github-actions[bot]
commented
3 months ago Stale issue message
Closed DeeKatsanos closed 2 months ago
github-actions[bot]
commented
3 months ago Stale issue message
I've got a bricked a145r, probably due to using shady mtk tools. phone keeps connecting and disconnecting from my pc, stuck into preloader state. most mtkclient commands seem to work after 2-3 tries, however the phone just won't boot. I can't seem to find a scatter file or any firmware to flash other than an odin one, and I'm kind of new to the samsung flashing stuff (although i have had previous experience with mtk and snapdragon). any help is greatly appreciated, the log below was produced with mtk reset.
.......Port - Device detected :) Preloader - CPU: MT6768/MT6769(Helio P65/G85 k68v1) Preloader - HW version: 0x0 Preloader - WDT: 0x10007000 Preloader - Uart: 0x11002000 Preloader - Brom payload addr: 0x100a00 Preloader - DA payload addr: 0x201000 Preloader - CQ_DMA addr: 0x10212000 Preloader - Var1: 0x25 Preloader - Disabling Watchdog... Preloader - HW code: 0x707 Preloader - Target config: 0xe5 Preloader - SBC enabled: True Preloader - SLA enabled: False Preloader - DAA enabled: True Preloader - SWJTAG enabled: True Preloader - EPP_PARAM at 0x600 after EMMC_BOOT/SDMMC_BOOT: False Preloader - Root cert required: False Preloader - Mem read auth: True Preloader - Mem write auth: True Preloader - Cmd 0xC8 blocked: True Preloader - Get Target info Preloader - BROM mode detected. Preloader - HW subcode: 0x8a00 Preloader - HW Ver: 0xca00 Preloader - SW Ver: 0x0 Preloader - ME_ID: AB8ADF948F1285372BF538A7EF6F4F78 Preloader - SOC_ID: 716292CDAE6A52EA4773C3C51EDB8A69AB95A194125140BF7992B645CB069110 PLTools - Loading payload from mt6768_payload.bin, 0x264 bytes Exploitation - Kamakiri Run Exploitation - Done sending payload... PLTools - Successfully sent payload: C:\Users\mrHAC\Downloads\mtkclient\mtkclient-main\mtkclient\payloads\mt6768_payload.bin Port - Device detected :) DA_handler - Device was protected. Successfully bypassed security. DA_handler - Device is in BROM mode. Trying to dump preloader. DAXFlash - Uploading xflash stage 1 from MTK_DA_V5.bin xflashext - Patching da1 ... Mtk - Patched "Patched loader msg" in preloader Mtk - Patched "hash_check" in preloader xflashext xflashext - [LIB]: Error on patching da1 version check... Mtk - Patched "Patched loader msg" in preloader Mtk - Patched "get_vfy_policy" in preloader xflashext - Patching da2 ... xflashext - DA version anti-rollback patched DAXFlash - Successfully uploaded stage 1, jumping .. Preloader - Jumping to 0x200000 Preloader - Jumping to 0x200000: ok. DAXFlash - Successfully received DA sync DAXFlash - Sending emi data ... DAXFlash - DRAM setup passed. DAXFlash - Sending emi data succeeded. DAXFlash - Uploading stage 2... DAXFlash - Upload data was accepted. Jumping to stage 2... DAXFlash - Successfully uploaded stage 2 DAXFlash - EMMC FWVer: 0x0 DAXFlash - EMMC ID: DP6DBB DAXFlash - EMMC CID: 1501004450364442420078b2dc3a1a89 DAXFlash - EMMC Boot1 Size: 0x400000 DAXFlash - EMMC Boot2 Size: 0x400000 DAXFlash - EMMC GP1 Size: 0x0 DAXFlash - EMMC GP2 Size: 0x0 DAXFlash - EMMC GP3 Size: 0x0 DAXFlash - EMMC GP4 Size: 0x0 DAXFlash - EMMC RPMB Size: 0x1000000 DAXFlash - EMMC USER Size: 0xe8f800000 DAXFlash - HW-CODE : 0x707 DAXFlash - HWSUB-CODE : 0x8A00 DAXFlash - HW-VERSION : 0xCA00 DAXFlash - SW-VERSION : 0x0 DAXFlash - CHIP-EVOLUTION : 0x1 DAXFlash - DA-VERSION : 1.0 DAXFlash - Extensions were accepted. Jumping to extensions... DAXFlash - DA Extensions successfully added Reset command was sent. Disconnect usb cable to power off.
the script gets stuck for a bit in the "DA Extensions succesfully added" command. Bootloader is locked. Also, remarkable is the fact that by using one of those tools, I managed to reboot to factory mode and whenever I force rebooted it, it would always boot into factory mode. edit: forgot to mention that I've got no screen/vibration output whatsoever. edit 2: I've tried to remove the battery and "insert" it again, it didn't help either. edit 3: ffforgot to mention I can dump partitions, if it helps with further debugging! saw some errors when hex reading boot1.bin, however I'm blind checking, don't know if these errors are related. edit 4: mtkclient crashes with no further log when trying to flash preloader and boot2, right after write progress 100%