Root [BIN] VV5 + CWM - Need testers

[kanaida]

If you guys were following my other thread, i'm taking the VV5 cab file, extracted the BIN and injected clockwork recovery.

I have 4 possible files to try as i didn't know the specific offset to inject it into, but I have a hunch that it's offset 3 that will work.

Not sure 100% how to flash it back, i think the BIN can be converted back to KDZ or maybe just flashed directly.

TRY AT YOUR OWN RISK

In theory after flashing, you can boot into CWM, then flash the zip that installs root and superuser.apk (i don't have that zip but i know it's in the forum here somewhere, if u have it please link). Since we have CWM at this point, rooting is trivial. If this works then I can do this for pretty much any new firmware that shows up.

Here's 4 different bin files to try

Unzip them with 7zip first bins are inside.

For those interested, I extracted the BIN from the cab. Found ANDROID! string offsets inside the bin. Made copies named after each offset in order. Then injected the raw cwm image into those offset files.

kanaida@kanaida-pc:~/Downloads/KDZ_FW_UPD_EN/CAB_VV5/BIN$ dd if=MS840VV5_02.bin| strings -n 8 -t d| grep ANDROID!
34148071 @ANDROID!
34995760 ANDROID!
37486592 ANDROID!
52166656 ANDROID!
1213696+0 records in
1213696+0 records out
621412352 bytes (621 MB) copied, 7.10332 s, 87.5 MB/s
    
kanaida@kanaida-pc:~/Downloads/KDZ_FW_UPD_EN/CAB_VV5/BIN$ dd if=cwm.img bs=1 seek=34148071 conv=notrunc of=MS840VV5_02.offset1.bin
5758976+0 records in
5758976+0 records out
5758976 bytes (5.8 MB) copied, 7.41442 s, 777 kB/s
kanaida@kanaida-pc:~/Downloads/KDZ_FW_UPD_EN/CAB_VV5/BIN$ dd if=cwm.img bs=1 seek=34995760 conv=notrunc of=MS840VV5_02.offset2.bin
5758976+0 records in
5758976+0 records out
5758976 bytes (5.8 MB) copied, 7.38104 s, 780 kB/s
kanaida@kanaida-pc:~/Downloads/KDZ_FW_UPD_EN/CAB_VV5/BIN$ dd if=cwm.img bs=1 seek=37486592 conv=notrunc of=MS840VV5_02.offset3.bin
5758976+0 records in
5758976+0 records out
5758976 bytes (5.8 MB) copied, 7.51165 s, 767 kB/s
kanaida@kanaida-pc:~/Downloads/KDZ_FW_UPD_EN/CAB_VV5/BIN$ dd if=cwm.img bs=1 seek=52166656 conv=notrunc of=MS840VV5_02.offset4.bin
5758976+0 records in
5758976+0 records out
5758976 bytes (5.8 MB) copied, 7.35728 s, 783 kB/s

One last word of confidence. This type of method has worked on the LG-P970's BIN files. I had to change some steps as I had more offsets though.

 

[justenjoy]

If you guys were following my other thread, i'm taking the VV5 cab file, extracted the BIN and injected clockwork recovery.

I have 4 possible files to try as i didn't know the specific offset to inject it into, but I have a hunch that it's offset 3 that will work.

Not sure 100% how to flash it back, i think the BIN can be converted back to KDZ or maybe just flashed directly.

TRY AT YOUR OWN RISK

In theory after flashing, you can boot into CWM, then flash the zip that installs root and superuser.apk (i don't have that zip but i know it's in the forum here somewhere, if u have it please link). Since we have CWM at this point, rooting is trivial. If this works then I can do this for pretty much any new firmware that shows up.

Here's 4 different bin files to try

Unzip them with 7zip first bins are inside.

For those interested, I extracted the BIN from the cab. Found ANDROID! string offsets inside the bin. Made copies named after each offset in order. Then injected the raw cwm image into those offset files.

kanaida@kanaida-pc:~/Downloads/KDZ_FW_UPD_EN/CAB_VV5/BIN$ dd if=MS840VV5_02.bin| strings -n 8 -t d| grep ANDROID!
34148071 @ANDROID!
34995760 ANDROID!
37486592 ANDROID!
52166656 ANDROID!
1213696+0 records in
1213696+0 records out
621412352 bytes (621 MB) copied, 7.10332 s, 87.5 MB/s
    
kanaida@kanaida-pc:~/Downloads/KDZ_FW_UPD_EN/CAB_VV5/BIN$ dd if=cwm.img bs=1 seek=34148071 conv=notrunc of=MS840VV5_02.offset1.bin
5758976+0 records in
5758976+0 records out
5758976 bytes (5.8 MB) copied, 7.41442 s, 777 kB/s
kanaida@kanaida-pc:~/Downloads/KDZ_FW_UPD_EN/CAB_VV5/BIN$ dd if=cwm.img bs=1 seek=34995760 conv=notrunc of=MS840VV5_02.offset2.bin
5758976+0 records in
5758976+0 records out
5758976 bytes (5.8 MB) copied, 7.38104 s, 780 kB/s
kanaida@kanaida-pc:~/Downloads/KDZ_FW_UPD_EN/CAB_VV5/BIN$ dd if=cwm.img bs=1 seek=37486592 conv=notrunc of=MS840VV5_02.offset3.bin
5758976+0 records in
5758976+0 records out
5758976 bytes (5.8 MB) copied, 7.51165 s, 767 kB/s
kanaida@kanaida-pc:~/Downloads/KDZ_FW_UPD_EN/CAB_VV5/BIN$ dd if=cwm.img bs=1 seek=52166656 conv=notrunc of=MS840VV5_02.offset4.bin
5758976+0 records in
5758976+0 records out
5758976 bytes (5.8 MB) copied, 7.35728 s, 783 kB/s

One last word of confidence. This type of method has worked on the LG-P970's BIN files. I had to change some steps as I had more offsets though.

Wait Kanaida, you have a Connect yourself ;p

If it doesn't work, can it brick my phone? Its my main phone.

 

[kanaida]

Yes I do, but I'm not 100% how to get the BIN's -> KDZ to flash. Or flash bins. Plus I gotta work in the morning so i'm about to go to sleep and since I'm on call for my IT job, I gotta make sure my phone is working when I wake up. Hence, testers needed lol

 

[justenjoy]

Yes I do, but I'm not 100% how to get the BIN's -> KDZ to flash. Or flash bins. Plus I gotta work in the morning so i'm about to go to sleep and since I'm on call for my IT job, I gotta make sure my phone is working when I wake up. Hence, testers needed lol

Aww, so you can't flash it as a bin?

 

[kanaida]

I have NO idea if this tool works on this phone. But it's specifically to flash BIN's. Possibly to all LG phones. But I've never tested this so again try at your own risk.

http://forum.xda-developers.com/showthread.php?t=1448803

Look like it might need some FLS file too? Not sure what that is. I think it's probably safer to find something like LGExtract.exe that works in reverse... BIN -> wdb + wdh, then we just stuff then back in a CAB.

 

[justenjoy]

I have NO idea if this tool works on this phone. But it's specifically to flash BIN's. Possibly to all LG phones. But I've never tested this so again try at your own risk.

http://forum.xda-developers.com/showthread.php?t=1448803

Look like it might need some FLS file too? Not sure what that is. I think it's probably safer to find something like LGExtract.exe that works in reverse... BIN -> wdb + wdh, then we just stuff then back in a CAB.

We would be better off asking PG, he might know what to use to zip it back up into a cab.

 

[sammyz]

We would be better off asking PG, he might know what to use to zip it back up into a cab.

Just saw this thread, won't be home till late tonight. I know how to put it back to cab/kdz. I'm at school, then I have a play practice with tech stuff.

 

[justenjoy]

Just saw this thread, won't be home till late tonight. I know how to put it back to cab/kdz. I'm at school, then I have a play practice with tech stuff.

Alrighty man, of course Sammyz would know how to put it together!

 

[unicyclist]

I have an old Connect to test on. If someone gets it to CAB/KDZ, I'll test it.

 

[kanaida]

cool. looks like we're ready party

As I mentioned in my first post, try offset 3 first. It's a block about 14mb long, and we're dumping about 5mb into it. i chose it because it seemed like the logical choice after putting a spreadsheet together.

 

[kanaida]

Just saw this thread, won't be home till late tonight. I know how to put it back to cab/kdz. I'm at school, then I have a play practice with tech stuff.

If you know the name of the tool, or have a link to it, please post

If this works, then i can root practically any LG cab firmware, as long as it uses CAB's and there's a working clockwork mod image for that phone (even if it was made for an older firmware). It's just a secondary boot partition pretty much, so it's isolated from the regular rom part.

Once I see that this works, i'll just make a windows app to automate the process in the future

 

[sammyz]

Ok the name of the tool is called uptestex. Must have an account with LG to use or Google for one that works without an account

 

[sammyz]

Uploading modded kdz to megaupload

 

[sammyz]

Here: https://mega.co.nz/#!KBVRVajA That's offset 3

Only people who know what they're doing/don't care if they permanently brick their phones should try flashing this. Otherwise you might have a piece of cheap, expensive paperweight.

 

[kanaida]

Here: https://mega.co.nz/#!KBVRVajA That's offset 3

Only people who know what they're doing/don't care if they permanently brick their phones should try flashing this. Otherwise you might have a piece of cheap, expensive paperweight.

The link is asking for a decryption key to download

 

[kanaida]

For anyone that tries, i'm posting this just in case it fails.

http://androidforums.com/connect-4g-all-things-root/695800-unbrick-unroot-update-lg-connect.html

 

[kanaida]

Found the tool. Just running linux, not windows and this particular tool doesn't like running in wine.

Update LG KM900 Arena with UpTestEX - LG Cell Phones Blog

 

[sammyz]

The link is asking for a decryption key to download

Oops

 

[sammyz]

The link is asking for a decryption key to download

Here: https://mega.co.nz/#!KBVRVajA!ZnsPlyj-jxQgAfPNh-QN7CtGZLFbyu64QG9Bz6nbROs

 

[Lito007]

Just to be clear, IF ALL fails.... that unbrick method should at least get us back to a stock ROM right? Emergency Mode should work still ? (Cause I think that's all you need to recover it from that unbricking method?) Haha making sure that we at least have a tiny safety net.

 

[sammyz]

Just to be clear, IF ALL fails.... that unbrick method should at least get us back to a stock ROM right? Emergency Mode should work still ? (Cause I think that's all you need to recover it from that unbricking method?) Haha making sure that we at least have a tiny safety net.

If it says it fails, you can Unbrick, if it flashes and you brick, you are permanently bricked (most likely).

 

[kanaida]

Honestly, i think it will unbrick anyways. What I saw flashing looked like modem style commands. It's most likely a modem type chip connected to the USB port. It's very common in the OEM world to do stuff like this so they can re-vive/refurbish equipment. Flash is just a bunch of space, and the modem's read only firmware (not the flash on your phone) job is to do simple writes into that flash memory. If you've updated router firmware in 'recovery mode' before, it's the same thing. they flash a second firmware to a read only memory device, it's purpose is to always have a bootable system to flash the main firmware.

It's speculation on my part, but i've been flashing tons of devices most of my life and it wouldn't make sense to require a bootable system to repair a non bootable system. it's like an oxymoron

 

[Lito007]

Ive tried downloading it twice now, and both times it has frozen up on me... ? maybe its a sign, haha

 

[sammyz]

Ive tried downloading it twice now, and both times it has frozen up on me... ? maybe its a sign, haha

Just let it keep running next time, that program always freezes

 

[PlayfulGod]

kewl, but I see more of a need for root for vv4/5.