T95 Allwinner H616 TV Box

Search This thread
By:
Advanced…
DesktopECHO

DesktopECHO

Senior Member
Sep 10, 2021
54
32
Hamilton, Bermuda
The reason you're not seeing:
Code: 
/data/system/shared_prefs/open_preference.xml
 
/data/data/com.swe.dgbluancher/files/да
is because the botnet owners changed DNS on ycxrl.com to an invalid, private IP (192.168.9.1) ... so "stage 0" malware is running, but the pre-pwn3d malware is unable to download "stage 1" from ycxrl.com.

That is great news short-term, but they can change this back anytime they like to a real IP. I highly recommend you look at my cleanup script and at minimum perform the following steps to prevent malware from showing up again when they change ycxrl.com back to a real IP.

___________________________________________________________

Install ADB (If not already installed):

Assuming you're on Windows, to install ADB simply install Chocolatey first and install ADB using Choco:

Code: 
choco install adb

macOS users have Homebrew to accomplish the same thing:

Code: 
brew install android-platform-tools

___________________________________________________________

Cleanup Steps:
  • Start with a factory-reset device
  • Set the root switch to enabled and restart the device
  • Go to Settings -> Network & Internet
  • Connect to WiFi/Ethernet (preferably with a static IP and no gateway to prevent internet access)
  • Get T95 IP address from WiFi/Ethernet settings, connect to the device and become root:

Code: 
adb connect [T95 IP address]
 -> * daemon not running; starting now at tcp:5037
 -> * daemon started successfully
 -> connected to 10.74.0.88:5555
adb root
 -> restarting adbd as root

Stage 1's 'home' folder is /data/system/Corejava -- Defeat the malware by turning /data/system/Corejava into an immutable file instead:

Code: 
adb shell rm -rf /data/system/Corejava
adb shell touch /data/system/Corejava
adb shell chmod 0000 /data/system/Corejava
adb shell /vendor/bin/busybox chattr +i /data/system/Corejava

Additionally, the following prevents adups from running, which is an extra, unrelated layer of malware:

Code: 
adb shell pm uninstall --user 0 com.adups.fota
adb shell pm uninstall --user 0 com.ftest
adb shell pm uninstall --user 0 com.www.intallapp
adb shell rm -rf /data/data/com.adups.fota
adb shell touch /data/data/com.adups.fota
adb shell chmod 0000 /data/data/com.adups.fota
adb shell /vendor/bin/busybox chattr +i /data/data/com.adups.fota

The X29 and A29 firmwares (If i recall correctly, it was a while ago) have some additional breakage that cause high load averages and higher temps, even at idle.

This is an Interesting find, thanks!
 
Last edited:
  • Like
Reactions: escarabajo and olegFx00
H

hayabusa777

Member
Aug 16, 2015
19
1
Hello, I've been trying all day, because I don't have this usb a to a cable, but I ordered one. I've now gotten a connection with adblink and via sdk via Wifi with the T95, with windows 11 operating system. How do you start your sh file ?adb connect ip:5555,do I get a connection,what do I have to do then?I read a lot and tried all day,before I ask for help now,can you please help me.Thank you
 
T

theslydog

Member
Jan 16, 2007
20
6
DesktopECHO said:
The X29 and A29 firmwares (If i recall correctly, it was a while ago) have some additional breakage that cause high load averages and higher temps, even at idle.

This is an Interesting find, thanks!
Click to expand...
Click to collapse

Thanks for the info. I will give ADB a whirl.

I also have an unused T95H here (both left overs from an old job).

The T95H (looks like this https://linux-sunxi.org/T95H) is almost identical to the T95 specs wise.

The T95 board says H616-T95MAX-APX313A-V3.0
The T95H board says H616-T95MAX-V4.0

I will fire that up the T95H and see if it is infected as well.
 
Last edited:
  • Like
Reactions: escarabajo
S

spinnersp

Member
Jun 10, 2014
18
1
I used phoenix tool to install. I had to go to developers options, and toggle use usb 0 off then on.then phoenix tool detected box
 
DesktopECHO

DesktopECHO

Senior Member
Sep 10, 2021
54
32
Hamilton, Bermuda
hayabusa777 said:
Hello, I've been trying all day, because I don't have this usb a to a cable, but I ordered one. I've now gotten a connection with adblink and via sdk via Wifi with the T95, with windows 11 operating system. How do you start your sh file ?adb connect ip:5555,do I get a connection,what do I have to do then?I read a lot and tried all day,before I ask for help now,can you please help me.Thank you
Click to expand...
Click to collapse

I updated my post above to include steps for connecting with ADB
 
  • Like
Reactions: escarabajo
T

theslydog

Member
Jan 16, 2007
20
6
spinnersp said:
not sure i didnt have the files,but i think you can
Click to expand...
Click to collapse
Ok so I flashed another complete fresh image and enabled developer and root and did not connect to the internet.

Also side loaded Root Explorer, Home Screen Launcher and another TV launcher.

Started it up again in the new launcher and with Root Explorer deleted the following:
/data/system/Corejava
/data/data/com.adups.fota (there is another adups folder there I deleted but I forgot the name of it)
/data/data/com.swe.dgbluancher
/system/priv-app/Launcher10/Launcher10.apk

(There is no /data/system/shared_prefs if you dont connect to the internet)

Restarted and there is no more dgblauncher or any of the above files.

Maybe this has fixed it but I haven't had a chance to check any logs yet.
 
Last edited:
  • Like
Reactions: escarabajo
DesktopECHO

DesktopECHO

Senior Member
Sep 10, 2021
54
32
Hamilton, Bermuda
theslydog said:
Ok so I flashed another complete fresh image and enabled developer and root and did not connect to the internet.

Also side loaded Root Explorer, Home Screen Launcher and another TV launcher.

Started it up again in the new launcher and with Root Explorer deleted the following:
/data/system/Corejava
/data/data/com.adups.fota (there is another adups folder there I deleted but I forgot the name of it)
/data/data/com.swe.dgbluancher
/system/priv-app/Launcher10/Launcher10.apk

(There is no /data/system/shared_prefs if you dont connect to the internet)

Restarted and there is no more dgblauncher or any of the above files.

Maybe this has fixed it but I haven't had a chance to check any logs yet.
Click to expand...
Click to collapse

The steps quoted above do NOT prevent the malware from reappearing.

You need to install ADB on a PC on the same network as your T95.
Assuming you're on Windows, to install ADB simply install Chocolatey first and install ADB using Choco:

Code: 
choco install adb

Mac users can use Homebrew to accomplish the same thing:

Code: 
brew install android-platform-tools

....and follow the steps listed in my earlier post, simply by copy/pasting the adb commands into your terminal, one line at a time.
 
Last edited:
  • Like
Reactions: escarabajo
H

hayabusa777

Member
Aug 16, 2015
19
1
I did it now with powershell and usb a cable, can now see the box on the PC, without having switched on the internet, let your script run through. But the first thing I did was install atv launcher and delete the original one, with a tutorial from malwarebytes, one difficult birth :).Thank you again for your help and your patience.I'm not an expert in a field, try to master many things, we simply don't have enough time in our lives.Great forum, you're always helped, best regards
 
  • Like
Reactions: DesktopECHO
undertaker3411

undertaker3411

New member
Mar 30, 2023
3
0
Hello I need help, I updated my tvbox and now it only tells me that I have 2gb of ram and 16 of rom when I had 4gb of ram and 32 of rom I have installed the version of 10.1.A29-0712 and I have not been able to detect the configuration of 4gb and 32gb could you please help me to get the frimware that I need the frimaware to install is T95-H616-A29.img

Ícono de validado por la comunidad
 
D

Dell65

Member
Mar 12, 2011
6
3
  • Like
Reactions: hayalci
You must log in or register to reply here.

Similar threads

M
Z4 RK3368 Android LP5.1/MM6 Octa Core 64bit 2/16gb TV Box
Replies
523
Views
132K
fleebleflam
fleebleflam
A
Xiaomi Mi TV Box 3 Enhanced
Replies
68
Views
67K
T
tonygts
MattSpec
Craig smart tv hdmi adapter cvd601
Replies
112
Views
123K
E
Emilson
oVeRdOsE.
[SOLVED] Unbrick Sunvell Q Plus with Allwinner H6 SoC 6k 4gb
Replies
101
Views
61K
Suresh1214Y
Suresh1214Y
B
How to root a Allwinner TV Box (e.g. H616)
Replies
18
Views
13K
M
merc77

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 4
    Q
    quatrixone
    Transpeed T98-616
    If you want custom rom with root and update 2020.10.21 the room fully working :) its better then stock some memory optimization was done .
    Flash with PhoenixSuit_V1.10
    First change language from russian to english and then connect to the internet run magisk tv box will reboot
    Creators of the room bosia_angel and VPS56:

    Download here
    View
    3
    E
    Elm44
    Just google "Allwiner update guide"
    Best with Allwinner PhoenixUSB Pro V4.0.0 tool (You need a usb-A to usb-A cable)
    View
    2
    F
    F0L
    Just thought I would post regarding this box. Not much information on it.
    I bought on a whim without realising the one thing I wanted was missing (Bluetooth). However the box has grown on me.
    Its powered by the new Allwinner H616 Chip. However its performance sucks. For some reason they have forced CPU to 1.4GHz all the time. No point in my opinion, it just causes it to heat up for no reason.

    Anyways, it comes fully rooted. I did try and install SuperSU, ended up killing root. So I reflashed it using usb flasher. There is also a new firmware update, which shows when doing wireless update.
    Firmware released is 10.1.12, update takes it up to 10.1.14. So I did update and then factory reset to start fresh. The only problem is, rom is such a mess. App folders every where and system is filled to 100%. I deleted bloat in /system/pre-install folder.

    I stopped rooting stuff years ago, so Magisk is newish to me. I thought I would try Magisk manager. Worked great, was able to install Magisk. From then on all root apps worked as I was able to set root access, which is something I could not do before. I also installed kernel auditor and set read ahead on and tweaked the build.prop. This helped speed it up, now stuff like Emulators no longer jerk and stutter.

    One downside, Prime video does not work, you have to use Amazon Video (which is their browser alternative).

    So hope this helps anyone with the same box.
    View
    2
    M
    m1lanco
    simonchunk said:
    Here is the latest firmware with working Wifi

    T95-H616-A24

    1.57 GB file on MEGA

    mega.nz mega.nz
    Click to expand...
    Click to collapse

    graphfxorl said:
    Well I don't or can not explain where got this you know after about 20 tries of different methods using other roms ect I ran across this. T95-H616-A25.img and i said what the hell stuck inthe old tooth pick and it completed which was a shock. So all i did was toggle Root switch and installed a X-plore file manager and sure enough I get into root. Now I am tired i can not tell you if all of BT dual wifi ect works I can say for sure it does load up with usb 4.0 and you do get root.

    T95-H616-A25.img = https://mega.nz/file/K8423QyD#0hO5-fR8gm5RUIoENVxwuzYVZv46paOOowFKZVaarKE

    I take it back I looked through web history and I found it here "https://www.turewell.com/pages/tvbox-document"
    Click to expand...
    Click to collapse
    Can you confirm that the A24 is a chipset version? Because the firmware has different letters and numbers (X18, X19, A21, A24, etc.) and the names Pixel2/MBOX.

    This firmware "T95-H616-A24" is 10.1.A24_20210315-1615 and is designed for 2GB/16GB. I don't have 5G WiFi, so I can't confirm if it's for the Dual WiFi version. Version A21 does not work on my device. I have 4GB/64GB with Dual Wifi and firmware was 10.1.A24_20210315-2036 MBOX. This "1615" have slower WiFi speed on 2,4Ghz.

    Has anyone tried to investigate where the update system will connect? So you can download the latest original firmware from the manufacturer? How do I identify the device manufacturer if it is not displayed on it? I need original firmware for my device.
    View
    2
    Bertonumber1
    Bertonumber1
    I have this box on magisk 20.4 direct install T95 h616-10.01.14. X18

    Have had it for while now it works well with all the apps gms store etc using magisk hide. I will dig out the firmware and post for anyone who wants it. Decent firmware with build.prop tweaks etc applied.


    Originally posted by @3mel here is an updated link to T95 MBOX 06.24.20.X18 ROM With Magisk 20.4 just update manager app if need be.

    928.33 MB file on MEGA

    mega.nz mega.nz

    I've found this to be the best firmware for this box, there is a root switch in settings>about menu
    Leave this be as magisk will work with things like adaway because it has system less root.
    View

New posts