[Q] Is there any way to fool stock recovery to re-flash ota firmware on Xperia S?

bjanice44

Senior Member
May 7, 2009
137
41
0
I am wondering if anyone knows of a way to take the latest ota zip for the Xperia S, decrypt it, edit the version, repack it, then be able to flash it. Right now it will not let me flash over the current version r5 because it is the same version. I am stuck on the blue wave animation perpetually after screwing up my services.jar. I have no adb access and my only hope is to flash in recovery or wait until the next update comes out...

I was told by a Sony tech yesterday the Jelly Bean update for the Xperia S will not be until January...

EDIT: There is a way to fool the recovery. Does anyone have a modified r5 ota for the Xperia edited for a higher incremented version they could share?
 
Last edited:

stifilz

Senior Member
Jan 9, 2012
1,838
1,173
0
NZ
I am wondering if anyone knows of a way to take the latest ota zip for the Xperia S, decrypt it, edit the version, repack it, then be able to flash it. Right now it will not let me flash over the current version r5 because it is the same version. I am stuck on the blue wave animation perpetually after screwing up my services.jar. I have no adb access and my only hope is to flash in recovery or wait until the next update comes out...

I was told by a Sony tech yesterday the Jelly Bean update for the Xperia S will not be until January...

EDIT: There is a way to fool the recovery. Does anyone have a modified r5 ota for the Xperia edited for a higher incremented version they could share?
If it is the same as Sony Tab S then you would need to disable the signature check to flash a modded update. To add to the bad news, that is no longer able to work with new recovery (that came with r5, for older tab anyway)

Any chance you can take it in under warrantly?? They may not be able to tell that you messed with it :rolleyes:
 

bjanice44

Senior Member
May 7, 2009
137
41
0
If it is the same as Sony Tab S then you would need to disable the signature check to flash a modded update. To add to the bad news, that is no longer able to work with new recovery (that came with r5, for older tab anyway)

Any chance you can take it in under warrantly?? They may not be able to tell that you messed with it :rolleyes:
Thanks for the response. Yeah I guess I am going to have to send it in or .. the other option is to wait for another update, but not knowing when that will be sucks. The Sony tech told me yesterday (when I called to find out my options..and I can send it in) that the Jelly Bean update is coming in January..So the question is will Sony have another update to ICS before then. Perhaps..
 

bjanice44

Senior Member
May 7, 2009
137
41
0
Thanks for the response. Yeah I guess I am going to have to send it in or .. the other option is to wait for another update, but not knowing when that will be sucks. The Sony tech told me yesterday (when I called to find out my options..and I can send it in) that the Jelly Bean update is coming in January..So the question is will Sony have another update to ICS before then. Perhaps..
The funny thing is that I know which file is corrupted in the system. Its the services.jar. If only there was a way for me to replace that file....It would boot.
 

stifilz

Senior Member
Jan 9, 2012
1,838
1,173
0
NZ
The funny thing is that I know which file is corrupted in the system. Its the services.jar. If only there was a way for me to replace that file....It would boot.
Yeh guttered. Can you check if you can get adb shell in recovery??? I know it is late now but this is why the AIO tool changes the incremental to a lower one... So we can flash same update if it turns to custard :)
 

bjanice44

Senior Member
May 7, 2009
137
41
0
Yeh guttered. Can you check if you can get adb shell in recovery??? I know it is late now but this is why the AIO tool changes the incremental to a lower one... So we can flash same update if it turns to custard :)
No ADB shell. I guess I'll send it in. Watch.. 2 days after I send it in there will be an update..:D
 

mawnstermew

Senior Member
Sep 5, 2011
277
25
0
If it is the same as Sony Tab S then you would need to disable the signature check to flash a modded update. To add to the bad news, that is no longer able to work with new recovery (that came with r5, for older tab anyway)

Any chance you can take it in under warrantly?? They may not be able to tell that you messed with it :rolleyes:

stifilz is there really no other way we can revert back to the old Recovery? I mean like finding someone who is still on HC 3.2? and asking him to prepare the needed stuffs like the decrypt one? sorry but im really desperate on fixing the issue my tab is experiencing. and can we still hope for an updated AIO tool that might even work with the latest recovery mode?
 

stifilz

Senior Member
Jan 9, 2012
1,838
1,173
0
NZ
stifilz is there really no other way we can revert back to the old Recovery? I mean like finding someone who is still on HC 3.2? and asking him to prepare the needed stuffs like the decrypt one? sorry but im really desperate on fixing the issue my tab is experiencing. and can we still hope for an updated AIO tool that might even work with the latest recovery mode?
I have tried to flash 11000 (3.2), 0035(3.2.1), 0042(3.2.1R2), ICS, R1A and NONE of these change the recovery back, i also tied NZ and US files, I was lucky enough to locate US files and had the NZ files saved to my PC. I have looked into AIO tool and read through the code, it runs a certain command in adb shell in recovery (WHICH WE NO LONGER HAVE GRR) so it can not be done ATM.

Maybe there is some file we can change on the tab to enable shell in adb again. From memory shell does not work with non-root devices and when we root we can use adb shell. (Can someone verify this, bad memory lol)

Anyway there could be something I am missing, well hoping anyway :)

You know you can change the incremental in vendor/vendor.prop to a lower one to flash an OLDER OTA.... Right??

Stifilz
 
Last edited:

mawnstermew

Senior Member
Sep 5, 2011
277
25
0
I have tried to flash 11000 (3.2), 0035(3.2.1), 0042(3.2.1R2), ICS, R1A and NONE of these change the recovery back, i also tied NZ and US files, I was lucky enough to locate US files and had the NZ files saved to my PC. I have looked into AIO tool and read through the code, it runs a certain command in adb shell in recovery (WHICH WE NO LONGER HAVE GRR) so it can not be done ATM.

Maybe there is some file we can change on the tab to enable shell in adb again. From memory shell does not work with non-root devices and when we root we can use adb shell. (Can someone verify this, bad memory lol)

Anyway there could be something I am missing, well hoping anyway :)

You know you can change the incremental in vendor/vendor.prop to a lower one to flash an OLDER OTA.... Right??

Stifilz

-.- sadly i dont know how to change such things. can you please tell me how to do it? ive been looking for ways to downgrade to HC but iim getting prohibit basebrand or SKU version or something like that
 

stifilz

Senior Member
Jan 9, 2012
1,838
1,173
0
NZ
-.- sadly i dont know how to change such things. can you please tell me how to do it? ive been looking for ways to downgrade to HC but iim getting prohibit basebrand or SKU version or something like that
Use AIO tool. Tweaks and mods then install rescue backdoor

Or

Download root explorer or similar. Open riot exolorer and navigate to vendor folder.
Long click vendor.prop and then select edit with text editor
Change the number to a lower one. Take of the last digit will do.
Click three dots for options and save

All done flash what you like :)
 
  • Like
Reactions: mawnstermew

mawnstermew

Senior Member
Sep 5, 2011
277
25
0
Use AIO tool. Tweaks and mods then install rescue backdoor

Or

Download root explorer or similar. Open riot exolorer and navigate to vendor folder.
Long click vendor.prop and then select edit with text editor
Change the number to a lower one. Take of the last digit will do.
Click three dots for options and save

All done flash what you like :)
That one needs a rooted tablet right? Im having troubles rootig my tab even with b4narys script. If I choose to downgrade to 3.2 what no should I chane the las t two digits to?
 

mawnstermew

Senior Member
Sep 5, 2011
277
25
0
i tried with B4nary's script again but all im getting is the terminal emulator. did you do something with the backupandrestore.apk? cuz i tried installing it and im getting forced close everytime i try to open it.

BTW im on r5 so i wont be able to downgrade? im still stuck at rooting it :(
 
Last edited:

stifilz

Senior Member
Jan 9, 2012
1,838
1,173
0
NZ
i tried with B4nary's script again but all im getting is the terminal emulator. did you do something with the backupandrestore.apk? cuz i tried installing it and im getting forced close everytime i try to open it.

BTW im on r5 so i wont be able to downgrade? im still stuck at rooting it :(
You are typing in /data/local/tmp/onload.sh and then /data/local/tmp/onload2.sh????

You can change incremental after root and flash a ICS or R1A or even HC if you have the file :)

Stifilz
 

mawnstermew

Senior Member
Sep 5, 2011
277
25
0
You are typing in /data/local/tmp/onload.sh and then /data/local/tmp/onload2.sh????

You can change incremental after root and flash a ICS or R1A or even HC if you have the file :)

Stifilz
i just followed the instrucions stated here http://forum.xda-developers.com/showthread.php?t=1886460 i used the normal mode to unlock but then im getting the on the "mount: permission denied and then i tried using special mode to root and finally after everything was done all that was installed in my tablet is a terminal emulator, some applications were lost in the process such as my avast anti virus and play store.
 

mawnstermew

Senior Member
Sep 5, 2011
277
25
0
You are typing in /data/local/tmp/onload.sh and then /data/local/tmp/onload2.sh????

You can change incremental after root and flash a ICS or R1A or even HC if you have the file :)

Stifilz
[email protected]:/ $ export PATH=/data/local/bin:$PATH
[email protected]:/ $ /data/local/tmp/onload.sh
Unable to chmod /data: Operation not permitted
Unable to chmod /data/local/tmp/mkdevsh: Operation not permitted
failed on 'property' - Permission denied
mkdir failed for property, File exists
link failed Permission denied
link failed Permission denied
rm failed for property, Permission denied
failed on 'property.org' - Permission denied
255|[email protected]:/ $ data/local/tmp/onload2.sh
Unable to chmod /data: Operation not permitted
Unable to chmod /data/local/tmp/remount.sh: Operation not permitted
failed on 'property' - Permission denied
mkdir failed for property, File exists
link failed Permission denied
link failed Permission denied
rm failed for property, Permission denied
failed on 'property.org' - Permission denied
255|[email protected]:/ $


btw stifilz, can you share to me your edited bin4ry's script? the one with the re-signed vpnfaker? it tried signing it but it still doesnt work saying something about the vpnfaker. I think there was something wrong with the way i signed it. it might work if i try to use the one you made.
 
Last edited:

stifilz

Senior Member
Jan 9, 2012
1,838
1,173
0
NZ
[email protected]:/ $ export PATH=/data/local/bin:$PATH
[email protected]:/ $ /data/local/tmp/onload.sh
Unable to chmod /data: Operation not permitted
Unable to chmod /data/local/tmp/mkdevsh: Operation not permitted
failed on 'property' - Permission denied
mkdir failed for property, File exists
link failed Permission denied
link failed Permission denied
rm failed for property, Permission denied
failed on 'property.org' - Permission denied
255|[email protected]:/ $ data/local/tmp/onload2.sh
Unable to chmod /data: Operation not permitted
Unable to chmod /data/local/tmp/remount.sh: Operation not permitted
failed on 'property' - Permission denied
mkdir failed for property, File exists
link failed Permission denied
link failed Permission denied
rm failed for property, Permission denied
failed on 'property.org' - Permission denied
255|[email protected]:/ $


btw stifilz, can you share to me your edited bin4ry's script? the one with the re-signed vpnfaker? it tried signing it but it still doesnt work saying something about the vpnfaker. I think there was something wrong with the way i signed it. it might work if i try to use the one you made.
Ok doubt it will work but it is attached. I have zipped it up to add as attachment.

Please unzip it and then replace the file (of same name) in the 'stuff' directory of bin4ry's tool.

Good luck once again
 
Last edited:
Our Apps
Get our official app!
The best way to access XDA on your phone
Nav Gestures
Add swipe gestures to any Android
One Handed Mode
Eases uses one hand with your phone