[UNLOCK][ROOT][TWRP][UNBRICK] Fire HD 8 2018 (karnak) amonet-3

Search This thread

789mod

Senior Member
Lot code G945

I used the software brick script without understanding some lots have the exploit patched and my tablet is bricked. I can't used the hardware method as nothing happens. I tried to short the pins hundreds of times with different wires, methods, etc. As I understand it, random lots cannot be shorted. So seems it is just trash? Doesn't seem to be a way to fix it.

Lot code G945

I used the software brick script without understanding some lots have the exploit patched and my tablet is bricked. I can't used the hardware method as nothing happens. I tried to short the pins hundreds of times with different wires, methods, etc. As I understand it, random lots cannot be shorted. So seems it is just trash? Doesn't seem to be a way to fix it.
You can revert to stock . Your device will back to original system

In linux

Use commend (sudo ./revert to stock.sh
 

Sus_i

Senior Member
Apr 9, 2013
1,601
688
Lot code G945

I used the software brick script without understanding some lots have the exploit patched and my tablet is bricked. I can't used the hardware method as nothing happens. I tried to short the pins hundreds of times with different wires, methods, etc. As I understand it, random lots cannot be shorted. So seems it is just trash? Doesn't seem to be a way to fix it.
Sell it, for parts only
 

Sus_i

Senior Member
Apr 9, 2013
1,601
688
You can revert to stock . Your device will back to original system

In linux

Use commend (sudo ./revert to stock.sh
Won't work. Seems you also missed the warning from OP?
WARNING: There have been numerous reports that would indicate a hardware-change that doesn't allow access to the bootrom.
When bricking these devices there is currently no known way to unbrick.
This makes the hardware-method currently the safest option.
 

OMEGA_himajin

New member
Jun 18, 2022
1
0
[2022-06-18 17:20:08.519039] Waiting for bootrom
[ 5700.630945] cdc_acm 1-1.2:1.0: Zero length descriptor references
[2022-06-18 17:20:16.623931] Found port = /dev/ttyACMO
[2022-06-18 17:20:16.628292] Handshake

No more is displayed and I can't proceed
What should I do?
I'm sorry, the text may be strange because I use google translate.
 

sanjeevchhantyal

New member
Jun 24, 2022
1
0
Unbricking / Unlocking with Firmware 6.3.1.2+

If Recovery OR FireOS are still accessible (or your firmware is below 6.3.1.2) there are other means of recovery, don't continue.

If your device shows one of the following symptoms:
  1. It doesn't show any life (screen stays dark)
  2. You see the white amazon logo, but cannot access Recovery or FireOS.

If you have a Type 1 brick, you may not have to open the device, if your device comes up in bootrom-mode (See Checking USB connection below).
  1. Make sure the device is powered off, by holding the power-button for 20+ seconds
  2. Start bootrom-step.sh
  3. Plug in USB

In all other cases you will have to open the device.

Make sure ModemManager is disabled or uninstalled:
Code:
sudo systemctl stop ModemManager
sudo systemctl disable ModemManager


NOTE: If you have issues running the scripts, you might have to run them using sudo.
Also try using different USB-ports (preferably USB-2.0-ports)


Open the device and short the pin marked in the attached photo to ground while plugging in.
1. Extract the attached zip-file "amonet-karnak-v3.0.zip" and open a terminal in that directory.

2. start the script:
Code:
sudo ./bootrom-step.sh

It should now say Waiting for bootrom.

3. Short the device according to the attached photo and plug it in.

4. When the script asks you to remove the short, remove the short and press enter.

5. Wait for the script to finish.
If it stalls at some point, stop it and restart the process from step 2.

6. Your device should now reboot into unlocked fastboot state.

7. Run
Code:
sudo ./fastboot-step.sh

8. Wait for the device to reboot into TWRP.

9. Use TWRP to flash custom ROM, Magisk or SuperSU

Checking USB connection
In lsusb the boot-rom shows up as:
Code:
Bus 002 Device 013: ID [b]0e8d:0003[/b] MediaTek Inc. MT6227 phone

If it shows up as:
Code:
Bus 002 Device 014: ID [b]0e8d:2000[/b] MediaTek Inc. MT65xx Preloader
instead, you are in preloader-mode, try again.

dmesg lists the correct device as:
Code:
[ 6383.962057] usb 2-2: New USB device found, idVendor=[b]0e8d[/b], idProduct=[b]0003[/b], bcdDevice= 1.00
I tried to unlock the bootloader and my device went black.. When I disconnect the battery then connect it and power on the only thing I hear is the bootup sound of amazon... Fire HD 8 Please Help..
 

Top Liked Posts

  • There are no posts matching your filters.
  • 37
    Read this whole guide before starting.

    This is for the 8th gen Fire HD8 (karnak).

    Current version: amonet-karnak-v3.0.1.zip

    This is based on @xyz`s original work, but adds some features such as reboot to hacked BL.
    It also intends to simplify the installation process.
    If you are already unlocked you can simply update by flashing the ZIP-file in TWRP.


    NOTE: If you are on a firmware lower than 6.3.1.2 this process does not require you to open your device, but should something go horribly wrong, be prepared to do so.


    What you need:
    • A Linux installation or live-system
    • A micro-USB cable

    Install python3, PySerial, adb, fastboot dos2unix. For Debian/Ubuntu something like this should work:
    Code:
    sudo apt update
    sudo add-apt-repository universe
    sudo apt install python3 python3-serial adb fastboot dos2unix

    1. Extract the attached zip-file "amonet-karnak-v3.0.1.zip" and open a terminal in that directory.


    NOTE: If you are already rooted, continue with the next step, otherwise get mtk-su by @diplomatic from here and place (the unpacked binary) into amonet/bin folder


    2. Enable ADB in Developer Settings

    3. Start the script:
    Code:
    sudo ./fireos-step.sh


    NOTE: If you are on a firmware newer than 6.3.0.1, a downgrade is necessary, this requires bricking the device temporarily. (The screen won't come on at all)



    WARNING: There have been numerous reports that would indicate a hardware-change that doesn't allow access to the bootrom.
    When bricking these devices there is currently no known way to unbrick.
    This makes the hardware-method currently the safest option.



    To brick firmware 6.3.1.2 use the attached brick-karnak.zip, boot into fastboot
    Code:
    adb reboot bootloader

    and run
    Code:
    ./brick-6312.sh

    Make sure ModemManager is disabled or uninstalled:
    Code:
    sudo systemctl stop ModemManager
    sudo systemctl disable ModemManager

    After you have confirmed the bricking by typing "YES", you will need disconnect the device and run
    Code:
    sudo ./bootrom-step.sh
    Then plug the device back in.

    The device will reboot into TWRP.

    You can now install Magisk from there.


    Going back to stock

    Extract the attached zip-file "amonet-karnak-return-to-stock.zip" into the same folder where you extracted "amonet-karnak-v3.0.1.zip" and open a terminal in that directory.

    Then run:
    Code:
    sudo ./return-to-stock.sh

    Your device should reboot into Amazon Recovery. Use adb sideload to install stock image from there. (Make sure to use FireOS 6.3.0.0 or newer, otherwise you may brick your device)

    Important information


    Don't flash boot/recovery images from FireOS (FlashFire, MagiskManager etc.)

    TWRP will prevent updates from overwriting LK/Preloader/TZ, so generally installing an update should work without issues (only full updates, incremental updates won't work).

    For ROM developers there is still an option to overwrite these, which should only be done after thorough testing and if needed (LK should never be updated).

    It is still advised to disable OTA.

    Very special thanks to @xyz` for making all this possible and putting up with the countless questions I have asked, helping me finish this.
    Special thanks also to @diplomatic for his wonderfull mtk-su, allowing you to unlock without opening the device.
    Thanks to @Kaijones23 for testing.
    15
    Unbricking / Unlocking with Firmware 6.3.1.2+

    If Recovery OR FireOS are still accessible (or your firmware is below 6.3.1.2) there are other means of recovery, don't continue.

    If your device shows one of the following symptoms:
    1. It doesn't show any life (screen stays dark)
    2. You see the white amazon logo, but cannot access Recovery or FireOS.

    If you have a Type 1 brick, you may not have to open the device, if your device comes up in bootrom-mode (See Checking USB connection below).
    1. Make sure the device is powered off, by holding the power-button for 20+ seconds
    2. Start bootrom-step.sh
    3. Plug in USB

    In all other cases you will have to open the device.

    Make sure ModemManager is disabled or uninstalled:
    Code:
    sudo systemctl stop ModemManager
    sudo systemctl disable ModemManager


    NOTE: If you have issues running the scripts, you might have to run them using sudo.
    Also try using different USB-ports (preferably USB-2.0-ports)


    Open the device and short the pin marked in the attached photo to ground while plugging in.
    1. Extract the attached zip-file "amonet-karnak-v3.0.zip" and open a terminal in that directory.

    2. start the script:
    Code:
    sudo ./bootrom-step.sh

    It should now say Waiting for bootrom.

    3. Short the device according to the attached photo and plug it in.

    4. When the script asks you to remove the short, remove the short and press enter.

    5. Wait for the script to finish.
    If it stalls at some point, stop it and restart the process from step 2.

    6. Your device should now reboot into unlocked fastboot state.

    7. Run
    Code:
    sudo ./fastboot-step.sh

    8. Wait for the device to reboot into TWRP.

    9. Use TWRP to flash custom ROM, Magisk or SuperSU

    Checking USB connection
    In lsusb the boot-rom shows up as:
    Code:
    Bus 002 Device 013: ID [b]0e8d:0003[/b] MediaTek Inc. MT6227 phone

    If it shows up as:
    Code:
    Bus 002 Device 014: ID [b]0e8d:2000[/b] MediaTek Inc. MT65xx Preloader
    instead, you are in preloader-mode, try again.

    dmesg lists the correct device as:
    Code:
    [ 6383.962057] usb 2-2: New USB device found, idVendor=[b]0e8d[/b], idProduct=[b]0003[/b], bcdDevice= 1.00
    5
    Success

    Read this whole guide before starting.

    This is for the 8th gen Fire HD8 (karnak).

    @k4y0z thank you so much for your work on this project. About oh...15 pages back you answered a few of my questions, and I finally today got around to giving this a whirl. It was so simple, and worked perfectly. You took a insanely complicated set of instructions into 3 easy to use scripts and you should be applauded for it.

    For anyone who wants to do this (on a current 6.3.1.2 w/ the soft brick method), here are some tips.
    -Factory reset and wipe everything before you start. If you need to keep your data back it up, from a clean boot this works slick with no issues
    -Skip network setup on initial wizard, go straight to enable USB debugging, etc blah
    -Try several USB cables (I had to try 4 before I found one that would enable USB debugging. All cables not created equal)
    -Use Ubuntu 18.04 and use the apt commands provided by @k4y0z in his first post.
    -Open a terminal in Ubuntu and type 'sudo -i' which will switch to a mode where all commands are issued sudo'ed as root
    -Run the bricking script (brick-6312.sh), then in another terminal window tell ADB to reboot to bootloader. Watch his magic script do the soft brick
    -Shutdown with 30s power button hold, and then turn off the Debian/Ubuntu ModemManager service as he indicated in his instructions
    -Run the bootrom script (bootrom-step.sh), and then turn it on with a 3s power button press. Follow instructions in linux terminal
    -Afterwards the device reboots into hacked fastboot (screen will still be blank). Verify fastboot mode with 'adb devices'
    -Run the final fastboot script (fastboot-step.sh), and then watch as it reboots and loads up into TWRP

    Once your in TWRP you are golden. Install Lineage, downgrade to older FireOS, root the current FireOS w/ Magisk, or whatever you want
    *As noted by others, when working with packages (like Magisk) do the work from recovery NOT in the OS, so it properly uses the patched bootloader

    Hopefully they don't push a new update before Black Friday, so I can snag a few more and unlock them as well!

    Cheers!
    5
    So I got a HD8 2018 today and it came with OS version that forced me to connect to WiFi and update itself. I was pretty pissed but I used this guide to get root easily.

    I had Arch based linux installed which gave problems while running script, so I made bootable Ubuntu usb and that worked fine. Thank you everyone involved in developing this hack.
    For future reference you can avoid the presumed forced WiFi connect by putting in a bogus password; once authentication fails a 'skip' option will appear.
    4
    @bibikalka and also for anyone who is on 6.3.1.2 and doesn't want to open the device.
    I have something new for you to try out.
    All you need to do is get into fastboot mode:
    For 6.3.1.2
    Code:
    adb reboot bootloader

    @bibikalka, yours should be in fastboot anyway.

    Then run
    Code:
    brick-6312.sh

    or
    Code:
    brick.sh

    From the attached zip-file and follow the instructions on the display.

    Good luck ;)