/by-name/aboot of=/sdcard/aboot.img
dd if=/dev/block/platform/msm_sdcc.1/by-name/abootb of=/sdcard/abootb.img

Open each with a hex editor.
Search for the byte chain 20 00 EB 00 00 50 E3 E0 FF FF 0A
Make sure that it exists only once.
Replace the next 4 byte by DF FF FF EA.
You will get: 20 00 EB 00 00 50 E3 E0 FF FF 0A DF FF FF EA

Save aboot.img as aboot4.img and abootb.img as abootb4.img

[COLOR="Red"][B]Do it on your own risk![/B][/COLOR]
Flash them back:
dd if=/sdcard/aboot4.img of=/dev/block/platform/msm_sdcc.1/by-name/aboot
dd if=/sdcard/abootb4.img of=/dev/block/platform/msm_sdcc.1/by-name/abootb
If you don't understand this instructions then don't even try it!
I will not help noobs, it is to dangerous and i don't want to brick your phone. Stay on stock, it is a good phone anyway and get more knowledge by reading the XDA forum.

This is not a boot.img! Don't try to flash as boot.img with any app!


What next?
Try a custom recovery!

Unfortunately the hidden menu doesn't give us a hint on unlocked or locked bootloader.

Back up your original recovery!

Than you can flash a recovery from HERE.

If you get an security error the unlock failed and you can reboot to android (long press power button) and flash your backup.

If it doesn't start the recovery but shows some text on your screen mentioning 'fastboot' or the LG logo stays for more than 5 minutes you are probably unlocked, but the recovery is not working for you.
Then flash your backup and go to the recovery thread, post your boot.img (not aboot) there and ask kindly to port CWM or TWRP for your device.

Else you will have a phone with an unlocked bootloader and custom recovery!
Congratulation!


Zaaap

If you try it, do it on your own risk.
I'm not responsible if you brick your device.
Do not use attached aboot for D620K it is different.

LG D620r aboot.img modified with DF FF FF EA
 

Attachments

  • aboot.img
    2 MB · Views: 17,677
Last edited:

Zaaap72

Senior Member
May 2, 2012
311
321
Amberg
You can flash this and see if it boots w/o the security error caused by a locked bootloader. If it does, then you were successful! :)

Oh, and push the file to /cache so it's easier to flash.

OK, i tried [Testing] CWM Recovery G2 Mini [D620]

It did not work but i didn't get a security error and my phone operates normal.

So I'll share my aboot.img with you.

You can try it on your own risk.

I personaly used the DF FF FF EA one.


Zaaap
 
Last edited:

Zaaap72

Senior Member
May 2, 2012
311
321
Amberg
How did the people at 4pda got into bootloader mode?

Sent from my D620R [Stock 4.4.2]

I don't know. I don't speak any russian. And google translate is not as good.
Their main objective is the L90

I now flasched a TWRP image for L90. Like expected it did not work.

BUT - It brings me in fastboot / bootloader mode.

So, what next?


Zaaap
 

Vagelis1608

Senior Member
Sep 16, 2012
2,182
848
Athens
LG G2 Mini
Xiaomi Redmi Note 4
Try this command to see if you actually are into bootloader mode: fastboot devices
If it shows your device, then that means that you have successfully hacked the bootloader (or aboot, whatever) and thus gained access to fastboot commands. :D

Sent from my D620R [Stock 4.4.2]
 
  • Like
Reactions: Garcia98

khashayar_khk

Senior Member
Feb 28, 2014
76
9
On the Russian forum '4PDA' i found a link to stock and hacked bootloaders (aboot).

There you can find a hacked bootloader for G2 mini D618
This is not for G2 mini D620

But i was able to hex analyse the bootloaders of six different LG phones.
The hacks all follow the same rules.

After the byte chain 20 00 EB 00 00 50 E3 E0 FF FF 0A the next 4 or 12 byte are replaced with allways the same 4 of 12 byte:

4 Byte: DF FF FF EA
or
12 Byte:00 00 A0 E3 00 00 50 E3 DD FF FF EA

I could not figure out a rule when they used the 4 Byte or the 12 Byte method because the 16 byte after the initial chain look nearly the same with slide differences.

So, i patched the aboot.bin of my D620r, which is the same aboot as D620 in both ways.

I'm willing to risk my phone by flashing them if someone could tell me how to check that unlock was successfull.

Zaaap
hi im using D618 how and which one i should use?could u please make a tutorial
 
Last edited:

Zaaap72

Senior Member
May 2, 2012
311
321
Amberg
Try this command to see if you actually are into bootloader mode: fastboot devices
If it shows your device, then that means that you have successfully hacked the bootloader (or aboot, whatever) and thus gained access to fastboot commands. :D

Yes, I have access to the fastboot commands.
fastboot devices shows my device.

But what now?

Zaaap
 

Zaaap72

Senior Member
May 2, 2012
311
321
Amberg
Hi!

I compiled a kernel from LG sources for D620, but there was no way to test it with locked bootloader, and as I don't own this phone I ask you to test it flashing it via recovery or extracting boot.img from zip and using fastboot to flash it :)

I need to know if this kernel works before making recovery

It seams I have an unlocked bootloader and i can access fastboot if i flash a non working recovery.

If i flash your kernel, do i have any chance to get my phone back working with a non working recovery or will i end up with a brick for ever?

If you can tell me way back when your kernel doesn't work, I'm willing to test.

I would prefere to test a recovery, because it is easy to revert back to stock and i dont know what happens when i flash a bad kernel.


Zaaap
 
Last edited:

Garcia98

Senior Member
Mar 4, 2013
1,094
1,431
github.com
It seams I have an unlocked bootloader and i can access fastboot if i flash a non working recovery.

If i flash your kernel, do i have any chance to get my phone back working with a non working recovery or will i end up with a brick for ever?

If you can tell me way back when your kernel doesn't work, I'm willing to test


Zaaap
This kernel doesn't change recovery, so if it doesn't work flash stock kernel again, but make a backup of it before flashing my kernel.
 

Rephosix

Senior Member
Jun 1, 2014
65
11
It seams I have an unlocked bootloader and i can access fastboot if i flash a non working recovery.

If i flash your kernel, do i have any chance to get my phone back working with a non working recovery or will i end up with a brick for ever?

If you can tell me way back when your kernel doesn't work, I'm willing to test.

I would prefere to test a recovery, because it is easy to revert back to stock and i dont know what happens when i flash a bad kernel.


Zaaap
When you flash a wrong kernel you should get into bootloop if i'm not mistaken, but the Download Mode would be still working, btw you have a D620 or D618?
 

Zaaap72

Senior Member
May 2, 2012
311
321
Amberg
This kernel doesn't change recovery, so if it doesn't work flash stock kernel again, but make a backup of it before flashing my kernel.

There is one problem, to get into fastboot i have to flash a non working recovery at the moment.
Can i flash your kernel through stock recovery?

BTW, how can i backup my BOOT/Kernel in an recovery flashable format?
I already did a dd-backup of all my mmc partition, so as long as adb works i should be safe.

When you flash a wrong kernel you should get into bootloop if i'm not mistaken, but the Download Mode would be still working, btw you have a D620 or D618?

I own a german D620r it has the same aboot as D620.

The unocked bootloader for D618 can be found in the 'hacked' link in OP, this was my starting point.

About your question for D625. If you send me the original aboot i'll try to analyse and tweak it with no warrenty.


Zaaap
 
Last edited:

Garcia98

Senior Member
Mar 4, 2013
1,094
1,431
github.com
Well i'll be damned but what about D620 or D625 ?

What do you want for D620? The OP posted the aboot.img hacked for D620 and my kernel is for D620 :p

When you flash a wrong kernel you should get into bootloop if i'm not mistaken, but the Download Mode would be still working, btw you have a D620 or D618?

If the kernel doesn't work the download mode would be still working :)

There is one problem, to get into fastboot i have to flash a non working recovery at the moment.
Can i flash your kernel through stock recovery?

BTW, how can i backup my BOOT/Kernel in an recovery flashable format?
I already did a dd-backup of all my mmc partition, so as long as adb works i should be safe.



I own a german D620r.

The unocked bootloader for D618 can be found in the 'hacked' link in OP.

About your question for D625. If you send me the original aboot i'll try to analyse and tweak it with no warrenty.


Zaaap

Can you access to fastboot in download mode?
 
  • Like
Reactions: Vagelis1608

Rephosix

Senior Member
Jun 1, 2014
65
11
Can someone please upload the aboot for D620 on Zippyshare or Mediafire because i don't know why but i can't download the attachments.Thanks in advance ! :laugh:
 
Status
Not open for further replies.

Top Liked Posts

  • There are no posts matching your filters.
  • 29
    If you try it, do it on your own risk.
    I'm not responsible if you brick your device.


    On the Russian forum '4PDA' i found a link to stock and hacked bootloaders (aboot). There you can find a hacked bootloader for G2 mini D618
    The original topic on 4PDA.ru is here!

    I was able to hex analyse the bootloaders of six different LG phones.
    The hacks all follow the same rules.

    After the byte chain 20 00 EB 00 00 50 E3 E0 FF FF 0A the next 4 or 12 byte are replaced with allways the same 4 of 12 byte:

    4 Byte: DF FF FF EA (Confirmed working)
    or
    12 Byte:00 00 A0 E3 00 00 50 E3 DD FF FF EA

    I could not figure out a rule when they used the 4 Byte or the 12 Byte method because the 16 byte after the initial chain look nearly the same with slide differences.

    So, i patched the aboot.bin of my D620r, which is the same aboot as D620 in both ways.

    There seams to be other about.img for d620 / d620r out there.
    I can NOT confirm that this method works for them.


    I can confirm that the 4 Byte modified aboot.img unlocks the bootloader and you can use custom kernels with it.

    If you want to try on your own: (Do it on your own risk)
    Code:
    Get aboot.img and abootb.img:
    Use "ADB SHELL" or a Terminal Emulator:
    dd if=/dev/block/platform/msm_sdcc.1/by-name/aboot of=/sdcard/aboot.img
    dd if=/dev/block/platform/msm_sdcc.1/by-name/abootb of=/sdcard/abootb.img
    
    Open each with a hex editor.
    Search for the byte chain 20 00 EB 00 00 50 E3 E0 FF FF 0A
    Make sure that it exists only once.
    Replace the next 4 byte by DF FF FF EA.
    You will get: 20 00 EB 00 00 50 E3 E0 FF FF 0A DF FF FF EA
    
    Save aboot.img as aboot4.img and abootb.img as abootb4.img
    
    [COLOR="Red"][B]Do it on your own risk![/B][/COLOR]
    Flash them back:
    dd if=/sdcard/aboot4.img of=/dev/block/platform/msm_sdcc.1/by-name/aboot
    dd if=/sdcard/abootb4.img of=/dev/block/platform/msm_sdcc.1/by-name/abootb
    If you don't understand this instructions then don't even try it!
    I will not help noobs, it is to dangerous and i don't want to brick your phone. Stay on stock, it is a good phone anyway and get more knowledge by reading the XDA forum.

    This is not a boot.img! Don't try to flash as boot.img with any app!


    What next?
    Try a custom recovery!

    Unfortunately the hidden menu doesn't give us a hint on unlocked or locked bootloader.

    Back up your original recovery!

    Than you can flash a recovery from HERE.

    If you get an security error the unlock failed and you can reboot to android (long press power button) and flash your backup.

    If it doesn't start the recovery but shows some text on your screen mentioning 'fastboot' or the LG logo stays for more than 5 minutes you are probably unlocked, but the recovery is not working for you.
    Then flash your backup and go to the recovery thread, post your boot.img (not aboot) there and ask kindly to port CWM or TWRP for your device.

    Else you will have a phone with an unlocked bootloader and custom recovery!
    Congratulation!


    Zaaap

    If you try it, do it on your own risk.
    I'm not responsible if you brick your device.
    Do not use attached aboot for D620K it is different.

    LG D620r aboot.img modified with DF FF FF EA
    3
    You can flash this and see if it boots w/o the security error caused by a locked bootloader. If it does, then you were successful! :)

    Oh, and push the file to /cache so it's easier to flash.

    OK, i tried [Testing] CWM Recovery G2 Mini [D620]

    It did not work but i didn't get a security error and my phone operates normal.

    So I'll share my aboot.img with you.

    You can try it on your own risk.

    I personaly used the DF FF FF EA one.


    Zaaap
    2
    Probably aboot of different versions of the same model of G2 Mini is the same, because that letter only indicates the region, and changes between these models are probably only in the baseband.
    2
    Hi!

    I compiled a kernel from LG sources for D620, but there was no way to test it with locked bootloader, and as I don't own this phone I ask you to test it flashing it via recovery or extracting boot.img from zip and using fastboot to flash it :)

    I need to know if this kernel works before making recovery: https://www.mediafire.com/?rg30b9qq4qx9e6q
    2
    Repacked Garcia kernel in original boot.img

    Another test:

    Unpacked @Garcia98 zImage from his boot.img and put it in original boot.img. :fingers-crossed:

    And it boots up :D

    But touchscreen is not working. :(

    I suggest you make a new dev thread for your kernel as it is promising. :)


    Zaaap