0

I've unlocked the bootloader and I'm analyzing the backups from before and after the unlock to find many partitions have changed, I want to find a way that will anyone to unlock their bootloader in the stylo 6 also without the use of a paid tool

Warlockguitarman
  • 9
  • 2
  • You could have run an USB sniffing tool (e.g. Wireshark has this option) to capture all traffic from/to the device while performing the unlock. As all used USB protocols are not encrypted you would have seen all commands the tool had executed. Now as your hone is already unlocked this option may not work anymore. – Robert Jul 31 '21 at 10:17
  • 1
    In most cases you can't unlock bootloader e.g. by directly patching bootloader binary partition(s). Even if you succeed in creating a hex patch, it may not work on all devices (of same model obviously). Even with small OTA updates, OEMs keep on changing their bootloader binaries. So the binary partitions aren't always identical on different devices. And the approach you are thinking about can easily hard-brick a device. – Irfan Latif Jul 31 '21 at 11:54
  • Furthermore seccfg partition is cryptographically tamper protected (that's where bootloader state is stored) so hex patch isn't of any use – alecxs Aug 01 '21 at 06:08
  • Well I can easily relock the bootloader with sp flash tool performing a format on the seccfg, and even with unlocked bootloader and root in cannot disable AVB, and yes I have hard bricked all 3 of my Stylo 6's many times, I'm glad I used my program to make a complete backup, I'm bringing back my bricks as 3 identical clones to eliminate any variables while testing – Warlockguitarman Aug 01 '21 at 14:33
  • that's soft brick. you wouldn't be able to recover from hard brick on broken preloader. you now have 3 identical clones with identical IMEI and Mac address, that will generate conflicts on bluetooth, wifi and may cause trouble on network provider. cloning IMEI is illegal in some countries – alecxs Aug 02 '21 at 05:19
  • regarding AVB read this https://android.stackexchange.com/q/219968 – alecxs Aug 02 '21 at 05:25
  • 1
    I've figured it out, I can lock and unlock by flashing the seccfg partitions. But the modifications are made by the paid tool and I have the logs of the process, I can use the mtkclient tool to flash the unlock successfully, but my paid tool is what I need to use to get the correct seccfg.bin but there is a generic mtk code that is made that works on some devices, I've been working for months on this project and I can see the light at the end of the tunnel now. I only cloned the devices for developmental use, I hard bricked and fully formatted the phones to do this – Warlockguitarman Sep 10 '21 at 06:15

0 Answers0