General EDL Flash Tool Leak

Search This thread

chackopg

Senior Member
Apr 16, 2021
178
17
OnePlus 6
OnePlus 10 Pro
Actually I brought OnePlus 10 pro coz the availability of previous versions MSM tool. I didn't checked OnePlus 10 pro XDA. So no Rom development for One Plus 10 pro. Anything happens, have to pay . So better, avoid them.
 
  • Like
Reactions: Prant

dladz

Senior Member
Aug 24, 2010
16,041
5,983
Liverpool
Nothing Phone 2
Actually I brought OnePlus 10 pro coz the availability of previous versions MSM tool. I didn't checked OnePlus 10 pro XDA. So no Rom development for One Plus 10 pro. Anything happens, have to pay . So better, avoid them.

I did the same thing coming from the 8 pro.

You can actually install GSI's I've installed a few.

Beyond that, xXx No limits works and there's a small group working on lineage.

But yes after that it's sparse to say the least.
 

dladz

Senior Member
Aug 24, 2010
16,041
5,983
Liverpool
Nothing Phone 2
I'm a noob when it comes to higher level stuff. what is the importance of msm support and why does the 10 pro not have it?

When your device goes very wrong and you cannot recover, you'd normally contact OnePlus and either rma it (send it back) or they'd work on it remotely.

To work on your phone remotely they'd remote into your computer then grab a tool to fix your phone..... Enter the MSM tool.

Historically they could simply click other when it came to logging in then grab an MSM compatible firmware then flash your phone, baring in mind that MSM only requires your phone to be in EDL mode which is lower level recovery Vs normal recovery which if you need the MSM tool is probably not working anymore..

When they did this on the target computer, the end user (you) would retain the software then leak it here on XDA for everyone to use.

Nowadays OPPO has enforced the person using MSM to log in and authenticate the tool prior to use, meaning without a valid log in and a credit, it simply won't work, yes sorry MSM is a paid for service...

Literally everything has been tried and nothing has worked to crack it, we can get passed the log in with a hex edit but we cannot authenticate so it'll never work.

In short, MSM is off the table, it's been a long time now so I doubt it'll ever happen....

MSM was never offered to us as a solution, it was an engineer's tool to fix phones, we've only ever had leaks.. which we still have, we just can't use it anymore without a log in.
 
Last edited:

DiGtal

Senior Member
Feb 13, 2012
115
18
Hyderabad
OnePlus 7T
OnePlus 10 Pro
When your device goes very wrong and you cannot recover, you'd normally contact OnePlus and either rma it (send it back) or they'd work on it remotely.

To work on your phone remotely they'd remote into your computer then grab a tool to fix your phone..... Enter the MSM tool.

Historically they could simply click other when it came to logging in then grab an MSM compatible firmware then flash your phone, baring in mind that MSM only requires your phone to be in EDL mode which is lower level recovery Vs normal recovery which if you need the MSM tool is probably not working anymore..

When they did this on the target computer, the end user (you) would retain the software then leak it here on XDA for everyone to use.

Nowadays OPPO has enforced the person using MSM to log in and authenticate the tool prior to use, meaning without a valid log in and a credit, it simply won't work, yes sorry MSM is a paid for service...

Literally everything has been tried and nothing has worked to crack it, we can get passed the log in with a hex edit but we cannot authenticate so it'll never work.

In short, MSM is off the table, it's been a long time now so I doubt it'll ever happen....

MSM was never offered to us as a solution, it was an engineer's tool to fix phones, we've only ever had leaks.. which we still have, we just can't use it anymore without a log in.
If Samsung can offer Odin there's no reason OnePlus can't provide a similar tool.
 

V0latyle

Forum Moderator
Staff member
If Samsung can offer Odin there's no reason OnePlus can't provide a similar tool.
Samsung is a much much bigger company than Oppo/OnePlus, and has made a point of continuing to develop their own software, to the point where they use proprietary methods to load software on their devices, hence Odin/Heimdall. Samsung never actually released Odin, it's an internal tool.

Many OEMs don't go this far; Qualcomm SoCs support a proprietary Qualcomm tool called QPST that was never publicly released either, so even software giants like Google don't bother developing their own software for their devices - they just use what's already available for low level flashing.

I think the real issue here with many Chinese OEMs is their failure to adopt the AOSP model by making eveyrthing easily flashable via ADB/fastboot. I don't know enough about Xiaomi/Redmi/Oppo/OnePlus/Lenovo/etc to know what they do differently, just that they do, and from my perspective it seems like they didn't bother doing a decent job of it - whether they don't care enough about supporting development, or are trying to do things their own way despite the prescribed AOSP model, or just didn't bother spending the time and the money in developing a decent and easily usable platform.
 

dladz

Senior Member
Aug 24, 2010
16,041
5,983
Liverpool
Nothing Phone 2
If Samsung can offer Odin there's no reason OnePlus can't provide a similar tool.
Odin isn't meant for us, it's meant for engineers.

MSM isn't meant for us it's meant for engineers.

If they are offering a recovery service then why on earth should they "provide" anything?

Because they have in the past? No they have not, it has been leaked and it didn't need authentication.

In oneplus' eyes they still offer a dynamic tool that can be used remotely in their eyes at least and they're getting money for each use and most of their customers are happy.

Us here on this thread aren't happy but I'm not sure how much they care about our opinions. Perhaps when we shun OnePlus in the future they'll listen but beyond that, it's over buddy.
 

mark332

Senior Member
Jul 2, 2017
269
225
If Samsung can offer Odin there's no reason OnePlus can't provide a similar tool.
Samsung odin work only in download mod you can use fastboot/platform tools as a alternative, but in case of hard brick repair samsung and google does not provide any service, if any pixel device stucked in edl, then no way to bring it back. only jtag or board replacement can fix it. so i think oneplus much better in after sell service.
 

chackopg

Senior Member
Apr 16, 2021
178
17
OnePlus 6
OnePlus 10 Pro
Samsung odin work only in download mod you can use fastboot/platform tools as a alternative, but in case of hard brick repair samsung and google does not provide any service, if any pixel device stucked in edl, then no way to bring it back. only jtag or board replacement can fix it. so i think oneplus much better in after sell service.
Did anyone tried with QPST tool or Qfil tool? If Yes, please.......
 
  • Like
Reactions: dladz

alinc93

Member
Jun 23, 2016
9
11
OnePlus 8 Pro
OnePlus 10 Pro
I did try the Qfil tool, seemed to be able to interact with my then broken/ bricked OP10P.

I'm willing to test a few things until I brick the phone, 2 times max (my personally allocated f**k up budget :)) )

I know an XML is needed for the qfil tool but I was unable to find it.
 
  • Like
Reactions: dladz

dladz

Senior Member
Aug 24, 2010
16,041
5,983
Liverpool
Nothing Phone 2
I did try the Qfil tool, seemed to be able to interact with my then broken/ bricked OP10P.

I'm willing to test a few things until I brick the phone, 2 times max (my personally allocated f**k up budget :)) )

I know an XML is needed for the qfil tool but I was unable to find it.
According to the QFIL site it's actually the QPST not QFIL that's required, there's a boot.hex file that's required and there part of the firmware download I've listed on the other thread, all can be found on the QFIL site
 

mark332

Senior Member
Jul 2, 2017
269
225
Did anyone tried with QPST tool or Qfil tool? If Yes, please.......
Yes, i fixed op11 with QFIL SoC, this is needed only to recover a completely dead device (critical partition damage) & the method require technical knowledge + MSM Access, + QFIL or any similar Qualcomm programming tool
 

kinglove1211

Senior Member
Jul 27, 2014
50
15
Decatur
Yes, i fixed op11 with QFIL SoC, this is needed only to recover a completely dead device (critical partition damage) & the method require technical knowledge + MSM Access, + QFIL or any similar Qualcomm programming tool
So how is it you got QFIL to communicate with the phone. I had a bricked 10T and I kept getting an unauthorized error
 

Top Liked Posts

  • There are no posts matching your filters.
  • 22
    Hello all, i am here to leak OPPO tech tool that allows one plus 10 pro to be flashed. Sadly i cannot share login but if you are able to bypass login screen the tool does not need to authenticate with server to flash device in EDL mode. Attached is screen shot of login screen and file. The tool picks up device in EDL mode and allows user to select the OPF file associated for device (please note you must have this downloaded externally ideally from msm tool for your device)

    I wish you luck bypassing this login and fixing your phones.


    flash.png
    19
    This tool seems to be intended for use with mediatek devices.
    I wouldn't bet on it working with this phone, but here's how to bypass the login screen anyway.

    Open DownloadTool.exe with a hex editor
    Find '74 4b 8d 45 d4'
    Replace '74 4b' with '90 90'
    Save, launch, enter any username/password/code and click login.
    If you go to 'Software Package Management', you can specify a folder where your .ofp is located.
    15
    But, doesn't OPPO actually approve of the selling of MSM accounts/flashes?

    Remember, OPPO tech said OPPO makes him buy credits from OPPO to use MSM. Unreleated but, I was thinking it was designed as a second revenue source. Since there devices)dub brands can be really cheap.
    Ok .. just putting this out there... I MAY have pulled together a script that will automate the whole flash process .. including the auth, and sign verifications... But I truly do not know if it is going to be device specific, or if I can fandangle a slightly wider base from the data. Now 1st. Don't start asking me to drop the code into public chat. I worked my butt off and bricked my own devices SEVERAL times in order to test/work out the kinks ... (Proxifier/Fiddler were not friendly and butted heads a lot, so alternate avenues were taken) but before I could compile the whole script and run in one sweep, the Oppo account I was using expired. (Temp accounts ARE device specific). If you want ANY further development on this, I NEED someone to DM me, an active Oppo acct. I don't care if you want to change the password , 24hrs after you give me the info .. that's completely fine. If everything works properly, 24 hrs is about 23 hrs too much! But I need an ACTIVE , WORKING account that I can login to the msmtool, or the miflash server with, (preferred MSM so I don't gotta rewrite anything). And if I can perform a successful EDL unbrick without any errors, then I can strip parts of the Online MSM tool.exe , and with luck, force the Frankenstein'd version I pieced together, to package back up into a simple "Click, Select, Start, Wait, Celebrate" , exe file. With everything that you need, all put into portable container mode, and require no installation. (Or at bare minimum you can run it all inside a windows sandbox, cuz that's what I've been doing, so there's 0 chance of any persistent tracker left behind after each flash, and at the same time you can feel safe running it, cuz in a sandbox it cant harm you !).

    So again... If anyone still cares, and has any resources to obtain a login/pw that works, DM me , and WAIT FOR ME TO REPLY before you send the login, so you know exactly WHEN I got it, and you can change whatever .... Let's say .... 6-12 hrs after you grant me access!

    Otherwise it seems like this topic has died and no one cares anymore... Which rly don't bother me, cuz after this bunch of Diseased Unicorn Poo 💩 that Oppo/OnePlus pulled with literally going from "Developer Friendly" to "We'll eat your soul before we allow consumer modifications !" 👹 I am officially done with this company, and I truly hope a good 20% of their customer base feels the same, because the only way they will reverse their ignorant position , rivaling Apple IOS level lunacy, is if their yearly bonus checks are a few zeros short, and sales drop. (Shouldn't be a problem because T-Mobile just loosened the reigns and allowed Verizon to begin pre ordering the 10R for next year... So NA will at least have 2 major carriers .... But I don't think it will help sales ... Verizon is the Hitler Regime of Bootloader and device unlocking... They might go as far as to request an official Red/Black design with little bands around the top! Lol.

    Anyways ... Login/pw ... Oppo account... DM....

    Let's see if I can rain on the MSMTool Mafia's day just a lil bit. This tool should be provided FREE ... We're at over 1 year since released, and NO PUBLIC MASS CONSUMER UNBRICK , yet they throw the FW around on the main website, with official tags and signatures .... And even then .. one wrong action, and youre doin the "1-Ploo-Salloop!" (Infinite boot loop!) ... So if you can brick, using the files THEY provide, without knowing your current device setup!, They need to provide a method out! (And yes this can happen, because if you had previously done ANY modifications, such as rooting, forgetting to unhide magisk app, disable modules, or making any alterations to your initrc file , or had successfully swapped regions, then tried to flash the STOCK rollback, in order to bring your device back to factory spec, YOU WILL BOOTLOOP!)

    ((I have further details regarding what is one factor causing this to happen... It's the Baseband/Modem/Build.prop versioning that is putting your device out of spec. Each different Rollback/Upgrade package specifies an EXACT build # and patch date that each region has a slightly different variation of, and while you THINK you're fooling your device, You are ABSOLUTELY NOT! Part of the downloaded FW verification that happens before your phone reboots to complete the changes, is a quick matchup of some key files which your phone FAILS to notify you, when they do not match the requested info... And therefore those files are NOT replaced by your phone during the update/rollback.... So for anyone who knows Android.... This is a very big NO NO... you cannot update parts of a boot script... Parts of the system ... Parts of the recovery partition, but not also make the Android security patch, Kernel, modem, and other pertinent variables match their new counterparts. WHY? Can you use Android 13's Kernel, to run Android 12's security requirements, load 12's lower boot.img, but keep 13's modem, and flip a coin as to which recovery part will stay, then smash that all together under a security patch that is lower than your device was on! This is exactly what creates the "unresponsive device" brick. Cuz NOTHING is the right version necessary for secure boot and trust zone to approve/verify each other. Aka BRICK.

    Ok rant over....

    login/pw active Oppo acct.. DM..

    Ty
    9
    Here is extra files as promised. also it appears login connects with these servers; perhaps they can be spoofed/enumerated to bypass login for designated locations:
    Europe: https://service-eu.myoppo.com/
    India: https://service-in.myoppo.com/
    (there are more but i can't be bothered searching through subdomains, should be easy enough to find with OSINT).

    Good luck! Reach out if you have any questions or need any files that you think may be cached on system that ran this tool.
    8
    hello, i've just get an msm account from guest. Did your phone fix and can i test it ?
    yoo guys shout out to this man for helping me unbricking me my phone. 5 months no reply for oneplus, he just solved it in one night only! thanks alot bro. 💯 @xuanhoang1811