OnePlus One
OnePlus X
OnePlus 2
OnePlus 3
OnePlus 3T
OnePlus 5
OxygenOS 5.0 and below
OxygenOS running in OnePlus devices allows rebooting into the Qualcomm Emergency Download (EDL) Mode through ADB, by issuing the adb reboot edl command, or by using a hardware key (Volume-UP) when the device is connected to USB.
Since Firehose programmers of various OnePlus devices have been leaked, one could exploit them in order to downgrade critical partitions such as the Android Bootloader, which enables exploitation of old vulnerabilities.
| Device | SoC | Programmer | Tested | SHA256 |
|---|---|---|---|---|
| OnePlus 5 (cheeseburger) | MSM8998 | <embedded in an archive> | yes | 02ffdaa49cf25f7ff287cab82da0e4f943cabf6e6a4bfe31c3198d1c2cfa1185 |
| OnePlus 3T | MSM8996 | prog_ufs_firehose_8996_lite.elf | yes | eef93d29e4edda26cce493b859e22161853439de7b2151a47dafe3068ee43abe |
| prog_ufs_firehose_8996_ddr.elf | yes | a1b7eb81c61525d6819916847e02e9ae5031bf163d246895780bd0e3f786c7ee | ||
| OnePlus 3 | MSM8996 | prog_ufs_firehose_8996_lite.elf | yes | 97eff4d4111dd90523f6182e05650298b7ae803f0ec36f69a643c031399d8d13 |
| prog_ufs_firehose_8996_ddr.elf | yes | c34ec1fddfac05d8f63eed3ee90c8e6983fe2b0e4b2837b30d8619a29633649c | ||
| OnePlus 2 | MSM8994 | prog_emmc_firehose_8994_lite.mbn | yes | 63a47e46a664ccd1244a36535d10ca0b97b50b510bd481252f786177197c3c44 |
| OnePlus X | MSM8974 | prog_emmc_firehose_8974.mbn | yes | 964b5c486b200aa6462733a682f9cead3ebfad555ce2ff3622fea8b279b006ee |
| OnePlus One | MSM8974 | prog_emmc_firehose_8974.mbn | no | 71c4f97535893ba7a3177320143ac94db4c6584544c01b61860aca80a477d4c9 |