Skip to content

Latest commit

 

History

History
46 lines (36 loc) · 1.82 KB

README.md

File metadata and controls

46 lines (36 loc) · 1.82 KB

EDLUnlock

The name says it all.

Requirements:

  • An Android device in EDL mode
  • Common sense to not fvck it up

Supported platforms:

  • Windows only, for now.

Supported devices:

  • Xiaomi Mi A1 (msm8953) (used as a working example too)

Should also work on:

  • MSM8953 devices
  • MSM8952 devices
  • MSM8998 devices
  • ...and every device manufactured before 2018, having a MSM89xx CPU.
    BE CAREFUL! This list has not been tested. It should work since those platforms uses the same exploit as the one mentioned as an example.
    Plus, the bin folder only contains MSM8953 patched mbn file. You'll need a working .mbn/.elf file (patched, hehe) in order to use the tool correctly, at least on other platforms.

Usage:

  • Double click on EDLUnlock.cmd, then follow the instructions.
    Inside the repo there already is a .mbn file + the partition (with its specific rawprogram0.xml file) for unlocking a Mi A1 (tissot) thru EDL mode.

How it works:

After some tries (almost 30 lol), found out that the devinfo partition (at least on my tissot, my test device) handles bootloader unlock by having a different hex pattern. Here's an example.

Unlocked bootloader:
image

Locked bootloader:
image

The same procedure could be potentially applied to any other QCOM device (with a bit of risk).

Credits:

Huge thanks to @CosmicDan-Android for his Mi A1 LowLevel Backup/Restore/Flasher tool