[UNLOCK][ROOT][TWRP][UNBRICK] Fire TV Stick 4K (mantis)

Search This thread

hasobist

Senior Member
Feb 1, 2021
53
16
Last edited:

adogen

Member
Aug 30, 2022
6
0
I am using fire stick 4k. (not max) Then one day, it stopped at the logo.

chmod a+x *.sh
./bootrom-step.sh

Traceback (most recent call last):
File "main.py", line 135, in <module>
main(dev)
File "main.py", line 25, in main
load_pl_payload(dev)
File "/home/kamakiri/modules/load_payload.py", line 47, in load_pl_payload
dev.send_da(0x40001000, len(payload), 0, payload)
File "/home/kamakiri/modules/common.py", line 342, in send_da
self.check(self.read(2), to_bytes(0, 2))
File "/home/kamakiri/modules/common.py", line 103, in check
raise RuntimeError("ERROR: Serial protocol mismatch, expected {} got {}".format(gold.hex(), test.hex()))
RuntimeError: ERROR: Serial protocol mismatch, expected 0000 got 2001

The above error is appearing.
Does kamakiri not support my version?😂
 

hasobist

Senior Member
Feb 1, 2021
53
16
I am using fire stick 4k. (not max) Then one day, it stopped at the logo.

chmod a+x *.sh
./bootrom-step.sh

Traceback (most recent call last):
File "main.py", line 135, in <module>
main(dev)
File "main.py", line 25, in main
load_pl_payload(dev)
File "/home/kamakiri/modules/load_payload.py", line 47, in load_pl_payload
dev.send_da(0x40001000, len(payload), 0, payload)
File "/home/kamakiri/modules/common.py", line 342, in send_da
self.check(self.read(2), to_bytes(0, 2))
File "/home/kamakiri/modules/common.py", line 103, in check
raise RuntimeError("ERROR: Serial protocol mismatch, expected {} got {}".format(gold.hex(), test.hex()))
RuntimeError: ERROR: Serial protocol mismatch, expected 0000 got 2001

The above error is appearing.
Does kamakiri not support my version?😂
Hello
Are you trying to root?
 

hasobist

Senior Member
Feb 1, 2021
53
16
Yes I am rooting to change roms.
My firestick is waiting indefinitely on the logo screen
Is the problem resolved Did the firestick boot?
Are you using an OTG cable if so try connecting the firestick to the power adapter directly and give it a try,hope it helps.
Was it working normally and when did the said problem occur?
 
Last edited:

hasobist

Senior Member
Feb 1, 2021
53
16
I've tried all of those ways
i have to root
Okay Did the Firetv 4k boot?
can you connect the shorted stick without running the script, only run lsusb in terminal and check whether the stick is listed...
Also read the earlier threads for vulnerable sticks later patched by amazon and also check the serial no of the stick......
 
Last edited:

adogen

Member
Aug 30, 2022
6
0
Okay Did the Firetv 4k boot?
can you connect the shorted stick without running the script, only run lsusb in terminal and check whether the stick is listed...
Also read the earlier threads for vulnerable sticks later patched by amazon and also check the serial no of the stick......
still not booting
When I plug the Firestick into Windows, it is recognized, but
It is not recognized by fireiso-2.0.0.iso.
 

hasobist

Senior Member
Feb 1, 2021
53
16
still not booting
When I plug the Firestick into Windows, it is recognized, but
It is not recognized by fireiso-2.0.0.iso.
How you say it's ain't detected by the fire iso.
If possible try the above possibilities mentioned and answer all the above to get an idea what your facing,thank you.......
 

roodrizx

New member
Aug 31, 2022
3
0
hello, can someone help me? my fire tv was blocked by amazon, how can i change it? I open the device but I don't know how to do the procedure.
 

hasobist

Senior Member
Feb 1, 2021
53
16
hi, is it posible to root firestick 4k using windows computer?
sorry if this is not the right place to ask this question.
Hello
Yes you can.
Burn the Fire iso 2.0.0 which has all the requisites for rooting to a usb drive /bootable usb and then you can follow the instructions to unlock firetv 4k provided it's ain't vulnerable or patched by amazon burning the Efuse.
Just go reading the rooting thread ,Linux skills and adb and your all good.
Hope it helps.......
 

adogen

Member
Aug 30, 2022
6
0
How you say it's ain't detected by the fire iso.
If possible try the above possibilities mentioned and answer all the above to get an idea what your facing,thank you.......
If I just do lsusb, the firestick is not recognized,
After writing ./bootrom-step.sh, firestick is recognized as MT65xx.
But after that, I get the first error....😂
 

Top Liked Posts

  • There are no posts matching your filters.
  • 1
    Yes it's Fire iso 2.0.0 and you ain't need to open or short the Firetv 4k to root,cheers........
    Thank you so much I’ll try it and post results
    1
    Where do I find the "sheldon unlock guide"? My firestick 4k is at 6.2.8.1
    1
    Where do I find the "sheldon unlock guide"? My firestick 4k is at 6.2.8.1
    Hello
    Use kamakari-mantis-v2.0.1 of firetv 4k from OP and follow the instructions here https://forum.xda-developers.com/t/...k-3-and-fire-tv-stick-lite-sheldon-p.4410297/
    Use Fireiso 2.0.0 or you can
    try using ubuntu for unlocking.......
  • 69
    NOTE: There have been multiple reports of devices with serial numbers containing VM190 or higher being shipped with DL-Mode disabled in BROM.
    These devices cannot be unlocked using kamakiri.
    These devices do not show up at all on USB when shorted.


    After the old bootrom-exploit (amonet) we've been using for unlocking all these Fire-gadgets is closed in more recent Mediatek SOCs like the one used in the FireTV Stick 4K, @xyz` has done it again and found another bootrom-exploit.
    Together we proudly present kamakiri for the FireTV Stick 4K.

    Before proceeding make sure to read and understand this entire post.

    Running this exploit requires a patched linux-kernel on the PC you are using.
    We have put together a Live-ISO that already contains all prerequisites required for running kamakiri.
    You can find the current version of the ISO at:
    https://github.com/amonet-kamakiri/fireiso/releases

    It can be burned to a CD or to a USB-flashdrive.

    Current Version: kamakiri-mantis-v2.0.1.zip


    You will need to open the device and remove the heatshield on the side without the antennas (2 square bricks).
    NOTE: It is not required to desolder or force the shield off, it is just clipped onto a frame. (The attached picture may be a bit misleading, since it also has the frame removed)

    You will need something for shorting (wire, aluminum foil etc.)

    1. Boot the ISO
    2. Download and extract the exploit package.
    3. Open a terminal in the kamakiri directory
    4. Run
      Code:
      ./bootrom-step.sh
    5. Short one of the points in the attached photo to ground (the cage of the shielding).
      Ideally you want to use DAT0, since that is tiny it might be easier to short the point marked CLK instead.
      It is very important that you use a piece of soft wire or aluminum foil or something similar for shorting. Don't use tweezers as that makes it incredibly easy to knock of the capacitor off the PCB and kill the board!
    6. Connect the stick to your computer (while keeping it shorted)
    7. The script should tell you to release the short and hit enter
    8. Once finished run
      Code:
      ./fastboot-step.sh
    9. Your device will now reboot into TWRP

    Important information

    Don't flash boot/recovery images from FireOS (FlashFire, MagiskManager etc.)

    TWRP will prevent updates from overwriting LK/Preloader/TZ, so generally installing an update should work without issues (only full updates, incremental updates won't work).

    For ROM developers there is still an option to overwrite these, which should only be done after thorough testing and if needed (LK should never be updated).

    It is still advised to disable OTA.

    thanks to @hwmod for the picture
    thanks to @Sus_i for providing an update.bin
    thanks to @zeroepoch for developing aftv2-tools

    Contributors
    k4y0z, xyz`
    Source Code: https://github.com/amonet-kamakiri/
    16
    There are three options for interacting with TWRP:
    1. A mouse via USB-OTG
    2. TWRP commandline via adb: https://twrp.me/faq/openrecoveryscript.html
    3. Via /cache/recovery/command

    Example for /cache/recovery/command:
    Code:
    echo "--update_package=/path/to/zipfile" > /cache/recovery/command
    echo "--wipe_cache" >> /cache/recovery/command
    reboot recovery

    Should you somehow end in a bootloop, TWRP contains a special boot menu that will be displayed when you boot the stick with an OTG-cable connected.
    It will give you 5 seconds to hit cancel and stay in TWRP or reboot into the OS otherwise.

    NOTE:This will only work if the boot-exploit is still there.
    12
    Well that was easy! And my stick isn't on the latest version, so I'll be able to get some update URLs and make a prerooted ROM hopefully this weekend.
    12
    I'v just uploaded a new Version of the unlock for mantis.
    It comes with an all new TWRP (3.6.1) and an unlock method that works even for fused devices with firmware version < 6.2.8.7, no shorting needed!
    For detailed instructions check https://forum.xda-developers.com/t/...k-3-and-fire-tv-stick-lite-sheldon-p.4410297/ (Use mantis-zip from here, will update instructions here in a bit)
    11
    Is this something that Amazon can fix with future updates? I am holding off until we have a more refined rom..

    No, the only way they can fix it is with a new hardware revision.