Skip to content

Back to the overview

Flashing CFW on xaga and unbrick it

Note

LineageOS for xaga already ships with the engineering preloader image. This page is for information only.

Getting Started

As we have seen in the past "begonia CFW Megathread", MTK devices are pretty easy to brick. All it takes is one wrong move and you are FUCKED!.

The same concept of a brick also applies to xaga devices "Example of what a brick looks like".

Note

If you are already in this state and have not flashed the engineering preloader image, the only way out is to visit an authorised Xiaomi Center.

So what do we do to avoid a brick?

It's not that easy to avoid bricking these devices. Just follow the instructions and don't do anything stupid.

However, by flashing the engineering preloader image, you can save yourself a lot of headaches.

Why do we need to flash the engineering preloader image and how it works?

Usually, MTK devices follow this boot pattern:

`Boot ROM` -> `preloader` -> `Little Kernel (lk)` -> `kernel`

With MIUI preloader, nothing unsual happens, however, after flashing the engineering preloader image, (with ever boot) the preloader exposes an insecure VCOM port with SLA (Serial Link Authentication) and DAA (Download Agent Authentication) checks disabled, allowing you to flash images with SP Flash tool V6 without worrying about having an authorised Mi account.

If you use the MIUI preloader image, the only "download" mode you can access in case of a brick is Boot ROM (which is burnt into the SoC). This requires an authorised Mi account to access and write partitions from it.

There is currently no way to bypass these checks on xaga, as Boot ROM has a bunch of checks to prevent unauthorised attacks.

Can I revert to the MIUI preloader image?

Of course, at your own risk :P.

Flashing process

  • Download the correct preloader image:
Link Sha1sum
HyperOS Based ROMs (preloader_aristotle) d9399d4faeea64cf82b2675aa6b26bd8cbd75e36
MIUI Based ROMs (preloader_xaga) 4a7486c4c954aedca2e585ac92e5bd640bfa6bee
  • Reboot your device into fastboot mode by holding down the appropriate key combination.
  • Open a ADB & Fastboot tools window on your PC and flash the preloader image you downloaded before.
# Mention the path of the image before running the commands
# Ex: fastboot flash preloader1 /home/itsvixano/xaga/preloader_xaga.bin
$ fastboot flash preloader1 <preloader_xaga>.bin
$ fastboot flash preloader2 <preloader_xaga>.bin
  • Reboot your device by holding the Power button.
  • You are good to go :D

How to unbrick (with the engineering preloader image)

So you have managed to brick your device and you have previously flashed the engineering preloader image? You can easily restore it by following these simple steps:

Warning

Avoid using the Firmware Upgrade option, it will lock the bootloader.

Never use the Format all + Download option, it will ERASE the whole device UFS (including IMEIs, mac addresses, and more).

Always make a backup of your partitions

  • Download the Fastboot ROM of your choice.
  • Download the custom xaga_MT6895_Android_scatter.xml file.
  • Extract the Fastboot ROM and replace the file images/MT6895_Android_scatter.xml with xaga_MT6895_Android_scatter.xml.
  • Turn off your device.
  • Open SP Flash tool V6.
  • Load the MIUI Fastboot ROM of your choice by pressing the Download XML button and selecting the images/download_agent/flash.xml file.
  • Press the Download button.
  • Connect the device to your PC (if it doesn't detect, press and hold the Power button for 8-10 seconds).
  • The flash process should start.

You can get the latest SP Flash tool V6 from here and the latest xaga Fastboot ROMs from here: (make sure you choose the right MIUI / HyperOS Fastboot ROM for your device :D).

Version Download
HyperOS xmfirmwareupdater.com
MIUI xmfirmwareupdater.com