[HACK+MOD] Sony Xperia XZ Premium TWRP + KERNEL + ROOT + DRM fix/restore

Status
Not open for further replies.
Search This thread

karrouma

Senior Member
Jun 27, 2013
1,986
650
Can't unlock bootloader

I can't unlock my bootloader any help

Trying by adb and by flashtool but no luck to unlock


Any help pls?
 

Attachments

  • DSC_0909.jpg
    DSC_0909.jpg
    241.4 KB · Views: 340

sToRm//

Senior Member
Jun 24, 2017
524
2,032
Munich
I can't unlock my bootloader any help

Trying by adb and by flashtool but no luck to unlock


Any help pls?

Flashtool doesn't work with XZ Premium as far as I know. But you can unlock the bootloader with fastboot. Unlock code and instructions are here https://developer.sonymobile.com/unlockbootloader/
If the command is not allowed, you have to enable "OEM unlock" option in the developer settings in your device.
To get developer options, go to Settings -> System -> About -> click multiple times on "build number". After that go back to Settings -> System. There are the developer options now.
 
Last edited:

karrouma

Senior Member
Jun 27, 2013
1,986
650
Flashtool doesn't work with XZ Premium as far as I know. But you can unlock the bootloader with fastboot. Unlock code and instructions are here https://developer.sonymobile.com/unlockbootloader/
If the command is not allowed, you have to enable "OEM unlock" option in the developer settings in your device.
To get developer options, go to Settings -> System -> About -> click multiple times on "build number". After that go back to Settings -> System. There are the developer options now.

yes bro
oem problem
forgot about it
 

sToRm//

Senior Member
Jun 24, 2017
524
2,032
Munich
+++++++++++++++++++++++++++++++++++++
THIS IS JUST A BACKUP OF MY FIRST POST!
I WILL UPDATE THE FIRST POST WITH MY TOOL AND LET THE OLD INSTRUCTIONS HERE FOR EVERYONE WHO WANT'S TO DO THINGS MANUALLY!
+++++++++++++++++++++++++++++++++++++

##### WARNING: ########

Please note that the modification can result in a loss of warranty. I accept no responsibility for any damage that may occur and do not guarantee the functionality of the modifications. I have created this modification for myself and I just want to make it available to other users. If you have no idea of these things, please keep your fingers away. This hack may - in case of incorrect application - destroy your phone. Please keep to the instructions and report errors right here in the thread.

##### INFO: ###########

I' m providing a complete guide here, explaining how to unlock and root the Sony Xperia XZ Premium. In addition, I offer my hack for the DRM problem. You can root your device and still use the full functionality of the camera. Please note: DON'T flash the fix of other devices/versions to your phone! There are patched system files in my fix, which are only for the related phone/version! I will create different patches for other devices and firmware versions in the future!

Sony has worked on the newer devices on the security functions and made it more difficult to crack the DRM protection. Hidden checks were implemented to make cracking more difficult. The old DRMfix by Tobias Waldvogel no longer works with newer devices. I therefore spent a lot of time (a few weeks) and cracked the protection. Since this was my first time with Sony and I had previously no experience with it, it was a very hard job for me. But okay... finally I did it. And here are my 5 cents...


##### INSTRUCTIONS: #####

Before you start: PLEASE CHECK THE RIGHT VERSION OF YOUR FIRMWARE!!!
Settings -> About the phone -> Model & Build number
Don't flash a kernel that doesn't match your build!


1. Unlock your bootloader
Visit: https://developer.sonymobile.com/unlockbootloader/ Choose "Xperia XZ" from the list of the devices and follow the instructions to unlock your bootloader. Please note, that as soon as you unlock your device, your unique device keys are lost (forever!) and there is NO way back anymore!

2. Install custom recovery (TWRP)
The custom recovery is required to flash packages. You must have "Fastboot" on your computer. For Windows, there is a simple solution here (if you have not installed it yet): https://forum.xda-developers.com/showthread.php?t=2317790 After you downloaded and installed it, you can start the tool. Copy the twrp.img file from my package (folder "1 - Recovery") to the program folder, where ADB and Fastboot is installed.

Turn the phone off completely and unplug the USB connector, if connected. Now hold down the VolumeUP(+) key only and plug the USB cable to PC and mobile phone. The device is in "fastboot mode" now. Okay... Let's flash the custom recovery to the phone. In Fastboot (on your PC) type:

Code:
> fastboot devices

Your phone should be listet with a serialnumber and fastboot mode. If it's there, you can flash the recovery.

Code:
> fastboot flash recovery twrp.img

Done. Now you have a custom recovery installed. Easy huh?
Now unplug your USB cable again and turn of the phone.


3. Flash rootable kernel (sToRm_restore Kernel)
To flash my patched kernel (required for DRMfix!) you can start TWRP recovery. To do this, just hold down the VolumeDOWN(-) key and press the power key. Hold the VolumeDOWN(-) key until the TWRP splash screen shows up. Dude... You are now in your custom recovery. Great!

Now plug in your USB cable again. On your PC you can now open the phone's memory and drag the needed packets to the mobile phone. Whether you use the internal memory or the external memory does not matter. Please copy the following folders with the included zip archives to your device:

-> 2 - Kernel
-> 3 - Root
-> 4 - DRMpatch

Once the archives are on the phone, you can take your phone back into your hand and install the packages in TWRP. To do this, choose "Install" in the TWRP recovery. Now look for the archive with the kernel (example: XZP_45.0.A.7.137_R7A_ROOTABLE_DRMABLE.zip) in the folder "2 - Kernel" which you copied to your device. Select the archive for the installation and wipe to the right to install the package. After that, DON'T REBOOT your phone! First, go back (back button) and continue with the following point...

4. Flash root (Magisk)
Just as the kernel was installed, you can now install Magisk. Search the archive for Magisk (Magisk-v14.0.zip) in the folder "3 - Root", which you copied to the mobile phone. Select the archive for installation and swipe right again to install the package. Then go back again without a reboot and continue with the next point!


5. Flash DRMfix (sToRm_restore DRMfix)
As with the Kernel and Magisk, you can now also install the DRMpatch (DRMpatch-sToRm.zip) from the folder "4 - DRMpatch". Select the archive for installation and swipe right again to install the package.

Finally, you can "clear cache & dalvik" aaaaaaaaaaaand REBOOT!

Congratulations!
You now have an unlocked, rooted XZ Premium with my DRMpatch and can use your camera and other functions again without ugly green pictures! Wohoooo... Easy going, huh?

Let's be quiet for a moment and imagine the faces of the developers, who wanted to prevent a DRMfix with the new firmware versions and complex encapsulated security functions:

xzp-sonydevs.jpg



Cheers!
//sToRm (Heiko Frenzel)



##### FAQ: ################

Can this patch bring back the device key?
No! It simulates the key and a locked device without root. If you unlock and root your device, the unique device key is gone forever! There is not turning back!

Can I use another kernel with this patch?
No, my patched kernel has some lines in, which are required for the DRMpatch! If there is another kernel and other users want the fix in it, too, I can mod this kernel and release it in this thread.

Can I use another root method with this patch?
Yes! You can use SuperSU or something else if you want to. I myself have Magisk installed, because it works super smooth and the SafetyNet status is okay.

Can I use the patch for other devices or versions?
No! Please don't try this! In my patch I had to fix a system file which is different between the devices and versions. If you flash the wrong version, it could brick your phone! I will create other versions of my patch for other devices, too. So be patient!


##### DOWNLOADS: ##########

Model: G8141 @ Android: 7.1.1 @ Build: 45.0.A.7.137_R7A
Model: G8142 @ Android: 7.1.1 @ Build: 45.0.A.7.137_R5A
Model: G8141/G8142 @ Android: 7.1.1 @ Build: 45.0.A.7.137_AndroPlus_v06
-> sToRm_restore_PACK [DOWNLOAD]

Optional kernels for older versions:
(Note: This is optional for older versions - only the kernel! You also have to flash the DRMpatch and Magisk from the sToRm_restore_PACK above!)
AndroPlus_v04 @ 45.0.A.7.90 for G8141 & G8142 [DOWNLOAD]
AndroPlus_v05 @ 45.0.A.7.120 for G8141 & G8142 [DOWNLOAD]


##### SUPPORT / DONATION: #####
If I could help you with my work, I would be glad if you give me a small thank you. You can DONATE HERE. This would also support further development for newer versions and other devices. Big thanks!
 

Ultra_EU

New member
Apr 2, 2016
2
0
[MENTION=8363210]Updated first post! Oreo fix is included in XperiFIX.
Please try the tool and report if it works for you!

Note: Your device must be unlocked before using XperiFIX!


Can I use another root method with this patch? ?????????
 

TheMops

Member
Nov 5, 2017
12
0
Updated first post! Oreo fix is included in XperiFIX.
Please try the tool and report if it works for you!


Note: Your device must be unlocked before using XperiFIX!

The tool don´t work here. XZP ist booting into twrp and then it´s freezing. No action possible, touchscreen don´t react.
Now I´ve a bootloop grrrr
 

sToRm//

Senior Member
Jun 24, 2017
524
2,032
Munich
The tool don´t work here. XZP ist booting into twrp and then it´s freezing. No action possible, touchscreen don´t react.
Now I´ve a bootloop grrrr
Read the instructions! If TWRP boots up and nothing happens for about 2 minutes or so... Replug USB and wait again. It's because sometimes the PC doesn't recognize the device after booting TWRP. If you then just unplug and replug the cable, it will.
 
Last edited:

VeixES

Senior Member
Mar 5, 2012
422
187
Tallinn
A little offtopic, question or an little request for already rooted users. Can you install and check if following up runs nicely on xz premium? https://play.google.com/store/apps/details?id=com.qtrun.QuickTest
This is low-level information app about modem and all the info that gets from it. Would like to quickly confirm if its okay before jumping in to world of lost drm keys. Once i have confidence, i can proceed with donation :)
 

TheMops

Member
Nov 5, 2017
12
0
Read the instructions! If TWRP boots up and nothing happens for about 2 minutes or so... Replug USB and wait again. It's because sometimes the PC doesn't recognize the device after booting TWRP. If you then just unplug and replug the cable, it will.

Ok, I´ll try it again
 
Status
Not open for further replies.

Top Liked Posts

  • There are no posts matching your filters.
  • 199
    xperifix-teaser.jpg


    A MESSAGE TO SONY:
    Dear Sony,
    It was never my intention to publish a hack for your devices. But... It also was never my intention to buy a device for which I have no control. I find it impertinent to forbid the customer to root a purchased smartphone. I would not have made the effort, if at least the standard functions of the camera could have used. I paid ~750 euros and got a non-functioning camera because I want to have full control of my device. If at least the Camera2 API would have been opened, in order to be able to use other camera apps with full resolution, a hack would not have been necessary. But even with that you are fooling your customers. The only reason I have spent so much time and nerves is that I wanted to have a functioning debloated device with root.



    Okay, let's go...
    First we need some good music: HERE

    ##### WARNING: ########

    Please note that the modification can result in a loss of warranty. I accept no responsibility for any damage that may occur and do not guarantee the functionality of the modifications. I have created this modification for myself and I just want to make it available to other users. If you have no idea of these things, please keep your fingers away. This hack may - in case of incorrect application - destroy your phone. Please keep to the instructions and report errors right here in the thread.

    ##### INFO: ###########

    I' m providing a complete guide here, explaining how to unlock and root the Sony Xperia XZ Premium. In addition, I offer my hack for the DRM problem. You can root your device and still use the full functionality of the camera. Please note: DON'T flash the fix of other devices/versions to your phone! There are patched system files in my fix, which are only for the related phone/version! I will create different patches for other devices and firmware versions in the future!

    Sony has worked on the newer devices on the security functions and made it more difficult to crack the DRM protection. Hidden checks were implemented to make cracking more difficult. The old DRMfix by Tobias Waldvogel no longer works with newer devices. I therefore spent a lot of time (a few weeks) and cracked the protection. Since this was my first time with Sony and I had previously no experience with it, it was a very hard job for me. But okay... finally I did it. And here are my 5 cents...


    ##### INSTRUCTIONS: #####

    Before you start: PLEASE CHECK THE RIGHT VERSION OF YOUR FIRMWARE!!!
    Settings -> About the phone -> Model & Build number
    Don't flash anything that doesn't match your build!


    +++++++++ UPDATE +++++++++++++++++++++++++++
    I created a tool "XperiFIX" which can do the magic for you. :cowboy:



    See it in action...



    If you nevertheless want to do it manually on Nougat, the old instructions and downloads are here: https://forum.xda-developers.com/showpost.php?p=74426201&postcount=285

    1. Unlock your bootloader

    Visit: https://developer.sonymobile.com/unlockbootloader/ Choose "Xperia XZ" from the list of the devices (only if your device isn't listed) and follow the instructions to unlock your bootloader. Please note, that as soon as you unlock your device, your unique device keys are lost (forever!) and there is NO way back anymore!

    2. Use XperiFIX to get what you want

    1. Download, install and start "XperiFIX" (as administrator!)
    2. Hold down the VolumeUP(+) key only and plug the USB cable to PC and mobile phone until the LED is blue.
    3. Read the warning and check the checkbox
    4. Click "Fix my device!" button in XperiFIX
    5. Now the tool will do it's magic! Please be patient, it can take a few minutes!

    Note: If TWRP ask you if the system partition should be mounted read-only, then swipe to the right to allow modifications!

    6. If all is done, the device should restart.
    7. Check your security status, configuration and camera.
    8. Donate me a pizza or some toys for my little son, hehe...

    Congratulations!
    You now have an unlocked, rooted XZ Premium with my DRMpatch and can use your camera and other functions again without ugly green pictures! Wohoooo... Easy going, huh?

    Let's be quiet for a moment and imagine the faces of the developers, who wanted to prevent a DRMfix with the new firmware versions and complex encapsulated security functions:




    Cheers!
    //sToRm (Heiko Frenzel)



    ##### FAQ: ################

    Can this patch bring back the device key?
    No! It simulates the key and a locked device without root. If you unlock and root your device, the unique device key is gone forever! There is not turning back!

    Can I use another kernel with this patch?
    Yes, but only with Xperifix 2.0 and above. It will patch the ramdisk of the kernel automaticly.

    Can I use the patch for other devices or versions?
    No! Please don't try this! In my patch I had to fix a system file which is different between the devices and versions. If you flash the wrong version, it could brick your phone! I will create other versions of my patch for other devices, too. So be patient!

    TWRP freezes and nothing happens, what should I do?
    Please check if you have the correct driver for your device, installed on your PC.

    I already rooted my device. Can I use XperiFIX, too?
    Yes. If you used Magisk before, you can use XperiFIX without problems. Because XperiFIX will flash a new kernel which isn't pre-rooted. After that XperiFIX will flash Magisk, which will recognize your last Magisk installation. It will patch the new kernel ramdisk and all is fine. Your Magisk old settings will be there, too. If you want to use SuperSU, you can't use XperiFIX, because it's not implemented yet and I personally won't install and test it cause Magisk is running perfect on Nougat and Oreo, too!

    I used XperiFIX but it gives me an error and now my device is in a bootloop!
    That's not good dude. Please report what exactly you did, with all informations about your device. I will check it. To get a working device again, you can flash the firmware with Newflasher 10+.

    My device doesn't respond, nothing works, it stucks in a bootloop, I can't power off?!
    Just hold the VolumeUP(+) key together with the Power key. Wait until the device vibrates 3 times (!). Now it's completely off. Then you can try to go in Fastboot mode again to flash or use XperiFIX.

    I have a problem, what can I do?
    If your question can't be answered here in the FAQ, please post your report. Be sure to give all needed informations. Which device, which firmware version, what you exactly did, ... Without details, nobody can help you!

    What does the fox say?
    Hatee-hatee-hatee-ho! ^^



    ##### DOWNLOADS: ##########

    XperiFIX_Installer MOD edit, links removed.
    Official website: https://www.xperifix.com

    Supported devices:
    Sony Xperia XZ Premium (Single/Dual)
    - Firmware @47.1.A.12.75
    - Firmware @47.1.A.12.34
    - Firmware @47.1.A.8.49

    Sony Xperia XZ1 (experimental)
    - Firmware @47.1.A.12.75
    - Firmware @47.1.A.12.34
    - Firmware @47.1.A.8.49

    Sony Xperia XZ1 Compact (experimental)
    - Firmware @47.1.A.12.75
    - Firmware @47.1.A.12.34
    - Firmware @47.1.A.8.49

    Old version:
    If you are using older firmware versions on your XZ Premium, you can download the last old version (v1.4) from the website (look at the history on the download site).

    ##### SUPPORT / DONATION: #####
    If I could help you with my work, I would be glad if you give me a small thank you. You can DONATE HERE. This would also support further development for newer versions and other devices. Big thanks!


    THANKS:
    @munjeni
    @zxz0O0
    @the_brad
    @serajr
    ... and all other users of the "brainstorm thread" for their infos and ideas!

    CREDITS:
    Included in XperiFIX:
    Old DRM restore by @tobias.waldvogel
    Magisk by @topjohnwu
    TWRP by @Myself5
    AndroidLib by @regaw_leinad
    45
    Whoooop! Good news!

    - I found a new way to patch our devices and also other devices like the XZ1/XZ1c.
    - They all should work with current Magisk versions 15+ then.
    - The new method also fixes a bug in current firmware versions (service menu -> device info bugs)
    - I actually work on a fully automatic version of XperiFIX (the big dream haha)

    If I have a little bit more free time, I will make a little project page with needed files for Linux users, too. It's easier to update all relevant files on one single place.

    Have a nice weekend my friends!
    37
    Well... I think this will be a little bit easier... Haha...
    Works like a charme with my XZP @ Oreo.

    8IyMMYZ.png


    My goal is to include fixes for different devices, too. And to make it as simple as possible...

    - Connect your device in Fastboot mode
    - Choose your device and firmware version
    - Hit Crack that b***
    - Wait a little bit
    = Wohoo... TWRP + ROOT + DRMpatch

    Easy, huh? :cowboy:

    I will test it and release it asap.
    Please be patient.
    30
    Hi my friends :)
    I'm back on my desk. I will try to get some free time this evening when I'm done with my work. Then I will share an updated XperiFIX version with the current fw versions. There will also be a fix for other devices, which will be tested these days. As soon as they work perfectly, they will be included in the coming XperiFIX 2.0 with automatic mode and optional manual mode (for already rooted/modded devices).

    The 2.0 will be a universal solution and I think it should work also with coming updates, because the tool will get the needed infos and files right out of the device. That's what I call "intelligent hacking". Hahaha... Because of the fact that the 2.0 uses another method for newer devices, I will make the mentioned official website for XperiFIX and there will be the current version and the 2.0+ seperately. That makes it easier for users of older firmware versions that don't want to upgrade. There will also be some tipps related to drivers and things like that. Maybe I will find a way to include them or do some system checks to get these bugs fixed for users that have problems with their machines.

    Later then, I will try to create a fully universal XperiFIX for most devices (old and new). But that will take some time and a lot of testing. On the XperiFIX site, there will be a opportunity for users of other devices to apply for testings. I'm also planning to include third party mods for the related devices. That would be (I think so) really useful. So... I think you guys noticed already, that I'm really keen on getting a really nice software for Sony's devices.

    P.S.: The Linux solution is coming soon, too.

    Have a nice week! I will post asap when it's done. Hehe... You know that.
    Cheers!
    28
    Just to make things clear. My kernels/repacks are done in accordance with instructions provided by sToRm// in this thread (plus a bit of tweaking to make magisk 15+ work).
    The drm fix is, and always will be the work of @sToRm//
    I am also willing to pay for new patches when the old ones become redundant.

    Yes, and you did a great job for the community. Thank you! We had a move in my family before Christmas and during the holidays. I did not have time to worry about the fix, but I kept reading on XDA. Then I saw that you shared the kernels, sat sweating on the couch with moving boxes in front of me, and smiled. Hehe...

    It's not the problem that somebody shares his own repacks or a fix with my files included. I saw there are kernels with pre-included fixes. They are absolutely welcome. It's nice to see that other people can use it. I'm the last person on this earth who would be angry about that, because I think that things are more easy and effective if some devs work together and share their knowledge. That's the reason why I shared my knowledge and things i noticed, on the thread about the long way to the fix. Also I shared instructions to include it in other kernels.

    What really sucks is that I invested tons of hours for a new fix for other devices... I worked together with testers and made a lot of tests over weeks and f*** my brain with that. I sat on my desktop for nights to get a fix for other devices, which I don't own... Only to make other users happy. I gave my test fixes to testers and explicitly said "Please, don't share the files." because they were only for testing. And then there comes up a fix for the XZ1/XZ1c which was out of my test files. The included "update-binary" contains the hint that it was an unofficial pack. The files are identical and the included "secd" is 1:1 patched (my hack). So... What really pisses me off is the fact, that they shared my invested time without my knowledge and another user comes up with that. It would be absolutely enough to ask me if another user can have the files.

    In the fix is a library from tobias.waldvogel (old drmfix) which I included. I personally tried to contact him over different ways, to get his "okay". He is not active and I didn't got an answer for a long time, so I decided to include it and mention him and his work. But the difference is, it was a public file, not a unofficial fix sent via pm. You know what I mean?

    And... Because there was somebody who said I do it for the money... Haha...
    Dude... That's bullshit. I'm shareholder and director of 3 companies. I'm not rich, but I'm also not greedy. There were some users that said to me "I would share the fix only for payment." but that's not my intention. I got donations, yes and that's really nice. Because I use it not only for pizza. For example: I got donations for the manual instructions and files and then I took the money and bought a license for the framework that I used to develop XperiFIX. A software that is free to all and for sure I would not need. If I would do it for the money, I would create a runtime fix with closed source and serials.

    And...
    I didn't say "There will be no update for the rest of my life". But right now I'm just pissed off. That's why I'm now mainly concerned with private and business. I make updates when I have time or I get bored.