Erase Full eMMC on my old BLU C5L 2020 (C0070WW) with spreadtrum_flash?

TomKing062 / CVE-2022-38694_unlock_bootloader

This is a one-time signature verification bypass. For persistent signature verification bypass, check https://github.com/TomKing062/CVE-2022-38691_38692

266 stars 39 forks source link

Erase Full eMMC on my old BLU C5L 2020 (C0070WW) with spreadtrum_flash? #25

Closed CE1CECL closed 11 months ago

CE1CECL commented 11 months ago

( ( clear ) && ( ( yes yes ) | "./spd_dump" keep_charge 1 fdl "./DownloadFiles/fdl1-sign.bin" 0x00005000 fdl "./DownloadFiles/fdl2-sign.bin" 0x9EFFFE00 erase_part user_partition power_off ) )

Waiting for connection (30s)
libusb_control_transfer ok
CHECK_BAUD bootrom
BSL_REP_VER: "SPRD3\0"
CMD_CONNECT bootrom
SEND FDL1
EXEC FDL1
CHECK_BAUD FAIL
CHECK_BAUD FDL1
BSL_REP_VER: "Spreadtrum Boot Block version 1.1\0"
CMD_CONNECT FDL1
KEEP_CHARGE FDL1
SEND ./DownloadFiles/fdl2-sign.bin
Answer "yes" to confirm the "erase partition" command: timeout reached

Is it possible to add support for this sp9832e_1h10_gofu PoS device? What may I need to send you to help?

CE1CECL commented 11 months ago

Progress being made, though there is no flash progress bar, I know it's done when it tells me it is: https://github.com/ChrisEric1/spreadtrum_flash/commit/768127125d4be47b05ec07981933517d4782f0ab

CE1CECL commented 11 months ago

Update: Your fork doesn't seem to read my partitions but it did the erase and I am using https://github.com/CE1CECL/spreadtrum_flash/commit/4d4437a05ed9fc574ca0127f356ab90e84d6c975 to read it and it responds, yours doesn't for some reason.

ilyakurdyukov commented 11 months ago

Stop creating completely wrong pull requests here and there.

You can increase the timeout using the timeout <milliseconds> command, if you think the device is still running.

If you want to increase the timeout to an hour: timeout 3600000 erase_part user_partition

BenEdridge commented 9 months ago

@CE1CECL how did you get on with the sp9832e device? Were you able to root?

CE1CECL commented 9 months ago

@CE1CECL how did you get on with the sp9832e device? Were you able to root?

I had to use this repo: https://github.com/ilyakurdyukov/spreadtrum_flash Then I had to backup the boot & vbmeta partitions, install magisk 22.1 (MagiskHide), send the boot file to the app, and flash it back to my device, and need to sign it too. You don't need to access fastboot to unlock, it just works. May I ask what device? Edit: TomKing062's repo doesn't work because it is just for devices that are added for support rather, so the mainline one works just fine.

BenEdridge commented 9 months ago

@CE1CECL how did you get on with the sp9832e device? Were you able to root?

I had to use this repo: ilyakurdyukov/spreadtrum_flash Then I had to backup the boot & vbmeta partitions, install magisk 22.1 (MagiskHide), send the boot file to the app, and flash it back to my device, and need to sign it too. You don't need to access fastboot to unlock, it just works. May I ask what device? Edit: TomKing062's repo doesn't work because it is just for devices that are added for support rather, so the mainline one works just fine.

Amazing. Thank you.

I'm using a PAX A920Pro and have managed to get interaction with the device but I appear to having issues after that. It appears that I need to build a custom fdl or add some other device configuration. I've moved the discussion over to the repo you mentioned and added an issue: https://github.com/ilyakurdyukov/spreadtrum_flash/issues/6