Unlock ANY Pixel from Carrier

Search This thread
By:
Advanced…
#mcl

#mcl

Senior Member
Mar 26, 2020
157
61
19
Spain
Samsung Galaxy S9
Google Pixel 4 XL
____________________________________________________

UPDATE AS OF 9 OF DECEMBER OF 2022:
The security patch of December of 2022 fixed the patch, so it doesn't work on this version and newer ones.
A am working to get the exploit to work on newer version, but for now haven't found any. If anyone has any ideas or suggestions please let me know!
____________________________________________________

Hey everybody! 👋🏻
So recently I bought a Google Pixel 4 XL. The thing is that in Europe they are too expensive compared to the US, so I bought one that was from AT&T(used of course). However is that I need to use my SIM on the phone, but of course, the phone refused to allow me to use my SIM from Spain. ⛔️

So after hours of research, I found a way to unlock it. Here are the steps: 📝
1. Remove your SIM card if it is on the phone
2. Do a factory reset
3. Do OFFLINE SETUP. Also, DON'T PUT ANY PASSWORD OR ANY TYPE OF SCREEN LOCK 🙅🏻
4. Once you are on the main screen, enable USB Debugging.
5. Connect the phone to the computer (I assume you already have the USB drivers, platform-tools downloaded and knowledge on how to use ADB commands🤷🏻. If you don't have the SDK downloaded, head to this link and follow the instructions👍🏻)
6. Inside the platform-tools folder, open a terminal window and run "adb shell"(on mac, once you are on the directory you have to run "./adb shell") and then "pm uninstall -k --user 0 com.google.android.apps.work.oobconfig" (run them without quotes)

After this, you can already connect the phone to the internet and put your SIM in👏🏻.
This didn't unlock the phone though 🙄. What we have just done is this:

When we connect the phone to the internet, it verifies if it should lock the SIM or not. So we did a setup without internet, so the phone can't do that. After that, we uninstall the package responsible for doing this.
So when we connect it to the internet, it won't check the SIM lock 😯
However, the bootloader is still locked and grey out. This is because this app is responsible to grey or not the bootloader switch. If it is from a carrier, the package will disable the switch, and if not you will have the ability to unlock it. As we kill the app before it could do its job, the bootloader will be waiting until the package gives its answer.

Special thanks to this Jorge Cortés to make this post possible. 🙏🏻

If you find the post useful, consider buying me a cup of coffee please with Revolut. 😊
 
Last edited:
  • Like
Reactions: fimiroff, Artemis008, 1Xfan and 3 others
#mcl

#mcl

Senior Member
Mar 26, 2020
157
61
19
Spain
Samsung Galaxy S9
Google Pixel 4 XL
Daniyal48 said:
Is there any work around to unlock to bootloader too??
Click to expand...
Click to collapse
Hey,
I am working on that. As it turns out there is a way to flash firmware to any device with a Qualcomm chip, even if the bootloader os locked🤩. It's called EDL mode. This mode was designed to force flash firmware in bricked devices that can't use fastboot or adb🤫.
I already find the app I need to flash, actually there a a lot of different ones( I chose QPST) but it needs some strange files that I didn't find yet🙁, and it won't allow em to use the google firmware neither 😤.
So when I find those files I will write a detailed guide on how to unlock the bootloader 😇, but for now I only know how to use any SIM on a locked Pixel device.
 
  • Like
Reactions: Artemis008 and 1Xfan
D

Daniyal48

Senior Member
Jun 1, 2019
55
9
#mcl said:
Hey,
I am working on that. As it turns out there is a way to flash firmware to any device with a Qualcomm chip, even if the bootloader os locked🤩. It's called EDL mode. This mode was designed to force flash firmware in bricked devices that can't use fastboot or adb🤫.
I already find the app I need to flash, actually there a a lot of different ones( I chose QPST) but it needs some strange files that I didn't find yet🙁, and it won't allow em to use the google firmware neither 😤.
So when I find those files I will write a detailed guide on how to unlock the bootloader 😇, but for now I only know how to use any SIM on a locked Pixel device.
Click to expand...
Click to collapse
I have tried the same on a OnePlus device but they have MSM Tool to thet let you work in edl mode but I haven't found any tool for Pixel devices yet
 
  • Like
Reactions: #mcl
#mcl

#mcl

Senior Member
Mar 26, 2020
157
61
19
Spain
Samsung Galaxy S9
Google Pixel 4 XL
Yeah of course, there is QFIL also and some others that aren't official. I downloaded them from Androidmtk website.
With this link you go to the qpst download and use instructions section of their webpage. At the bottom you will find similar programs, but I didn't get to try them. You can try them, but make sure they are for Qualcomm Chipset, because some of them are for mediatek phones.
 
  • Like
Reactions: Daniyal48
D

Daniyal48

Senior Member
Jun 1, 2019
55
9
#mcl said:
Yeah of course, there is QFIL also and some others that aren't official. I downloaded them from Androidmtk website.
With this link you go to the qpst download and use instructions section of their webpage. At the bottom you will find similar programs, but I didn't get to try them. You can try them, but make sure they are for Qualcomm Chipset, because some of them are for mediatek phones.
Click to expand...
Click to collapse
Okay thank you I hope i find a solution with this
 
  • Like
Reactions: #mcl
D

Daniyal48

Senior Member
Jun 1, 2019
55
9
#mcl said:
No problem, good luck researching 🍀.
I will keep searching as well to see if I can find those files 🤞🏻
Click to expand...
Click to collapse
If you find any files please also send them to me. Can we use a working Device to get these files from. Like we extract these files for a normal pixel 4 xl and then flash it to ours?
 
  • Like
Reactions: #mcl
#mcl

#mcl

Senior Member
Mar 26, 2020
157
61
19
Spain
Samsung Galaxy S9
Google Pixel 4 XL
Daniyal48 said:
If you find any files please also send them to me. Can we use a working Device to get these files from. Like we extract these files for a normal pixel 4 xl and then flash it to ours?
Click to expand...
Click to collapse
Of course, if I find them I will make them available for anyone 😊.
Yes in theory you can extract this files from your phon, however as mine is locked I need them from an unlocked 🔓 pixel I suppose, but I didn't try to extract the files from my home and the flash them again, it could work. In the QPST you even have a section to that, it's a backup I Believe but not sure about the name.
If you try and it works let me know!
 
D

Daniyal48

Senior Member
Jun 1, 2019
55
9
#mcl said:
Of course, if I find them I will make them available for anyone 😊.
Yes in theory you can extract this files from your phon, however as mine is locked I need them from an unlocked 🔓 pixel I suppose, but I didn't try to extract the files from my home and the flash them again, it could work. In the QPST you even have a section to that, it's a backup I Believe but not sure about the name.
If you try and it works let me know!
Click to expand...
Click to collapse
Yes I am also looking for an unlock Pixel 4 XL if I find one I will try extracting these files and post it somewhere on the internet so anyone can access it
 
#mcl

#mcl

Senior Member
Mar 26, 2020
157
61
19
Spain
Samsung Galaxy S9
Google Pixel 4 XL
Yeah that is a way, but I was thinking that maybe these files are inside of the IMG files of the firmware from Google, and that firmware isn't lock 🔒, so if anyone manage to find those files there you wouldn't need to buy another pixel to extract the firmware.
I also think that in reality you don't need the firmware but rather some files for your Qualcomm Chipset to get the Sahara protocol working and I believe later on you flash the firmware, however I am not sure about that as I didn't try it. 🤔
I think this because you can find some Qualcomm snapdragon 855 programmer files (which had the extension we need), so they may be basic files that activates the Sahara protocol (which is the one used when the phone is in this mode) and only after I believe you can flash the firmware using some commands. ⌨️
I would like to try out this but I can't as it could brick my phone and I don't have other to use, and I don't have any other pixel, this is my first and only Pixel ever.
So if you have an older pixel and you want you could try this theory...👍🏻
 
D

Daniyal48

Senior Member
Jun 1, 2019
55
9
#mcl said:
Yeah that is a way, but I was thinking that maybe these files are inside of the IMG files of the firmware from Google, and that firmware isn't lock 🔒, so if anyone manage to find those files there you wouldn't need to buy another pixel to extract the firmware.
I also think that in reality you don't need the firmware but rather some files for your Qualcomm Chipset to get the Sahara protocol working and I believe later on you flash the firmware, however I am not sure about that as I didn't try it. 🤔
I think this because you can find some Qualcomm snapdragon 855 programmer files (which had the extension we need), so they may be basic files that activates the Sahara protocol (which is the one used when the phone is in this mode) and only after I believe you can flash the firmware using some commands. ⌨️
I would like to try out this but I can't as it could brick my phone and I don't have other to use, and I don't have any other pixel, this is my first and only Pixel ever.
So if you have an older pixel and you want you could try this theory...👍🏻
Click to expand...
Click to collapse
I have Pixel 2 XL but it doesn't boot into EDL i tried fastboot commands and also abd commands but it doesn't even go there...I have Pixel 3 XL on the way I will try on that but that is already unlocked
 
D

Daniyal48

Senior Member
Jun 1, 2019
55
9
#mcl said:
Yeah that is a way, but I was thinking that maybe these files are inside of the IMG files of the firmware from Google, and that firmware isn't lock 🔒, so if anyone manage to find those files there you wouldn't need to buy another pixel to extract the firmware.
I also think that in reality you don't need the firmware but rather some files for your Qualcomm Chipset to get the Sahara protocol working and I believe later on you flash the firmware, however I am not sure about that as I didn't try it. 🤔
I think this because you can find some Qualcomm snapdragon 855 programmer files (which had the extension we need), so they may be basic files that activates the Sahara protocol (which is the one used when the phone is in this mode) and only after I believe you can flash the firmware using some commands. ⌨️
I would like to try out this but I can't as it could brick my phone and I don't have other to use, and I don't have any other pixel, this is my first and only Pixel ever.
So if you have an older pixel and you want you could try this theory...👍🏻
Click to expand...
Click to collapse
forum.xda-developers.com

Mbn Files from Pixel 4 Request

As title states, I am looking for the mbn files from the pixel 4. I downloaded the modem partition and could not seem to extract it and thought someone that owns a pixel 4 might have better luck than me. Thanks! The directory might be...
forum.xda-developers.com forum.xda-developers.com
Are these files related to our issue
 
  • Like
Reactions: #mcl
You must log in or register to reply here.

Similar threads

P
OEM unlock option is greyed out, How enable it ?
Replies
18
Views
38K
C
CoNsTaR
cjegan2008
AT&T Pixel 4 XL Sim unlock
Replies
63
Views
23K
Udonitron
Udonitron
A
How to Sim unlock pixel 4xl t-mobile version is there any option?
Replies
11
Views
15K
R
rimonkhan97
SmileBigNow
T-Mobile Pixel 4 XL is carrier locked, looking for unlock
Replies
15
Views
5K
M
meatyalien
E
SIM Card isn't Supported [Verizon]
Replies
33
Views
12K
MicroMod777
MicroMod777

Top Liked Posts

24 Hours 30 Days All time
  • There are no posts matching your filters.
  • 3
    Lussardi
    Lussardi
    Today tested new way to unlock via adb, later post result
    View
    2
    P
    pavelblink182
    bryanus said:
    I wonder if there is a way to block the network requests (on the device itself or perhaps on my router) that Device Setup makes if the metered option is disabled. The biggest issue with metered Wifi that I've come across so far is that the Play Store won't install apps unless you manually install them each individually. And with a new device/copy setup, that is a lot of apps!
    Click to expand...
    Click to collapse
    I solved this with a third party app called Netguard, went to advance settings and allowed system apps. Look for device setup app in netguard and block it from wifi. You can now connect to any wifi without changing anything .
    View
    1
    Lussardi
    Lussardi
    wintersunn1 said:
    Any luck?
    Click to expand...
    Click to collapse
    Not yet, waiting for devices with December patch
    View
    1
    D
    DevsV
    Lussardi said:
    Today tested new way to unlock via adb, later post result
    Click to expand...
    Click to collapse
    Can you share the new method? A friend of mine has a Pixel 5 with december patch.

    We'll share the results
    View
  • 6
    #mcl
    #mcl
    ____________________________________________________

    UPDATE AS OF 9 OF DECEMBER OF 2022:
    The security patch of December of 2022 fixed the patch, so it doesn't work on this version and newer ones.
    A am working to get the exploit to work on newer version, but for now haven't found any. If anyone has any ideas or suggestions please let me know!
    ____________________________________________________

    Hey everybody! 👋🏻
    So recently I bought a Google Pixel 4 XL. The thing is that in Europe they are too expensive compared to the US, so I bought one that was from AT&T(used of course). However is that I need to use my SIM on the phone, but of course, the phone refused to allow me to use my SIM from Spain. ⛔️

    So after hours of research, I found a way to unlock it. Here are the steps: 📝
    1. Remove your SIM card if it is on the phone
    2. Do a factory reset
    3. Do OFFLINE SETUP. Also, DON'T PUT ANY PASSWORD OR ANY TYPE OF SCREEN LOCK 🙅🏻
    4. Once you are on the main screen, enable USB Debugging.
    5. Connect the phone to the computer (I assume you already have the USB drivers, platform-tools downloaded and knowledge on how to use ADB commands🤷🏻. If you don't have the SDK downloaded, head to this link and follow the instructions👍🏻)
    6. Inside the platform-tools folder, open a terminal window and run "adb shell"(on mac, once you are on the directory you have to run "./adb shell") and then "pm uninstall -k --user 0 com.google.android.apps.work.oobconfig" (run them without quotes)

    After this, you can already connect the phone to the internet and put your SIM in👏🏻.
    This didn't unlock the phone though 🙄. What we have just done is this:

    When we connect the phone to the internet, it verifies if it should lock the SIM or not. So we did a setup without internet, so the phone can't do that. After that, we uninstall the package responsible for doing this.
    So when we connect it to the internet, it won't check the SIM lock 😯
    However, the bootloader is still locked and grey out. This is because this app is responsible to grey or not the bootloader switch. If it is from a carrier, the package will disable the switch, and if not you will have the ability to unlock it. As we kill the app before it could do its job, the bootloader will be waiting until the package gives its answer.

    Special thanks to this Jorge Cortés to make this post possible. 🙏🏻

    If you find the post useful, consider buying me a cup of coffee please with Revolut. 😊
    View
    6
    #mcl
    #mcl
    Hello all! Happy to know the guide worked out for many people.
    I haven't updated to december update, nor did a factory reset recently, but it can be the case.
    There have been some months since I publish the guide so it wouldn't surprise me that google found it and fix it.

    If you already run the exploit of course it won't reverse, but if you haven't and you already updated you are probably out of luck unfortunately.

    Another thing I see commonly is why the OEM unlock google still is grey out. As I said on the guide, this DOES NOT UNLOCK THE BOOTLADER, it just don't let the phone check wether it is from a carrier or if it unlocked. As a consequence the SIM card will work as it didn't verify if it should lock some carrier or not, but in order to unlock the bootloader, the package that my script removes needs to tell the system that the phone is free, which for those who use this exploit isn't the case.
    I am still working on that, but that is way more harder, especially for people running the latest software, as new software usually patches this things, making the exploit useless for newer versions.

    I will keep working on the unlock method, and will have a look on how to update this to the new December 2022 security patch.

    Though if anyone has any ideas or suggestions please let me know, it really helps a lot!
    View
    4
    S
    story1991

    But WIFI can be used only with "Thread as metered" option
    View
    3
    borya jora
    borya jora
    you can't delete the file anymore, but you can install another one from the apk file on top of the existing one. If you find a good programmer who will make changes to the apk file for installation, I think it can help. But this is a complicated method.
    View
    3
    Lussardi
    Lussardi
    Today tested new way to unlock via adb, later post result
    View

New posts