HTC One X bootloader gets unlocked, in spite of resistance from AT&T


When I first heard that AT&T was restricting access to the bootloader on the HTC One X, I was ticked. Yes, AT&T was acting like, well, AT&T. But HTC has its own bootloader unlocking program that has become quite popular among those in the rooting and developing community, so there’s really no excuse for AT&T to restrict access to it.

That’s why I smiled a little bit when I heard that a one-click root method was recently discovered for the One X. Yes, I thought to myself, we’re finally getting closer!

Today, I’m pleased to announce that developers have now successfully unlocked the bootloader on the One X. This means that not only does one easily gain superuser access in the system, but now it’s possible to flash different kernels, radios … the sky is truly the limit! I’ve included the exact instructions, word-for-word, from the developer below. Of course, proceed at your own risk, and if you screw up, you might not have a working phone anymore.

That being said, get to unlocking, and join with me in laughing at AT&T’s unsuccessful attempts at thwarting the very active, open-source, resilient Android developer community.

  1. Fire up your command prompt and go to the directory that you have ADB installed to. Type “adb shell” and hit enter.
  2. Type “su” and hit enter. You now have root privileges.
  3. Next type “dd if=/dev/block/mmcblk0p4 of=/sdcard/mmcblk0p4” and hit enter. This will dump the partition to your sdcard.
  4. Next type “exit”, hit enter, type “exit”, and hit enter again. This should take you back to a command prompt for your computer.
  5. type “adb pull /sdcard/mmcblk0p4” and hit enter. NOTE THE SIZE OF THE FILE BEFORE THE NEXT STEP!
  6. Open the file (mmcblk0p4) with your hex editor.
  7. Look for offset 00000210 and you should see CWS__001 with your IMEI number attached to it.
  8. Change CWS__001 to 11111111 and save the file as mmcblk0p4MOD. This will give you SuperCID as well. :-D MAKE SURE AT THIS POINT THAT THE FILE IS THE EXACT SIZE IT WAS BEFORE YOU HEX EDITED IT!
  9. Now go back to your command prompt and type “adb push mmcblk0p4MOD /sdcard/mmcblk0p4MOD” and hit enter.
  10. Type “adb shell” and hit enter then type “su” and hit enter again. This will put you back into the android shell and give you root privileges.
  11. Type “dd if=/sdcard/mmcblk0p4MOD of=/dev/block/mmcblk0p4” and hit enter. To test if it worked restart the phone into fastboot (type “adb reboot bootloader” and hit enter) and once the bootloader screen comes up type “fastboot oem readcid” and hit enter. It should read “ROGER001”.
  12. Next type “fastboot oem get_identifier_token” and hit enter. Leave that up on your screen and go to Follow the instructions from there.

Enjoy all!

Pocketables does not accept targeted advertising, phony guest posts, paid reviews, etc. Help us keep this way with support on Patreon!
Become a patron at Patreon!

John F

John was the editor-in-chief at Pocketables. His articles generally focus on all things Google, including Chrome and Android, although his love of new gadgets and technology doesn't stop there. His current arsenal includes the Nexus 6 by Motorola, the 2013 Nexus 7 by ASUS, the Nexus 9 by HTC, the LG G Watch, and the Chromebook Pixel, among others.

Avatar of John F