The EDL Utility is a Win32 utility for accessing the Qualcomm Emergency Download interface on Qualcomm processors.
En foros como Reddit (r/Colombia) y en la Defensoría del Consumidor han aumentado las quejas de usuarios que perdieron entre 50.000 y 2 millones de pesos colombianos tras instalar estos APK. Un patrón común es que los atacantes vacían la cuenta inmediatamente después del primer inicio de sesión.
Además, Nequi ha emitido comunicados oficiales en sus redes sociales y dentro de la app alertando: "No existe un 'Nequi Glitch'. Cualquier persona que prometa duplicar tu dinero o darte saldo gratis es un estafador. Reporta esos contenidos".
Dado que no puedo proporcionar un enlace directo, te animo a buscar Nequi en la Google Play Store o en el sitio web oficial para descargar la aplicación de manera segura y dentro de los términos de servicio. Si la aplicación específica que buscas tiene una versión de prueba o demo, esas suelen ser excelentes maneras de evaluar una aplicación sin comprometer la seguridad de tu dispositivo. En foros como Reddit (r/Colombia) y en la
Recuerda siempre priorizar tu seguridad digital y respetar los derechos de autor y los términos de servicio de las aplicaciones que uses.
Searching for a "Nequi Glitch APK" link is highly discouraged as it is associated with a common fraud method used to scam individuals and small businesses. This application is not an official Nequi update but a tool designed to deceive others by generating fake payment receipts. Security Risks and Scams Dado que no puedo proporcionar un enlace directo,
Fraudulent Activity: The "Nequi Glitch" (also known as Davitrampa) is a cloned app used to create fake transaction screenshots to trick sellers into believing a payment has been made.
Malware and Theft: Downloading third-party APKs from unofficial links can infect your device with malware, leading to the theft of your personal data and real bank credentials. 000 COP) are simply scammers themselves
Paid Scams: Many people offering these "glitch" apps for a fee (often around $30,000 COP) are simply scammers themselves, taking your money and providing nothing in return. Safe and Official Downloads
To use the service securely, you should only download the official application from verified stores: ¿Qué hacer si no puedo descargar Nequi?
En la madrugada, mientras la lluvia aflojaba, Camila enfrentó una elección: podía alertar a la empresa legítima afectada, exponer el esquema en el foro y arriesgar represalias, o ignorarlo y borrar todo para no involucrarse. Eligió lo primero. Preparó un informe técnico claro, con capturas de tráfico, hashes del APK y la lista de permisos abusivos. Envió un correo al equipo de seguridad y publicó una versión resumida en el foro para advertir a otros. Al hacerlo, recibió mensajes anónimos: agradecimientos, pero también amenazas veladas.
Sí. El sistema de seguridad detecta instalaciones de aplicaciones no oficiales que interceptan datos. Tu cuenta será bloqueada preventivamente.
The usage has changed and /e is only for erasing NAND memories.
To zero out sections of eMMC or UFS use the new /f fill command.
/u takes a hexadecimal value.
This should make no difference on the standard LUNs (0-7) but will make things clearer on LUNs 81, b0, c4, d0.
Qualcomm processors support two different protocols, "Sahara" and "Firehose". Sahara is supported in ROM and is always present. Firehose is implemented in downloadable loaders in ELF format.
The usual procedure is to first get your device in EDL mode, i.e. where it is presenting USB VID/PID 05c6/9008. This can be achieved by:
Everything under Windows needs some kind of driver. Zadig is a simple generic driver generator. Select "WinUSB" as the type of driver to install. Do NOT use any Windows drivers from Qualcomm. They will try to present your device as a serial port. Now you can do a simple check if you like.
This shows you that the device is connected and has the right driver.
Next, you must use the Sahara protocol to load a loader for the Firehose protocol.
Loaders are specific to processor, device manufacturer, possibly flash memory type and hash.
To decide which one you need you need to collect some basic info.
There are reports that Sahara protocol version 3.0 does not support querying the HWID or Hash.
If this happens to you, use the /qbc quirk (see below).
These files often use .bin or .mbn as the extension despite it actually being a normal ELF file. The file names are based on the 16 hexit HWID and the first 16 hexits of the Hash. By one website they are listed under the last 8 hexits of the Hash. As the filenames tend to be cumbersome, you might rename them something short and mnemonic.
To look up available loaders by Hash see this table.
For Boox Onyx devices see this table.
From this point on the processor is using the Firehose protocol and you need not (can not) reload the loader unless you reboot.
A device might be using eMMC storage (older devices), NAND storage or UFS storage (newer devices).
The /u flag must be used for all operation in Firehose on devices with UFS.
The flags /d (slot), /u (LUN), /p (partition), /s (start block), /c (count of blocks) and /b (block size) are used to specify the range of operation.
If the partition is specified then the start block is relative to the start of the partition.
If partition is not specified, then the start block is absolute.
Zero is the default for both start block and count of blocks.
Partition operations often do not specify either start block or count of blocks.
Operations on raw devices (i.e. not a partition) require an explicit /s and /c to prevent accidents like edl /f.
| Start | Count | Partition | |
|---|---|---|---|
| Unspecified | Specified | ||
| 0 | 0 | Whole device | Whole partition |
| 0 | + | Start of device | Start of partition |
| + | + | Middle of device | Middle of partition |
| + | 0 | End of device | End of partition |
| − | 0 | End of device | End of partition |
| − | + | Part of end of device | Part of end of partition |
The major operations are /r (read), /e (erase), /w (write).
The erase and write operations can be combined which yields the non-optimized operations of full erase and (possibly) partial write (depending on the size of the input file).
Be very careful when you specify /e (erase), /w (write) as not specifying a partition means the whole device!
Partitions are sized for the maximum anticipated size of the contents.
Often the fraction of a partition that is actively being used is as low as 20%.
(There are often many partitons with all zeroes in them also.)
There is no particular need to transfer a whole partition when 20% will do.
Of course, if you still want to transfer another 50MB of zeroes, just don't use the /t flag.
Also note that some images have signing or other (sometimes) necessary things after the end of the normal image.
Currently the EDL utility has the capability to recognize the actual size of:
Android images are naturally aligned to pagesize (normally 4096 bytes) but ELF files can be any size. Therefore, when they are read, even when truncated, they are rounded up to the current device blocksize (normally 512 or 4096 bytes). This simplifies matters when/if they are written back to the device.
NAND memory has two peculiarities that require special handling. The first peculiarity is that they have "bad blocks" (an erase block is sometimes 64 x 4096 bytes). During a read the output file will be filled with 0xff wherever bad blocks are to maintain alignment. During a write the input file will be skipped over wherever bad blocks are to maintain alignment. The second peculiarity is that because of the hidden CRC32 and ECC on each page, a freshly erased page must never be written with all 0xff values. The EDL utility will do explicit multiple writes (in the hundreds) around the bad blocks and the empty pages. The EDL utility will do explicit multiple reads (a few) around the bad blocks. You must explicitly erase whichever region of the NAND memory before writing but this may be combined in the same command. The EDL utility now supports NAND volume tables analogously to GPT partition tables.
Quirks are idiosyncracies, anomalies or incorrect implementations of Firehose loaders.
By specifying the /q flag you can bypass problematic parts.
/qabcd, for example, will not query serial number, HWID, hash or SBL version.
There is a default of /qad so you need to /q to display serial number and SBL version.
| A | Do not query serial number |
| B | Do not query HWID |
| C | Do not query hash |
| D | Do not query SBL version |
| E | Allow CSD read to fail (Sony Vivo) |
Show usage:
Query basic info:
Load a loader (needs to be done only once after a fresh start):
List the partitions:
Download the MBR of a UFS LUN:
Download the boot partition (and truncate to its actual size):
Erase the the last 4096 bytes of /vendor (removes FEC correction):
Flash the recovery partition:
Erase and write to NAND memory blocks:
Read accessory SD card:
Try some random XML:
Reboot to normal system:
Reboot to fastboot (probably only works on Motorola):
Multiple compatible commands, reboot to recovery:
Download edl.exe, the EDL utiliy.
Download ubi.exe, a simple utility for examining full dumps of NAND/UBI.
See also: QcomView – a utility for analyzing Qualcomm xbl/abl/Firehose loaders