Open mouzei opened 6 months ago
.Port - Device detected :) Preloader - CPU: MT6757/MT6757D(Helio P20) Preloader - HW version: 0x0 Preloader - WDT: 0x10007000 Preloader - Uart: 0x11002000 Preloader - Brom payload addr: 0x100a00 Preloader - DA payload addr: 0x201000 Preloader - CQ_DMA addr: 0x10212c00 Preloader - Var1: 0xa Preloader - Disabling Watchdog... Preloader - HW code: 0x551 Preloader - Target config: 0xe5 Preloader - SBC enabled: True Preloader - SLA enabled: False Preloader - DAA enabled: True Preloader - SWJTAG enabled: True Preloader - EPP_PARAM at 0x600 after EMMC_BOOT/SDMMC_BOOT: False Preloader - Root cert required: False Preloader - Mem read auth: True Preloader - Mem write auth: True Preloader - Cmd 0xC8 blocked: True Preloader - Get Target info Preloader - BROM mode detected. Preloader - HW subcode: 0x8a00 Preloader - HW Ver: 0xcb00 Preloader - SW Ver: 0x1 Preloader - ME_ID: XXX DA_handler - Device is protected. DA_handler - Device is in BROM-Mode. Bypassing security. PLTools - Loading payload from mt6757_payload.bin, 0x258 bytes Exploitation - Kamakiri Run Exploitation - Done sending payload... PLTools - Successfully sent payload: D:\mtkclient\mtkclient\payloads\mt6757_payload.bin Port - Device detected :) DA_handler DA_handler - [LIB]: Device is in BROM mode. No preloader given, trying to dump preloader from ram. Preloader Preloader - [LIB]: Unknown: 0x1d08 DA_handler DA_handler - [LIB]: Failed to dump preloader from ram, provide a valid one via --preloader option Traceback (most recent call last): File "D:\mtkclient\mtk", line 948, in mtk = Main(args).run(parser) File "D:\mtkclient\mtkclient\Library\mtk_main.py", line 652, in run mtk = da_handler.configure_da(mtk, preloader) File "D:\mtkclient\mtkclient\Library\DA\mtk_da_handler.py", line 146, in configure_da if not mtk.daloader.upload_da(preloader=preloader): File "D:\mtkclient\mtkclient\Library\DA\mtk_daloader.py", line 292, in upload_da return self.da.upload_da() File "D:\mtkclient\mtkclient\Library\DA\xflash\xflash_lib.py", line 1107, in upload_da self.kamakiri_pl.initbrom() File "D:\mtkclient\mtkclient\Library\Exploit\kamakiri_pl.py", line 22, in initbrom getVal = self.mtk.port.cdc.device.ctrl_transfer(bmRequestType=0xa1, File "D:\python\lib\site-packages\usb\core.py", line 1082, in ctrl_transfer ret = self._ctx.backend.ctrl_transfer( File "D:\python\lib\site-packages\usb\backend\libusb1.py", line 893, in ctrl_transfer ret = _check(self.lib.libusb_control_transfer( File "D:\python\lib\site-packages\usb\backend\libusb1.py", line 602, in _check raise USBTimeoutError(_strerror(ret), ret, _libusb_errno[ret]) usb.core.USBTimeoutError: [Errno 10060] Operation timed out
I tried two MT6757D devices (GIONEE S10 and MEIZU Pro7) and both encountered the same problem.
Stale issue message
github-actions[bot]
commented
4 months ago github-actions[bot]
commented
4 months ago
.Port - Device detected :) Preloader - CPU: MT6757/MT6757D(Helio P20) Preloader - HW version: 0x0 Preloader - WDT: 0x10007000 Preloader - Uart: 0x11002000 Preloader - Brom payload addr: 0x100a00 Preloader - DA payload addr: 0x201000 Preloader - CQ_DMA addr: 0x10212c00 Preloader - Var1: 0xa Preloader - Disabling Watchdog... Preloader - HW code: 0x551 Preloader - Target config: 0xe5 Preloader - SBC enabled: True Preloader - SLA enabled: False Preloader - DAA enabled: True Preloader - SWJTAG enabled: True Preloader - EPP_PARAM at 0x600 after EMMC_BOOT/SDMMC_BOOT: False Preloader - Root cert required: False Preloader - Mem read auth: True Preloader - Mem write auth: True Preloader - Cmd 0xC8 blocked: True Preloader - Get Target info Preloader - BROM mode detected. Preloader - HW subcode: 0x8a00 Preloader - HW Ver: 0xcb00 Preloader - SW Ver: 0x1 Preloader - ME_ID: XXX DA_handler - Device is protected. DA_handler - Device is in BROM-Mode. Bypassing security. PLTools - Loading payload from mt6757_payload.bin, 0x258 bytes Exploitation - Kamakiri Run Exploitation - Done sending payload... PLTools - Successfully sent payload: D:\mtkclient\mtkclient\payloads\mt6757_payload.bin Port - Device detected :) DA_handler DA_handler - [LIB]: Device is in BROM mode. No preloader given, trying to dump preloader from ram. Preloader Preloader - [LIB]: Unknown: 0x1d08 DA_handler DA_handler - [LIB]: Failed to dump preloader from ram, provide a valid one via --preloader option Traceback (most recent call last): File "D:\mtkclient\mtk", line 948, in
mtk = Main(args).run(parser)
File "D:\mtkclient\mtkclient\Library\mtk_main.py", line 652, in run
mtk = da_handler.configure_da(mtk, preloader)
File "D:\mtkclient\mtkclient\Library\DA\mtk_da_handler.py", line 146, in configure_da
if not mtk.daloader.upload_da(preloader=preloader):
File "D:\mtkclient\mtkclient\Library\DA\mtk_daloader.py", line 292, in upload_da
return self.da.upload_da()
File "D:\mtkclient\mtkclient\Library\DA\xflash\xflash_lib.py", line 1107, in upload_da
self.kamakiri_pl.initbrom()
File "D:\mtkclient\mtkclient\Library\Exploit\kamakiri_pl.py", line 22, in initbrom
getVal = self.mtk.port.cdc.device.ctrl_transfer(bmRequestType=0xa1, File "D:\python\lib\site-packages\usb\core.py", line 1082, in ctrl_transfer
ret = self._ctx.backend.ctrl_transfer(
File "D:\python\lib\site-packages\usb\backend\libusb1.py", line 893, in ctrl_transfer
ret = _check(self.lib.libusb_control_transfer(
File "D:\python\lib\site-packages\usb\backend\libusb1.py", line 602, in _check
raise USBTimeoutError(_strerror(ret), ret, _libusb_errno[ret])
usb.core.USBTimeoutError: [Errno 10060] Operation timed out
I tried two MT6757D devices (GIONEE S10 and MEIZU Pro7) and both encountered the same problem.