Home How To How To Flash Xiaomi MTK Devices Using MTK Exploit

How To Flash Xiaomi MTK Devices Using MTK Exploit

With Xiaomi devices being integral players in custom development, there’s plenty to look forward to – from flashing custom/GSI ROMs and installing a custom recovery like TWRP to gaining administrative access by rooting your device via Magisk. However, every coin has two sides.

Despite the exciting customization possibilities, these processes come with certain risks. Improper execution can send the device into a boot loop or even get it bricked. If Fastboot Mode is accessible, you’re in the clear – you can flash the Fastboot ROM using mi Flash or Fastboot Commands.

But what happens when you can’t access Fastboot? Don’t worry! You can still unbrick your Xiaomi device with the help of a handy MediaTek Exploit. This guide will show you exactly how to accomplish this.

SLA and DAA Authentication for MediaTek with SP Flash Tool?

Like Qualcomm has an Emergency Download (EDL) Mode, MediaTek devices sport a Download Mode. Service center operatives widely use this mode to flash firmware onto devices that are “bricked” or unresponsive.

The SP Flash Tool, highly recognized in the MediaTek community, performs this flashing operation. In the past, if a user’s device ended up bricked, they could independently restore their MediaTek device through the Download Mode via this handy tool.

However, to regulate who could perform these restorations, Original Equipment Manufacturers (OEMs) introduced “Serial Link Authentication (SLA)” and “Download Agent Authentication (DAA)”. Consequently, only individuals armed with the authorized Download Agent or Serial Link applications could instigate flashing. Typically, these individuals belong to authorized service centers.

The implication? Users with bricked devices no longer have the autonomy to revive their devices by themselves and must, instead, resort to officially authorized service centers for restoration.

SLA and DAA Authentication for MediaTek

Advertisements

However, such hurdles are no longer a concern. An exploit can now set both the SLA and DAA flags to false. This means the tool won’t check for either of these flags, enabling you to bypass the restriction and flash the firmware directly on your MTK device in Download Mode. In this guide, we’ll walk you through this process. So, let’s dive into how you can unbrick your Xiaomi device using this MTK Exploit without further delay.

How to Unbrick Xiaomi MediaTek using MTK Exploit

Please note that the upcoming process will erase all data from your device, so it’s crucial to back it up entirely beforehand. Neither AMS nor its members will be liable for unforeseen consequences such as a thermonuclear war, your alarm failing to wake you up, or any happenings to your device and data resulting from performing the following steps.

Prerequisite:

1: Download the Xiaomi Unbrick Tool

Xiaomi Unbrick Tool

  • This tool includes all the necessary drivers and software you will need throughout this guide to unbrick your Xiaomi device.

2: Download Fastboot ROM

To begin the process:

  • Download the Fastboot ROM specific to your device from a reputable source or the manufacturer’s website.
  • Once downloaded, extract the Fastboot ROM to a convenient location on your PC, such as the Desktop or a dedicated folder.

3: Install Python

  • First, navigate to Python’s official website to initialize the download process.
  • Next, double-click the downloaded EXE file to activate the Python installation.
  • Finally, select the “Add Python to Path” option, which can be found at the bottom of the installation menu.

Add Python to Path option.

Once completed, choose the “Install Now” option if you prefer to install Python in the default location. This is a highly recommended step for most users. Please note that XX-XX refers to the specific version number of the Python installation:

C:\Users\Your Username\AppData\Local\Programs\Python\PythonXX-XX

Please note down this location, as it will play a crucial role throughout this guide for the unbricking process of your Xiaomi device.

4: Install Python Dependencies

  • Navigate to the Python installation directory. In the address bar, type “CMD” then press Enter, opening a Command Prompt window.
  • In the Command Prompt window, input the following command:

pip install pyusb pyserial json5

Advertisements
  • After you’ve entered the command, press the Enter key to begin the installation of these packages.

installation of packages.

  • With this, we have installed the required dependencies via the PIP command.

5: Install CDC_ACM Drivers

  • Locate the directory where you’ve extracted the Unbrick Xiaomi Tool.
  • Proceed to the “Drivers” folder and find the `cdc-adm.inf` file. Right-click on the file, choose “Show More Options“, and select “Install” from the expanded list.

Install CDC_ACM Drivers

  • Once the drivers have been installed, continue to the next step to unbrick your Xiaomi MediaTek device.

6: Install MediaTek SP Flash Tool Driver

Next, you must install the MediaTek drivers, designed specifically for the SP Flash Tool. This can be done by:

  • Go to the Unbrick Xiaomi Tool folder and look for MTK Driver.
  • Launch the MTK_Driver_Auto_Installer SP Drivers~20160804.exe file.

MTK_Driver_Auto_Installer SP Drivers~20160804.exe file

  • Next, follow the on-screen instructions to complete the setup.

7: Download MTK Bypass Utility Tool

  • Transfer all these files to the directory in which Python is installed [also extremely important].

8: Install libusb-win32

This library will let you communicate with many USB devices from within your application, just as the original libusb-0.1 did.

  • To begin with, download the libusb-win32 library onto your PC.
  • Then click on the libusb-win32-devel-filter-1.2.6.0 file to start the installation of it

Install libusb-win32

  • Proceed by following the on-screen instructions to finalize the installation.
  • Upon completion, a prompt will appear to guide you through the initiation of the Filter Installer wizard.

Filter Installer wizard.

Advertisements
  • At this device selection screen, select Install a Device Filter and then wait.

9: Boot the Xiaomi MediaTek Device to Download Mode

Next, you must boot your Xiaomi device to Download Mode to unbrick it. Here’s how you can do that:

  1. Press the Volume Up button after turning off your device.
  2. You will need a USB cable to connect your device to the PC while keeping the button pressed.
  3. Download Mode will now be enabled on your device.
  4. If you look in the list of USB ports, you’ll see it listed as MediaTek USB Port. Select it and click Install.
  5. Before your device can boot, select MediaTek USB Port and hit Install as quickly as possible.
  6. Once you receive the “…device filter successfully installed for the MediaTek USB port, ” the device filter has successfully been installed for MediaTek USB port…” message.

10: Bypass SP Flash Tool SLA DAA Authentication

Ensure your device is connected to the PC using a USB cable and set to Download Mode. Confirm that you have transferred the MTK Bypass Tool contents to the Python installation directory.

  • With these prerequisites, follow the steps below to bypass MediaTek SP Flash Tool SLA and DAA Authentication.
  • By typing in CMD in Python’s address bar and pressing Enter, the Command Prompt will be opened within the Python installation directory.

CMD and press Enter

  • The main.py python file can now be run by typing the following command:
  1. python main.py
  • Following the process, you should receive a message saying, “Protection Disabled, press any key to continue ”.

Protection Disabled

  • Here’s another approach that might work if the first one doesn’t [this method might take 2-3 takes to execute fully].
  • Start by unplugging your device from your PC, but keep the USB cable connected.

  • The next step is to launch the 2ND RUN THIS.bat file from the extracted Unbrick Xiaomi Tool folder.

2ND RUN THIS

  • The Waiting for Device message should now appear.

    Advertisements
  • Connect the USB cable to your device by pressing and holding the Volume Up key.

  • It will now show Found Port=COM3 when your device is recognized.

  • In the same way, the message “Protection Disabled” should also appear.

11: Set up SP Flash Tool and Unbrick Xiaomi

  • Launch the tool by double-clicking the flash_tool.exe file in the Unbrick Xiaomi> SP Flash Tool folder.

Open SP Flash Tool

  • Click Choose and load the DA_6765_6785_6768_6873_6885_6853.bin file in SP Flash Tool’s folder by clicking Choose next to Download Agent.

SP Flash Tool Scatter Loading

SP Flash Tool Select Scatter

  • Select the auth_sv5. auth file from the SP flash tool folder after clicking Choose next to Authentication File.

Select the auth_sv5. auth file

  • Select Android_scatter.txt from the extracted Fastboot ROM Images folder by clicking Choose next to Scatter-loading File.

SP Flash Tool Select Scatter

Advertisements
  • When you are done, switch to Firmware Upgrade Mode from Download Only Mode.

Download Only Mode

  • Select Connection from the left menu bar in the Options section (see following image).
  • Make sure that the COM port is set to COM3 and the Baud rate is 921600 under the Connection Settings.

COM port is set to COM3

  • The flashing process will take a few minutes after you close the Options menu and click Download.

click Download

  • You will receive a Download OK message as soon as the download process is complete. If you want to charge the device for at least 10-15 minutes, you must unplug the device.
  • You will be booted to the OS after pressing the Power key.

That concludes the guide on unbricking your Xiaomi MediaTek device via MTK Exploit. Should you have any questions or require further clarification on the indicated steps, please leave a comment. We aim to respond with a resolution as swiftly as possible.

LEAVE A REPLY

Please enter your comment!
Please enter your name here