[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-8387":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":18,"compositeScore":20,"rankGlobal":10,"rankLanguage":10,"license":10,"archived":21,"fork":21,"defaultBranch":22,"hasWiki":23,"hasPages":21,"topics":24,"createdAt":10,"pushedAt":10,"updatedAt":32,"readmeContent":33,"aiSummary":34,"trendingCount":16,"starSnapshotCount":16,"syncStatus":35,"lastSyncTime":36,"discoverSource":37},8387,"Xiaomi-HyperOS-BootLoader-Bypass","MlgmXyysd\u002FXiaomi-HyperOS-BootLoader-Bypass","MlgmXyysd","A PoC that exploits a vulnerability to bypass the Xiaomi HyperOS community restrictions of BootLoader unlocked account bindings.","https:\u002F\u002Fwww.neko.ink\u002F",null,"PHP",4654,457,38,158,0,3,12,48,29.98,false,"master",true,[25,26,27,28,29,30,31],"android","android-development","bootloader","bootloader-unlock","hyperos","miui","xiaomi","2026-06-12 02:01:53","# Xiaomi HyperOS BootLoader Bypass\n\n![Version: 1.0](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FVersion-1.0-brightgreen?style=for-the-badge) [![中文文档](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002F中文文档-brightgreen?style=for-the-badge)](README-zh.md) [![日本語](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002F日本語-brightgreen?style=for-the-badge)](README-ja.md)\n\nA PoC that exploits a vulnerability to bypass the Xiaomi HyperOS community restrictions of BootLoader unlocked account bindings.\n\nFeel free pull request if you want :)\n\n## 💘 php-adb\n\nThe project proudly uses the [php-adb](https:\u002F\u002Fgithub.com\u002FMlgmXyysd\u002Fphp-adb) library.\n\n## ☕ Buy me a Coffee\n\n✨ If you like my projects, you can buy me a coffee at:\n\n - [爱发电](https:\u002F\u002Fafdian.net\u002F@MlgmXyysd)\n - [PayPal](https:\u002F\u002Fpaypal.me\u002FMlgmXyysd)\n - [Patreon](https:\u002F\u002Fwww.patreon.com\u002FMlgmXyysd)\n\n## ⚠️ Warning\n\nAfter unlocking the BootLoader, you may encounter the following situations:\n\n- Software or hardware not working properly or even damaged.\n- Loss of data stored in the device.\n- Credit card theft, or other financial loss.\n\nIf you're experiencing any of the above, you should take all the responsibility yourself as this is the risk you may encounter when unlocking BootLoader. This obviously does not cover all risks. You've been warned.\n\n- Warranty lost. Not only the base warranty, but some of the extra extended warranties (such as Mi Care or broken-screen warranty) that you have purchased may also be lost according to the exclusions provided by Xiaomi.\n- Hardware level self-destruct like Samsung Knox. TEE-related features will be permanently damaged. There is no way to restore other than by replacing the motherboard.\n- Functional anomalies after flashing a third-party system due to closed-source kernel source code.\n- Device or account banned by unlocking BootLoader.\n\nIf you're experiencing any of the above, consider yourself damned. Ever since Xiaomi restricted unlocking BootLoader, it has been against Xiaomi's 'geek' spirit and even the GPL. Xiaomi's restrictions on BootLoader unlocking are endless, and there's nothing we as developers can do about it.\n\n## 📲 Unlocking requirements\n\n- A valid device:\n  - A unbanned\\* Xiaomi, Redmi or POCO device.\n  - Your device is running the official version of HyperOS.\n  - (Update 2023\u002F11\u002F23) Your device is not forced to verify account qualification by Xiaomi.\n- A valid SIM card:\n  - \\* Except for tablets that cannot use SIM cards.\n  - SIM card must not be out of service.\n  - SIM card needs to be able to access the internet.\n  - Only 2 devices per valid SIM card are allowed to be unlock to a valid SIM card within a three-month period.\n- A valid Xiaomi account:\n  - An unbanned\\* Xiaomi account.\n  - Each account can only unlock 1 phone in a month and 3 phones in a year period.\n- You have read and understood the [Warning](#%EF%B8%8F-warning) above.\n\n- \\*  According to the unlocking instructions provided by Xiaomi, it will prohibit some accounts and devices from using the unlocking tool, which is called \"risk control\".\n\n## ⚙️ How to use\n\n1. Download and install PHP 8.0+ for your system from the [official website](https:\u002F\u002Fwww.php.net\u002Fdownloads).\n2. Enable OpenSSL and Curl extension in `php.ini`. (And\u002For set `extension_dir` to your PHP's `ext` directory if script not work.)\n3. Place `adb.php` in [php-adb](https:\u002F\u002Fgithub.com\u002FMlgmXyysd\u002Fphp-adb) to the directory.\n4. Download [platform-tools](https:\u002F\u002Fdeveloper.android.com\u002Fstudio\u002Freleases\u002Fplatform-tools) and place them in `libraries`. *Note: Mac OS needs to rename `adb` to `adb-darwin`.*\n5. Open a terminal and use PHP interpreter to execute the [script](..\u002Fbypass.php).\n\n- p.s. Releases has packaged the required files and click-to-run scripts.\n\n6. Tap repeatedly on the `Settings - About Phone - MIUI Version` to enable `Development Options`.\n7. Enable `OEM Unlocking`, `USB Debugging` and `USB Debugging (Security Settings)` in `Settings - Additional Settings - Development Options`.\n8. Log in a _valid_\\* Xiaomi account.\n9. Connect phone to PC via wired interface.\n10. Check `Always allow from this computer` and click `OK`.\n\n- \\* See \"[Unlocking Requirements](#-Unlocking-requirements)\" above.\n\n11. Wait and follow the prompts of script.\n12. After successful binding, you can use the [official unlock tool](https:\u002F\u002Fen.miui.com\u002Funlock\u002Findex.html) to check the time you need to wait.\n13. During the waiting period, please use the device normally, keep the SIM card inserted, do not log out of your account or turn off `Find My Phone`, and do not re-bind the device until it is successfully unlocked. The device will automatically send `HeartBeat` packets to the server every once in a while.\n\n## 📖 Workaround\n\n- Undergoing maintenance...\n\n## 🔖 FAQs\n\n- Q: Why does the unlock tool still remind me to wait 168\u002F360 (or more) hours?\n  - A: By principle, this PoC only bypasses the restrictions added for HyperOS. You still need to comply with the restrictions for MIUI.\n\n- Q: The device shows `Couldn't verify, wait a minute or two and try again`.\n  - A: This is normal, the binding request on the device side has been blocked by our script. The actual binding result is subject to the script prompt.\n\n- Q: Binding failed with error code `401`.\n  - A: Your Xiaomi account credentials have expired, you need to log out and log in again in your device.\n\n- Q: Binding failed with error code `20086`.\n  - A: Your device credentials have expired, you need to reboot your device.\n\n- Q: Binding failed with error code `20090` or `20091`.\n  - A: Device's Security Device Credential Manager function failure, contact after-sales.\n\n- Q: Binding failed with error code `30001`.\n  - A: Your device has been forced to verify the account qualification by Xiaomi. Xiaomi lost its 'geek' spirit a long time ago, and there's nothing we can do about it.\n\n- Q: Binding failed with error code `86015`.\n  - A: The server has rejected this bind request, please try again.\n\n## ⚖️ License\n\nNo license, you are only allowed to use this project. All copyright (and link, etc.) in this software is not allowed to be deleted or changed without permission. All rights are reserved by [MeowCat Studio](https:\u002F\u002Fgithub.com\u002FMeowCat-Studio), [Meow Mobile](https:\u002F\u002Fgithub.com\u002FMeow-Mobile) and [NekoYuzu](https:\u002F\u002Fgithub.com\u002FMlgmXyysd).\n","该项目旨在通过利用漏洞绕过小米HyperOS社区对BootLoader解锁账户绑定的限制。其核心功能是提供了一个概念验证（PoC），允许用户在不受官方限制的情况下解锁设备的BootLoader。技术上，项目使用了php-adb库来实现与Android设备的交互。适用于需要绕过小米官方限制以解锁BootLoader的开发者或高级用户场景，但需注意此操作可能带来包括保修失效、数据丢失等风险。使用前应充分了解并接受相关警告。",2,"2026-06-11 03:17:40","top_language"]