PDA

View Full Version : Unrevoked - Forever (S-OFF AND NAND UNLOCK TOOL)



Genuwine1976
08-12-2010, 04:25 AM
[Only registered and activated users can see links]

unrevoked forever is a tool to set your Android phone's security level to S-OFF. The security level is a flag stored on the radio; when the flag is S-OFF, the bootloader (HBOOT) will no longer check the signatures of firmware images before flashing them. This allows custom firmware images to be uploaded, including unsigned boot, recovery, splash1, and hboot images (as well as official images that have been modified). When the system is S-OFF, the NAND flash memory protection is also reduced; this allows all partitions (including /system) to be written to while the operating system is booted.

The most substantial benefit of unrevoked forever is that the change is stored in the radio's NV memory; no ENG bootloader is necessary to continue to flash firmware images. Even if an “unrootable” OTA update is accepted, a device on which unrevoked forever has been run will still be able to reflash a custom recovery image.

The guys at UnrEVOked have done it again.... they have released a full S=OFF or nand unlock.... this means we can now have full access to our Droid Incredible Phones.

unrevoked forever radio S-OFF tool

unrevoked forever is a tool to set your Android phone's security level to S-OFF. The security level is a flag stored on the radio; when the flag is S-OFF, the bootloader (HBOOT) will no longer check the signatures of firmware images before flashing them. This allows custom firmware images to be uploaded, including unsigned boot, recovery, splash1, and hboot images (as well as official images that have been modified). When the system is S-OFF, the NAND flash memory protection is also reduced; this allows all partitions (including /system) to be written to while the operating system is booted.
The most substantial benefit of unrevoked forever is that the change is stored in the radio's NV memory; no ENG bootloader is necessary to continue to flash firmware images. Even if an “unrootable” OTA update is accepted, a device on which unrevoked forever has been run will still be able to reflash a custom recovery image.

Important Safety Information

We know you just want to install unrevoked forever. However, before you do, please read this section in its entirety. It contains important information to avoid bricking your phone.

We believe unrevoked forever to be safe for your phone. However, forever unlocks a few capabilities that make it substantially easier to cause (in some cases, permanent) damage. Here are a list of things to be aware of:

* As with all hacks to your phone's firmware, setting your phone S-OFF will void the warranty on your phone. Do not take your phone in for support until you have set your phone S-ON and removed all custom modifications. Damaging your phone by flashing a custom bootloader, or other unusual combinations of firmware, is not covered under warranty; although your carrier may not check to see if your phone was modified, please be honest.
* unrevoked forever allows you, among other things, to reflash the hboot partition on your phone. Doing so carries risk; a bad hboot flash can render the phone permanently unusable. Be cautious about where you accept updates from.
* When doing updates, be sure to flash all partitions at the same time. For instance, on Incredible, running a 0.92 hboot and a 2.15 radio with a 2.6.29 Linux kernel will result in the system becoming unusable until reflashed.
* When updating using an official OTA, update using an official recovery. See below for instructions.
* unrevoked forever comes with NO WARRANTY (express or implied), and NO GUARANTEE OF FITNESS for any particular task. Although we have attempted to minimize the risk the best we can, the authors do not disclaim any chance of damage to your phone. The entire risk of running unrevoked forever lies with you, the user.


Supported Devices

At this time, the following devices are supported.

* HTC Droid Incredible, running radio baseband versions:
o 1.00.03.04.06
o 2.05.00.06.11
o 2.07.00.07.16
o 2.15.00.07.28
* HTC EVO 4G, running radio baseband versions:
o 1.39.00.04.26
o 2.05.00.06.10
o 2.15.00.07.28

You can determine your radio baseband version by holding the VOLUME DOWN key while powering on the phone.
We believe the mechanism behind unrevoked forever may work for other radios and devices, and will add support as radio images are made available to us.

Installation Instructions

To install unrevoked forever on your phone, perform the following steps.

* If your phone does not already have a custom recovery, use unrevoked3 to root your phone.
o The installation process cannot take place if the phone does not have a custom recovery installed.
* Download the most recent ''unrevoked-forever.zip''
[Only registered and activated users can see links] a temporary location on your computer.
* Place the update.zip file into the root of your SD card. You can do this with adb with the command: adb push unrevoked-forever.zip /sdcard/update.zip
* Reboot your phone into recovery mode. You can do this by removing your phone's battery, holding down the VOLUME DOWN button, and inserting the battery; at the menu, press VOLUME DOWN to highlight recovery, then press POWER to select it.
[Only registered and activated users can see links]

Did you read the important safety information above?
Do so now before continuing.

*
Select apply sdcard:update.zip from the menu by pressing POWER.
*
Press VOLUME DOWN until Yes is highlighted, then press POWER to select it.
*
Review the output to determine if there were any errors.
o
If messages beginning in E: appear, stop! If possible, join IRC for support.
*
Restart the phone normally, then reboot the phone into the bootloader. This can be done by holding VOLUME DOWN while powering the system up. Observe at the top that S-OFF appears.
*
Optional, but recommended: show your support (and your S-OFF bootloader) by flashing a custom splash screen!


Frequently Asked Questions

* What is the difference between an ENG bootloader and unrevoked forever? Are there any disadvantages?
This is a permanent patch; unrevoked forever works below the radio level. Thus, even if an update removes the ENG bootloader, a device that has run forever will remain S-OFF. It is possible for HTC to produce an update to remove this, but a carrier that distributes such an update would also break legitimate test phones, reverting them back to “release” phones.

For Droid Incredible users, this is the only way to obtain S-OFF access. However, the EVO 4G's ENG bootloader allows certain extended fastboot commands to be used. Currently, unrevoked forever does not enable these extended commands; however, the ENG bootloader can be used in conjunction with unrevoked forever to have permanent S-OFF access as well as access to the extended commands. For HTC Incredible users, our intent is to eventually bring our own ENG patched HBOOT to the Incredible.
* How can this be removed or undone if I need to take my phone in for service?
We have not yet developed a tool to reset the phone to S-ON. In the future, we may create one; in the interim, you should not rely on the existence of such a tool.
* How can I use S-OFF to recover from an unrooted update?
S-OFF gives your device permanent NAND unlock in the booted system, and also disables HBOOT's signature checking on firmware zip files. So, even if you take a OTA that has not been rooted, you can simply flash a new recovery that allows you to install su, and use that to restore yourself to a fully rooted system. We have provided ClockworkMod and Amon-Ra recovery images for you to use for this purpose.
* How do I create a unsigned zip to flash in HBOOT?
Download one of the example zip files (either the recovery or the splash zip files) appropriate for your platform, and extract the android-info.txt file from it. Zip the file that you wish to flash (usually named something like BOOT.IMG, SPLASH1.NB0, RECOVERY.IMG, …) up along with an appropriate android-info.txt into a file named either PB31IMG.ZIP (for Incredible) or PC36IMG.ZIP (for Evo), and place this file on the root of your SD card. Power the phone up while holding the VOLUME DOWN button, choose HBOOT, and press VOLUME UP when prompted to flash the image. Be careful – in this state, the phone will not prevent you from doing dumb things like flashing an invalid HBOOT!
* When I try to get into Fastboot by pressing VOLUME UP and booting the phone, my phone instead buzzes three times and acts dead. What happened?
The S-OFF update also enables Qualcomm Diagnostics mode on your phone, which is entered by doing what you just did. You can exit this mode (and boot normally) by removing the battery and USB cable.
* Will you release the source code?
At this time, we are not disclosing the vulnerability we have exploited to set the phone S-OFF.
* That doesn't seem fair! Android is about open source.
In some senses, we agree; but at times, a tradeoff needs to be made. Releasing the source code for this, we believe, would compromise the greater ability to unlock devices like these in the future. Given the choice between sacrificing the liberty of running code on our handsets and the liberty of reading the code by which we unlock it, we feel that the millions of handsets are more important. It is unfortunate that we must make such a choice, and we look forward to the day in the future that no such decision need be made.

Custom Splash

If, like us, you are excited about having a phone that is all yours, you can flash a custom splash screen with our logo. To do so:

* Install unrevoked forever on your phone.
* Download either PB31IMG.zip for Incredible
[Only registered and activated users can see links] or PC36IMG.zip for EVO 4G.
[Only registered and activated users can see links]
* Place the appropriate file – with that exact file name! – on the root of your SD card.
* Reboot your device into HBOOT by removing the battery, pressing VOLUME DOWN, inserting the battery, and pressing POWER.
* When prompted Do you want to start update?, press VOLUME UP for Yes. When prompted again Do you want to reboot device?, press VOLUME UP for Yes.
* Congratulations! Your phone now has a sweet unrevoked splash screen.


Reinstalling an official recovery

If you wish to install a stock over-the-air update in the future (OTA), the safest way to do so is to install the recovery that originally shipped with your phone. To install an OTA:

* Install unrevoked forever on your phone.
* Download or create an appropriate PB31IMG.ZIP or PC36IMG.ZIP for your phone that contains the original recovery image.
o We do not supply these images; since the recovery code is owned by HTC, we don't distribute it. You may be able to find these images on the XDA-Developers forums.
* From the phone operating system, install the over-the-air update.
* When the update is done installing, you will probably want to root it with a custom recovery. Download one of the following recovery restore images:
o Amon-Ra recovery for EVO 4G
[Only registered and activated users can see links]
o ClockworkMod recovery for EVO 4G
[Only registered and activated users can see links]
o ClockworkMod recovery for Incredible
[Only registered and activated users can see links]
* Place the appropriate file – with that exact file name! – on the root of your SD card.
* Reboot your device into HBOOT by removing the battery, pressing VOLUME DOWN, inserting the battery, and pressing POWER.
* When prompted Do you want to start update?, press VOLUME UP for Yes. When prompted again Do you want to reboot device?, press VOLUME UP for Yes.
* Your phone now has a custom recovery. To restore superuser access to your phone, you can apply any appropriate update.zip; such a file can likely be found on the XDA-Developers forums.


LINK:
[Only registered and activated users can see links]

Dex
08-16-2010, 01:21 AM
Good stuff thread sticked and moved

lukescooto
09-28-2011, 05:59 PM
This might sound like a stupid question, but if I just wanted to change the start up splash screen on my Sprint HTC Hero to whatever, MertoPCS splash screen or just something cool I find, is this the program I use, or is there something a little simpler made just for splash screen changes. I know im asking for an old phone that might not be worth the hassle, but im asking more to learn how to do it on any phone I want at any time. The Hero just happens to be a droid I have in my possession at the time of this posting. Thanks.