• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

[How-to] Rooted stock SGP621 firmware with DRM keys

Search This thread

CubicU07

Member
Jul 31, 2013
33
16
Note: Since lowtraxx's guide has included how to get back to stock rom since the time this post was made, I strongly suggest to follow his guide instead.
==========================
Disclaimer:
  1. I make no claims to any of the codes, scripts and programs listed in this post. Credit goes to the creators.
  2. This serves as a extension of lowtraxx's guide (which left your device on a rooted SGP621 on a D6603 system).
  3. These are what I did to get stock rooted firmware on my SGP621 while keeping the bootloader locked and most importantly, the DRM keys intact. I make no guarantees that you will not brick your device, but I did quite a lot of trial and error flashing without messing things up, so if you know what you are doing, these steps should be relatively safe.

Files/Tools Required:
  1. Backup TA by DevShaft
  2. Flashtool by Androxyde
  3. Stock SGP621 FTF (I compiled my own by downloading the firmware using XperiFirm by laguCool and bundling the FTF using Flashtool. Alternatively, you can just use the one provided in lowtraxx's guide.)
  4. Advanced Stock Kernel by krabappel2548
  5. PRFCreator by zxz0O0
  6. SuperSU by Chainfire
  7. SonyRICDefeat by dosomder

Prerequisite:
  • Follow lowtraxx's guide to completion.

Steps:
  • Backup TA partition using Backup TA.
  • Return to stock unrooted by flashing the SGP621 FTF using Flashtool.
  • Unlock the bootloader (You'll lose the DRM keys here, but it doesn't matter anymore since you already have them backed up using Backup TA).
  • Flash the Advanced Stock Kernel using Flashtool in FastBoot mode. At this point your device will be unlocked, with DRM keys lost, and rooted with custom recovery.
  • Using PRFCreator on the SGP621 FTF and the SuperSU zip, create a rooted stock firmware flashable zip. Note: Be sure to check all the checkboxes under the "Include" section.
  • Copy the resulting zip onto your device's internal storage or external SD card.
  • Also copy the SonyRICDefeat zip to the same location.
  • Boot into TWRP on your device (Boot up the device and press the Volume down key when the purple LED lights up on the Sony boot screen).
  • Flash the rooted stock firmware zip followed by the SonyRICDefeat zip.
  • Once complete, reboot into system and set up the device for USD Debugging.
  • Restore the TA partition using Backup TA.
  • Reboot the device again and you now have the device on rooted stock firmware, with DRM keys intact.
 
Last edited:

frostmore

Senior Member
Nov 21, 2010
309
103
Disclaimer:
  1. I make no claims to any of the codes, scripts and programs listed in this post. Credit goes to the creators.
  2. This serves as a extension of lowtraxx's guide (which left your device on a rooted SGP621 on a D6603 system).
  3. These are what I did to get stock rooted firmware on my SGP621 while keeping the bootloader locked and most importantly, the DRM keys intact. I make no guarantees that you will not brick your device, but I did quite a lot of trial and error flashing without messing things up, so if you know what you are doing, these steps should be relatively safe.

Files/Tools Required:
  1. Backup TA by DevShaft
  2. Flashtool by Androxyde
  3. Stock SGP621 FTF (I compiled my own by downloading the firmware using XperiFirm by laguCool and bundling the FTF using Flashtool. Alternatively, you can just use the one provided in lowtraxx's guide.)
  4. Advanced Stock Kernel by krabappel2548
  5. PRFCreator by zxz0O0
  6. SuperSU by Chainfire
  7. SonyRICDefeat by dosomder

Prerequisite:
  • Follow lowtraxx's guide to completion.

Steps:
  • Backup TA partition using Backup TA.
  • Return to stock unrooted by flashing the SGP621 FTF using Flashtool.
  • Unlock the bootloader (You'll lose the DRM keys here, but it doesn't matter anymore since you already have them backed up using Backup TA).
  • Flash the Advanced Stock Kernel using Flashtool in FastBoot mode. At this point your device will be unlocked, with DRM keys lost, and rooted with custom recovery.
  • Using PRFCreator on the SGP621 FTF and the SuperSU zip, create a rooted stock firmware flashable zip.
  • Copy the resulting zip onto your device's internal storage or external SD card.
  • Also copy the SonyRICDefeat zip to the same location.
  • Boot into TWRP on your device (Boot up the device and press the Volume down key when the purple LED lights up on the Sony boot screen).
  • Flash the rooted stock firmware zip followed by the SonyRICDefeat zip.
  • Once complete, reboot into system and set up the device for USD Debugging.
  • Restore the TA partition using Backup TA.
  • Reboot the device again and you now have the device on rooted stock firmware, with DRM keys intact.

Hey, How did you manage to avoid soft bricking your tablet?

i followed your instructions but i still get softbricks.
 

Pingpoi

Member
Jan 10, 2013
7
0
For me, I got soft brick after restoring the TA partition. Ended up repeating the whole process flashing stock firmware again. After that, I found that I need to tick all the checkbox in the PRFCreator when creating the flashable zip. After the flash and restore, I am able to boot smoothly.
 

CubicU07

Member
Jul 31, 2013
33
16
For me, I got soft brick after restoring the TA partition. Ended up repeating the whole process flashing stock firmware again. After that, I found that I need to tick all the checkbox in the PRFCreator when creating the flashable zip. After the flash and restore, I am able to boot smoothly.

I guess I wasn't too clear on how to use PRFCreator, apologies for that. Added a note in to reflect that in the original post.
 

ultima888

Senior Member
Jun 2, 2010
76
7
Since lowtraxx's guide now also include guides to flash rooted stock or CM, so that means both guides do the same thing now? Since I was a little confused while reading the instruction:
Prerequisite:
Follow lowtraxx's guide to completion.

Anyway, thanks both for the great works!!
 

ValVK

Senior Member
Dec 15, 2008
493
45
Munich
Please,i have the same confuse as ultima888 with "Prerequisite:
Follow lowtraxx's guide to completion.".
Should i only follow that guide,from this topic? (as it describe full way to get root and stock rooted FW,
or i understand some wrong?) Or i must to go all through lowtrack's guide and THEN do in ptactice the same steps from this guide?
Pls understand me, here are some confusings her, i don't like to softbrick my device and ask just to be sure...:)
Thanks in advance!!!
 

juer_liu

Member
Mar 24, 2009
6
0
Please,i have the same confuse as ultima888 with "Prerequisite:
Follow lowtraxx's guide to completion.".
Should i only follow that guide,from this topic? (as it describe full way to get root and stock rooted FW,
or i understand some wrong?) Or i must to go all through lowtrack's guide and THEN do in ptactice the same steps from this guide?
Pls understand me, here are some confusings her, i don't like to softbrick my device and ask just to be sure...:)
Thanks in advance!!!

Do lowtraxx's post first.
Then follow this post.
 

stavro

Senior Member
Apr 23, 2008
80
18
i am little bit confused by all of those steps to get root. (described in this and related threads)

if i understood the whole procedure right then we have to get root first
via flashing a vulnerable firmware made for another device, to be able to backup the drm keys right?
but then we lose root again while flashing back latest stock rom.
now we have to proceed with unlocking the bootloader to get root and recovery.
finally we restore drm keys and doing so bootloader is locked again ?

is this basically what all those steps are for and do i have to go through all of them
if i "just" want to get root on latest stock (no custom roms) to install xposed framework?

thanx in advance and keep up the good work.
 
Last edited:

kvi

Member
Jun 23, 2009
26
3
sorry, I only speak Spanish, I used google translate:
The original firmware is not vulnerable. The only way get root is opening the bootloader (and put a custom recovery to install SuperSU) but that the drm keys are lost. To keep the drm keys have to get to backup the partition TA without opening the bootloader. To make the backup you need to root and to achieve this must be mixed before 2 firmwares.
Restoring the TA partition relock the bootloader
You should only restore the TA partition with an original kernel
 

jskusk

New member
Mar 6, 2015
4
0
Bundling the FTF question

[*]Stock SGP621 FTF (I compiled my own by downloading the firmware using XperiFirm by laguCool and bundling the FTF using Flashtool. Alternatively, you can just use the one provided in lowtraxx's guide.)

Thanks for the guide!

Just a newbie question. What Sony device did you select in Flashtool when you bundled the firmware? I can not find SGP621 anywhere.

/kusk
 

greye05

Member
Jul 30, 2013
42
4
SO i made a lollipo ftf pre rooted but when i tried to flash RICDefeat it would give me an error. I rebooted the system and everything seems fine, what exactly did that zip file do. What problems im i going to have with the divice and is there any way of fixing it.

thx
 

selfm

New member
Sep 6, 2014
1
0
Dear CubicU07.
I have a question for u. I have a z3 tablet but it's SGP641 so if i follow this guide for my z3t 641 , have any problems with this ?
Ty for reading :D
 

waichai

Senior Member
Jul 7, 2007
406
17
Hi everyone,
In step 5,
1. do I have to check the checkbox in "Sign zip"?
2. do I have to put any recovery file under "recovery zip" section?
Thanks.
 

Top Liked Posts

  • There are no posts matching your filters.
  • 5
    Note: Since lowtraxx's guide has included how to get back to stock rom since the time this post was made, I strongly suggest to follow his guide instead.
    ==========================
    Disclaimer:
    1. I make no claims to any of the codes, scripts and programs listed in this post. Credit goes to the creators.
    2. This serves as a extension of lowtraxx's guide (which left your device on a rooted SGP621 on a D6603 system).
    3. These are what I did to get stock rooted firmware on my SGP621 while keeping the bootloader locked and most importantly, the DRM keys intact. I make no guarantees that you will not brick your device, but I did quite a lot of trial and error flashing without messing things up, so if you know what you are doing, these steps should be relatively safe.

    Files/Tools Required:
    1. Backup TA by DevShaft
    2. Flashtool by Androxyde
    3. Stock SGP621 FTF (I compiled my own by downloading the firmware using XperiFirm by laguCool and bundling the FTF using Flashtool. Alternatively, you can just use the one provided in lowtraxx's guide.)
    4. Advanced Stock Kernel by krabappel2548
    5. PRFCreator by zxz0O0
    6. SuperSU by Chainfire
    7. SonyRICDefeat by dosomder

    Prerequisite:
    • Follow lowtraxx's guide to completion.

    Steps:
    • Backup TA partition using Backup TA.
    • Return to stock unrooted by flashing the SGP621 FTF using Flashtool.
    • Unlock the bootloader (You'll lose the DRM keys here, but it doesn't matter anymore since you already have them backed up using Backup TA).
    • Flash the Advanced Stock Kernel using Flashtool in FastBoot mode. At this point your device will be unlocked, with DRM keys lost, and rooted with custom recovery.
    • Using PRFCreator on the SGP621 FTF and the SuperSU zip, create a rooted stock firmware flashable zip. Note: Be sure to check all the checkboxes under the "Include" section.
    • Copy the resulting zip onto your device's internal storage or external SD card.
    • Also copy the SonyRICDefeat zip to the same location.
    • Boot into TWRP on your device (Boot up the device and press the Volume down key when the purple LED lights up on the Sony boot screen).
    • Flash the rooted stock firmware zip followed by the SonyRICDefeat zip.
    • Once complete, reboot into system and set up the device for USD Debugging.
    • Restore the TA partition using Backup TA.
    • Reboot the device again and you now have the device on rooted stock firmware, with DRM keys intact.