Giters

MlgmXyysd / Xiaomi-HyperOS-BootLoader-Bypass

A PoC that exploits a vulnerability to bypass the Xiaomi HyperOS community restrictions of BootLoader unlocked account bindings.

Home Page:https://www.neko.ink/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Error code 10000. Help please

PheonXD opened this issue · comments

commented

I have the same problem. Can u help me pls? Poco X6 Pro 5G. And i was trying to install settings.apk, but every time it crashes.

[2024-05-25] [20:17:19] [INFO] - ************************************
[2024-05-25] [20:17:19] [INFO] - * Xiaomi HyperOS BootLoader Bypass *
[2024-05-25] [20:17:19] [INFO] - * By NekoYuzu          Version 1.0 *
[2024-05-25] [20:17:19] [INFO] - ************************************
[2024-05-25] [20:17:19] [INFO] - GitHub: https://github.com/MlgmXyysd
[2024-05-25] [20:17:19] [INFO] - XDA: https://xdaforums.com/m/mlgmxyysd.8430637
[2024-05-25] [20:17:19] [INFO] - X (Twitter): https://x.com/realMlgmXyysd
[2024-05-25] [20:17:19] [INFO] - PayPal: https://paypal.me/MlgmXyysd
[2024-05-25] [20:17:19] [INFO] - My Blog: https://www.neko.ink/
[2024-05-25] [20:17:19] [INFO] - ************************************
[2024-05-25] [20:17:19] [INFO] - Starting ADB server...
[2024-05-25] [20:17:20] [INFO] - Processing device 6XXOSC5PYDFU7TJN(3)...
[2024-05-25] [20:17:20] [INFO] - Finding BootLoader unlock bind request...
[2024-05-25] [20:17:20] [INFO] * Now you can bind account in the developer options.
[2024-05-25] [20:17:24] [INFO] - Account bind request found! Let's block it.
[2024-05-25] [20:17:24] [INFO] - Refactoring parameters...
string(1420) "#&^qMmtgKNj5dcesFBt3QnO1i4KvUqyZ59kCpchGiFxdnLqxpOoxs/5V0gcj4bff/bD6spTuKaF8jlMaaWBJj6xM8gRDE9R9cFYLLQABTpJTrNNJIk1VqxOdNkiNvSHc5lKxkc/XwahHzAXKy4Jxa4u4cIOtIaSAKHZXW2r8NMLepCzbaFveSAAY6bQSsUbI96SsDGVuun7K3lsT0uYqRBs+hdUN7nfLll2l2QAwaGrHIWFZezyl0FZPysRM7LxkWe0dgCGHKtzpJ2dMrvQxon6ux79UVRKVW91ZR3fPHrtO1rRoiag30+t0/ZuKAPU/SWjfp3pYyILjNoVewBLLiuVXQ==!!Hsy9Eki1V6oIrPxJkQOZTec84Lt6oF6lpldS8T/LsgthlKibaexd56r5yxsdFy6mElEM5CWiXSKGmpq5OqCEpKW+6F08W8oQ/qNhSn2jUaiA500qTH0SYYpznvSfjXjG4FeGZmImJu8rq1zwRTm0pCsZTOXIoB0EEPkm05p/46VoezDTl4/bSkrsc8TjZbb8j9KsmfweZJ6YD8F9ETranpcorxHpBJ7jbg7GSpC679QcDwtUeYY7dG0kyxNLLdjBoRpTrP+r5/7nDEopKmNPBkqhvUIGAGiwQotQQTUrHqNW+KP2feMCfFOWyVBjuSNWX4yoof7uSt9yvOwN+9hzwcBlxWXzfoVUpTPXgjYOKJ0GN9LwoWLpOz4nSh/nnwXN1eoVHaKOSYS4mBfGviXw24YNu5uJ219/zMfc4QH7V2wQrQe16C7XMSvuzS+nDaesrpE5lpIKhCkQ5KDivomBPSNvLf6mzE40GlPGbgVb0Rozpd1byOT1rrVLxLDEZZ0M+mgb0doZmCEydgQ/C8eyJ4OoY0xfsiMm7cVnbbtPkwI0wcLRpIHbQ9hlzlFJSgOLK8bJ9rAcSF0oD0ds49ixfOwV7EQtCRv0iYHmmDiI4o5MI8CCzBar6/xWei5FheGHCKo/iie5gc9QESrHNOscrYVcS/cp2hdlB7GwoSv85B5E5fKKH9O1MyDh2HK8DO9wMOhp42iBU6uo1hg4i4rczIQA3ol33cDB0y4BEbeRmpgS5sG6vEI6Fj5A979LB4+xgHboHyGcygKFLe9jOOBByNETswzHJ+fA4EL+4YIuPq0Na3aNgAzAWH9617cJEM4hD7uI3FXmMQHvFQ+FyJadTnCJaULLj3UZ2s7gLnMlm5zDvts8xdEcbLE3sCr3qIvQ0PxfWJjq1rDOMStDxErb2ZoX219V53zxGHj/AEEUEMmp8ZQWRWdB3uLQNFCCQsChdjpCQn/0nYNikayxYg0h56L49LC62clh61vxMl/JAE48WWrFkjVrJ8caRvEhr/d8OVFEpAzivOokJSMilcJwu+4ZKrpFp+O9Eu6AnVQqMto=^&#"
PHP Warning:  Trying to access array offset on value of type null in C:\php\bypass.php on line 335

Warning: Trying to access array offset on value of type null in C:\php\bypass.php on line 335
[2024-05-25] [20:17:24] [INFO] - Sending POST request...
[2024-05-25] [20:17:25] [INFO] - Request parameter error (10000)
commented

I believe this exploit does not work on X6 Pro/K70 because of a new security metric introduced by Xiaomi. This is fixable on other devices by installing an older version of the Settings app, but it seems that none of them work for K70.

Vunerable versions of the Settings app for other devices can be found on https://www.123pan.com/s/625SVv-BYxbh.html. I've tried a few of them on my X6 Pro but none seem to work (app crashes when entering developer settings). You can try your luck by installing a few of them, but I doubt that it will work. Perhaps the version of the Security app also plays a role.

If you bricked your Settings app, you can always restore it by going to app settings > uninstall updates.

But for now I guess you'll have to stick to unlocking bootloader through the awful Xiaomi Community app. Make sure to do it at 0:00 Beijing time, since there is a limit of 3000 devices that can unlock bootloader per day. If you're on global, the only requirement for it is having the Mi account registered for 30 days. On Chinese ROMs I believe you also have to reach level 5 in the Community app.