Archive for the ‘Android’ Category

Access samsung phone with hardware issues

Monday, January 18th, 2016

So recently i fiddled with a broken partition table in a somewhat working Samsung Galaxy S3 Mini phone.

Now imagine the phones looks like this:

broken_mini

Dropped like it’s hot, landed flat on the screen. But of course contains very important pictures without backup somewhere else. For the fun of it, lets assume the power button is broken as well.

Software configuration: stock rom, stock bootloader, stock recovery. ADB disabled.

With a combination of the following steps, it should be possible to get access to the internal memory and backup important data via ADB.

USB Jig
A custom recovery image like TWRP enables ADB access, so by flashing TWRP, we get root access to the phone and can backup the data. For flashing the recovery, you need either heimdall or odin and the images, all are linked in my previous post.

Normally you can get any turned off samsung phone into download (also called odin) mode by pressing VOLUME DOWN + HOME + POWER.

Now if some button is not working, this is a little trickier. The trick is a tool called samsung 300k or a little piece of hardware. Since the tool is windows only and didnt work for me, i had to go the hardware way.

There are multiple videos on youtube that describe how to modify an usb connector.

If you have a “power only” micro-USB cable that you can spare, things are a bit easier. These feature most likely already a resistor of around 200kOhm, so when you connect the cable only to your phone (USB end is loose) the phone will boot up. Unfortunately, with the resistor at 200kOhm, it will perform a normal boot.

So cut off the wire near the connector and carefully pry the connector open on its side with a sharp knife.

connector_01

The rubber sides now should be removable, careful not to rip any of the small cables or connectors inside.

connector_02

connector_03

Now depending if your connector already features a resistor you need to add a resistor in series (one after the other) or you need to add a new resistor so that the summed up value equals 300kOhm. Since my connector came equipped with 200kOhm, i just added another 100kOhm and soldered it in between.

connector_04

Of the micro-USB B connector, pin 4 and 5 should be connected via 300kOhm.

When inserting the connector into the phone, it should vibrate (if the vibrator still works) and boot into download mode. Now connect a working data cable and use heimdall or odin to flash TWRP with ADB enabled.

Look Ma, no power button!
But with the powerbutton not working, how can one boot the phone (hopefully into recovery)?

You could try to clean or fix the button.

If that doesnt work, there are multiple different approaches and while the ones from the videos did not work, the one in the comments worked for me:

  1. remove battery and power cable
  2. insert battery – insert power cable
  3. wait until you see the first battery logo, and the second battery logo with animation
  4. wait again, until it goes completely black. (power saving)
  5. remove your battery, reinsert your battery, take off usb cable (quickly!)

Unfortunately, there seem to be some phones which can not be boot into recovery by holding the buttons and plugging the cable in or which dont boot into recovery after flashing from download mode. In this case, you can rename the recovery.img to boot.img and flash it via heimdall/odin into the bootloader partition. This way, the system wont boot android anymore, but straight to the recovery with ADB enabled.

Once all data is retrieved, one has to replace the recovery in the bootloader partition again with a real bootloader. This must fit to the android system, so might as well wipe everything and start from scratch.

How to fix Android Market when installed a .apk via adb

Monday, January 18th, 2016

This post is a draft from back in 2010 and assuming that you are the owner of a rooted Android device that just installed a bunch of applications (.apk) via the adb tool. This might be the case if you have a lot of packages (.apk) on your pc, and just install them via usb like:

find . -iname “*.apk” -exec adb install ‘{}’ \;

Remember that you will have to download the Android SDK for the adb tool and start the adb server as root before using it (sudo adb start-server).

Now the problem: the Android Market doesnt see your installed apps, so it wont look for updates and you cant easily remove/handle them. But there is an easy fix.

The Android Market keeps a list (more specific: a database, sqlite3) in

/data/data/com.android.vending/databases/assets.db

Weird thing, after looking with SQLite Browser into the database, all applications installed via adb where present. The only problem was the “install_time” value of the apps, beeing 0.

So you could either adb pull the assets.db to your PC, edit the values (e.g. UNIX timestamp of now), and push it back or use a script on the phone to do the job for you.

For the script, you will need root access, a busybox version with sqlite3 (just execute “sqlite3” on a phone shell and see if it recognizes the command)

# sqlite3 /data/data/com.android.vending/databases/assets.db
sqlite> UPDATE ASSETS SET install_time = CURRENT_TIMESTAMP WHERE install_time = 0;
sqlite> .exit
# exit

Odyssey to revive Samsung S3 mini (GT-I8190)

Friday, January 8th, 2016

The Samsung GT-I8190 (S3 mini) is a decent android phone which has been around for a while. In order to see if it can handle a current 5.1.1 android, i wanted to install a custom rom.

The phone was rooted and had an old version of TWRP installed. Fortunately, there is a big community for the phone, so instructions to root and install a custom recovery are all over the internet.

When holding Volume Up + Home + Power, the phone boots into recovery (Volume Down + Home + Power for download mode). From there i wanted to install SlimLP when things went wrong.

Suddenly, the recovery could not mount any partitions anymore, the problem is well described over on StackExchange.

Since i had a fairly old version of TWRP installed, ADB was not available directly. Luckily, when switching to “ADB Sideload” under “Advanced” and canceling that, ADB was possible. From there, i verified the situation was exactly like that on StackExchange linked above. When running fdisk /dev/block/mmcblk0 i could see, that no partition information was available (unlike on StackExchange).

Next i created a partition spanning the entire internal memory with type “ee” (EFI GPT) while still in fdisk. The commands would be:

- n
- p
- 1
- enter (default)
- enter (default)
- t
- ee
- p (to verify)
- w (to write)

Then i tried to restore the partition information via the PIT file using Heimdal, the opensource alternative to samsungs Odin software. Odin and the download mode are somewhat similar to what elsewhere is called fastboot. Its a mechanism to restore pretty much everything, so as long as the download mode works, the phone is not bricked.

Unfortunately, even when compiling heimdal from git (version 1.41), running it as superuser (for USB permissions), it could not write the PIT file, i got:

Uploading PIT
ERROR: Failed to unpack received packet.
ERROR: Failed to unpack received packet.
ERROR: Failed to confirm end of PIT file transfer!
ERROR: Failed to confirm end of PIT file transfer!
ERROR: PIT upload failed!

ERROR: PIT upload failed!

Writing the custom recovery worked with heimdal, just the PIT upload wouldnt work.

Luckily, i had a windows machine nearby, where i could run Odin to repartition with the PIT file. I had to use Odin v1.85 because the v3.x versions did not work properly. On windows, be sure to install the Samsung USB drivers properly!

Back to Heimdal, i first flashed the stock recovery because it would try to setup the partitions again. It booted up but had a problem with the encryption, offering a “system reset”. Which would loop all over, so i then flashed TWRP 2.8.6.1(mirror) (note: the partition is not called “recovery” but “Kernel2”) via:

heimdall flash --pit i8190_goldenxx.pit --verbose --stdout-errors --Kernel2 ./GT-I8190_TWRP_2.8.6.1/recovery.img

Beware, the GT-I8190 and GT-I8190N models use different PIT files.

After booting back into TWRP 2.8.6.1 (where ADB works right away btw) an advanced wipe and “Format Data” brought back the desired partitions (no errors anymore mounting them).

From there, installing the custom rom was a breeze.