Sergey Lepeshkin

No, he's problem is much more simpler. He have JTAG and UART wired on his board, so it's not a problem to do virtually anything with his box. Are you sure? Have you successfully connected adb on PC to this tv box using usb cable?

I've managed to pull out some system files out of it. Binaries is ELF 32-bit LSB executable, ARM, EABI5 version 1 (SYSV), so its not Allwinner H313.

Hi! @Ducdanh Nguyen , which port have you used to connect it through adb? Those on the back side (where hdmi and power connectors located), or one of those on the right side (where sd card slot located)? Was it working in standard Android boot mode ("Debug over usb" enabled through "Developer settings") or somehow else? I also own such tv box and this is what I've found crawling web and playing with this device: 1. More PCB pics is here: https://4pda.to/forum/index.php?showtopic=1016510&view=findpost&p=136516719 2. "Heatsink" (just a small piece of thick aluminium foil) is bonded to SoC using 2-sided adhesive tape (I doubt it have good thermal conductivity). I recommend to replace it with more adequate heatsink. 3. SoC seems to be fake. It doesn't have Allwinner logo on it (there are 2 pics attached: one is ours, and one is genuine). 4. There is no AXP PMIC. Instead, there are 3 separate fixed step down converters. 5. There is no transformer in ethernet circuitry! Signals from jack goes directly to SoC. So be careful with static electricity while handling it's ethernet connection. 6. First button, located near "AV" jack, just resets tv box to factory defaults (if power switched on while it's pressed - and after that "update" screen with Chinese text on it will be shown). Purpose of second button (located near "S/PDIF" jack) is mystery for me. Can anyone suppose what it is for? 7. There are two exposed test points on the bottom side of pcb under SoC. Both tied through 10k resistors to +3.3V. After power-on, one of them seems to be some input (current between pin and gnd is about 3.3/10000=0.33mA), and other is definitely driven by something else (current is about 14mA and varying in both directions). I wonder if it's uart tx and rx pins - I'll see it with oscilloscope later. Anyway, shorting this test points together doesn't influence on boot process. 8. It's highly probable there is some backdoor (something like well-known Badbox 2.0). Original firmware exhibits some suspicious network behavior: just after factory reset, once it connected to network, it opens different connections to tcp port 12000 to hosts located in China. If I close outgoing traffic on firewall to tcp port 12000, after a while, it opens similar connections, but to port 9090 to different hosts. It seems to me it's trying to join some botnet. Furthermore, if you compare process list just after first (after factory reset) connection to network, and after it been connected for a while, you will find some new processes, which doesn't belong to Android and have strange names - I think it downloads something without asking user. Summary: this cheap tv box is a full scam. It seems to me manufacturer made all to prevent re-flashing of this device. But it will be very interesting to make something useful out of it.