How to open img firmware file. Editing Android firmware using Samsung Root Firmware Replacer

Almost everyone android user smartphone, there was a desire to create or edit the firmware to suit your needs and desires. In this article we will look at the principle of editing firmware for CWM (in zip format).

Preparation:

First of all, we need to decide which firmware we will use as a basis. It's better to use off. firmware in zip. For almost every common device there is a clean firmware + root.
When the firmware is selected, it must be downloaded to any location convenient for you on your PC (no need to unpack).
We will also need an archiver, I recommend using 7zip and the best of its kind text editor Notepad++.

Firmware structure:

Opening the archive with the firmware you see the following:
META-INF- The folder contains firmware installation scripts.
system- a folder with all firmware files (applications, tweaks, scripts, etc.).
boot.img- the core of the system.

Almost all manipulations are carried out in the folder system, its structure:
app- system applications.
bin- resources of the system itself.
etc- Scripts, tweaks, configs, profiles and system settings.
fonts- System fonts.
framework- the main system files are stored here (graphics, animation text settings, etc.).
lib- system libraries.
media- multimedia files (notification ringtones, loading animation, wallpaper, etc.).
usr- settings that cannot be changed in the future by the system (they work in read-only mode).
xbin- again, system configs and other tweaks.
build.prop- information about the system, locale settings and system performance.

Applications:

Before adding/removing software to the system, you need to check whether your firmware is deodexed (that is, check for the presence of .odex files in the app folder. If there are files, then you need to get rid of them using this instructions .
Add software to the firmware:
First of all, you need to install in your smart those programs that you want to add to the assembly. After installation, we remove them from the system using Root Explorer and its analogs, they are located on the data/app path, we also need their libs (if they exist, of course), they are located on the data/data path. They are located in the folder of the same name in the application and have the extension .so. Then seized .apk put the files in the archive along the path system/app and files with the extension .so(libs) along the path system/lib .
We remove the software from the firmware:
Everything is simple here, go to the folder app- we decide what we don’t need and remove all unnecessary software (it’s better not to touch the system).

Language and firmware version:

Copy the build.prop file to your desktop. Open it with notepad and find the lines:

ro.product.locale.language=en
ro.product.locale.region=US

for the Russian language you need to do this:

ro.product.locale.language=ru
ro.product.locale.region=RU

enter the name of your mod in the line

in the same build.prop

Graphic arts:

The entire graphical part of the firmware is stored in two files framework-res.apk file path systemframework and SystemUI.apk along the way systemapp. And the graphical part of the settings application is naturally stored in the Settings.apk application.

Scripts and tweaks (system acceleration and optimization):

Most of the settings are done in the file build.prop, you can read about this. Also, if your kernel supports init.d there are a number of scripts for optimizing the system, one of them is described in this article (RAM optimization) and in this article Tweak scripts for init.d

Replacing system fonts:

As stated above, all fonts are contained in the folder fonts, the main fonts are: DroidSans.ttf and DroidSans-Bold.ttf they can be replaced with any fonts, renaming them similarly to the above and moving with replacement to the archive with the firmware in the folder fonts.

Core:

Theoretically, it is enough to replace boot.img its own, but in some cases the Cores are accompanied by additional scripts. Therefore, I advise you not to do anything if you have any doubts.

All firmware for tablets on the Allwinner processor have the same img format (IMAGEWTY).

After a long search, I finally found a program that allows you to disassemble and assemble firmware for tablets based on Allwinner. It's called unPacker

Let's move on directly to disassembling the firmware file.

Disassembling the IMG file

For disassembly you will need:

• The firmware file itself
• The unPacker program, which can be downloaded (For Allwinner a31s you can use imgRePacker)

Download the archive and unpack it. Run the program unPacker.exe

We drag our file into this window and wait for it to unpack.

After unpacking is completed, a new folder will appear called “firmware.img.dump”

In the out folder there is a file system.fex - this is a file with system files (system folder). That's what we need.

Editing the system.fex file

To edit this file you need a nix system and a conversion utility that can be downloaded

We create a folder in the home directory in which we will edit our firmware. Let's call it NEW for example. Now unpack the files from the ext4_utils.zip archive into the NEW folder. Launch the terminal and type

The program will compile and we will get a tool for editing Sim2img. Now put our system.fex file in the NEW folder and rename it sytsem.img

Enter in the terminal

./simg2img system.img output.img

Now we have an output.img file. Now create a folder, for example, called sys

And mount our output file there

sudo mount output.img sys

The sys folder now contains files that can be edited. For example, you can make changes to the build.prop file that will improve the system's performance.

After editing, we begin assembly

./mkuserimg.sh -s sys/ ./factoryfs_custom.img ext4 ./temp 512M

Rename the resulting factoryfs_custom file to system.fex.iso

note: you can similarly edit other image files (boot and bootloader)

Assembly

Now, in order to assemble the edited files into the format required for firmware, you need to place the system.fex.iso file with replacement in the folder (on Windows) _iso and drag the folder

Mega utility Android IMG Repack Tools for all beginners and advanced romodelers, developers, for editing Android images.

Android IMG Repack Tools what is it and why?

Android IMG Repack Tools utility from user under nickname A.S._id(xda, w3bsit3-dns.com), designed to edit Android images:

• unpack Android image (img, ext4)
• editing files (manually)
• collect image

And also work with kernels (boot.img) and recovery (recovery). The utility is designed to work both under Linux and Windows (you must install Cygwin).

Android IMG Repack Tools will be useful to absolutely all Android Romodels for creating new custom firmware, as well as software developers.

Where to find and download Android IMG Repack Tools?

Download and latest version Android IMG Repack Tools utilities can be found from the official project page on XDA.

Installing Android IMG Repack Tools on your computer

Since the Android OS is based on the Linux kernel, it would still be more correct to work with the Android IMG Repack Tools utility from operating system based on Linux.

OS pre-configuration for Android IMG Repack Tools

If you have Ubuntu versions 14.04 and older (and Mint based on it), then you will need to install GCC 5 from the repository (open a terminal and type the following commands):

sudo add-apt-repository ppa:ubuntu-toolchain-r/test

sudo apt-get update

sudo apt-get install gcc-5 g++-5

sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-5 60 --slave /usr/bin/g++ g++ /usr/bin/g++-5

For Ubuntu users 16.04 (and Mint based on it), then you need to install first:

1. GNU Automake 1.14 (download and unpack)

2. Go to the folder with Gnu Automake, open a terminal and execute the commands one by one: ./configure make sudo make install

3. Install packages: sudo apt-get install git-core gnupg flex bison gperf libsdl-dev libesd0-dev build-essential zip curl libncurses5-dev zlib1g-dev valgrind libreadline6-dev gcc-multilib g++-multilib libc6-dev x11proto-core -dev libx11-dev libz-dev gawk texinfo automake libtool cvs libsdl-dev

Setting up Android IMG Repack Tools

1. After downloading Android IMG Repack Tools, unpack, go, open terminal

2. Type the command to launch the utility./main_menu

If you have Mint installed, then click on the main_menu file

3. Go to the utility section " 0 - Configure & clean tools menu»

4. Select " 1 - Build android_img_repack_tools“, in order to download and configure the tools that work with Android images.

Working with the Android IMG Repack Tools utility

Expect an update to the article with instructions on how to use the utility soon!

For those who want to start the journey to creating their own firmware for Sony based on the official ones, you need to know how to unpack Sony firmware FTF format.

What is necessary?

1. Computer

2. Download latest version not an official flasher FlashTool and install

3. Download Unix image manager ext2explore.exe

3. Download and install the free 7-zip archiver

4. Sony firmware in FTF format

Instructions on how to unpack Sony firmware in FTF format

1. Right-click on the FTF firmware - open the archive or unpack from the archive

2. After installing FlashTool, go to the path C:Flashtool
3. Launch the FlashTool program and select the menu in the panel Tools -> Sin Editor

4. Select the sin file extracted from the ftf firmware in the Sin Editor and click Extract data. After this, the process of converting the firmware file into readable form will begin.
5. As a result, you can get a new file with the extension yassf2 or ext4 or elf

If the file *. yassf2

Select Tools -> Yaffs2, after which a window will appear to select a file, select a file with the extension *.yasff2

In a couple of minutes you will receive a folder with files that were in the firmware

If the file is *.ext4 or *.elf

1. If you have a file with the extension *.elf, then rename it to *.ext4

2. Run the previously downloaded ext2explore program, select the firmware file, after which the contents of the firmware will appear in the window, now you can save the contents.

What's next?

If you plan to create a flashable update.zip in the future, then you should go to the article - creating an Updater Script

How to correctly extract the kernel from FTF firmware?

In order to get the “correct” kernel for flashing using update.zip, you will need the same Flashtool.

1. Open the FTF firmware with an archiver and extract kernel.sin

Let's start with the fact that you need Linux. In Windows, you can only disassemble the firmware, but you won’t be able to put it back together for purely technical reasons. Now about the firmware. They are usually distributed in the form of ZIP archives flashed through custom recovery. It is one of them that we will need for experiments. I recommend starting the path of a romodel with something as close as possible to AOSP custom firmware, because it is often easier to understand than stock.

1. Unpack the archive with the firmware into any folder.
2. Download the script from the link and unzip it into any folder.
3. We launch the ext file (if it complains about the lack of Java, just skip by pressing y; Java is only needed for packaging).
4. Now select unpacking by pressing button 1 and then Enter.
5. A new folder named extract_* will appear next to the ext file and the tools folder. Copy the files system.new.dat and system.transfer.list into it.
6. After copying the files, press Enter and wait. After a while, you will need to press Enter again, enter the administrator password and press Enter again.
7. Ready. The contents of system are in the extract_*/output folder.

Manual method

Unpack the archive with the firmware into any folder (for example, rom):

$ mkdir ~/rom $ unzip path_to_archive -d ~/rom/

Download the tools we need into this folder:

$ cd ~/rom $ wget https://github.com/xpirt/sdat2img/raw/master/sdat2img.py

Let's run the script:

$ chmod +x sdat2img.py $ ./sdat2img.py system.transfer.list system.new.dat system.img

It converts the system.new.dat file into a raw image called system.img . Mount the image to the mnt subfolder:

$ mkdir mnt $ sudo mount -t ext4 -o loop system.img ~/rom/mnt

Android Directory Structure

After unpacking system, the following directory structure will appear:

• app- pre-installed applications with standard privileges;
• priv-app- pre-installed applications with elevated privileges, including some system components;
• bin- binary files in ELF format, an analogue of the /bin and /usr/bin directories in Linux. Contains various system components used by higher-level system components;
• etc- settings files. A complete analogue of /etc in Linux, used, however, only by those system components. Android Applications store individual settings in the /data/data/ directories;
• fonts- fonts. By default, it contains only Roboto branded fonts;
• framework- libraries of Java classes used by the system and applications. There is also a file framework-res.apk containing a complete description of the operating system interface, including all graphic files;
• lib And lib64- Linux libraries used by low-level system components. An analogue of the /lib and /usr/lib directories in Linux, including standard libraries such as libc, libz, libssl. On devices with ARMv7 architecture and lower, the lib64 directory will be missing;
• media- media files: ringtones, notification sounds, interface sounds and OS loading animation;
• tts- files needed by the speech synthesizer;
• usr- a directory that usually contains files necessary for running applications from the bin directory. Essentially an analogue of /usr/share ;
• vendor- files supplied by the device manufacturer. Usually contains binary firmware for various hardware components, for example a Wi-Fi module;
• xbin- optional directory; custom firmwares use it to store things like the bash interpreter, SSH, PowerTOP, BusyBox, and other useful tools;
• build.prop- a file containing information about the assembly, as well as various low-level settings;
• addon.d- contains scripts that are launched after installing the firmware. GApps also write their script here, thanks to which they are revived after reinstalling the firmware.

Now that we're familiar with the basic structure of Android, let's start making changes.

Removing and adding applications

All pre-installed programs can be found in two folders:

• /system/app/;
• /system/priv-app/.

They differ from each other in access privileges. If programs from app have the same permissions as third party programs(for example, installed from the Play Store), then applications from the priv-app can use privileged APIs (privileged rights). You can learn more about this from.

To preinstall an application into the firmware, simply drop its APK file into /system/app/ . You can, of course, create a separate folder, but in our case this makes no sense, because the folder is used to store libraries and odex files, which we simply do not have. To remove it, simply delete the folder with it.

You can go further and replace stock applications with analogues. For example, to replace the calendar, delete the folder Calendar and copy our favorite com.rpagyc.simplecalendar.apk to /system/app. And you don’t have to copy it. Then the firmware will be without a calendar.

The main thing to remember is that stock programs can be related to each other. Therefore, deleting one program may well lead to the complete inoperability of another (for example, CalendarProvider and Calendar: by deleting the first, you will make not only the stock calendar inoperable, but also any other calendar). Fortunately, in pure AOSP firmware there are not many interconnections.

Changing the loading animation

The animation is stored as PNG images, packed into the archive /system/media/bootanimation.zip without compression. Inside the archive there are:

• desc.txt- a file describing the animation;
• part0- a folder with animation files that are played first;
• part1- a folder with animation files that are played second;
• part?- the last folder, the images from which are played back at the end.

The desc.txt file might contain something like

1920 1080 60 p 1 0 part0 p 0 0 part1

The purpose of these lines is intuitive: 1920 × 1080 is the image resolution, 60 is the number of frames per second. Part0 and part1 indicate the folders from which the animation will be played and the playback sequence. In general, there can be either one part or several (three or more).

The images located in the part folders are numbered with five numbers in playback order: 00000.png, 00001.png, 00002.png... These images can be replaced with your own, thereby creating an original animation. Or you can simply delete the bootanimation.zip file. Then the device will show animation from standard Android. Or use a ready-made collection of animations on w3bsit3-dns.com.

Changing the sound design

In fact, all the sounds that the system plays are stored in the /system/media/audio folder. Inside it you will find the following folders:

• alarms- alarm clock melodies;
• notifications- notification sounds;
• ringtones- ringtones;
• ui- system sounds, such as low battery, camera focusing, selection of interface elements.

In alarms, notifications, ringtones you can add as many melodies as you like. You can take them, for example, here:

• standard ringtones from different Nokia phones and smartphones;

And a little life hack: deleting files from the ui folder will not lead to failures and errors, but to disappearance system sounds. Therefore, you can easily turn off the sound of taking a picture from the camera, taking a screenshot, simply by erasing the files containing these sounds (their names are intuitive).

Adding fonts

Fonts are stored in fonts . You can find archives with font files on w3bsit3-dns.com and XDA. To install, just copy and replace the ttf files from the archive to the fonts folder.

Changing system settings (build.prop)

The system image has an interesting build.prop file containing many useful information about the device hardware and default settings for various stock applications. To be fair, I note that this is not always the case. For example, in Gigaset ME and ME Pro build.prop is divided into two parts. One part contains settings for Gigaset ME, and for ME Pro some lines are duplicated, but the keys (smartphone name, etc.) are different. This was done to ensure more or less correct operation of the same firmware on different devices.

Build.prop contains (or can contain) a huge number of settings. Some of them do not change anything, some improve one thing at the expense of another, but there are those that are really useful:

• ro.product.model And ro.product.manufacturer- smartphone model and manufacturer's name. By replacing these lines, you can make the Play Store think that you have a different smartphone, which will open access to more software For all those little known Chinese smartphones these lines can become life-saving;
• hw.qemu.mainkeys- takes only two values: 0 - show on-screen navigation keys, 1 - do not show buttons. The absence of a line corresponds to 0;
• debug.sf.nobootanimation- value 1 disables loading animation, which slightly increases its speed. Setting it to 0 or deleting the line returns the animation to its place;
• ro.telephony.default_network- tells the system which mode it should be switched to mobile network while loading;
• ro.sf.lcd_density- Display DPI, the most accurate value for the display can be calculated through a convenient website. But no one forbids setting a higher or lower value to your liking: higher values ​​make the interface elements larger, lower values ​​make the interface elements smaller;
• ro.config.vc_call_vol_steps- number of volume steps during a call (default 8);
• ro.config.media_vol_steps- number of media volume steps (default 15).

We implement Google Apps in the firmware

Almost always custom firmware comes without Google services and application store. The developers suggest that we install them separately using the GApps package. However, it can be integrated directly into the firmware.

First you need to download the GApps package. I recommend taking the Open GApps archives. You choose Android version, processor architecture and configuration option (Pico, Nano, Stock...), which determines how many various applications Google contains an archive. I recommend downloading the Pico version. It contains only the Play Store and a set of libraries necessary for its operation.

Integrating GApps into the firmware is done like this:

1. Unpack the GApps ZIP archive using any archiver.
2. Go to the Core folder.
3. We see many archives with the extension .tar.lz. Extract using lzip.
4. After unpacking, copy the files from the folders to the corresponding folders in the system. It’s easy to guess what to throw where from the directory structure in the archive. For example, configupdater (from the screenshot) needs to be placed in the priv-app folder.
5. Go to the GApps folder (located next to Core) and follow steps 3 and 4 for the files in it.
6. That's it, we have integrated GApps into our firmware!

Free place

It is necessary to understand that the space for installing firmware is limited. You cannot install firmware whose size exceeds the size of the system partition of the device. You can view its value using:

$ adb shell df /system

Second option: put a terminal on the device and type the command

$df/system

You can find out the partition size in bytes by installing BusyBox on your smartphone and running the command in the terminal

$ busybox df -B 1 /system

Or the same with ADB:

$ adb shell busybox df -B 1 /system

The space occupied by the firmware will be approximately equal to the size of the system when unpacked. In general, when creating firmware, it is necessary to take into account that the user can also flash various modifications on top of it (SuperSU, Xposed) or transfer applications to the system section. For example, the minimum package Google applications(Pico) requires a minimum of 150 MB of additional installation space.

If necessary, the size of the firmware file can be reduced by deleting not only unnecessary programs from /system/app (/system/priv-app) and call sounds from system/media/audio and bootanimation.zip , but also:

• /system/tts/lang_pico- languages ​​of the primitive voice engine Pico TTS, voice engine Google won't be affected by this;
• /system/usr/srec/config/- offline languages. You can download it online later if needed.

Assembly

After making changes, you need to put everything back together. First, let's pack the system section into system.new.dat . Download the tools we need:

$ wget https://github.com/xpirt/img2sdat/raw/master/img2sdat.py $ wget https://github.com/xpirt/img2sdat/raw/master/blockimgdiff.py $ wget https://github. com/xpirt/img2sdat/raw/master/common.py $ wget https://github.com/xpirt/img2sdat/raw/master/rangelib.py $ wget https://github.com/xpirt/img2sdat/raw/ master/sparse_img.py $ sudo apt-get install android-tools-fsutils

Let's convert our folder back to a RAW image. Let's call it system_new.img:

$ sudo make_ext4fs -T 0 -S file_contexts -l 1073741824 -a system system_new.img output/

1073741824 is changed to the size of the system partition in bytes. It would be advisable to even make it a little smaller. We make a sparse image from the RAW image:

$ img2simg system_new.img system_snew.img

Let's convert our image into system.transfer.list and system.new.dat, which should be thrown into the archive with the firmware, but first we'll delete the old files:

$ rm -rf system.transfer.list $ rm -rf system.new.dat $ rm -rf system.patch.dat $ chmod +x img2sdat.py $ ./img2sdat.py system_snew.img

Let's separate the firmware files from the excess husk (files that we downloaded for work. For this it is convenient to use the archive with the firmware). Deleted? Now you need to pack the firmware into a ZIP archive (with any archiver).

All that remains is to sign the archive. This can be done both on Android itself using ZipSigner, and on a PC (you will need Java installed):

$ wget https://github.com/appium/sign/raw/master/dist/sign.jar $ java -jar file.zip

Underwater rocks

While building system.new.dat you may encounter several problems caused by constant changes in the generation mechanisms Android firmware. The method described above should work well in the case of firmware based on Android 5.1; newer ones may have difficulties, so you will need to use other versions of the build tools. Unfortunately, we cannot describe all the nuances of the assembly, so you may have to Google it.

Installation

To install custom firmware, you need a custom TWRP recovery, which allows you to install unsigned or signed firmware with a test key (this is exactly what we created). In the magazine, we have repeatedly described the process of installing it, and in the forum threads dedicated to your device, there is usually enough information to do this.

TWRP

conclusions

This article describes only the tip of a huge iceberg called “firmware modification”. “Serious” firmware not only complements the kernel and the firmware itself with stock applications with many functions (which are often taken from other kernels and firmware), organizing or even changing the principles of their interaction, but can also radically change the operating principles of the OS. True, such a hack is no longer Android, but a separate OS, even if Play services can be installed there (by the way, such actions, to put it mildly, are not encouraged by Google). Well, don’t forget: all shells are from manufacturers - TouchWiz, ZenUI, HTC Sense and so on - just ordinary customs, maximally tied to the hardware of the device and to each other.