[UNLOCK] AT&T Bootloader Unlock Through HTC-Dev

Search This thread

grankin01

Senior Member
Feb 9, 2008
973
658
Georgetown, KY
You do this at your own risk!!! This could turn your new phone into a very expensive paperweight!!! If you don't know how to do it or are uncomfortable DON'T DO IT!!!

You need ADB and an understanding of how to use it and have a rooted device (although I didn't test this). You will also need a hex editor like HxD.

BACK UP YOUR DATA BEFORE DOING THIS!!!! WHEN HTCDEV UNLOCKS YOUR DEVICE YOU MUST START FROM SCRATCH!!!

1. Fire up your command prompt and go to the directory that you have ADB installed to. Type "adb shell" and hit enter.

2. Type "su" and hit enter. You now have root privileges.

3. Next type "dd if=/dev/block/mmcblk0p4 of=/sdcard/mmcblk0p4" and hit enter. This will dump the partition to your sdcard.

4. Next type "exit", hit enter, type "exit", and hit enter again. This should take you back to a command prompt for your computer.

5. type "adb pull /sdcard/mmcblk0p4" and hit enter. NOTE THE SIZE OF THE FILE BEFORE THE NEXT STEP!

6. Open the file (mmcblk0p4) with your hex editor.

7. Look for offset 00000210 (if your on RUU version 1.82 the offset may be 00000214) and you should see CWS__001 with your IMEI number attached to it.

8. Change CWS__001 to 11111111 and save the file as mmcblk0p4MOD. This will give you SuperCID as well. :D MAKE SURE AT THIS POINT THAT THE FILE IS THE EXACT SIZE IT WAS BEFORE YOU HEX EDITED IT!

9. Now go back to your command prompt and type "adb push mmcblk0p4MOD /sdcard/mmcblk0p4MOD" and hit enter.

10. Type "adb shell" and hit enter then type "su" and hit enter again. This will put you back into the android shell and give you root privileges.

11. Type "dd if=/sdcard/mmcblk0p4MOD of=/dev/block/mmcblk0p4" and hit enter. To test if it worked restart the phone into fastboot (type "adb reboot bootloader" and hit enter) and once the bootloader screen comes up type "fastboot oem readcid" and hit enter. It should read "11111111".

12. Next type "fastboot oem get_identifier_token" and hit enter. Leave that up on your screen and go to HTCdev.com. Follow the instructions from there. Choose "All other supported models" from the dropdown menu.

For those having trouble with the hex editor portion of this I have posted a picture from Squeak22 showing exactly what it should look like. Thanks Squeak22!

Enjoy all!

Guy
 

Attachments

  • 20120524_141630.jpg
    20120524_141630.jpg
    255.5 KB · Views: 45,394
  • hexedit.jpg
    hexedit.jpg
    100.2 KB · Views: 48,626
Last edited:

cranch

Senior Member
Mar 12, 2011
355
44
Minneapolis
So this appears as an adaptation on how you were able to flip back and forth to older Firmware/RUUs with the changing the software version number? Nice find and congrats!
 

howsleyd

Senior Member
Jul 11, 2010
150
44
Nice job man. The question now is where do I send your 12 pack of beer to? Definitely deserve a nice cold one.

Sent from my HTC One X using Tapatalk 2
 

Top Liked Posts

  • There are no posts matching your filters.
  • 349
    You do this at your own risk!!! This could turn your new phone into a very expensive paperweight!!! If you don't know how to do it or are uncomfortable DON'T DO IT!!!

    You need ADB and an understanding of how to use it and have a rooted device (although I didn't test this). You will also need a hex editor like HxD.

    BACK UP YOUR DATA BEFORE DOING THIS!!!! WHEN HTCDEV UNLOCKS YOUR DEVICE YOU MUST START FROM SCRATCH!!!

    1. Fire up your command prompt and go to the directory that you have ADB installed to. Type "adb shell" and hit enter.

    2. Type "su" and hit enter. You now have root privileges.

    3. Next type "dd if=/dev/block/mmcblk0p4 of=/sdcard/mmcblk0p4" and hit enter. This will dump the partition to your sdcard.

    4. Next type "exit", hit enter, type "exit", and hit enter again. This should take you back to a command prompt for your computer.

    5. type "adb pull /sdcard/mmcblk0p4" and hit enter. NOTE THE SIZE OF THE FILE BEFORE THE NEXT STEP!

    6. Open the file (mmcblk0p4) with your hex editor.

    7. Look for offset 00000210 (if your on RUU version 1.82 the offset may be 00000214) and you should see CWS__001 with your IMEI number attached to it.

    8. Change CWS__001 to 11111111 and save the file as mmcblk0p4MOD. This will give you SuperCID as well. :D MAKE SURE AT THIS POINT THAT THE FILE IS THE EXACT SIZE IT WAS BEFORE YOU HEX EDITED IT!

    9. Now go back to your command prompt and type "adb push mmcblk0p4MOD /sdcard/mmcblk0p4MOD" and hit enter.

    10. Type "adb shell" and hit enter then type "su" and hit enter again. This will put you back into the android shell and give you root privileges.

    11. Type "dd if=/sdcard/mmcblk0p4MOD of=/dev/block/mmcblk0p4" and hit enter. To test if it worked restart the phone into fastboot (type "adb reboot bootloader" and hit enter) and once the bootloader screen comes up type "fastboot oem readcid" and hit enter. It should read "11111111".

    12. Next type "fastboot oem get_identifier_token" and hit enter. Leave that up on your screen and go to HTCdev.com. Follow the instructions from there. Choose "All other supported models" from the dropdown menu.

    For those having trouble with the hex editor portion of this I have posted a picture from Squeak22 showing exactly what it should look like. Thanks Squeak22!

    Enjoy all!

    Guy
    26
    Worked for me with CID 11111111.

    Thanks, my friend, now I can stop that f'ing thread...

    IMG_0502.jpg
    9
    Ya, a complete write up with step-by-step pictures would be nice... since this is sort of dangerous with a potential to get a brick.

    probably need to make a script that can do all dd and hexing, that would make it much safer.
    8
    All those involved in the argument should stop now. I'll be visiting this page in the next few hours. If I see another response, infractions will be handed out.

    Follow the steps carefully, use caution, don't blame others, and don't ***** each other out. If you have a problem, private message me.

    you-were-saying_o_187166.gif
    5
    Now all we need is SK to finish CWM Recovery! :)

    Thanks, Will try when I get home

    Now I can actually test the f-ing thing, should be a gimme...I am so relieved this is done. Now its working recovery and s-off time...;). Again, thanks grankin...