Closed mouzei closed 3 months ago
The problem starts from https://github.com/bkerler/mtkclient/tree/9e54803fb5b6cb34842bcf95aaeb5d4a2e7df5ea
The problem starts from https://github.com/bkerler/mtkclient/tree/9e54803fb5b6cb34842bcf95aaeb5d4a2e7df5ea
I found the issue, thanks for pinpointing the erroneous commit. Let's hope the devs can fix it soon.
This is a duplicate of #1034. I've written some info there if you want to patch it yourself.
The problem starts from https://github.com/bkerler/mtkclient/tree/9e54803fb5b6cb34842bcf95aaeb5d4a2e7df5ea
I found the issue, thanks for pinpointing the erroneous commit. Let's hope the devs can fix it soon.
This is a duplicate of #1034. I've written some info there if you want to patch it yourself.
I changed if mtk.serialportname: mtk.port.serial_handshake() else: mtk.port.handshake() into mtk.port.run_handshake() in mtkclient/Library/mtk_class.py, then it can run normally.
it's fixed by now.
The latest version still has this issue, the old version can. I am using a mobile phone with MTK6771CPU.
DA_handler - Device is protected.
DA_handler - Device is in BROM-Mode. Bypassing security.
PLTools - Loading payload from mt6771_payload.bin, 0x264 bytes
Exploitation - Kamakiri Run
Exploitation - Done sending payload...
PLTools - Successfully sent payload: C:\Users\y\Downloads\mtkclient-main\mtkclient-main\mtkclient\payloads\mt6771_payload.bin
Port - Device detected :)
DA_handler
DA_handler - [LIB]: [33mDevice is in BROM mode. No preloader given, trying to dump preloader from ram.[0m
DA_handler
DA_handler - [LIB]: [31mFailed to dump preloader from ram, provide a valid one via --preloader option[0m
Traceback (most recent call last):
File "C:\Users\y\Downloads\mtkclient-main\mtkclient-main\mtk", line 946, in
@Yangp0626 please create a new issue and refer to mt6771 as it is a different issue.
cannot dump preloader: https://github.com/bkerler/mtkclient/commit/27982d47ba4f05fef219a388718554072a9e550b version that can be used normally: https://github.com/bkerler/mtkclient/commit/8e46df657c5dbed0d657ac0643da06b1151a5797
output:
.....Port - Device detected :) Preloader - CPU: MT6797/MT6767(Helio X23/X25/X27) Preloader - HW version: 0x0 Preloader - WDT: 0x10007000 Preloader - Uart: 0x11002000 Preloader - Brom payload addr: 0x100a00 Preloader - DA payload addr: 0x201000 Preloader - CQ_DMA addr: 0x10212c00 Preloader - Var1: 0xa Preloader - Disabling Watchdog... Preloader - HW code: 0x279 Preloader - Target config: 0x7 Preloader - SBC enabled: True Preloader - SLA enabled: True Preloader - DAA enabled: True Preloader - SWJTAG enabled: True Preloader - EPP_PARAM at 0x600 after EMMC_BOOT/SDMMC_BOOT: False Preloader - Root cert required: False Preloader - Mem read auth: False Preloader - Mem write auth: False Preloader - Cmd 0xC8 blocked: False Preloader - Get Target info Preloader - BROM mode detected. Preloader - HW subcode: 0x8a00 Preloader - HW Ver: 0xca01 Preloader - SW Ver: 0x0 Preloader - ME_ID: xxx DA_handler - Device is protected. DA_handler - Device is in BROM-Mode. Bypassing security. PLTools - Loading payload from mt6797_payload.bin, 0x258 bytes Exploitation - Kamakiri Run Exploitation - Done sending payload... PLTools - Successfully sent payload: C:\Users\Administrator\Desktop\mtkclient-main\mtkclient\payloads\mt6797_payload.bin DA_handler DA_handler - [LIB]: [33mDevice is in BROM mode. No preloader given, trying to dump preloader from ram.[0m DA_handler DA_handler - [LIB]: [31mFailed to dump preloader from ram, provide a valid one via --preloader option[0m Traceback (most recent call last): File "C:\Users\Administrator\Desktop\mtkclient-main\mtk", line 943, in
mtk = Main(args).run(parser)
File "C:\Users\Administrator\Desktop\mtkclient-main\mtkclient\Library\mtk_main.py", line 653, in run
mtk = da_handler.configure_da(mtk, preloader)
File "C:\Users\Administrator\Desktop\mtkclient-main\mtkclient\Library\DA\mtk_da_handler.py", line 149, in configure_da
if not mtk.daloader.upload_da(preloader=preloader):
File "C:\Users\Administrator\Desktop\mtkclient-main\mtkclient\Library\DA\mtk_daloader.py", line 295, in upload_da
return self.da.upload_da()
File "C:\Users\Administrator\Desktop\mtkclient-main\mtkclient\Library\DA\xflash\xflash_lib.py", line 1107, in upload_da
self.kamakiri_pl.initbrom()
File "C:\Users\Administrator\Desktop\mtkclient-main\mtkclient\Library\Exploit\kamakiri_pl.py", line 22, in initbrom
getVal = self.mtk.port.cdc.device.ctrl_transfer(bmRequestType=0xa1,
File "D:\xxx\python\lib\site-packages\usb\core.py", line 1082, in ctrl_transfer
ret = self._ctx.backend.ctrl_transfer(
File "D:\xxx\python\lib\site-packages\usb\backend\libusb1.py", line 893, in ctrl_transfer
ret = _check(self.lib.libusb_control_transfer(
File "D:\xxx\python\lib\site-packages\usb\backend\libusb1.py", line 602, in _check
raise USBTimeoutError(_strerror(ret), ret, _libusb_errno[ret])
usb.core.USBTimeoutError: [Errno 10060] Operation timed out