Developing for Google Android – update the OS version

There are already some very good articles and tips and tricks on how to do this, but for the purpose of having my own information structured and available online, I will describe what you need to do to update the OS version of your Android.

In no event will I be liable to you for any damages arising from the use of this info, so its only your responsibility if you decide to do the upgrade. You might loose the warranty or even make your Android unusable.

On the other hand, being able to update the OS, brings several advantages, especially for developers. You can root your device, meaning that you can get a way of using your Android linux box as root, very useful, since it provides complete access to the device.

Also, if you hard-reset the device and don’t have a T-Mobile SIM with data plan, you’ll need to use this article to unlock your Android G1.

STEP 1: Flash your Android with OS version RC29. This is an older release, but we need it to take advantage of an exploit that will give us root.
Download the rom image (~90MB).
Copy DREAIMG.nbh to the root of a micro SD card. The file should appear like this:

STEP 2: Insert the MicroSD in the android, and turn off the phone (you can unplug the battery and then replug it). Hold the Camera button, and press Power button to entry the bootloader. You should get a white screen with instructions to flash your phone with the update on your SD card.
Follow those instructions and press the Power button. The update will start and it looks like this:

Be careful not to interrupt this update!
When the update is complete, restart the phone.

STEP 3: You should now be running the RC29 OS version, and if you don’t have a SIM card in your Android, you should get this screen:

RC29 (and RC7 as well) have an interesting vulnerability that we’ll use for our purposes: all the characters you type get executed in a background shell as ROOT!
For instance type [enter]restart[enter] w/o the square brackets . The device will reboot.
To take advantage of this and unlock your device type:
[enter]telnetd[enter] (again, no square brackets, [enter] refers to the enter key on the Android keyboard). This will start the telnet daemon process (you won’t see it as it is running in the background).

STEP 4: Connect your Android to the PC and use adb shell to open a remote shell command prompt. Here’s an article showing how to do that.
If you get an error (device not found), you’ll need to start the ADB server on your android. Do do that we’ll use the same background shell exploit – simply use the keyboard and type:
[enter]setprop persist.service.adb.enable 1[enter]
Retry connecting with adb.

STEP 5: Download busybox and use adb push to copy busybox binary to your G1:
adb push busybox /data/local/busybox
In the adb shell, type chmod 755 /data/local/busybox to make it executable and then /data/local/busybox telnet 127.0.0.1.

Congrats, YOU Got root!

STEP 6: Disable registration and enable WLAN connectivity. Type in the adb shell:
setprop app.setupwizard.disable 1
and then:
am start -a android.intent.action.MAIN -n com.android.settings/.Settings (works without root as well)

Now you can use your device and you can stop here. But if you want more, hit continue 🙂

Flash to latest OS build, but keep root access:
STEP 7: Copy recovery.img and update.zip (this is the Hard SPL) to the root of your MicroSD card.

STEP 8: using adb shell as root (at the # prompt), type the following commands:
mount -o rw,remount -t yaffs2 /dev/block/mtdblock3 /system
cd sdcard
flash_image recovery recovery.img
cat recovery.img > /system/recovery.img

STEP 9: Install update.zip form sdcard (restart device while pressing HOME, then ALT+L, and finally Alt+s)

STEP 10: Upgrade the Radio. Download Radio ROM zip (9 MB) , rename to update.zip and put it on the SDCard and install it (restart device while pressing HOME, then ALT+L, and finally Alt+s)

STEP 11: Upgrade the OS ROM to latest version. Download OS ROM zip (42 MB) , rename to update.zip and put it on the SDCard and install it (restart device while pressing HOME, then ALT+L, and finally Alt+s)

Try to carefully follow these steps. It will keep you out of trouble. Should you have any questions, use the Comments form below.

Radu Motisan

Leave a Reply