• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

[UTIL][UPG] TGTool 1.3

Search This thread

cedesmith

Retired Recognized Developer
Feb 3, 2010
270
455
I'm proud to present a new version of tgtool with repack support.
I want to tank cotulla (DES) and viperbjk (PSAS), without their work this would not be possible.


WARNING: THIS TOOL IS UNTESTED. NOBODY KNOWS WHAT WILL HAPPEN
WARNING: FLASHING A ROM CREATED WITH THIS TOOL CAN BRICK YOUR PHONE
WARNING: FLASHING A ROM CREATED WITH THIS TOOL MAY VOID WARRANTY
WARNING: YOU ARE ASSUMING FULL RESPONSIBILITY FROM USING THIS TOOL
WARNING: WARNING WARNING WARNING


if you use this tool you use it on your own risk, i am not responsible if anything bad happens but strongly hope YOU ARE responsible and know what you are doing

Da Mafia has flashed a rebuild but unmodified rom and phone works.
Da Mafia has did it again and again, because of him we know we are now close of having a custom ROM so a big THANK YOU for risking your phone for us.
Novembre5 has flashed a 6.5.5 ROM that didn't booted, he has successfully recovered the phone using pin method.

Changes:
1.3.20
- added -tg01
- added -t01a
1.3.19
- fixed bad unk0 in WMB3
- extra checks for -chk (partition signatures, length of rom, lenght of payload)
- repack/merge now automatically checks resulting rom
- added -dci to display catalog informations
1.3.18
- added repack support

Example to check a rom file:
Code:
tgtool -chk TG01WP_5005000176.tsw

Example decrypt a rom file:
Code:
tgtool -dec TG01WP_5005000176.tsw tg01.bin

Example to extract payload from rom file:
Code:
tgtool -sp tg01.bin tg01.os.payload

Example to insert a payload in a rom file:
Code:
tgtool -mp tg01.os.payload tg01.bin tg01-new.bin
OR
Code:
tgtool -mp tg01.os.payload tg01.bin tg01-new.tsw

Copy note:
It is required for whomever uses this software and releases a ROM created with it to distribute a copy of the software and this copy note with released rom so rom integrity can be checked.
It is required for whomever uses this software and releases a ROM created with it to state that this software is a key part in building that ROM and that the ROM could not have been created without it.
It is required for whomever uses this software and releases a ROM created with it to test the ROM and make sure it is working.
It is required to inform potential users that ROM created with this software can permanently and irremediably damage the phone.
This software is provided as it is without any warranty of any kind, express or implied, not even that it does anything useful.

best wishes
cedesmith
 

Attachments

  • TGTool1.3.20.zip
    17.1 KB · Views: 3,729
Last edited:
  • Like
Reactions: behnamdk

cedesmith

Retired Recognized Developer
Feb 3, 2010
270
455
FLASHING AND RECOVERY

Don't use sddl+, use short pin method, as stepw(autor of sddl+) stated here "Now that entering SD download mode via shorting pins became public, SDDL+ is obsolete.". shorting pins is toshiba intended and tested mode to enter downloader mode and seams a little safer then sddl+.
There is info that short pin method accepts .bin files.
To skip language check (SD Downloading failed. varient is invalid!!) rename .tsw to .enc
To enter downloader mode bridge pin 1 and 3 and press reset. release reset and keep bridge for few seconds. DO NOT PRESS RESET AGAIN. check screen and see what happens.

Secure your battery with duct tape it can drop very easy. If you use short pin method it can drop while you turn phone with screen up. Since you will turn phone just after you reset it will be flashing bootloader and and phone will be bricked for ever.

read more and make sure you know what are you doing

picture is from 1st thread i found about short pin unfortunately i can remember where that is. if you can point me to it i would link it here.
 

Attachments

  • img0023lp.jpg
    img0023lp.jpg
    92.9 KB · Views: 1,040
Last edited:

cedesmith

Retired Recognized Developer
Feb 3, 2010
270
455
during split of payload you will nice
Code:
Part 00 OS 00000273-0000078E (050F4000-0F98FFFF)
 NOOPBlock 0017CA90-0018C210
 NOOPBlock 004CD610-0056A210
 NOOPBlock 0928E8D0-0A584210
 NOOPBlock 0A6A5650-0A6AD000
this is because these blocks are filled with 0xFF, they have all data 0xFF, ecc 0xFF, sector number 0xFF and partition flag 0xFF.
i think that these blocks are to be ignored by download tool. the fact that SIM_SECURE catalog entry is all filled with 0xFF strengthens that belief.

if you follow my examples and you compare tg01.bin with tg01-new.bin you will notice that the files are almost identical.
they are not perfect equal because once dumped extra data like sector number and partition flag is lost and is no way to know if block is full of 0xFF or not to be flashed (NOOP).
i think that NOOP blocks are there because partitions start at flash block boundaries limit so there is some extra space in partition that is not used and does not mater what is in it so is not overwritten by flash process.
THIS IS ALL SUPPOSITION.

on merge content of original rom is preserved till WMB1 EXCEPT file header witch i assume is not flashed. in this header only catalog table entries for WMB1 WMB2 and WMB3 are modified.
i think that if rom will not boot short pin method may be able to flash original rom as part till OS is preserved.

-dec on new .tsw file and file compare with original to make sure they match till OS start 0x050F4000 in the example above

don't take chances unless you know what are you doing and you triple checked. this is untested stuff and may contain bugs
 
Last edited:

arag0n85

Senior Member
Jul 29, 2009
509
4
congratulations cedemish, we are very pround of you. I hope we all can start to develop ROM's properly. Thank you for all your effort!

Just one question, is there any way for testing the rom package like you tried to do in your first release?
 
Last edited:

cedesmith

Retired Recognized Developer
Feb 3, 2010
270
455
Just one question, is there any way for testing the rom package like you tried to do in your first release?

sure
Code:
tgtool -chk  tg01-new.bin
TGTool v1.3.18 copyright(c) 2010 cedesmith

Checking tg01-new.bin has completed without warnings

but keep in mind that it checks only for things i know and i observed in official roms.
is no guarantee that will not brick the phone but if it fails it raises big question marks

yeaaahhhhhhhhhhh!!!.........
Do you think we can flash now costum roms??????

did someone try it??

i hope we will have custom roms. i didn't have the guts to try it. i hope you don't either.
have patience and don't do something stupid :D
 

DunkDream

Senior Member
Apr 22, 2008
423
3
Thanks cedesmith!

This is a milestone in the Rom development for our TG01.

We're now able to create custom Roms. And I'm sure, that someone will try this very soon and will tell us, that he flashed a WM6.5.3 without problems :)

I'll wait until hdubli creates a Rom. I trust him and he said, that he is sure, that he's able to boot WM6.5.3.

Hope you get more donations. I donated directly on the first day you placed the link in your signature. (ID: 7M1172384A419273S)

Best regards,

Manuel
 
Last edited:

DunkDream

Senior Member
Apr 22, 2008
423
3
I got one question cedesmith.

I can remind me that hdubli said, that we need to change the XIP also and not only the payload in order to get WM6.5.3 working.

But for me it seems, that it's only possible to customize the payload and then create a new .bin or .tsw file with your tool at the moment.

So don't we need to customize the XIP or is that the next step of your development?

Here's hdublis post: http://forum.xda-developers.com/showpost.php?p=5886393&postcount=111

Best regards!
 
Last edited:

ABM30

Senior Member
Apr 24, 2009
1,004
346
Congratulations cdsmith!

Thank you very much cdsmith. I was missing a bit today but tomorrow I will try to make a ROM.
Some questions: The new payload length need to be identical with the original one or the packing process take care of it? If needed to be I can fill manually the rest with FF to be sure. Any way on the and of original payload there is a spare space with FF.

....the xip.bin is included in payload. Need first to be extracted, than ported and than injected in the final new payload (after SYS and OEM files was modified/excluded)...but it can hapen that the new ROM will boot also with old XIP, just then the version shown will be a mixture between the old and new one. And maybe some mallfunctions...but not necesary (I allready made in the begining of my cooking, ROMs for ASUS P552 in such a way...:(...but after that I learn more)

...AND A BIG THANKS TO hdubli :), I learned a lot from his ROMs
 

gmx333

Member
Sep 3, 2007
17
0
a word about short pins:
yesterday i updated to official uk rom and tried short pins method for it. it didn't work. sddl+ worked.
short pin checks the file as TG01_SDDL.exe from toshiba does so if OS does not boot and SD Downloader works you may bot be able to restore original rom.
i think is better not to use sddl+ to flash cooked roms as it seams it skips some checks. instead flash original IT debranded with sddl+ then flash unbranded cocked room with TG01_SDD or pins ( file should be named correctly ?)

All this info is for chefs/developers who are willing to test (and sacrifice phone) not for users. I strongly suggest that users don't use it.
i cannot stress enough how dangerous this is.

when shortcutting pins as far as I remember you need to rename the .tsw file in .enc in order to skip the language check.
 

cedesmith

Retired Recognized Developer
Feb 3, 2010
270
455
payload contains WM partition table, boot partition, xip partition, imgfs partition, fat partition (user storage).
for me ImgfsToNb cut off fat partition from payload so roms will probably not boot as noware to save configuration files?
osnbtool seamed to put everything back together nicer.

my hopes are with hdubli right now as he previously announced he is willing to make a rom and to try it.

packing should take care of everything as is relays on info from partition table. there is no need to do anything manually. i was just explaining why a unmodified rebuilded rom is different from original a little.
main idea is that orriginal rom knew that extra FF are filling and no need to waste energy on write them to flash while tgtool does not.
at least is what i suppose.

@ABM30 and others: plz do not make and release a rom till someone test on a phone and we are sure it does not brick anything. ppl will download and flash without reading warning and we might end up with a lot of angry peoples.
 

bird_9527

Senior Member
Feb 6, 2010
146
0
cedesmith

congratuations for your work and the perfect result.

i think you deserve all the respect of us all, you are the real hero for us,becasuse you do so much for us and for this forum.

in compare I want to say I am disappointed for someone other,some people do much and say little,but some people do little and say so much.
 

bird_9527

Senior Member
Feb 6, 2010
146
0

hdubli

Senior Member
Dec 31, 2004
1,137
12
hi cedesmith
thanks for tool, i cooked the rom..but when flash, the sd updater says "invalid file"
the cooked rom size is 234564kb and the original latest tg01 uk rom size is 253572kb
I checked with hex editor as well and the -chk oprion..cannot see anything differrent.
I just cooked the exisitng rom first, as it is to see it it boots or not.may be we miising header? because of size differrence ?
 

bird_9527

Senior Member
Feb 6, 2010
146
0
hi cedesmith
thanks for tool, i cooked the rom..but when flash, the sd updater says "invalid file"
the cooked rom size is 234564kb and the original latest tg01 uk rom size is 253572kb
I checked with hex editor as well and the -chk oprion..cannot see anything differrent.
I just cooked the exisitng rom first, as it is to see it it boots or not.may be we miising header? because of size differrence ?


VOW, hdubli can my japanese tg01 can use your rom too? maybe I can test it in my device...
 

Top Liked Posts

  • There are no posts matching your filters.
  • 1
    I'm proud to present a new version of tgtool with repack support.
    I want to tank cotulla (DES) and viperbjk (PSAS), without their work this would not be possible.


    WARNING: THIS TOOL IS UNTESTED. NOBODY KNOWS WHAT WILL HAPPEN
    WARNING: FLASHING A ROM CREATED WITH THIS TOOL CAN BRICK YOUR PHONE
    WARNING: FLASHING A ROM CREATED WITH THIS TOOL MAY VOID WARRANTY
    WARNING: YOU ARE ASSUMING FULL RESPONSIBILITY FROM USING THIS TOOL
    WARNING: WARNING WARNING WARNING


    if you use this tool you use it on your own risk, i am not responsible if anything bad happens but strongly hope YOU ARE responsible and know what you are doing

    Da Mafia has flashed a rebuild but unmodified rom and phone works.
    Da Mafia has did it again and again, because of him we know we are now close of having a custom ROM so a big THANK YOU for risking your phone for us.
    Novembre5 has flashed a 6.5.5 ROM that didn't booted, he has successfully recovered the phone using pin method.

    Changes:
    1.3.20
    - added -tg01
    - added -t01a
    1.3.19
    - fixed bad unk0 in WMB3
    - extra checks for -chk (partition signatures, length of rom, lenght of payload)
    - repack/merge now automatically checks resulting rom
    - added -dci to display catalog informations
    1.3.18
    - added repack support

    Example to check a rom file:
    Code:
    tgtool -chk TG01WP_5005000176.tsw

    Example decrypt a rom file:
    Code:
    tgtool -dec TG01WP_5005000176.tsw tg01.bin

    Example to extract payload from rom file:
    Code:
    tgtool -sp tg01.bin tg01.os.payload

    Example to insert a payload in a rom file:
    Code:
    tgtool -mp tg01.os.payload tg01.bin tg01-new.bin
    OR
    Code:
    tgtool -mp tg01.os.payload tg01.bin tg01-new.tsw

    Copy note:
    It is required for whomever uses this software and releases a ROM created with it to distribute a copy of the software and this copy note with released rom so rom integrity can be checked.
    It is required for whomever uses this software and releases a ROM created with it to state that this software is a key part in building that ROM and that the ROM could not have been created without it.
    It is required for whomever uses this software and releases a ROM created with it to test the ROM and make sure it is working.
    It is required to inform potential users that ROM created with this software can permanently and irremediably damage the phone.
    This software is provided as it is without any warranty of any kind, express or implied, not even that it does anything useful.

    best wishes
    cedesmith
    1
    we hope he can open tgtool 1.3 source code? Or manually changed it yourself, as like i make the rom for Toshiba g910.
    You can look at tgtool 1.1, no encryption,but no function mp.

    You have this version tool???