[NEWBIE GUIDE] How to Unlock Bootloader/Root and install Addons FireStick 4k
- Thread starter nandroidint
- Start date
I am trying to get a stick I can take out of the box, set up, have the OTA update skipped on setup, and block all future OTA updates.
Do I need to flash a ROM for that? I don't care at all about being rooted, and I will never install gimmick add ons or extra or any other garbage. I just want to skip the update.
What steps do I need to follow to do that?
Do I need to flash a ROM for that? I don't care at all about being rooted, and I will never install gimmick add ons or extra or any other garbage. I just want to skip the update.
What steps do I need to follow to do that?
So in this "Newbie" guide (which is not newbie friendly AT ALL) You say the following
How is this possible? At this point you will have flashed a new ROM, booted the stick, but NOT gone through the setup, NOT gotten to Settings, and NOT enabled USB DEBUGGING, so how are you connecting via adb to the stick?
Does the flashed ROM have USB Debugging enabled by default? If it does, that means you guide would make sense.
How is this possible? At this point you will have flashed a new ROM, booted the stick, but NOT gone through the setup, NOT gotten to Settings, and NOT enabled USB DEBUGGING, so how are you connecting via adb to the stick?
Does the flashed ROM have USB Debugging enabled by default? If it does, that means you guide would make sense.
Last edited:
How in the WORLD do you do this?????????? This exploit is completely impossible without being able to download the ROM
newbie here i have 2 brand new firesticks with vm241 clearly above 190 does that mean sol or do or can i root some other way besides kamaka? any direction would be great thank you
As long as the sticks are not updated to 6.2.8.7, you can still use the new kamakiri called 2.0.1, released a few days ago:
[UNLOCK][ROOT][TWRP][UNBRICK] Fire TV Stick 4K (mantis)
NOTE: There have been multiple reports of devices with serial numbers containing VM190 or higher being shipped with DL-Mode disabled in BROM. These devices cannot be unlocked using kamakiri. These devices do not show up at all on USB when...
forum.xda-developers.com
[UNLOCK][ROOT][TWRP][UNBRICK] Fire TV Stick 3 and Fire TV Stick Lite (sheldon/p)
Read this whole guide before starting. This is for the 3rd gen Fire TV Stick (sheldonp) and Fire TV Stick Lite (sheldon). NOTE: FireOS < 7.2.7.3 required NOTE: This process does not require you to open your device. What you need: A Linux...
forum.xda-developers.com
thanks how do i burn the fire os i tried using rufus using win 11 it burns fine but when i try to boot to usb i get a a file image cannot be authenticated using mbr fat32As long as the sticks are not updated to 6.2.8.7, you can still use the new kamakiri called 2.0.1, released a few days ago:
Works without shorting, explained in this OP[UNLOCK][ROOT][TWRP][UNBRICK] Fire TV Stick 4K (mantis)
NOTE: There have been multiple reports of devices with serial numbers containing VM190 or higher being shipped with DL-Mode disabled in BROM. These devices cannot be unlocked using kamakiri. These devices do not show up at all on USB when...
[UNLOCK][ROOT][TWRP][UNBRICK] Fire TV Stick 3 and Fire TV Stick Lite (sheldon/p)
Read this whole guide before starting. This is for the 3rd gen Fire TV Stick (sheldonp) and Fire TV Stick Lite (sheldon). NOTE: FireOS < 7.2.7.3 required NOTE: This process does not require you to open your device. What you need: A Linux...
tried gpt mbr if i use fat32 i get authenticated failure if i use ntfs i get cant remember i think invalid or something along those lines
oh its not rufus the drive burns succesfully its when i try to boot from the usb in win 11
I had the same problem, the issue lies within rufus for some reason. I tried the portable version of balenaEtcher instead and that allowed me to boot from usb on the first try: https://www.balena.io/etcher/
to funny i just tried etcher same non authenticated error, does etcher format the drive or should i preformat it. with what file system? ill try the link u posted maybe thats the difference although i think thats the one i used cause when i click on your link it doesnt look any different from the one i already have installed
also with win 11 i just click on f11 on my hp laptop wins takes me to the recovery options
see attachmen select usb then select my drive is this how you booted the fireos?
Attachments
@squaleca1974 I just checked for you and I actually downloaded the Windows portable version v1.7.7 from their GitHub.
The tool will clone the disk image 1:1 to the USB stick, therefore overwriting any existing file system. Therefore I'm not sure if the previous file system is of any importance. If you want to ensure you start with a clean USB stick, I would format it as a GPT partition with a FAT32 file system, like @Sus_i suggested.
Have you checked the ISO was not corrupted while downloading? Assuming you use a Windows machine, you can open a PowerShell prompt and run the commands below to get the MD5 hash. The hash below is for the ISO I used, which works as described, so if it matches yours it should be okay.
Finally, I just rebooted my computer and used a hotkey to boot it from the USB stick. Your way should do pretty much the same thing, but you could look up the specific hotkey for your computer and try booting from the USB stick directly like I did.
The tool will clone the disk image 1:1 to the USB stick, therefore overwriting any existing file system. Therefore I'm not sure if the previous file system is of any importance. If you want to ensure you start with a clean USB stick, I would format it as a GPT partition with a FAT32 file system, like @Sus_i suggested.
Have you checked the ISO was not corrupted while downloading? Assuming you use a Windows machine, you can open a PowerShell prompt and run the commands below to get the MD5 hash. The hash below is for the ISO I used, which works as described, so if it matches yours it should be okay.
Code:
PS C:\Users\your_user> cd .\Downloads\
PS C:\Users\your_user\Downloads> Get-FileHash .\fireiso-2.0.0-amd64.iso -Algorithm MD5
Algorithm Hash Path
--------- ---- ----
MD5 86D87CA603372033344547793BF7BB07 C:\Users\your_user\Download...Finally, I just rebooted my computer and used a hotkey to boot it from the USB stick. Your way should do pretty much the same thing, but you could look up the specific hotkey for your computer and try booting from the USB stick directly like I did.
first of thanks for your help would the hash dictage a corupt iso or just verify that its the same file your using? i just used the iso posted on the guide pretty sure it was from github can you post me the exact link u used
ok very strange i was going to format the drive afteeer using etch successfully and it shows up in disk management as unlocatable like etch did nothing strange
You're welcome.
In this case I suppose the hash does both: if the hash matches mine you know the image should work (as the image with the same hash worked for me). If it differs, you know the file you downloaded is not the same as mine and therefore might be corrupted.I used the GitHub link from the guide as well: https://github.com/amonet-kamakiri/fireiso/releases/download/v2.0.0/fireiso-2.0.0-amd64.iso
Just reconnect the drive to see if that sorts it. Or use a different USB stick. Then if you want you format the stick first and then use etcher to clone the image on it.
ive tried 3 different usb im going to redownload and try to format with partition assistant as fat32 gpt
Similar threads
Top Liked Posts
-
There are no posts matching your filters.
-
13None of this is my work and all recognition goes to the awesome developers that made this possible, I will link their guides in here with some minor notes for newbies like me that may had some issues trying to unlock and root the Fire Stick (FS) 4K
DISCLAIMER: BE WARNED THAT YOU HAVE TO OPEN YOUR FIRE STICK AND IT WILL VOID YOUR WARRANTY, THIS IS NOT FOR THE FAINT OF HEART AND NEITHER THE DEVELOPERS OR MYSELF ARE RESPONSIBLE IF YOU BRICK YOUR DEVICE OR VOID YOUR WARRANTY
Ok, now let's begin:
UPDATE: Per Sus_i, this makes perfect sense:
"Since the exploit can't be patched, it's in my opinion the best to do the setup at the beginning, pair the remote, then update to the latest over fireOS. That way you avoid a pending update nag setup screen after doing the exploit. Then enable ADB and unknown sources. After kamakiri I would flash only magisk.zip + sideload the manager app with adb... and avoid any prerooted rom flashing until there is an update to a somewhat higher version (and the current 6.2.6.8v1 has that contact manufacturer error screen)."
First very important, I wish I would have known this before but make sure you have a Laptop and a Monitor to Connect the FS to, so basically the USB Power cable from the FS connect it to your laptop and connect the HDMI portion to a monitor or TV
I also strongly recommend to have your FS deregistered before continuing as this will prevent your FS from automatically updating after rooting
In order to unlock the bootloader follow "THIS GUIDE"
I made a quick video on how to open your device and how to Short it using Aluminum Foil:
https://www.youtube.com/watch?v=h4I6ifBLWJ4
Process is pretty self explanitory, make a USB ISO from the image provided on that thread, boot into it and open terminal, make sure you put the file he provides on a RW location, my mistake was that I put it inside a RO folder and it would not load the script, so I mounted the kamakiri-mantis-v1.2.zip unto the /mnt directory of the usb and I was able to run the script successfully, make sure to run the commands quickly as the first time that I it finished the ./bootrom-step.sh script and I left it sitting for 10 minutes to grab a bite, I couldn't run the second script and had to start all over. After the second ./fastboot-step.sh script, your device will be on the TWRP recovery, now on the same terminal page or a new one enter these commands:
Code:adb devices adb shell exit
You should see your device's serial number from the first command with "device" to the right of it and the second command will basically put you inside the device's directory assuming you have established a successful connection. The last command just put you back to your starting point, now open the firefox browser on the FireOS USB and navigate to the URL below
Download the Pre-Rooted Image from "HERE" This image contains Magisk already so you don't have to worry about installing it separately, the image is larger than the available partition on this USB so this is a good time to either get a second USB or if you want to download the file to your local hdd and pull them from there its up to you, then run these commands:
Code:adb push <your download location you decided earlier here>/mantis-6.2.6.8-rooted_r1.zip / sdcard/ adb reboot recovery adb shell twrp install /sdcard/mantis-6.2.6.8-rooted_r1.zip twrp wipe cache twrp wipe dalvik reboot -p
This basically installs the pre-rooted image to your device, after the last command, you should see on your monitor the Fire Stick Reboot and boot to the Amazon GUI Splash Screen, now very important if you followed my previous instructions of deregistering your device before performing all these steps, it should bring you up to the Amazon Initial Setup Screen, now what you want to do is do the following commands before continuing on terminal:
Now it should show you in terminal your serial number and "device" next to it, meaning you can run adb commands in which you will run the following to disable OTA updates:Code:adb devices *you should see something your screen where the FS is connected to, click accept or enter can't remember*
Code:adb shell su *after this command you should see something again on your screen, click the check the box "Always Remember" and click ok" * if "su" was successful, you should see something like this: mantis:/ $ su mantis:/ # *the hash means you're running as root, if you don't have a "#" you are not running as root" Than continue with these commands and should get the following results: pm disable com.amazon.tv.forcedotaupdater.v2 ***Package com.amazon.tv.forcedotaupdater.v2 new state: disabled*** pm disable com.amazon.device.software.ota ***Package om.amazon.device.software.ota new state: disabled*** pm disable com.amazon.device.software.ota.override ***Package com.amazon.device.software.ota.override new state: disabled***
After running all these commands exit adb and continue with the normal Amazon Setup including adding your amazon account. After you get to the screen where you can see all the apps, open a new web page browser in firefox and download "This Add-On" , this one is less than 200MB so it should fit on the Fire OS USB, so I would download it and copy it to /mnt for ease of access, go back to terminal and type this:
Code:adb devices adb push <your download location you decided earlier here>/AFTV-MM-1.7-6.2.6.8.zip/ sdcard/ adb reboot recovery *it will boot into TWRP* adb shell twrp install /sdcard/AFTV-MM-1.7-6.2.6.8.zip twrp wipe cache twrp wipe dalvik reboot -p
Your device will reboot and if everything went smoothly, you should have a rooted amazon fire stick 4k, Congrats :good:2I explained that already just type “cd” In the terminal (w/o the quotes) then drag and drop the ‘kamakiri’ folder into terminal, then hit enter in the terminal, it will change the directory, make sure u drop the kamakiri folder and not the kamakiri-mantis-v1
Another option : open the kamakiri folder and just right click in an open area and a submenu will popup then click on terminal in the submenu.2
Do what? The only thing u can do on the MacOS is to create the bootable iso usb, you can follow these steps to do so https://www.google.com/amp/s/www.le...-on-an-apple-mac-os-x-from-an-iso?hs_amp=true
After your create the bootable usb just reboot and hold down option and select the bootable usb, once in open up Firefox and download the kamakiri-mantis-v1 and open a terminal window and change the directory to where u have the kamakiri folder, in terminal type cd then just drop in the kamakiri and hit enter. From there u can just follow the tut, FYI the bootable usb you create is a Linux OS so that’s how you can do it on a Mac, you just can’t do the rooting on MacOS, just clarifying Incase that was your question.1Nice guide
Here are a few thoughts from me...
It's important to use the latest kamakiri. The mentioned prerooted 6.2.6.5 is probably a downgrade. A few sticks needs an update of the TZ in order to play prime video. The TZ update is only in the v1.2 Kamakiri or in the 6.2.6.6 prerooted.
Edit: S̵i̵n̵c̵e̵ ̵t̵h̵e̵ ̵e̵x̵p̵l̵o̵i̵t̵ ̵c̵a̵n̵'̵t̵ ̵b̵e̵ ̵p̵a̵t̵c̵h̵e̵d̵,̵ ̵i̵t̵'̵s̵ ̵i̵n̵ ̵m̵y̵ ̵o̵p̵i̵n̵i̵o̵n̵ ̵t̵h̵e̵ ̵b̵e̵s̵t̵ ̵t̵o̵ ̵d̵o̵ ̵t̵h̵e̵ ̵s̵e̵t̵u̵p̵ ̵a̵t̵ ̵t̵h̵e̵ ̵b̵e̵g̵i̵n̵n̵i̵n̵g̵,̵ ̵p̵a̵i̵r̵ ̵t̵h̵e̵ ̵r̵e̵m̵o̵t̵e̵,̵ ̵t̵h̵e̵n̵ ̵u̵p̵d̵a̵t̵e̵ ̵t̵o̵ ̵t̵h̵e̵ ̵l̵a̵t̵e̵s̵t̵ ̵o̵v̵e̵r̵ ̵f̵i̵r̵e̵O̵S̵.̵ ̵T̵h̵a̵t̵ ̵w̵a̵y̵ ̵y̵o̵u̵ ̵a̵v̵o̵i̵d̵ ̵a̵ ̵p̵e̵n̵d̵i̵n̵g̵ ̵u̵p̵d̵a̵t̵e̵ ̵n̵a̵g̵ ̵s̵e̵t̵u̵p̵ ̵s̵c̵r̵e̵e̵n̵ ̵a̵f̵t̵e̵r̵ ̵d̵o̵i̵n̵g̵ ̵t̵h̵e̵ ̵e̵x̵p̵l̵o̵i̵t̵.̵ ̵T̵h̵e̵n̵ ̵e̵n̵a̵b̵l̵e̵ ̵A̵D̵B̵ ̵a̵n̵d̵ ̵u̵n̵k̵n̵o̵w̵n̵ ̵s̵o̵u̵r̵c̵e̵s̵.̵ ̵ After kamakiri I would flash only magisk.zip + sideload the manager app with adb... and avoid any prerooted rom flashing until there is an update to a somewhat higher version (and the current 6.2.6.8v1 has that contact manufacturer error screen).
Edit: Update: meanwhile, the fix for the mentioned 'contact manufacturer' error is known...
Take a look here and here.
Edit/Update: Due to efuses (blocking the bootrom access), it isn't recommended to do any update infront of the unlock...1
No. If I remember correct, it has something to do with flashing, i.e. the vendor partition wasn't flashed propperly.
Maybe you flashed not the prerooted!? With the Kamakiri TWRP version is flashing full ota update packages (renamed to zip) also possible... and in the prerooted thread is such a full 6.2.6.8 ota linked.
Edit: Could be that this error is prime video related, idk. rbox said he looks into it soon...
Just for clarification: The prerooted rom is a perfect thing since years.
My suggestion 'avoid any rom flashing' from my last post is just an attempt to keep it simple for beginners.
By the way, if the stick gets all updates in front of the unlock, it makes no sense to update it after the unlock again (unless addon.d support is needed).
I hope that has become clear I very much appreciate all the prerooted stuff
