• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Root making an hboot flashable recovery

scotty85

scotty85

Extreme Android User
so i was reading on "unrevoked"s root wiki(public:forever [RootWiki]) about packing up your own files to flash in hboot,and it got me to thinking why can we not do something like this for the eris?

the page says this:
How do I create a unsigned zip to flash in HBOOT?
Zip the file that you wish to flash (usually named something like BOOT.IMG, SPLASH1.NB0, RECOVERY.IMG, …) up along with an appropriate android-info.txt into a file named either PB31IMG.ZIP (for Incredible) or PC36IMG.ZIP (for Evo), and place this file on the root of your SD card.

now obviously,we would need to rename the zip "PB00IMG" for the eris to find it. i downloaded the gscript.zip from the rooting for dummies thread and located the "recovery" disc image file.

could we put that in a zip along with the appropriate text file and flash via hboot? if so,what does the text file need to say? ive looked at the text files on the PB31IMG zips i have for my inc,and theres not much to em... does it need to say something specific? or is it just info for the user?

your thots? has it been done? if not its hard to understand why not,unless it for some reason wont work on the eris.

thanks for any info or insight :)
 
scotty85 said:
so i was reading on "unrevoked"s root wiki(public:forever [RootWiki]) about packing up your own files to flash in hboot,and it got me to thinking why can we not do something like this for the eris?

the page says this:
How do I create a unsigned zip to flash in HBOOT?
Zip the file that you wish to flash (usually named something like BOOT.IMG, SPLASH1.NB0, RECOVERY.IMG, …) up along with an appropriate android-info.txt into a file named either PB31IMG.ZIP (for Incredible) or PC36IMG.ZIP (for Evo), and place this file on the root of your SD card.

now obviously,we would need to rename the zip "PB00IMG" for the eris to find it. i downloaded the gscript.zip from the rooting for dummies thread and located the "recovery" disc image file.

could we put that in a zip along with the appropriate text file and flash via hboot? if so,what does the text file need to say? ive looked at the text files on the PB31IMG zips i have for my inc,and theres not much to em... does it need to say something specific? or is it just info for the user?

your thots? has it been done? if not its hard to understand why not,unless it for some reason wont work on the eris.

thanks for any info or insight :)
Click to expand...

Scotty,

Interesting idea ;)...you thinking of making / doing this for the trackball-optional recovery?

Since my Eris is my "playground" :D, I decided to give this a try...

At first, I tried to build a .zip that was flashable from Amon_RA (using my trackball-optional version, of course :p).

I decided to use eu1's newest FlashBack21.zip as my base. I deleted all of the files that weren't relevant and updated the update-script file so it would just flash the recovery.img file.

Well, my first attempt failed because it wasn't signed. So, I found out how to sign files with SignApk.jar (How to Sign Android APK or Zip Files | All About Web & Mobile Application Development) and retried a signed version in Amon_RA.

He still didn't like it (even though it passed my AFV jar-verification test :p). So, I must be missing something else (maybe the certificate is wrong? IDK).

So, I backpedaled and used what you first suggested. I looked at the "leaked" 2.1 ROMs for their format and they were indeed as simple as the unrevoked site implied and their example .zip files revealed. So, I packaged-up one with the android-info.txt file from the base root ROM and included the base Amon_RA 1.6.2 recovery image (since I already had the trackball-optional version installed). I booted in HBOOT and flashed my special PB00IMG.zip, rebooted, and then shutdown back into recovery.

It worked :D:D:D.

So, just to make sure, I built a new PB00IMG.zip with the trackball-optional recovery.img and reflashed.

Still golden! :);):p

So, great idea. A lot of fun. A little scary. And I learned a lot.

Thanks for the cool post!

I could post-up the files somewhere, but this was scary-enough for me. Also, if you do this, be sure to triple-check your MD5 sums to compare the files before and after you transfer them to your phone so you don't get a bad recovery flash.

Cheers!

P.S. waiting with very baited-breath for eu1 to weigh-in on this (I know this is cake for him, but I'm still learnin', ya know ;)).
 
awsome! :D thats pretty slick that it worked. i was just gonna try it myself,but i cant open the root rom to steal its android-info.text file. :mad: did you change anything it said? without question i was workin up to the track ball optional version! but since you said it assumed that the regular recovery was allready present to get it working,i wasnt sure how easy it would be... take small steps,ya know! :p so after you flashed the regular recovery,what did you have to do to build the trackball optional zip? can you just pull the recovery image out of your gscript.sa file? or is there more to it than that?

now i just need to figure out how to get an android-info.text file out of something... id love to have my own tracball optional recovery in PB00IMG waiting on the sidelines in case i need him :D

i guess we are lucky in that nothing really ever happed to our recovery to need it. in both the incredible and droid 1 forums i see folks get stuck on occasion without bootable roms or functioning recoveries. :eek: since it is not customary to use clockwork or rom mamager with the eris, i guess it just doesnt get screwed up :D

since it works are you going to upload it somewhere for folks to use?

again im pretty tickled that it worked... and im glad you had fun messin with it! :cool:
 
scotty85 said:
awsome! :D thats pretty slick that it worked. i was just gonna try it myself,but i cant open the root rom to steal its android-info.text file. :mad: did you change anything it said? without question i was workin up to the track ball optional version! but since you said it assumed that the regular recovery was allready present to get it working,i wasnt sure how easy it would be... take small steps,ya know! :p so after you flashed the regular recovery,what did you have to do to build the trackball optional zip? can you just pull the recovery image out of your gscript.sa file? or is there more to it than that?

now i just need to figure out how to get an android-info.text file out of something... id love to have my own tracball optional recovery in PB00IMG waiting on the sidelines in case i need him :D

i guess we are lucky in that nothing really ever happed to our recovery to need it. in both the incredible and droid 1 forums i see folks get stuck on occasion without bootable roms or functioning recoveries. :eek: since it is not customary to use clockwork or rom mamager with the eris, i guess it just doesnt get screwed up :D

since it works are you going to upload it somewhere for folks to use?

again im pretty tickled that it worked... and im glad you had fun messin with it! :cool:
Click to expand...

Whew, pretty knowledgable for a delivery guy.:D I guess I need to stop playing on my phone and on here all the time and start back playing with eclipse and sdk on my linux machine.:) You're making me jealous.;):D
 
bobcat331 said:
Whew, pretty knowledgable for a delivery guy.:D I guess I need to stop playing on my phone and on here all the time and start back playing with eclipse and sdk on my linux machine.:) You're making me jealous.;):D
Click to expand...

you got me beat there! im a simple delivery guy that knows nothing of linux :p i just got this idea cause its allready been done for then dinc... ive got recoveries on the puter just in case :D this is a big reason i like htc phones. you cant install things in hboot on moto devices... you have to use rsd lite to install sbf files,wich is a lil riskier and more of a PITA

our next step is to become good at adb,BC :D
 
*giggling and clapping hands* :D i got it to work,also :D

i borrowed the AAInfo text file from the 5th OTA( [HTC ROMs] Consolidated HTC Eris RUU/OTA/ROM URLs - xda-developers ) and packed that up with the 1.6.2 disc image. flashed clockwork in rom manager (:eek:) and booted into it. made a backup and rebooted.just case ;) i then plugged in my lil buddy and moved my zip over and renamed it PB00IMG. power off,vol - and power into hboot... i saw the blue bar over on the right and then it finished. never did ask me if i wanted to update. is this something to do with the text file? anyway,lookin at the typical hboot screen i thot "hmm did it work?" pushed vol + for recovery and sure enuff it went right to good ol' amon RA :cool: so then i made up another one with the trac ball optional version(thanx again scary :) ) transfered it over,power off,vol - and power into hboot,blue bar zip!(goes fast image is small :p) and vol + for recovery BAM! back to good ol faithful tracball optional recovery. :D

question now is do we need to do the 1.6.2 first? or can we just do the tracball optional right off the bat? hmmm maybe flash clockwork 1 more time and check that out ;) edit: yup,flashed clockwork again,and installed tracball optional imediately from hboot. dint need to install regular 1.6.2 first(thanks again,scary:D)

im excited. maybe this scenario is not that likely,but your phone could now be in a pretty bad state,almost a brick with no recovery and no working rom,and as long as your S-OFF and can still get into hboot you can flash a recovery. you can then flash a rom,or restore a backup and get your phone back. neato! :cool:

so now the gears are turning,and the smoke is rollin out of my ears im wondering... can we remove everything but the S-OFF bootloader from the root rom? that way folks could flash that real easy in hboot and get S-OFF without having to do the scary battery pull,or install the whole update and have to re-root?

your thots? i think its alot safer to have the S-OFF bootloader,and it would be great if there was an easy,not as scary way for folks to get it :)
 
scotty85 said:
awsome! :D thats pretty slick that it worked. i was just gonna try it myself,but i cant open the root rom to steal its android-info.text file. :mad: did you change anything it said?
Click to expand...

Nope, I just copied the android-info.txt file from the base root ROM. I am thinking that there might be HBOOT version issues depending on what HBOOT version you actually have. I would think that in that case you would just match / update the android-info.txt file to the corresponding 2.1 leak ROM (I used the base root ROM since that's what I flashed to get root in the first place). But you might get the "main version is older" error (I think, eu1 would have to weigh-in on this) if you try to use this and your Eris was flashed with the v3 2.1 leak. Or maybe it doesn't matter...I don't know :p.

scotty85 said:
without question i was workin up to the track ball optional version! but since you said it assumed that the regular recovery was allready present to get it working,i wasnt sure how easy it would be... take small steps,ya know! :p so after you flashed the regular recovery,what did you have to do to build the trackball optional zip? can you just pull the recovery image out of your gscript.sa file? or is there more to it than that?
Click to expand...

I just built a PB00IMG.zip out of the android-info.txt taken from the base root ROM and a copy of the trackball-optional recovery.img I already had on my PC (I built it ya know ;) so I didn't have to extract it from the gscript-sa.zip files :p). It was actually very simple.

scotty85 said:
now i just need to figure out how to get an android-info.text file out of something... id love to have my own tracball optional recovery in PB00IMG waiting on the sidelines in case i need him :D
Click to expand...

The base root ROM is available here:

Android ROM Site

I'm sure the other PB00IMG.zip files for the various 2.1 leaks are out there too (I know eu1 has published their locations before...I just don't have it handy at the moment).

scotty85 said:
i guess we are lucky in that nothing really ever happed to our recovery to need it. in both the incredible and droid 1 forums i see folks get stuck on occasion without bootable roms or functioning recoveries. :eek: since it is not customary to use clockwork or rom mamager with the eris, i guess it just doesnt get screwed up :D
Click to expand...

lol...my trackball still works just fine. Of course, I never kept it in my pocket or anything. Its always been in the leather case that I bought for it.

scotty85 said:
since it works are you going to upload it somewhere for folks to use?
Click to expand...

I've uploaded the trackball-optional version of the HBOOT flashable file here:

https://sites.google.com/site/scaryalienware/downloads

All due cautions / disclaimers apply of course ;). Just be sure you double-check the MD5 checksums.

scotty85 said:
again im pretty tickled that it worked... and im glad you had fun messin with it! :cool:
Click to expand...

Yeah, it really was pretty fun... There are obviously now several ways to get the custom recovery image flashed, some easier than others. Its nice to know what options there are and how things work. Even though my first attempts at making the Amon_RA flashable .zip didn't work, I had fun trying and learned a lot while doing it (I still think that option is possible too...I'm sure I just have something wonky and not setup right).

Cheers!
 
scotty85 said:
*giggling and clapping hands* :D i got it to work,also :D

i borrowed the AAInfo text file from the 5th OTA( [HTC ROMs] Consolidated HTC Eris RUU/OTA/ROM URLs - xda-developers ) and packed that up with the 1.6.2 disc image. flashed clockwork in rom manager (:eek:) and booted into it. made a backup and rebooted.just case ;) i then plugged in my lil buddy and moved my zip over and renamed it PB00IMG. power off,vol - and power into hboot... i saw the blue bar over on the right and then it finished. never did ask me if i wanted to update. is this something to do with the text file? anyway,lookin at the typical hboot screen i thot "hmm did it work?" pushed vol + for recovery and sure enuff it went right to good ol' amon RA :cool: so then i made up another one with the trac ball optional version(thanx again scary :) ) transfered it over,power off,vol - and power into hboot,blue bar zip!(goes fast image is small :p) and vol + for recovery BAM! back to good ol faithful tracball optional recovery. :D

question now is do we need to do the 1.6.2 first? or can we just do the tracball optional right off the bat? hmmm maybe flash clockwork 1 more time and check that out ;) edit: yup,flashed clockwork again,and installed tracball optional imediately from hboot. dint need to install regular 1.6.2 first(thanks again,scary:D)

im excited. maybe this scenario is not that likely,but your phone could now be in a pretty bad state,almost a brick with no recovery and no working rom,and as long as your S-OFF and can still get into hboot you can flash a recovery. you can then flash a rom,or restore a backup and get your phone back. neato! :cool:

so now the gears are turning,and the smoke is rollin out of my ears im wondering... can we remove everything but the S-OFF bootloader from the root rom? that way folks could flash that real easy in hboot and get S-OFF without having to do the scary battery pull,or install the whole update and have to re-root?

your thots? i think its alot safer to have the S-OFF bootloader,and it would be great if there was an easy,not as scary way for folks to get it :)
Click to expand...

lol...I've (wait, you've created (yourself!)) a monster! :eek:!

It was pretty simple, eh? Glad you got it to work. Pretty cool, eh? :cool:

You don't have to have the 1.6.2 recovery installed "first" (not sure what the first context is...). The trackball-optional recovery that I built is pretty much some tweaks to the recovery.c code to recognize the other key presses and was packaged-up using the files that comprise the original 1.6.2 Amon_RA custom recovery for the Eris. Now that was a fun/cool project...I learned a ton from that one, lol.

As far as the rest of your questions go, you have now entered the erisuser1 zone, lol ;). I could conjecture, but I'm pretty sure I'd be wrong :p. I'm sure he'll weigh-in at some point and disperse all the fog from the questions posed here :).

Cheers!
 
scary alien said:
lol...I've (wait, you've created (yourself!)) a monster! :eek:!

It was pretty simple, eh? Glad you got it to work. Pretty cool, eh? :cool:

You don't have to have the 1.6.2 recovery installed "first" (not sure what the first context is...). The trackball-optional recovery that I built is pretty much some tweaks to the recovery.c code to recognize the other key presses and was packaged-up using the files that comprise the original 1.6.2 Amon_RA custom recovery for the Eris. Now that was a fun/cool project...I learned a ton from that one, lol.

As far as the rest of your questions go, you have now entered the erisuser1 zone, lol ;). I could conjecture, but I'm pretty sure I'd be wrong :p. I'm sure he'll weigh-in at some point and disperse all the fog from the questions posed here :).

Cheers!
Click to expand...

ill be waiting to hear what he has to say for sure!

one final question... with your PB00IMG did it ask you to update? or just do it like mine did?
 
scotty85 said:
ill be waiting to hear what he has to say for sure!

one final question... with your PB00IMG did it ask you to update? or just do it like mine did?
Click to expand...

Yeah, mine did ask me if I wanted to update. Gotta be a difference in HBOOT versions (my phone's downstairs at the moment otherwise I'd post what the version number is... If I remember later, I'll update this post).

Cheers!
 
bobcat331 said:
I know but it's good to someone if a problem arises that experience can answer.
Click to expand...

No problem, I'm happy to help :). adb itself is easy, its usually the USB connectivity that hangs you up.

My biggest gripe is that the newest Android SDK separated the adb.exe from the ddms.bat in different directories. Yeah, I know, I could make update my PATH...:p;):p (I'm just stubborn :)).

Cheers!
 
BC if were patient we might not need to become adb experts. one of the threads said unrevoked was working on a root also. altho i still want to play with it,just for fun. i want to put my eris back to stock and reroot him the old school way :D

id like to know whats going on and understand the conversations when folks are talkin about it.

back to the other topic,my hboot is the 1.49.2000

not that it really matters if it asks to update or not,i guess... just after one flashes it,one needs to delete the file,rename it, or hide it inside another folder so it doesnt reflash it every time one wants to go into hboot :eek:

on my dinc i keep RA_GNM and 2 versions of clockwork hidden in folders on the sd card case i need them and cant get to my puter to move the files over. hard to imagine id really ever need them,but you never know. i hid my tracball optional recovery in another folder,just in case :D
 
lol...by the way, I'm an idiot! :D :p ;)

Of course my HBOOT version is 1.49.2000 (S-OFF) since I originally flashed the base root ROM.

Its just been so long since the bootloader version was relevant to rooting the Eris, I forgot.

Cheers!
 
heres another interesting bit of info... i downloaded and flashed your PB00IMG recovery and was asked if i wanted to update :eek: i pushed the tracball to tell it yes.

so now,is it the text file that causes this? im sure we used the same disc image :p

edit,i just tried it again to be sure... "yes" is the only option. i couldnt figure out how to "no dont update"
 
scotty85 said:
heres another interesting bit of info... i downloaded and flashed your PB00IMG recovery and was asked if i wanted to update :eek: i pushed the tracball to tell it yes.

so now,is it the text file that causes this? im sure we used the same disc image :p

edit,i just tried it again to be sure... "yes" is the only option. i couldnt figure out how to "no dont update"
Click to expand...

lol...compare the android-info.txt files and see what's different...(I guess).

Wait, let me reference my copy of the HTC Eris bootloader source...

...whoa! had you going for a second didn't I? :D:D:D
 
scary alien said:
lol...compare the android-info.txt files and see what's different...(I guess).
Click to expand...

i did that... got no idea what im lookin at :p

android-info from your PB00IMG:
ModelID: DESI****
ModelID: PB001****
ModelID: PB00100
CIDNUM: 11111111
CIDNUM: VZW__001
hbootpreupdate: 3
MainVer: 2.19.605.1

AAInfo from mine:
TaskID : 171507
Project : DesireC
SKU : VERIZON WWE[605]
ROM Ver : 2.41.605.6
Customization Id : N/A
RCMS Id : 42

just for the heck of it,RA_GNM 1.8,1 for my dinc(wich does ask me if i want to update and give a "no" option,lol:
modelid: PB3120000
cidnum: VZW__001
mainver: 3.26.605.1
hbootpreupdate:3
 
scary alien said:
Wow, they are really different...I have no idea...:p

edit: maybe its the "hbootpreupdate" entry?
Click to expand...

maybe? or maybe its just the way our bootloader works?

i just modified your android-info file to contain the same 4 items that the one for my dinc has,so now it looks like this:

ModelID: PB00100
CIDNUM: VZW__001
hbootpreupdate: 3
MainVer: 2.19.605.1

tried it again,and same deal,do you want to update? yes or pull battery :D oh well im still tickled pink it works! :p

still looking forward to EU1s thots on the S-OFF bootloader posibility :cool:
 
scary alien said:
...whoa! had you going for a second didn't I? :D:D:D
Click to expand...

Indeed you did.

I haven't read this thread through thoroughly, but I'm wondering if your successful result is only because you guys are using a S-OFF bootloader.

It's easy enough to test, with only a small risk involved - flash the phone completely back to a 2.1 HTC stock, including putting either the 1.47.0000 or 1.49.0000 S-ON bootloader in place ***, and then attempt to use your fudged PB00IMG.zip file. (I suppose you could even leave a rooted ROM in place on the phone, and flash the custom recovery via a root shell and the flash_image program (old skool style), but having a stock ROM means you can use OneClick or Dummies or ...)

Does the .zip file you create have the strange lead-off of 256 bytes as the genuine PB00IMG.zip files from HTC do?


eu1

*** It might be a good idea to flash the "misc" partition with jcase's "Flash any RUU" patch before you run this experiment, just to make sure that you have the maximum flexibility in re-rooting your phone (should something go wrong). You can use ErisMiscReset_v0.9.zip for that - find it in this XDA post
 
erisuser1 said:
Indeed you did.

I haven't read this thread through thoroughly, but I'm wondering if your successful result is only because you guys are using a S-OFF bootloader.

It's easy enough to test, with only a small risk involved - flash the phone completely back to a 2.1 HTC stock, including putting either the 1.47.0000 or 1.49.0000 S-ON bootloader in place ***, and then attempt to use your fudged PB00IMG.zip file. (I suppose you could even leave a rooted ROM in place on the phone, and flash the custom recovery via a root shell and the flash_image program (old skool style), but having a stock ROM means you can use OneClick or Dummies or ...)

Does the .zip file you create have the strange lead-off of 256 bytes as the genuine PB00IMG.zip files from HTC do?


eu1

*** It might be a good idea to flash the "misc" partition with jcase's "Flash any RUU" patch before you run this experiment, just to make sure that you have the maximum flexibility in re-rooting your phone (should something go wrong). You can use ErisMiscReset_v0.9.zip for that - find it in this XDA post
Click to expand...

lol...I must admit to having a little chuckle while writing that, know that someone will (like I have in the past ;)), Google the search string "HTC Eris bootloader source" and will get excited for a second...:eek: ;) :p :D (I'm a bad puddy-tat sometimes).

Well, I do remember some discussion early-on when the 2.1 leaks came to light about a 256-byte header...weren't they low-values? I can't tell you if these are weird or not since I never really looked at them before, but here's a snippet of three PB00IMG.zip files:

Code: 
D:\android\amon_ra_trackball_optional_flashable>od -h PB00IMG-amon_ra_trackball-optional.zip | head
0000000 4b50 0403 0014 0000 0008 b0d1 3c38 245f
0000020 6901 005c 0000 0083 0000 0010 0000 6e61
0000040 7264 696f 2d64 6e69 6f66 742e 7478 cdf3
0000060 494f f1cd b174 7052 0d71 d4f6 0202 2e5e
0000100 985f 8050 8193 2181 3136 0303 2e5e 4f67
0000120 bf17 5f50 052b 2843 8840 4584 c785 03c7
0000140 f155 6572 e524 97e7 1414 96a5 a416 9624
0000160 5aa4 1829 0d03 cc4a 0bcc 2d4b 52b2 d230
0000200 b433 33d4 3033 33d5 0004 4b50 0403 0014
0000220 0000 0008 6345 3d74 da94 d2c1 a232 003b
^C
D:\android\amon_ra_trackball_optional_flashable>od -h PB00IMG-root.zip | head
0000000 d82a 1f73 bebc 3a2d 4b3c 4058 77bb ea29
0000020 8ec1 7fe5 721c 1ad3 bff8 3475 34d5 fcab
0000040 5876 fca1 f863 95ab 2af4 9434 4122 e70c
0000060 cacb 2e73 e1a3 81a4 7f9a 0cbb 861a e91c
0000100 ef40 5053 6c44 7612 9a04 d380 48ee 36e3
0000120 57f8 ea0c 0c8e aef0 23f6 3d86 e4c8 b6a2
0000140 bf95 5241 648e eb9e 4759 d5ab 2062 658e
0000160 ac50 c604 3a1e c4d2 218d efb6 1817 f824
0000200 6b9c 4e47 f83e 387f 5aae e209 df35 e8be
0000220 984c 00e4 8520 6ef7 e17d c8ba 0cb0 3bf3
^C
D:\android\amon_ra_trackball_optional_flashable>od -h leak-21v3-rom-PB00IMG.zip | head
0000000 6b4b 12cd a76c d637 f8ae 5028 f16c 06cf
0000020 9f71 a7e9 60e3 906b 9f77 e459 bcc3 fcdf
0000040 f211 3599 0a52 93d8 62b4 5ee0 478a b13d
0000060 f0b0 341d 67f1 362e 26df 3469 8230 281b
0000100 fd88 b7e3 c9e7 9f37 e766 0722 7a82 90be
0000120 080c 7d3c 6e3c 4c1d 9a5e fc73 16bd 1bff
0000140 2ae0 1cd5 5557 7f35 ce43 6534 3d33 a458
0000160 1ddb 40c6 b1f9 bca4 0bd1 921f 8cdb 2ace
0000200 f24a 3d9b 88ba 4738 2c2c 238a 0a60 d51a
0000220 3719 f4c2 6918 6bb0 570b 06bd 3a87 974b
^C

Can you tell from that?

Cheers!
 
scary alien said:
Can you tell from that?
Click to expand...

Kinda yes kinda no.

I just downloaded it from your link and took a look; it's not there (which is sort of what I expected).

FYI, octal 240 is only 156 bytes - you would need to dump the first 17 lines of 16 bytes to see the "PK" ( = hex 0x50 0x4b ) "magic number" signature that is the demarcation of the beginning of ZIP file archive. That would occur at byte 256 (offset 0x100 or octal 0400) of a "real" HTC PB00IMG.zip file.

Also, it is easier if you use "hexdump -C" instead of "od -h", because then you don't need to worry about byte swabbing interpretation issues (big-endian vs. little-endian).

If you do something like "hexdump -C PB00IMG.zip | hexdump -C | head -17" on a real HTC PB00IMG.zip file, you will see that the actual zip archive begins at byte offset 256 - the first 256 bytes of the file appear to be an HTC-specific signature of some sort - presumably cryptographic, as it is not the same between different HTC PB00IMG.zip files.


Anyway - the bottom line is this: my conjecture is that you are seeing the result only because you are using a S-OFF bootloader. It has all security turned off, hence the S-OFF designation.

I suppose I would be happy to be proved wrong, but there are extremely practical reasons why it is unlikely that you will find that to be the case: the foremost being the prevention of flashing corrupted or truncated PB00IMG.zip files.

eu1
 
You must log in or register to reply here.
Back
Top Bottom