Qi-2007
commented
1 month ago log in another version:
MTK Flash/Exploit Client V1.6.0 (c) B.Kerler 2018-2022
Preloader - Status: Waiting for PreLoader VCOM, please connect mobile
Port - Hint:
Power off the phone before connecting.
For brom mode, press and hold vol up, vol dwn, or all hw buttons and connect usb.
For preloader mode, don't press any hw button and connect usb.
If it is already connected and on, hold power for 10 seconds to reset.
...........
Port - Hint:
Power off the phone before connecting.
For brom mode, press and hold vol up, vol dwn, or all hw buttons and connect usb.
For preloader mode, don't press any hw button and connect usb.
If it is already connected and on, hold power for 10 seconds to reset.
...........
Port - Hint:
Power off the phone before connecting.
For brom mode, press and hold vol up, vol dwn, or all hw buttons and connect usb.
For preloader mode, don't press any hw button and connect usb.
If it is already connected and on, hold power for 10 seconds to reset.
.Port - Device detected :)
Preloader - CPU: MT6735/T,MT8735A()
Preloader - HW version: 0x0
Preloader - WDT: 0x10212000
Preloader - Uart: 0x11002000
Preloader - Brom payload addr: 0x100a00
Preloader - DA payload addr: 0x201000
Preloader - CQ_DMA addr: 0x10217c00
Preloader - Var1: 0x28
Preloader - Disabling Watchdog...
Preloader - HW code: 0x321
Preloader - Target config: 0x0
Preloader - SBC enabled: False
Preloader - SLA enabled: False
Preloader - DAA enabled: False
Preloader - SWJTAG enabled: False
Preloader - EPP_PARAM at 0x600 after EMMC_BOOT/SDMMC_BOOT: False
Preloader - Root cert required: False
Preloader - Mem read auth: False
Preloader - Mem write auth: False
Preloader - Cmd 0xC8 blocked: False
Preloader - Get Target info
Preloader - BROM mode detected.
Preloader - HW subcode: 0x8a00
Preloader - HW Ver: 0xca00
Preloader - SW Ver: 0x0
Preloader - ME_ID: 4849A150C9BF548F272BB248CD48A20B
DA_handler - Device is unprotected.
DA_handler - Device is in BROM-Mode. Bypassing security.
PLTools - Loading payload from mt6735_payload.bin, 0x258 bytes
PLTools - Kamakiri / DA Run
Kamakiri - Trying kamakiri2..
Kamakiri - Done sending payload...
PLTools - Successfully sent payload: D:\迅雷下载\miflash\MiFlash2018-5-28-0\Source\ThirdParty\Google\Android\mtkclient\mtkclient\mtkclient\payloads\mt6735_payload.bin
Port - Device detected :)
DA_handler
DA_handler - [LIB]: Device is in BROM mode. No preloader given, trying to dump preloader from ram.
DALegacy - Uploading legacy da...
DALegacy - Uploading legacy stage 1 from MTK_AllInOne_DA_5.2152.bin
legacyext - Legacy DA2 is patched.
legacyext
legacyext - [LIB]: Legacy DA2 CMD F0 not patched.
Preloader - Jumping to 0x200000
Preloader - Jumping to 0x200000: ok.
DALegacy - Got loader sync !
DALegacy - Reading nand info
DALegacy - Reading emmc info
DALegacy - ACK: 04029b
DALegacy - Setting stage 2 config ...
DALegacy - DRAM config needed for : 514e011336334a326200104389649001
DALegacy - Reading dram nand info ...
DALegacy - Sending dram info ...
DALegacy - RAM-Length: 0xbc
DALegacy - Checksum: 1384
DALegacy - M_EXT_RAM_RET : 0
DALegacy - M_EXT_RAM_TYPE : 0x2
DALegacy - M_EXT_RAM_CHIP_SELECT : 0x0
DALegacy - M_EXT_RAM_SIZE : 0x20000000
DALegacy - Uploading stage 2...
DALegacy - Successfully uploaded stage 2
DALegacy - Connected to preloader
DALegacy - Reconnecting to preloader
DALegacy - Connected to preloader
DALegacy - m_int_sram_ret = 0x0
m_int_sram_size = 0x20000
m_ext_ram_ret = 0x0
m_ext_ram_type = 0x2
m_ext_ram_chip_select = 0x0
m_int_sram_ret = 0x0
m_ext_ram_size = 0x20000000
randomid = 0xBE9BF724F5902C3EB12930C4EAA0FE03
m_emmc_ret = 0x0
m_emmc_boot1_size = 0x400000
m_emmc_boot2_size = 0x400000
m_emmc_rpmb_size = 0x400000
m_emmc_gp_size[0] = 0x0
m_emmc_gp_size[1] = 0x0
m_emmc_gp_size[2] = 0x0
m_emmc_gp_size[3] = 0x0
m_emmc_ua_size = 0x3ab400000
m_emmc_cid = 324a333613014e510190728943100062
m_emmc_fwver = 1000000000000000
Done |--------------------------------------------------| 0.0% Read (Sector 0x0 of 0x400) 0.00 MB/sDA_handler
DA_handler - [LIB]: Unknown seccfg partition header. Aborting unlock.
seccfg and boot(1&2): https://zjgzs.lanzoue.com/iRtPy249pdod