tadekdudek
commented
8 months ago Using 1a1f8719f53acddb24c9d030126683de7c022222 commit may help... but for other devices. I tried to unlock this device with mtkclient too, but finally used official xiaomi unlocker, because mtkclient's unlock just doesn't work.
I enabled oem unlock option on my redmi 6a and i thought this tool will work for unlocking it. can you still check if its possible to use this tool so i dont use the xiaomi unlock tool from their website?
Port - Device detected :) Preloader - CPU: MT6765/MT8768t(Helio P35/G35) Preloader - HW version: 0x0 Preloader - WDT: 0x10007000 Preloader - Uart: 0x11002000 Preloader - Brom payload addr: 0x100a00 Preloader - DA payload addr: 0x201000 Preloader - CQ_DMA addr: 0x10212000 Preloader - Var1: 0x25 Preloader - Disabling Watchdog... Preloader - HW code: 0x766 Preloader - Target config: 0xe7 Preloader - SBC enabled: True Preloader - SLA enabled: True Preloader - DAA enabled: True Preloader - SWJTAG enabled: True Preloader - EPP_PARAM at 0x600 after EMMC_BOOT/SDMMC_BOOT: False Preloader - Root cert required: False Preloader - Mem read auth: True Preloader - Mem write auth: True Preloader - Cmd 0xC8 blocked: True Preloader - Get Target info Preloader - BROM mode detected. Preloader - HW subcode: 0x8a00 Preloader - HW Ver: 0xca00 Preloader - SW Ver: 0x0 Preloader - ME_ID: 70493F32CA153625CD42E6BE2711D299 Preloader - SOC_ID: 4041A03370DB8E92BD7BCC8E706B839895345E631B9A67118136AAD54A423BF9 Preloader Preloader - [LIB]: Send auth error:DAA_Security_Error (0x7017) PLTools - Loading payload from mt6765_payload.bin, 0x264 bytes Exploitation - Kamakiri Run Exploitation - Done sending payload... PLTools - Successfully sent payload: /home/jeff/mtkclient/mtkclient/payloads/mt6765_payload.bin Port - Device detected :) DA_handler - Device is protected. DA_handler - Device is in BROM mode. Trying to dump preloader. DAXFlash - Uploading xflash stage 1 from MTK_DA_V5.bin DAXFlash - Successfully uploaded stage 1, jumping .. Preloader - Jumping to 0x200000 Preloader - Jumping to 0x200000: ok. DAXFlash - Successfully received DA sync DAXFlash - Sending emi data ... DAXFlash - DRAM setup passed. DAXFlash - Sending emi data succeeded. DAXFlash - Uploading stage 2... DAXFlash - Upload data was accepted. Jumping to stage 2... DAXFlash - Successfully uploaded stage 2 DAXFlash - EMMC FWVer: 0x0 DAXFlash - EMMC ID: HAG4a2 DAXFlash - EMMC CID: 90014a484147346132a54d4b903b16ef DAXFlash - EMMC Boot1 Size: 0x400000 DAXFlash - EMMC Boot2 Size: 0x400000 DAXFlash - EMMC GP1 Size: 0x0 DAXFlash - EMMC GP2 Size: 0x0 DAXFlash - EMMC GP3 Size: 0x0 DAXFlash - EMMC GP4 Size: 0x0 DAXFlash - EMMC RPMB Size: 0x400000 DAXFlash - EMMC USER Size: 0x3ab400000 DAXFlash - HW-CODE : 0x766 DAXFlash - HWSUB-CODE : 0x8A00 DAXFlash - HW-VERSION : 0xCA00 DAXFlash - SW-VERSION : 0x0 DAXFlash - CHIP-EVOLUTION : 0x0 DAXFlash - DA-VERSION : 1.0 DAXFlash DAXFlash - [LIB]: Error on sending data: DA hash mismatch (0xc0070004) DAXFlash DAXFlash - [LIB]: DA Extensions failed to enable xflashext - Detected V4 Lockstate sej - HACC init xflashext xflashext - [LIB]: Unsupported ctrl codeits too long and the text just keep repeating till this last message
xflashext - [LIB]: Unsupported ctrl code DA_handler DA_handler - [LIB]: Device has is either already unlocked or algo is unknown. Aborting.