Root Auto-Key Factory Recovery Patcher--- Testers Wanted

[luciferxe]

I will gladly test this on my ot-4037T with locked bootloader. Is their anything else I should know about the environment besides ubuntu(i am guessing 14.04?) adb and android sdk?

Thank you for your hard work. I have been working on trying to crack the bootloader. I have gotten pretty far. I even have an auth file that almost works. (error 6004).

If this works as is I would be extremely happy

 

[jtpiano]

I am testing your script and ran into issues. Feel free to PM me if you want. I am in the key maker menu and trying to run item-
4. Process stock factory key.

The menu simply returns to the prompt and doesn't appear to do anything. I did place a copy of my recovery(boot) and system partition images in the folder manually after creating them using DD.

More Info
Private Key Status: Private Key Exists4
Factory Key Status: Please Process Factory Key
Factory Key Status: Please Get the Factory Key

 

[gedeon solis]

could you provide me the map file of the alcatel fierce 2 (7040N) metropcs version

 

[Bigcountry907]

Sorry guys I got away from this project for a wile. New job and summer took over.
Anyway I know alot of the scripts work and some dont. Nothing will hurt your phone. there are multiple tools forr boot img and rom building. It pretty much takes the manual processes we go through and makes them automatic.

At any rate im messin with a desire 626s and about to pull this tool out again. If i get some things patched up Ill re post a new version.

Also if you know how to code shell script it should be pretty easy to follow my menus and trace them back to the commands it uses. Then you could finish a routine or write in your own. The entire program is shell script and is a very good template to build further commands with.

I ran this in ubuntu 14.04 with a development environment set up to build cyanogenmod.
So if you run ubuntu and have a dev system set up you should have no problems.

I wrote literally a few thousand lines. Guess it's time for me to finish it up.

 

[Bigcountry907]

Hello all I am resurrecting this project.
Gonna finish up the scripts.

 

[Bigcountry907]

I am making some progress but primarily working with a HTC Desire 626s.
In the meantime if any of you want to try this method let me know.

I will patch your recovery.img for you and make you a file signer.

If there is anything else specific you are trying to do let me know and i'll see if I can help.

If you have a HTC device lets get together for sure. I got a lot happening in that arena.

 

[RealWelder]

I have a phone that I would like to try this on, but it has a locked bootloader... How exactly does this work? Will it still have the same boot signature?

 

[Bigcountry907]

It's all good.
As long as you have root or enough access to do a dd if=
flash of the recovery image your phone will never know the difference.

However I cannot guarantee the result of changing your system or other files.
The recovery will be no problem.

But be smart.......Backup your phone partition for partition......
no onandroid or twrp backup alone use all !!!!!!! Onandroid + TWRP if possible + look for a factory rm that is currently flashable + do the below ( BACKUP EVERY PARTITION OF THE DEVICE)
do cat proc/emmc or cat proc/mtd
fully copy every partition of your device before changing anything.

If you can do that then I assume you are familiar with the ( dd if= ) command of the adb shell.

You get a complete backup of every partition of the device and I will show you a way in.

Provided you understand the Meta-Inf UPDATER-SCRIPT.

Technically the Edify Script.

If you have no idea what i'm talking about then this will not do you any good.
Otherwise lets do this.

I will patch your recovery if you send it to me. Use dd if= or flashify to pull it from your rooted device.
I will send it back patched and with a script to sign the zip files.
I will sign some tester zips for you if you like.

Worse case scenerio. As long as you cand adb flash dd if= the recovery.img or even better if you can Fastboot flash recovery recovery.img we can allways fix your device.

Do some testing. See what kinda ADB or Fastboot access you have in recovery or fastboot modes.

No matter what flashing a bad recovery will not boot loop you.
The recovery simply wont load.
Reflash the original recovery and you are as good as out of the box.

WANT TO GET OUT OF THE BOX.

Well lets do this. ~

 

[Bigcountry907]

Sorry I didn't answer your signature question.

Yes the recovery will in most cases have the same signature " Maybe not with HTC"

It is the KERNEL that is signed and we are replacing some bytes in the Ramdisk not the kernel.

The easiest way i can tell you to check for a signature !!!!

Unpack the recovery.img using
https://github.com/xiaolu/mkbootimg_tools

Repack the recovery.img using
https://github.com/xiaolu/mkbootimg_tools

If the file sizes are different and that difference = the number of bytes as your average RSA signature.

Well then the entire image is signed.

If not then just the KERNEL may be signed.

Since were not changing the kernel the kernel signature will remain intact.

This is easy enough for me to verify as well.

 

[RealWelder]

https://drive.google.com/file/d/0B3XczzpnAnvwdEx4czc1VV9zWGs/view?usp=drivesdk
This is for an LG L15C.

 

[Bigcountry907]

I will post up the patched recovery in a couple hours. Life has been busy for me.
Do you have a ota or flashable rom for this phone?

 

[RealWelder]

No. Bootloader is locked and stock recovery. I do have a couple of zips to use to test. I just hope it passes the signature check.

 

[Bigcountry907]

Ok as long as you know your zips are not going to cause damage.

You will need to send me the zips so I can sign them with the keys I made to go with the recovery.
I will send you the key pair so you can sign your own files but you need to sign with the -w option.
Do you know how to do that? "signing"
Are you on linux or windows?
If your on ubuntu and have openssl installed I can put you together a script.

Can't help you with windows. I can give you the linux command but windows i'm not sure of.
I will have the recovery shortly.

 

[Bigcountry907]

For the LG L15C ONLY !!!!!!!!!

https://drive.google.com/open?id=0B8jitdIyh2Ntcl93THBtUUhaeFU

There you go.
There's the recovery + the keyset.
Use the pair of releasekeys to sign any zip you want to flash.
After you flash the new recovery of course.

Let me know how it goes.
Backup your phone before you flash anything !!!!!!!!

If you need files signed put em on google dirve or something.
Only takes me a min to sign em.

Enjoy

 

[RealWelder]

Thanks brother. Gonna test in a little bit.

 

[Bigcountry907]

@RealWelder

How did it work out for you? Did your .zip files pass signature verification?

 

[RealWelder]

It won't let me download. Says network connection error try again later. So I figured I'd try today, but same thing. You might need to check your link. Thanks again.

 

[Bigcountry907]

Ok sorry about that. Drive usually isn't a problem.
I bet my google drive traffic is off the charts and they might have killed it.

 

[Bigcountry907]

Testing to see if I can just upload through this site.


It worked. Cool.
There you go ( For thr LG Phone only)

 

[RealWelder]

Won't let me download this either. Might try mega... I have a different device that I would like to test this on. The lg phone is literally brand new and I'm a little worried about testing on it. However, I just got ahold of a ZTE Warp Elite and the screen is shattered. (Much better for testing.) Anyways, If I upload the warp's recovery image could you patch it and download a SuperSU zip file and sign it? If this works it will definitely spark interest. This phone only has temp root and the bootloader is locked, but I've already tried flashing a different recovery and it reverts back to stock recovery. (I'm guessing because of the signature.)

 

[Bigcountry907]

Ya send the recovery.
Not sure why you cant download.
I tested the links and there good.
Check your computer. Or use a download manager on the phone.

 

[Bigcountry907]

but I've already tried flashing a different recovery and it reverts back to stock recovery. (I'm guessing because of the signature.)

Some roms copy a fresh recovery every time they boot.
Check out INIT.d

You will have to edit the init scripts in the ramdisk.

 

[RealWelder]

https://drive.google.com/file/d/0B3XczzpnAnvweHBPSjEyZ0VrTGc/view?usp=drivesdk ZTE Warp Elite Stock Recovery

 

[RealWelder]

I've been using Tapatalk, I'll try to download the other image on my cpu and see if I can get it.

 

[asianrocker]

Can I use this on a brick fierce 2? How do I even connect a brick phone on this program?