FORUMS
Remove All Ads from XDA

Surface RT Downgrade Jailbreak and Exploit.

25 posts
Thanks Meter: 10
 
By Thedarkwolf123, Junior Member on 19th July 2018, 05:49 PM
Post Reply Email Thread
With a lot of work scrounging around, I've found all the pieces that fit making a jail-broken OS boot-ready Surface RT. As of Now like 5 or 6 years after it's release, there still doesn't seem to be a OS prepared to run on the Surface RT, but maybe if this thread gets enough popularity someone can get an android OS (Possibly derived from an Asus TF502T) Or a debian style Linux build for it. Credit to @ShapeShifter499 for secure boot unlock, @mamaich for Hard drive repartition instructions, @Screeny for original Downgrade instructions, and @netham45 for jailbreak tool and I have posted links to other threads that will also help once 8.1 is downgraded and jailbroken. Here are all files shared and ready for you:
https://drive.google.com/drive/folde...J9?usp=sharing
And Here goes the instructions for the boot-ready Surface RT
1. Create Recovery usb stick (search for recovery drive in control panel, not the file recovery(you might want that too though))
2. Download Surface RT 8.0 Recovery (Took me forever to find, microsoft has removed it from it's site, i have included)
3. Unzip and Copy the file "install.wim" (located under "sources" from your downloaded 8.0 recovery image) to the root of your 8.1 recovery USB stick
4. Reboot into Recovery with the 8.1 recovery stick.
5. Open Command Prompt
6. Use DiskPart to clean the whole Disk (I had to use the override command)
7. While in Disk part use the following commands- (Minus the rem parts)
convert gpt
rem === 1. Windows RE tools partition ===========
create partition primary size=350
format quick fs=ntfs label="WinRE"
set id="de94bba4-06d1-4d40-a16a-bfd50179d6ac"
assign letter="T"
gpt attributes=0x8000000000000001
rem === 2. System partition =====================
create partition efi size=200
rem *** NOTE: For 4KB-per-sector drives, change this value to 260
format quick fs=fat32 label="System"
assign letter="S"
rem === 3. Microsoft Reserved (MSR) partition ===
create partition msr size=128
rem === 4. Windows partition ====================
rem == a. Create Windows partition ===========
create partition primary
rem == b. Create space for recovery image ====
shrink minimum=3600
rem == c. Prepare the Windows partition ======
format quick fs=ntfs label="Windows"
assign letter="W"
rem === 5. Recovery image partition =============
create partition primary
format quick fs=ntfs label="Recovery Image"
set id="de94bba4-06d1-4d40-a16a-bfd50179d6ac"
assign letter="R"
gpt attributes=0x8000000000000001
exit
8. While in Command Prompt do the following
Dism /apply-image /imagefile: U:\Install.Wim /index:1 /ApplyDir:W:\
(Make sure to include spaces in the proper places and replace U with your Recovery Drive letter, can be found with Diskpart command 'list vol')
bootrec /fixboot
9. Restart, login and disable automatic updates
10. Disable Bitlocker with administative command prompt with the following
manage-bde -unlock C: -RecoveryPassword YOUR-BITLOCKER-RECOVERY-KEY-HERE (Find your bitlocker code it has changed)
manage-bde -off C:
11. get the secureboot file and run the cmd file as admin. (use volume keys and windows button to select accept when the time comes)
12. After reboot (If stuck in bitlocker bootloop use recovery cmd to do #10) run administrative cmd and use- bcdedit /set {default} testsigning on && bcdedit /set {bootmgr} testsigning on
13. Use RT_jailbreak in administrative mode to run unsigned apps
14. Use SignTool to Sign any apps you want to continue to run
(optional)
15. use @VNNGYN development tool to continue updates and remove infected updates


I am Soon to test whether i can update directly from final state at #14 to windows 8.1 using the update file and development tool given without ruining anything noticable (Probably safer to run through all updates naturally but I'm impatient), will update with details as soon as I am successful.
---Update---- Microsoft seems to force going through the whole update process so no direct updating to 8.1------
Hopefully people can get the ball rolling with some other OS working fully on this tablet unlike windows 10 iot flop.
Development tool: https://forum.xda-developers.com/win...ploit-t3226835
Hacked Desktop Apps: https://forum.xda-developers.com/sho....php?t=2092348
Compiling guide: https://forum.xda-developers.com/sho....php?t=2096820
One Desktop app store: https://forum.xda-developers.com/sho....php?t=2559750
Another Desktop app store: https://forum.xda-developers.com/sho....php?t=2546221

I apologize if there's anything I missed, these are the same steps I took and where I'm at, once an OS development becomes available I will update a reserved comment.
The Following 2 Users Say Thank You to Thedarkwolf123 For This Useful Post: [ View ] Gift Thedarkwolf123 Ad-Free
 
 
19th July 2018, 05:50 PM |#2  
OP Junior Member
Flag Durham
Thanks Meter: 10
 
Donate to Me
More
Reserved
19th July 2018, 10:42 PM |#3  
Senior Member
Thanks Meter: 353
 
More
Just as a clarification, this will only work for the original Surface RT. This will not work with the Surface 2
The Following User Says Thank You to Qiangong2 For This Useful Post: [ View ] Gift Qiangong2 Ad-Free
4th August 2018, 03:55 AM |#4  
Senior Member
Thanks Meter: 87
 
More
I want to clarify, I DID NOT CREATE THE UNLOCK. I just dug around and recused the needed files for the unlock. Many of them were dead links and lead nowhere. I found them scattered on forum postings, threads, and https://archive.org/ If I had to create this unlock from scratch it would take decades I'd think as currently I don't have the knowledge required for this sort of hacking.
8th September 2018, 03:36 PM |#5  
Junior Member
Thanks Meter: 0
 
More
Hi
After the step 8, why restart while then /EFI is always empty ?
6th December 2018, 02:36 PM |#6  
Junior Member
Flag Solent
Thanks Meter: 1
 
Donate to Me
More
I bootloop after doing bootrec /fixboot

and have to start all over again, anything to suggest here?
12th January 2019, 09:59 AM |#7  
Junior Member
Thanks Meter: 0
 
More
will Surface RT 8.0 North America restore a Vivotab?
[QUOTE=<snip>..... Here are all files shared and ready for you:
drive google com/drive/folders/12VilYYz-gF82qzzs6qOkUXoaKz2us8J9?usp=sharing
.[/QUOTE]

Is that the w8 rt restore image I can use to repair my asus vivotab w8 rt?
4th February 2019, 08:00 PM |#8  
Junior Member
Thanks Meter: 1
 
More
Can't get past step 8, Surface RT won't boot properly.

Have tried for 4KB-per-sector drives and won't work either way. Any suggestions?
The Following User Says Thank You to Rizhe For This Useful Post: [ View ] Gift Rizhe Ad-Free
5th February 2019, 10:45 PM |#9  
Junior Member
Thanks Meter: 0
 
More
Dism /apply-image /imagefile: U:\Install.Wim /index:1 /ApplyDir:W:\
There is no space between imagefile and letter usb. Follow as below.

Dism /apply-image /imagefile:U:\Install.Wim /index:1 /ApplyDir:W:\

Change U with your own USB Stick drive letter.
7th April 2019, 04:27 PM |#10  
Junior Member
Thanks Meter: 0
 
More
well first of one, thanks a lot for your effort , i couldnt pass after the step 8 , as all the previous guys, i tried with this tutorial and the original one, more easy only with one partition (ntfs), i think that the steps are corrects but the problem is that the efi partition is empty an if you try to put the efi zip that is on google drive this efi doesnt work, i hope some one could explain with more details because the surface tablet is a very good one and the possibility to install another sw is required because microsoft sw in the store is very limited and discontinued.
9th April 2019, 04:53 PM |#11  
Senior Member
Flag New Delhi
Thanks Meter: 44
 
More
Hi, I have a Surface RT but its detachable keyboard is broken. Do I need the physical keyboard in this tutorial?
Pls respond
Post Reply Subscribe to Thread

Tags
exploit, jailbreaking, surface rt

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes