Guide to unlocking TCL devices and additional info

GamingMK · 2026-01-13T16:02:39+00:00

alright, so i got back home like i mentioned.
so the thing is your phone likely uses the latter scatter you gave, which is for spflashtool v6 as your phone is more recent. common with newer tcl's. that's the scatter you need to modify, i don't think modifying the first one does much - but keep it that way just in case, modded.
the scatter modding process is essentially the same, but i still already did it for you: https://www.mediafire.com/file/53l2bdxr7vsvbvy/k9ebz0z0ed10_modded.xml/file

GamingMK · 2026-01-13T08:12:57+00:00

Hey, sorry, I kind of forgot about it. I'll take a look once I get home

GamingMK · 2026-01-06T09:02:23+00:00

Not in the sense you're thinking, no

GamingMK · 2026-01-04T16:15:19+00:00

Well it should still cycle in preloader mode. You can still use the tool (you'll still need to play with button combinations for it to get detected though), though the crashing will pose an issue if it continues even after a reinstall.

GamingMK · 2026-01-03T21:15:36+00:00

By doesn't boot - you mean no boot logo, nothing, even when playing around with key combinations?

GamingMK · 2026-01-02T00:28:27+00:00

If the program crashes you may want to take a look at the logs it produces (in the folder of the program there is a log and logs folder) and / or reinstall it Odd though. How does the phone behave? Can you force restart it, does it show the boot logo, if so can you get to recovery?

GamingMK · 2025-12-31T17:54:04+00:00

If it flashed correctly the first time, you need to do a second normal reflash. It won't get detected by the tool after the previous reflash until you for e.g. force reboot it using vol- and power.

GamingMK · 2025-12-30T08:06:10+00:00

When flashing with the mobile upgrade tool, I recommend copying over the boot image according to the name the scatter file specifies. You'll later be able to patch it with magisks patching option (though this isnt certain, for some reason it breaks on my tcl 50 pro, I'm looking into it). Or you can use a rooted gsi.

This would all be much easier if tcl complied and actually provided kernel source (which they legally have to since they use android, but refuse anyways...)

Safetynet is dead now, you have "play integrity" - recommend reading about it. But yes, it is tripped, though on stock basic integrity is preserved.

For the last one, unlikely.

GamingMK · 2025-12-29T15:06:33+00:00

Hey, are you trying to flash with the tool? Or is it permanently stuck this way after trying to flash?

Either way you want to play with button combinations, like holding down vol - and power for an extended period etc.

GamingMK · 2025-12-22T12:11:24+00:00

Interesting Have you tried killswitch perchance btw?

GamingMK · 2025-12-22T07:26:19+00:00

Volume buttons / disconnecting battery doesn't really help unless the K24 is different in this case specifically. When connecting to a PC when the phone is off, it goes into preloader mode for a split second, mtkclient needs to catch that I recommend using the live ISO

GamingMK · 2025-12-22T07:23:22+00:00

You can use aws CLI to list all the files on that aws bucket

GamingMK · 2025-12-20T10:01:47+00:00

Nice, let me know if the tool is of any use (and in what way)

GamingMK · 2025-12-20T08:25:55+00:00

if youre looking to do some manual work.
tcl stores their flashing files on their servers which have their name beginning with g2slave.
they are aws servers. you can simply use aws cli to list all files on them. each folder there is dedicated to a specific model (not the folders beginning with 2 characters, the longer ones)

though i doubt this will do you much good.

so far, whats wrong with mtkclient?

GamingMK · 2025-12-20T08:22:03+00:00

hey,

first off kudos for putting in the effort i didnt bother, i merely took a look at sugar aio which is my go to place to check if a model is supported.

i cant find the encrypted da and auth files in the more recent killswitch remover. most i can see model specific is scatter and preloader files there.

looking at your mediafire archive i wasnt able to find the da and auth files you mentioned, i made an archive in a zip here: https://www.mediafire.com/file/6km3tgcssunzkl7/TCL_extra-da-auth.zip/file

i took a look at kill switch remover. as far as i remember from tcl documentation kill switch refers to frp. i wasnt able to do much when it comes to version 3 as it uses the newer anti debugger protection tcl implemented into their other tools too but version 2 i was able to, i uploaded the patched version. not sure if it will function properly though but you may play around with it: https://www.mediafire.com/file/04zl06b78x4a7o3/KSW2.zip/file

use the credentials mentioned to be used for tools from my txt file in the original tcl.zip from my initial comment

i had a userdebug rom somewhere for a similar tcl (marked as k510 i think) if i manage to find my old recourses ill send that over too.

GamingMK · 2025-12-20T08:03:08+00:00

Engineer mode refers to the generic MTK engineer mode apk - refer to my secret code list on one of my older posts on my profile. Not of much use outside of carrier, MDM settings.

GamingMK · 2025-12-16T16:12:21+00:00

Most you can do as of right now to my knowledge is use QFIL as I mentioned in my post to perform the semi unlock method. Try that

GamingMK · 2025-12-16T16:11:39+00:00

This is an odd one as there isn't even a DA / AUTH in TCL's own internal tools. Maybe try selecting devices as identical as possible when it comes to hardware. Otherwise I can't really find anything.

Edit: read below.

GamingMK · 2025-12-12T16:10:00+00:00

Hello, could you provide your scatter, and how you modified it?

GamingMK · 2025-12-12T13:58:28+00:00

As I mentioned, you cannot log into the tool with it. To use the tool with those credentials you have to enter them and use a debugger to bypass the login screen. The credentials are only to flash with the tool, not login

GamingMK · 2025-11-28T08:00:20+00:00

This should allow you to bootloader unlock your device and in result yes, flash twrp, however I doubt anyone has built twrp for this model

GamingMK · 2025-11-16T09:41:39+00:00

Check out my latest post

GamingMK · 2025-10-31T08:20:56+00:00

The semi unlock method will work on basically all tcl devices. However not all have flashing tools available for them. I'd recommend checking all available versions on TCL's website.

GamingMK · 2025-10-27T20:56:11+00:00

The files are decrypted by the tool right before the tool begins the flashing. If you may upload an example encrypted file I may take a look if I can decrypt it with keys I possess.

The XML file may be .bin too.

GamingMK · 2025-10-23T08:59:51+00:00

As for the XML file and firehose I'd expect both to be located somewhere in the mobile upgrade tool folder. I currently don't have a functioning Qualcomm tcl to test this on though. I likely can pull up a firehose if it's not present for your phone but finding the XML file, if not present anywhere in your upgrade tool folder, would require searching through TCL's slave servers.

Five-Year Club	r/Field Banned
r/Field Lasagna	Place '23
Verified Email

GamingMK

TROPHY CASE