General MSM TOOLS

Search This thread
By:
Advanced…
S

SolidusNL

Member
Dec 17, 2014
14
3
Canuck Knarf said:
The cable I used had red , green and white . Solder push button to red and green but I keep getting USB errors popping up when pushing button and will reboot computer ...lol
I wonder if I should do green and white...?
Click to expand...
Click to collapse
Silly question maybe, but inside the rubber insulation of the cable, is there a metallic wire mantle? You should try shorting that to the green wire.
 
Renate

Renate

Recognized Contributor / Inactive Recognized Dev
Feb 3, 2012
4,430
2,028
Boston
www.temblast.com
Nexus 7 (2013)
Moto G Power (2021)
Canuck Knarf said:
The cable I used had red , green and white . Solder push button to red and green but I keep getting USB errors popping up when pushing button and will reboot computer ...lol
I wonder if I should do green and white...?
Click to expand...
Click to collapse
Do not short red to anything.
 
  • Like
Reactions: Prant and Canuck Knarf
lucy1983

lucy1983

Senior Member
Mar 24, 2022
103
48
39
OnePlus 8 Pro
Realme GT
SolidusNL said:
Silly question maybe, but inside the rubber insulation of the cable, is there a metallic wire mantle? You should try shorting that to the green wire.
Click to expand...
Click to collapse
Yes. I was also about to suggest that. I remember i touched the green and black wires together on an old phone of mine and entered EDL mode like this. The metallic wire is, in fact, the "black" one.
 
  • Like
Reactions: Canuck Knarf
colonoscopied

colonoscopied

New member
Mar 19, 2023
1
0
I have a NE2215 that I bricked with fastboot flashing lock after flashing non-stock boot.img (oops). It shows up for around 20 seconds in device manager like this
1679216945057.png
when I hold both volume keys. I can't get QPST to see it. Am I screwed?
 
S

SolidusNL

Member
Dec 17, 2014
14
3
I had a similar ish issue, but QPST managed to see and hold it in Download mode when I put it in EDL.
Granted, I used the pin-shorting method with the back cover off.
 
ChrisFeiveel84

ChrisFeiveel84

Senior Member
Jun 29, 2017
609
211
38
Germany
OnePlus 11
colonoscopied said:
I have a NE2215 that I bricked with fastboot flashing lock after flashing non-stock boot.img (oops). It shows up for around 20 seconds in device manager like this View attachment 5866601 when I hold both volume keys. I can't get QPST to see it. Am I screwed?
Click to expand...
Click to collapse
Normal than all op phone (with snapdragon )
go out of edl mode if you don't hold volume up and volume down (if you keep the keys pressed, all op models reboot themselves into edl mode)
 
You must log in or register to reply here.

Similar threads

O
General EDL Flash Tool Leak
Replies
671
Views
63K
G
Grin59
Metromas
Question OnePlus 10 Pro - QDLoader HS-USB - EDL Test Point [9008] MSM
Replies
114
Views
15K
beatbreakee
beatbreakee
Metromas
  • Locked
Question [CLOSED] OnePlus 10 Pro - Unbrick with MSM
Replies
1
Views
3K
K
Kosta26
N
Question Fingerprint not working after using MSM tool NE2215
Replies
29
Views
2K
I
innoxentraheel
U
Question Update OnePlus 10 Pro from HydrogenOS (CN) to OxygenOS (EU/GL/IN) without rooting
Replies
73
Views
19K
VStax
VStax

Top Liked Posts

24 Hours 30 Days All time
  • There are no posts matching your filters.
  • 6
    O
    ogutolopes
    DO NOT BUY ONEPLUS 10 PRO THEY DO NOT PROVIDE ANY TOOLS FROM UNBRICK
    View
    3
    Renate
    Renate
    Canuck Knarf said:
    I hate taking back off ..broke two back cover...LOL
    Click to expand...
    Click to collapse
    I hate it too. Especially since I clean up all the old tape and put down new tape.
    That's why I only open these things once and install a magnetic reed switch.
    See: https://forum.xda-developers.com/t/...c_prog_firehose-request.4261599/post-88301643

    This is the switch that I used: https://www.digikey.com/en/products/detail/standex-meder-electronics/ORD-213-20-30-AT/1949374
    It's currently out of stock there. I picked the least sensitive switch. (Even though it being activated in normal use is not a problem, it's only when resetting that it's checked.) Others of more sensitivity are in stock and they'll probably do fine.
    View
    3
    roirraW "edor" ehT
    roirraW "edor" ehT
    <Moderator Note>: I've removed the links from two posts and one quoted post.

    Although Windows Defender only popped up one file as a PUA (Potentially Unwanted Program) - which isn't necessarily a Trojan but just something that might do something you don't really want, I independently verified in a sandbox that VirusTotal.com reported possible Trojans on three of the four archives I downloaded.

    Some things do produce false positives, but in this case I believe caution is warranted.

    Thank you,

    @roirraW "edor" ehT

    P.S. Any questions, please don't respond in this thread. Instead, send me a PM.
    View
    3
    D
    DiGtal
    As he said the OSS team doesn't handle that. Need to find the department that does.
    View
    2
    emabertax
    emabertax
    Ph0nysk1nk said:
    Realistically, development is dead. And it sadly looks like hope of MSM tool is gone. Sucks but, oh well
    Click to expand...
    Click to collapse
    Not for all phones, android will always be open source even if manufacturers put some obstacles. the development has decreased over time because the devices have improved over time and it is not always necessary to make changes.
    View
  • 18
    Grovez
    Grovez
    I found out how to bypass the login prompt. Whether or not the tool will actually work is yet to be determined.
    I don't have a oneplus 10 pro, but would be really curious if this works for anyone.
    In order to avoid potential legal issues, and so you don't have to trust any files I upload, here are the instructions to crack the msm login...

    Using a download from the previously-linked rar, you should have a copy of 'MsmDownloadTool.exe'
    Use 7-zip to open the exe as an archive, and extract all the files into a new folder.
    Open 'FTGUIDev.exe' with a hex editor (HxD is good)
    Find the hex value '0f84e7000000b8'
    Replace the 84 with an 85

    Save the modified exe and launch it.
    Choose a server other than 'in company'
    Put whatever for userID/Password/Verify, click login.


    I hope this is useful.

    Screenshot_2022-09-02_23-07-33.png
    View
    9
    O
    OppoTech123
    Hello all, i am here to leak OPPO tech tool that allows one plus 10 pro to be flashed. Sadly i cannot share login but if you are able to bypass login screen the tool does not need to authenticate with server to flash device in EDL mode. Attached is screen shot of login screen and file. The tool picks up device in EDL mode and allows user to select the OPF file associated for device (please note you must have this downloaded externally ideally from msm tool for your device)

    I wish you luck bypassing this login and fixing your phones.

    flash.png
    View
    9
    beatbreakee
    beatbreakee
    BTW... I am STILL in need of someone to share me access to a MSM Tool account that is active... Again... i dont care if its a guest account... or regular. You can change your password 12 hours after you give me the login info.... I am VERY close to being able to spoof an authentication, and signature response back to the phone in order to allow generic flashing of the 2213, 2215, and 2217. I just need to do about 2, maybe 3 more flashes, an hour between each, so i can decipher the algorithm that generates the token for the response. I have 9... i need 12, as they are partially calculated by a timestamp. So ANYONE who can help me with an account that is active, and maybe it is close to expiring anyways, please DM me, with the info to gain access.

    I am working under an authenticated letterhead, permissions document sent to me by Qualcomm, which completely supercedes ANY legal action brought forth by Oneplus/Oppo/BBK. The letter expressly provides me permission to use any of the tools/functions which are originated/derived from a Qualcomm Tool in any fashion. MSM is written and designed by qualcomm. I am permitted to use whatever, in the "Research, and Penetration Testing, of any and all protocols called upon by a function of any process that begins in a device with a qualcomm chipset.!"

    They make the MSM Tool... but access to the servers which are used to flash each qualcomm device is controlled by their respective manufacturers.
    View
    8
    Renate
    Renate
    I looked around for any Firehose loaders that had this getsigndata/verify.
    Only OnePlus and Oppo.
    The solution seems clear: don't buy them.

    OTOH, Lenovo/Motorola has signed loaders with restrictions.
    You can't read most partitions.
    The solution seems clear: don't buy them.
    View
    7
    beatbreakee
    beatbreakee
    GOOD GOOD... Thats what i like to hear from my Android Brethren !! Hack, Crack, Disassemble, and Attack the weaknesses of these infernal devices !!! (I need sleep!) ... Sorry, im stuck in some medieval, warfare mindset .. my bad! lol...

    BUT heres what i came for: Humor me.....

    IN THEORY... considering that EVERY post on the internet regarding DIAG mode on phone, (including IOS!) has started with the same goal.... "Using Root access, to enable Diag for access to the EFS" .... So basically everyone is saying that at the time... ROOT was horse... and Diag was the finish line! ... Right? Cuz thees guys were trying to hack bootloaders that had no accessible interface. And DIAG was their answer every time... and it worked! (Mostly)....

    What i am proposing is NOT trying to hack the bootloader, because i already know how to crack that... But if it used to be a REQUIREMENT that to even discuss DIAG, you must have Root.... Then can ANYONE HERE put together a way, in which I could REVERSE that process.... or at least leverage DIAG MODE, to get myself a Root Shell.... or alter the SUID or even outright set a new user, as "UID 0" ... temporarily even if i can only force 1 app to see my account as SYSTEM, so that i can get RW access to Build.prop, or Local.Prop ?? Then i can make 1 flag change in it that will snowball me right thru the security and into the bootloader!

    I mean as Diag I can literally DELETE the phone's whole identity! No imei.. no baseband... no modem... no mac address.. by the access i have to the EFS... and you cant even directly access that partition with ROOT ... only DIag and EDL have that authority! So imho there HAS TO BE a way to leverage a lower permission level thru some kind of console, where i can indirectly make a change to the build.prop. And i dont care if it Bricks the device 5 minutes later, cuz i am gonna make my change be locked with a persistent property that is already in place! It just needs a 1 in place of a 0, or an alternate access point which is also persistent, and just needs one word added to the line! Either way, if the phone bricks right after for some security violation, i will still have enough access to break the secure chain of trust and make my flags permanent! So if i have to pay for a flash to restore my phone, so be it... i know that the two things i edit survived an edl flash several times already!

    I really need EVERYONE ON DECK for this... cuz getting this done will cut at least 50% of the work i need to build us an MSM - Mafia FREE edition. Im talking to the guys who still think UP UP DOWN DOWN LEFT RIGHT LEFT RIGHT B A Start, is a goof cheat code! As well as the people who can walk past an ATM machine, wave their hand in front of it, and 100's start spitting out like a money shooter... Yall cannot tell me that the Apple guys are better than us r/n ... cuz literally every time a new IOS drops... in less than a few days 3+ randos release videos as POC of them successfully gaining TFP0 , which is the IOS equivalent of ROOT.... I refuse to believe that the 17 y/o kid wearing a fedora, and a neckerchief, as they are walking up to the Starbucks counter to order their Venti Chai Mocha Latte..... NO .... I DO NOT ACCEPT THAT VISUAL! To me that worse than walking in on your parents smashing on top of the dining room table! ... at least then i know that they were making each other happy! ... But "Smuggy McMasterson III" strutting up to buy a lawn garden coctail from a coffee shop, while feeling all "chipper" cuz his team found a Kernel Memory Leak in 'IOS whogivesacrap beta 4' ... yet we cant find one privilege escalation, is the stuff of my nightmares!

    YALL DONT WANNA GIVE ME NIGHTMARES DO YOU!!! I THOUGHT WE WERE FRIENDS!!!

    FRIENDS DONT LET FRIENDS GET HANDLED BY A CRAPTASTIC BOOTLOADER, ,GUARDED BY 1 FLAG! COME ON!
    View

New posts