I had used the following devices
S4 mini (GT-I9195) 4.2.2 (Jelly Bean)
S4 active (GT-I9295) 4.2.2 (Jelly Bean)
S4 (GT-I9505) 4.3 (Jelly Bean)
I flashed CWM based recoveries (not from the chinese guy) with ODIN 1.85.
S4 mini CWM v6.0.4.6
S4 active CWM v6.0.3.5
S4 CWM v6.0.3.7
All collected with searches via Google.
Running ODIN you need to use the settings PDA to flash the recovery. A recovery doesn't touch your base ROM but modifies the KNOX ID of a Samsung device from 0x0 to 0x1 (loss of warranty).
Shut down the galaxy and press Power + home +volume down. Now it boots in the mode to install the recovery with ODIN. After flashing with ODIN it reboots and you need to press Power + home + volume up. Some Galaxies don't need the power button to be pressed (only short to turn it on).
Different Galaxies looks sometimes different showing how they mount partitions and how they're used. I've bricked a S4 mini and a Tab 3 while doing things wrong (not used PDA mode (only S4 mini failed), used the wrong recovery with the Tab 3 and Kit Kat (4.4) installed).
Than you can use the adb tool from the Android SDK to connect to the device.
I made this case to show how easy it is to get access to an Droid device with free available tools.
We use in normal cases Cellebrite UFED Touch which is very comfortable.
Have fun. I've more info at home on my MacBook if you need some more infos.
A recovery doesn't touch your base ROM but modifies the KNOX ID of a Samsung device from 0x0 to 0x1 (loss of warranty).
i strongly suggest to test any cwm flashing on an identical device first. There are devices that wont allow flashing a cwm without factory reset and will perform a reset, once the cwm is detected on bootup.
Same goes for editing files like the settings.db (to remove/reset pattern locks e.g.)
Some devices store backup files (or at least hash-sets of these systemfiles) on encrypted partitions and will "handle" the userdata in a way you wont like…once a mismatch is detected. roll
These might be rare cases but just keep this in mind wink
CopyRight, I thank you for the details.
I think others have made my concerns clear. Indeed your method is a reasonable solution under certain circumstances.
Maybe this thread can grow if the discussion can continue identifying different processes etc and find alternatives to see if they help build away forward.
As an alternative to ODIN, Heimdall - http//
it would be cool to find a way to boot the device from a custom rom without actually flashing it.. from RAM, like a live system..
like with old iphones in DFU mode.
Theoretically I can watch boot through an on-chip debugger (OCD), and when the boot section we are interested in is requested force the code, or something. I can already mess up (cheat in games too mrgreen) variables real time in devices with OCD, no problem.
Or, forget all that, and just watch for the security part loading and mess that up, granting root there, and trust the MicroSD to run shell/script/whatever off of. Dump the data to the MicroSD (or MicroSD port).
This still requires ripping the device apart and finding TAPs.
Vendors that use ASIC based processors this could be an issue.
I think this could be done. idea
Do not use your own or girlfriend's etc mobile for this experiment, nor an exhibit and so on. Go to a second-hand phone re-seller and buy one or see if someone is willing to give you a freeby phone so if the phone dies no one gets upset.
The test image is for Samsung Galaxy SII/Android (OS2.3). The purpose of the image it was used in experiments to create a recovery image to overwrite existing tools in the the recovery partition. Theory suggests it may be applied to a wide range of compatible Samsung/Android devices, the point being is I simply do not know how many.
The zip file contains a recovery image, any tools specific to the device, and a README file describing how to install the image. No claim is made as to the fitness of this example image.
You can play around with the image for experiments but caution the data is under an "Attribution-NonCommercial" Creative Commons License. In english this means the authors work is protected by attribution and copyright and through knowledge maybe other intellectual property rights, too.
https://
PLEASE COMEBACK AND SHARE HOW YOU GOT ON.
eBay. There is always so much fun on those phones…