[Guide] Nougat with DRM fix, root and TWRP* (SGP771)

Search This thread

myhrdak

Senior Member
Dec 26, 2007
63
4
i need to ask this because the guide is very long, some downloads (ta_poc - for what?) are offline.

so my question is:
isn´t it enought to unlock the bootloader, flash the twrp & androplus kernel and than root with
supersu? i dont need drm fix, magisk & the other stuff mentioned!

thank you
 

allofmex

Member
Jan 13, 2012
30
16
Did you Flash the twrp separately? The script included for TA_poc Did not work for me.
...
I can confirm This method works for 32.3.A.2.33_R2D (Nordic) but only with Magisk 11.6. I lost root with ver. 12.

As If you want to get full root rights disable Sony Ric and do not install Magisk (I guess it could work).

Ok, It works for me too now.
Here some updated steps based on halfvast's instructions (SGP771_32.3.A.2.33_R1D_Customized DE, Windows) because of some changes in the scripts in the meantime:

  1. Download to Computer:
    ta_poc.rar from here (old link not working anymore)
    TWRP-3.0.2-0-20160604.img
  2. Download to device:
    SuperSU-v2.79-201612051815.zip
    (serajr script not needed)
  3. Decompress ta_poc.rar
  4. Extract kernel.sin from your nougat firmware ftf (You can use 7zip to do this). Copy it to same folder with DRM fix.
  5. Copy your TA backup to same folder with DRM fix
  6. Rename TWRP-3.0.2-0-20160604.img to recovery.img and put it in ta_poc folder
  7. Run DOUBLECLICKME.bat
  8. Follow the scripts wizzard (it will ask you for the kernel.sin and TA*.img file locations)
  9. Answer "Disable dm verity" with yes to be able to flash zip's in recovery
  10. "Disable Sony Ric" (answer yes) if you want to write to /system from RUNNING system later, for example if you want to delete unneeded system apps. (If your root-apps dont need to write to your system partition from Android you can keep Ric switched on for higher malware protection). You will still be able to flash stuff in recovery.
  11. Press vol up and connect your device to pc to use fastboot. Use command in PC shell: fastboot flash boot new_boot.img (no need to flash recovery anymore, the script included it already in boot image??? Needs confirmation, maybe I had already a previous recovery. If you cant boot to recovery do a fastboot flash recovery TWRP-3.0.2-0-20160604.img and give me a message that I may update this list. But I don't see other explanation why ta_poc script is asking for recovery image file )
  12. Disconnect your device and put otg-cable to tablets usb and connect mouse to otg-cable.
  13. Press and hold vol down + press long power at the same time to boot to TWRP. (Do not press power and afterwards vol down as it is working with other setups, this will result in boot stucking at sony logo!)
    Touchscreen is not workin but you can use your mouse to navigate in TWRP!
  14. Allow TWRP to make changes to your device and flash Supersu 2.79 (maybe wipe Dalvik/Cache too)
  15. Reboot (be patient, it may reboot automatically at first bootup)

The following is optional if you need AdAway (can be done later too):
  1. Download Magisk-v12.0.zip to device (no problems with Magisk 12.0 in my case, but I flashed it later, maybe there should be a reboot between flashing superSu and magisk, but it's just a guess)
  2. Boot to recovery and flash magisk zip
  3. Reboot and install magisk manager from the play store.
  4. Enable from magisk manager settings: busybox, magisk hide and systemless hosts and Install Adaway (Will not work without Magisk, strange).



Thanks to halfvast and the others for all the work.
 
  • Like
Reactions: _Nostromo_

RondelRo

Member
Apr 15, 2015
16
2
Ok, It works for me too now.
Here some updated steps based on halfvast's instructions (SGP771_32.3.A.2.33_R1D_Customized DE, Windows) because of some changes in the scripts in the meantime:

  1. Download to Computer:
    ta_poc.rar from here (old link not working anymore)
    TWRP-3.0.2-0-20160604.img
  2. Download to device:
    SuperSU-v2.79-201612051815.zip
    (serajr script not needed)
  3. Decompress ta_poc.rar
  4. Extract kernel.sin from your nougat firmware ftf (You can use 7zip to do this). Copy it to same folder with DRM fix.
  5. Copy your TA backup to same folder with DRM fix
  6. Rename TWRP-3.0.2-0-20160604.img to recovery.img and put it in ta_poc folder
  7. Run DOUBLECLICKME.bat
  8. Follow the scripts wizzard (it will ask you for the kernel.sin and TA*.img file locations)
  9. Answer "Disable dm verity" with yes to be able to flash zip's in recovery
  10. "Disable Sony Ric" (answer yes) if you want to write to /system from RUNNING system later, for example if you want to delete unneeded system apps. (If your root-apps dont need to write to your system partition from Android you can keep Ric switched on for higher malware protection). You will still be able to flash stuff in recovery.
  11. Press vol up and connect your device to pc to use fastboot. Use command in PC shell: fastboot flash boot new_boot.img (no need to flash recovery anymore, the script included it already in boot image??? Needs confirmation, maybe I had already a previous recovery. If you cant boot to recovery do a fastboot flash recovery TWRP-3.0.2-0-20160604.img and give me a message that I may update this list. But I don't see other explanation why ta_poc script is asking for recovery image file )
  12. Disconnect your device and put otg-cable to tablets usb and connect mouse to otg-cable.
  13. Press and hold vol down + press long power at the same time to boot to TWRP. (Do not press power and afterwards vol down as it is working with other setups, this will result in boot stucking at sony logo!)
    Touchscreen is not workin but you can use your mouse to navigate in TWRP!
  14. Allow TWRP to make changes to your device and flash Supersu 2.79 (maybe wipe Dalvik/Cache too)
  15. Reboot (be patient, it may reboot automatically at first bootup)

The following is optional if you need AdAway (can be done later too):
  1. Download Magisk-v12.0.zip to device (no problems with Magisk 12.0 in my case, but I flashed it later, maybe there should be a reboot between flashing superSu and magisk, but it's just a guess)
  2. Boot to recovery and flash magisk zip
  3. Reboot and install magisk manager from the play store.
  4. Enable from magisk manager settings: busybox, magisk hide and systemless hosts and Install Adaway (Will not work without Magisk, strange).



Thanks to halfvast and the others for all the work.

Word of warning:

I decided to try this out with my LTE tablet with a TA partition from a Z5 (I was clueless when I unlocked the bootloader of my tablet and didn't know to save off the TA partition).

Everything seems to work except for the fact that the tablet no longer recognizes my SIM card. I guess I'll have to restore the original boot partition... :(
 

BackHol3

Member
May 31, 2014
38
9
I had To install Marsmallow to get TA backup to work. Now I have a new problem, when I try to unlock my bootloader I get "remote command not allowed" even though my service menu says bootloader unlock allowed:yes. What to do?
 

Mike02z

Senior Member
Feb 3, 2012
1,953
794
Greenville, SC
OnePlus 9 Pro
Ok, It works for me too now.
Here some updated steps based on halfvast's instructions (SGP771_32.3.A.2.33_R1D_Customized DE, Windows) because of some changes in the scripts in the meantime:

  1. Download to Computer:
    ta_poc.rar from here (old link not working anymore)
    TWRP-3.0.2-0-20160604.img
  2. Download to device:
    SuperSU-v2.79-201612051815.zip
    (serajr script not needed)
  3. Decompress ta_poc.rar
  4. Extract kernel.sin from your nougat firmware ftf (You can use 7zip to do this). Copy it to same folder with DRM fix.
  5. Copy your TA backup to same folder with DRM fix
  6. Rename TWRP-3.0.2-0-20160604.img to recovery.img and put it in ta_poc folder
  7. Run DOUBLECLICKME.bat
  8. Follow the scripts wizzard (it will ask you for the kernel.sin and TA*.img file locations)
  9. Answer "Disable dm verity" with yes to be able to flash zip's in recovery
  10. "Disable Sony Ric" (answer yes) if you want to write to /system from RUNNING system later, for example if you want to delete unneeded system apps. (If your root-apps dont need to write to your system partition from Android you can keep Ric switched on for higher malware protection). You will still be able to flash stuff in recovery.
  11. Press vol up and connect your device to pc to use fastboot. Use command in PC shell: fastboot flash boot new_boot.img (no need to flash recovery anymore, the script included it already in boot image??? Needs confirmation, maybe I had already a previous recovery. If you cant boot to recovery do a fastboot flash recovery TWRP-3.0.2-0-20160604.img and give me a message that I may update this list. But I don't see other explanation why ta_poc script is asking for recovery image file )
  12. Disconnect your device and put otg-cable to tablets usb and connect mouse to otg-cable.
  13. Press and hold vol down + press long power at the same time to boot to TWRP. (Do not press power and afterwards vol down as it is working with other setups, this will result in boot stucking at sony logo!)
    Touchscreen is not workin but you can use your mouse to navigate in TWRP!
  14. Allow TWRP to make changes to your device and flash Supersu 2.79 (maybe wipe Dalvik/Cache too)
  15. Reboot (be patient, it may reboot automatically at first bootup)

The following is optional if you need AdAway (can be done later too):
  1. Download Magisk-v12.0.zip to device (no problems with Magisk 12.0 in my case, but I flashed it later, maybe there should be a reboot between flashing superSu and magisk, but it's just a guess)
  2. Boot to recovery and flash magisk zip
  3. Reboot and install magisk manager from the play store.
  4. Enable from magisk manager settings: busybox, magisk hide and systemless hosts and Install Adaway (Will not work without Magisk, strange).



Thanks to halfvast and the others for all the work.

Thank you so much! I have not even touched my Xperia Z4 WiFi in about 8 months. Your post made it so easy to go from stock unlocked, to fully functioning. I did have to flash the twrp separately to get into recovery. I then flashed Magisk v12. It rebooted fine but after 5 minutes it would just keep rebooting. I tried the Magisk uninstall but it terminated with an error. I went back and flashed the new_boot image and started again. This time I flashed SuperSU v2.82. and rebooted and it was fine. I then flashed Magisk 11.6 and it sort of works. It still won't pass safety net but I'll keep working on it.

One last item to note. When I flashed SuperSU 2.82 it allowed Adaway to work fine. Not sure why. If that was your only reason for needing Magisk, you likely won't need it.
 
Last edited:

DHGE

Senior Member
Jun 20, 2015
608
289
coastal paradise
use fastboot to boot twrp

fastboot boot suitable_twrp.img

or better install LineageOS

---------- Post added at 08:13 ---------- Previous post was at 08:04 ----------

fastboot boot twrp.img
 

Grutinet

Member
Nov 3, 2016
10
0
Hi, if I understand right, with the method explained on page 1, we can have the latest Nougat version for SGP 711 and SGP 712 (32.4.A.1.54) with DRM patch working with the latest AndroiPlus kernel (v.43), TWRP and root acces. Am I right or is there something still buggy with this configuration ? :D
 

Top Liked Posts

  • There are no posts matching your filters.
  • 4
    Do not work with Nougat 7.1.1 / 32.4.A.0.160 (Bootloop)
    New TWRP (You dont need otg and mouse anymore!):
    https://www.androidfilehost.com/?fid=745425885120733410 (thanks to andralex8!)


    GUIDE UPDATED, TESTED AND SIMPLIFIED 15.2.2017 (thanks to munjeni)
    Tested with Saudi Arabia, Germany and Nordic (.378) firmwares

    I managed to get my Xperia Z4 Tablet (SGP771) LTE model to have root, TWRP-recovery*, munjenis DRM fix and Adaway working with Nougat firmware (Saudi Arabia). I will share steps that I have done with my own tablet. If this guide brick your device or something goes wrong, I am not responsible for loss of your device. Use this guide only with your own RISK!

    This tutorial is not for beginners. You need to have working adb installed yout pc, unlocked tablet, sonys special driver for fastboot. and TA backup (example TA-21062016.img). Use only this tutorial with Sony USB-cable.

    *To get TWRP working, you need: OTG-cable and a mouse with wire or wireless mouse with a dongle.

    0. Download Nougat 32.3.A.0.376 (Saudi Arabia) firmware with Xperiafirm 32.3.A.0376. to your PC
    1. Flash Nougat 32.3.A.0.376 (Saudi Arabia) with Flashtool 0.9.23.2.
    2. Boot your device and enable Developer settings from setting
    3. Enable USB debugging setting from Developer settings
    4. Download Supersu and Magisk to your device:
    https://s3-us-west-2.amazonaws.com/supersu/download/zip/SuperSU-v2.79-201612051815.zip
    http://tiny.cc/latestmagisk
    5. Shutdown your device
    6. Download munjenis DRM fix and serajr script package v2 to your pc:
    http://munjeni.myiphost.com/ta_poc.rar
    https://forum.xda-developers.com/showpost.php?p=70959962&postcount=65
    7. Decompress files from munjeni and serajir to same folder.
    8. Extract kernel.sin from your nougat firmware ftf (You can use 7zip to do this). Copy it to same folder with DRM fix. Rename kernel.sin to kernelX.sin
    9. Copy your TA backup to same folder with DRM fix and rename it TA.img
    10. Open Cmd with admistrator persimmions and use DOUBLECLICKME_NOUGAT.bat (search cmd rght mouseclick use admistrator).
    11. Follow munjenis tool tutorial: You can choose if you want Sony Ric off. I left it on but turned dm verity off.
    12. Download TWRP: https://drive.google.com/drive/folders/0B0j3VJ1Xp5N8cnhQamtxRWVtRmc
    13. Press vol up and connect your device to pc to use fastboot. Use command: fastboot flash boot new_boot.img
    14. After that use command: fastboot flash recovery TWRP-3.0.2-0-20160604.img
    15. Disconnect your device and put otg-cable to tablets usb and connect mouse to otg-cable.
    16. Press vol down + power to boot to TWRP. Touchscreen is not workin but you can use your mouse to navigate in TWRP!
    17. Allow TWRP to make changes to your device and flash Supersu 2.79 and Magisk 11.1.
    18 Boot your device and install magisk manager from the play store.
    19. Enable from magisk manager settings: busybox, magisk hide and systemless hosts and Install Adaway (Will not work without Magisk, strange).

    I have not managed to get my CTS profile approved but that is not major issue if not playing with Pokemon go (You can use magisk to detect this).

    Note1 : Change LTE to 1 priority from mobile setting. Default for SA firmware is GSM :)
    Note2: If you have already tried rootkernel to get drm working; do a full wipe and reflash firmware with flashtool. Rootkernel messes something. Tablet do not boot if you have used rootkernel and after that try to use munjenis DRM fix.
    Note3: Magisk 11.1 wont work with Xperia Z4 Tablet without Supersu. So flash Supersu first and Magisk 11.1 after that
    Note4: You cannot boot to TWRP by using root and reboot to recovery apps. You need to boot to the recovery with keycommand voldown+power

    I hope this guide helps some fellow flashers :D

    Special thanks for
    munjeni
    serajr
    Chainfire
    Androplus
    topjohnwu
    Teamwin
    Androxyde
    mrRobinson

    If I forgot someone I am truly sorry!

    1zyfzn8.png
    1
    I am not sure. You need atleast a correct TWRP. You can try if You dare with your own RISK :D

    But I doubt that it wont work..
    1
    Guide updated and simplificed 15.2.2017. Thanks to munjeni! :)
    1
    Step 8 says Extract kernel.sin from your nougat firmware copy it to same folder with DRM fix. Rename kernel.sin to kernelX.sin. Do I have to extract that from the ftf or my Nougat firmware im currently using? Also does the ftf have to be that region?

    You need to extract it from ftf-image. I used 7zip. My device was Nee with stock. I used DE with Marshmallow and I am currently using Saudi Arabia. So I dont think it will matter, which kernel you use with your device. But I would use same kernel version with rom. So If you are using Saudi Arabia rom use Saudi Arabia kernel. For Russia rom use Russia kernel, and so on :)

    I will add tft-image extract to tutorial!
    1
    Works with latest Nordic .378 :)
Our Apps
Get our official app!
The best way to access XDA on your phone
Nav Gestures
Add swipe gestures to any Android
One Handed Mode
Eases uses one hand with your phone