Guide on how to extract a boot image from any Android phone without needing to root using Magisk and without a custom recovery.
Most Android users face hurdles when attempting to root their phones because they require a boot image for patching, and custom recoveries specifically designed for their devices are often unavailable. Additionally, finding the phone firmware online can be challenging. As a result, rooting such phones becomes a daunting task. In this guide, I'll provide a comprehensive solution for users who want to extract the boot image from their phone without the need to root it first, download firmware from the internet, or rely on custom recoveries.
Before diving into the guide, please thoroughly review the Frequently Asked Questions (FAQ) to understand the basics of GSI and the various naming conventions used by GSI builders and maintainers.
Accessing and modifying system files on your device typically requires superuser permissions. To extract the boot image, we'll need a root environment. We'll achieve this by using a GSI that includes the "su" binary or has superuser capabilities built-in.
You can use this Lineage OS GSI as an example. You'll need to flash it onto your phone.
If you're unfamiliar with flashing a GSI or unsure how to proceed, watch this YouTube video or search online for additional guides. You can also join the PHH GSI support group on Telegram for assistance.
Alternatively, the DSU sideloader can be used to install GSIs via Android's DSU feature with ease. For a detailed explanation, watch this YouTube video.
- Download the Termux app from here.
- If not pre-installed, download the PHH Superuser app from here.
- Open Termux, grant storage permission, type
su, and approve the superuser request from the PHH app to gain root access. - With superuser permission, you can access any system file. Copy and enter the following command in termux:
for PARTITION in "boot" "boot_a" "boot_b"; do
BLOCK=$(find /dev/block \( -type b -o -type c -o -type l \) -iname "$PARTITION" -print -quit 2>/dev/null)
if [ -n "$BLOCK" ]; then
echo "$PARTITION" = $(readlink -f "$BLOCK")
fi
doneThis command will display the boot partition paths for both A/B and A-only devices.
On A/B devices, the loop command will display the boot partition paths for both slots, something like this!
boot_a = /dev/block/sda40
boot_b = /dev/block/sda41In this case, you can extract the image corresponding to your currently active slot.To determine the active slot, enter the command getprop ro.boot.slot_suffix. If the output is _a, use the path for boot_a; otherwise, use the path for boot_b.
- Finally, use the following command to extract the image from the specified boot path:
dd if=<boot_partition_path> of=<output_path>For example:
dd if=/dev/block/mmcblk0p42 of=/sdcard/boot_a.imgIf you find the manual process too complicated, you can use my Boot-image-Extractor script. This script automates the task, making the extraction process simpler and more efficient. You can find detailed instructions and usage guidelines within the repository.
The guide and script provided are for informational purposes only. The author does not take responsibility for any damage or loss caused by using or misusing the guide or script. By using the guide or script, you acknowledge that you are solely responsible for any outcomes, including but not limited to device damage, data loss, or voided warranty. Please note that modifying system files, including extracting the boot image, can have serious consequences if not done correctly. It is recommended to seek additional resources, such as official documentation or dedicated forums, for your specific device and firmware version.
why can't you do this by opening a shell with adb in the device?? or can you?? just instead of downloading termux space is always limited on older phones anyway. Just an idea