Related
adb devices
adb push asroot2 /data/local
adb shell chmood 0755 /data/local/asroot2
adb shell
$ /data/local/asroot /system/bin/sh
$ mount -o remount,rw -t yaffs2 /dev/block/mtdblock /system (or is it -zero)
$ cd /system/bin
$cat sh > su
$ chmod 4775 su (or 4755?)
$exit
adb push recovery-RA-heroc-v1.2.3.img
adb shell
$ su
# flash_image recovery recovery-RA-heroc-v1.2.3.img
then boot to recovery by typing: reboot recovery while pressing volume down and the when it boots to screen press home?
is this how to do it? help please
Code:
adb devices
adb push asroot2 /data/local
adb push recovery-RA-heroc-v1.2.3.img /data/local
adb shell
Code:
chmod 0755 /data/local/asroot2
/data/local/asroot2 /system/bin/sh
mount -o remount,rw -t yaffs2 /dev/block/mtdblock /system
cd /system/bin
cat sh > su
chmod 4755 su
flash_image recovery /data/local/recovery-RA-heroc-v1.2.3.img
reboot recovery
corrected some stuff for ya make sure asroot2 and recovery-RA-heroc-v1.2.3.img is in same directory as adb.exe
and that's good to go
UPDATE: no longer requires a sd card to root + recovery image + made copy/pasteable
fullgrown said:
adb devices
adb push asroot2 /data/local
adb shell chmood 0755 /data/local/asroot2
adb shell
$ /data/local/asroot /system/bin/sh
$ mount -o remount,rw -t yaffs2 /dev/block/mtdblock /system (or is it -zero)
$ cd /system/bin
$cat sh > su
$ chmod 4775 su (or 4755?)
$exit
adb push recovery-RA-heroc-v1.2.3.img
adb shell
$ su
# flash_image recovery recovery-RA-heroc-v1.2.3.img
then boot to recovery by typing: reboot recovery while pressing volume down and the when it boots to screen press home?
is this how to do it? help please
Click to expand...
Click to collapse
Up to the exit is the rooting part, yes. After that you can shell in and type "su" and have root access.
The rest of it is installing a custom recovery image.
thank you!!! now i'm rooted!!!
Hi there,
I tried if it is possible root on stock ROM 1.82.405.1 on HTC Desire Z. YES, we can!
This is a little "how to" with all previous roots and updates from "1.34.." to actual 1.82.405.1 stock ROM:
Permanent root on HTC ESIRE Z using linux
Software No. 1.34...
Necessary files:
adb (Android SDK)
gfree_02
psneuter
Terminal emulator (Android)
Optional files:
gfree_verify
Settings on Phone:
Menu-Settings-Applications-Development-USB debugging [yop]
USB connected to PC – only charge (card not mounted to PC)
Procedure on PC:
Check your device is properly conneted:
$ ./adb devices
It has to be like this : SH0BFRT00451 device
Than continue:
$ ./adb push su /sdcard/su
$ ./adb push Superuser.apk /sdcard/Superuser.apk
$ ./adb push rage /data/local/tmp/rage
$ ./adb push busybox /data/local/tmp/busybox
$ ./adb push root /data/local/tmp/root
$ ./adb shell chmod 0755 /data/local/tmp/*
On Android:
Launch Terminal Emulator
$ /data/local/tmp/rage
Wait for the message: "Forked #### childs."
Menu > Reset Term - Terminal Emulator will exit.
Launch Terminal Emulator, it Force Closes. Launch a second time, and you'll have a root shell
Procedure on PC:
$ ./adb push gfree /data/local
On Android:
# cd /data/local
# chmod 777 gfree
# ./gfree -f
# sync
# /data/local/tmp/root
# sync
there can be some errors with directory create – it is ok.
update to 1.72 via system and do following again:
./adb push su /sdcard/su
./adb push Superuser.apk /sdcard/Superuser.apk
./adb push busybox /data/local/tmp/busybox
./adb push root /data/local/tmp/root
./adb shell chmod 0755 /data/local/tmp/*
./adb push psneuter /data/local/tmp/psneuter
./adb shell chmod 777 /data/local/tmp/psneuter
./adb shell /data/local/tmp/psneuter
./adb shell
Finally execute this inside the shell you opened with the previous command >adb shell<:
/data/local/tmp/root
restart mobile and you have root....
update from 1.72 to 1.82 via system and again root:
./adb push su /sdcard/su
./adb push Superuser.apk /sdcard/Superuser.apk
./adb push busybox /data/local/tmp/busybox
./adb push root /data/local/tmp/root
./adb shell chmod 0755 /data/local/tmp/*
./adb push psneuter /data/local/tmp/psneuter
./adb shell chmod 777 /data/local/tmp/psneuter
./adb shell /data/local/tmp/psneuter
./adb shell
Finally execute this inside the shell you opened with the previous command >adb shell<:
/data/local/tmp/root
restart mobile and you have root....
Superusere error is patchable by this:
http://forum.xda-developers.com/showthread.php?t=886999
check /sys/devices/system/cpu/cpu0/cpufreq/current_scaling_freq
But do we need to be already on 1.82++ or do we need to downgrade to 1.34++ because I don't really understand what we have to do!
PS: really really thank you!!!!! (all other root methods failed for me, so fingers crossed that this one will work!)
You need to have S-OFF; if you don't you need to go to 1.34 to get it, then upgrade back up the chain...
oh, thanks... I guess I'll have to downgrade then, wouldn't I
I guess so, but should only have to do it once...
Sent from my HTC Vision using XDA App
I rooted my 1.72 device a while ago with this tut: http://forum.xda-developers.com/showthread.php?t=905261
Should I be fine by just executing the latest part off this tut?
Code:
update from 1.72 to 1.82 via system and again root:
./adb push su /sdcard/su
./adb push Superuser.apk /sdcard/Superuser.apk
./adb push busybox /data/local/tmp/busybox
./adb push root /data/local/tmp/root
./adb shell chmod 0755 /data/local/tmp/*
./adb push psneuter /data/local/tmp/psneuter
./adb shell chmod 777 /data/local/tmp/psneuter
./adb shell /data/local/tmp/psneuter
./adb shell
Finally execute this inside the shell you opened with the previous command >adb shell<:
/data/local/tmp/root
restart mobile and you have root....
I got error:
E:signature verification failed
I'm using clockwork recovery 2.5.1.3. I think that's the reason, anyone got a fix for this?
hi, I have desire Z with bootloader 1.82.405.1 , from which stage should I start the rooting process?
Hi all,
I want to root my U8800 under a Linux-OS. Is there a recommended and safe way to do that? Currently my phone ist flashed with V100R001C00B528G001.
I know these threads, but I am unsure if the described methods in these threads are act up on my Linux-System.
http://forum.xda-developers.com/showthread.php?t=1420728
http://forum.xda-developers.com/showthread.php?t=1423422
Many thanks in advance,
Ponder
So, after some days of reading helpfull threads in this forum I found a way to root my u8800 under my favorite OS archlinux To get access to the smartphone it's important to install some packages previously:
Install some packages from the ArchLinux reposities:
pacman -S abs
pacman -S base-devel
pacman -S jdk7-openjdk
pacman -S openal
pacman -S swt
pacman -S libstdc++5
pacman -S libmtp
Download some files from the AUR "ArchLinux User-Community Repository":
(Don't do this as root, do this as normal user and save the packages in ~/android)
android-sdk
android-sdk-platform-tools
android-udev
Create packages (via makepkg) from the three files above and install them via pacman.
https://wiki.archlinux.org/index.php/AUR
After installing the three packages put your user to the group adbusers
Code:
gpasswd -a <your user> adbusers
Figure out the device IDs from u8800:
lsusb
Code:
Bus 001 Device 002: ID 12d1:1037 Huawei Technologies Co., Ltd. Ideos
Adding udev rules for the u8800 device:
There is a template file called "51-android.rules" in the folder "android-udev". Search for the String "Huawei" and replace [VENDOR ID] and [PRODUCT ID] with yours. Copy these rules into /etc/udev/rules.d/51-android.rules:
Code:
# Huawei
SUBSYSTEM=="usb", ATTR{idVendor}=="12d1", MODE="0666", GROUP="adbusers"
SUBSYSTEM=="usb", ATTR{idVendor}=="12d1", ATTR{idProduct}=="1037", SYMLINK+="android_adb"
SUBSYSTEM=="usb", ATTR{idVendor}=="12d1", ATTR{idProduct}=="1037", SYMLINK+="android_fastboot"
Then, to reload your new udev rules, execute:
Code:
# udevadm control --reload-rules
Does It Work? After you have setup the udev rules, unplug your device and replug it. After running:
Code:
$ adb devices
you should see something like:
Code:
List of devices attached
404D8E65F146 device
Download B528_ROOT.rar. I found it in this thread (#7):
http://forum.xda-developers.com/showthread.php?t=1533922
Prepare your phone for rooting:
1) Dial: *#*#2846579#*#*
2) Go to projectmenu > background settings > log settings > log switch > set Log on
3) Reboot Phone
4) Switch USB Debugging ON
5) Download B528_ROOT.rar (not SuperOneClick v2.3.3).
6) Plug your U8800 into your computer but DO NOT mount SD Card.
http://forum.xda-developers.com/showthread.php?t=1420728
7) Extract B528_ROOT.rar and open the file "B528_root.bat" with an editor.
8) Open a terminal as normal user and change into the directory with the file "B528_root.bat".
9) Copy the following commands step by step into the terminal.
Code:
adb wait-for-device
adb reboot-bootloader
fastboot boot boot.img
fastboot reboot
adb wait-for-device
at this point it seems the procedure get stuck. Try the next commands... :-)
adb remount -t yaffs2 /dev/block/mtdblock3 /system
adb push busybox /data/local/tmp/.
adb shell "chmod 755 /data/local/tmp/busybox"
adb shell "/data/local/tmp/busybox mount -o remount,rw /system"
adb push makespace /data/local/tmp/.
adb shell "chmod 777 /data/local/tmp/makespace"
adb shell "./data/local/tmp/makespace"
adb shell "dd if=/data/local/tmp/busybox of=/system/xbin/busybox"
adb shell "chown root.shell /system/xbin/busybox"
adb shell "chmod 04755 /system/xbin/busybox"
adb shell "/system/xbin/busybox --install -s /system/xbin"
adb shell "rm -r /data/local/tmp/busybox"
adb push su /system/bin/su
adb shell "chown root.shell /system/bin/su"
adb shell "chmod 06755 /system/bin/su"
adb shell "rm /system/xbin/su"
adb shell "ln -s /system/bin/su /system/xbin/su"
adb push Superuser.apk /system/app/.
adb shell "cd /data/local/tmp/; rm *"
adb reboot
Now, your smartphone should be rooted.
Some helpfull threads:
http://forum.xda-developers.com/showthread.php?t=1321582
http://forum.xda-developers.com/showthread.php?p=20869699
http://forum.xda-developers.com/showthread.php?p=18615502
http://forum.xda-developers.com/showthread.php?t=1423422
https://wiki.archlinux.org/index.php/Android
THIS IS THE START THREAD FOR ANY XDA ENTHUSIAST!!keep in mind, that you do all these steps on your own and i am not responsible for any damaged or bricked phone.
So if you dont know what are you doing or are afraid of bricking your device, please dont do this!!!
!BEFORE YOU START, PLEASE READ THIS!
And don´t forget to thank Famewolf for the tutorial, because this could save your phone when something go bad!
UNLOCK BOOTLOADER:
-Get/install Alcatel USB driver if Windows. (no need for Mac). FROM HERE, or just connect your idol3 to the computer and from the phone select "cd rom" drive..it will install the drivers automatically
-download the root zip from my GOOGLE DRIVE and unzip it.
-Set USB debugging on in Developer settings (if these are not exposed, go to Settings/About Phone/Build number, and tap 7 times.)
-Plug in USB cable to phone and computer. Tap on USB icon in notifications panel; select MTP (file transfer) mode.
-After that a window on your phone should appear and ask you to allows usb debbuging connection to your attached computer (please also check the box that say something like "always from this computer")
-Open command prompt in direcotry where you have the unzipped files (when using windows in the direcotry hold shift and press the right button on the mouse, it will pop-up a window where you have to select "open command promt here"
-type "adb reboot-bootloader" to reboot into bootloader. The device should reboot to the screen showing "alcatel onetouch...powered by android". This is bootloader mode.
-Then type "fastboot -i 0x1bbb devices" should show some numbers and "fastboot" after the numbers
-Type "fastboot -i 0x1bbb oem device-info" shows device info including bootloader status (e.g. locked).
-Type "fastboot -i 0x1bbb oem unlock" to unlock the bootloader; after this you should get, for device info,
-Type "fastboot -i 0x1bbb oem device-info" and you should see "Device unlocked: true"
-To reboot normally: "fastboot -i 0x1bbb reboot"
ROOT USING CUSTOM RECOVERY:
as we have now the custom recovery (TWRP)
-So download supersu.zip from HERE
-Put it on your SD card (or internal memory)
-Flash (or just boot) the custom recovery (you can see the procedure in the thread i linked above) and in recovery install the superSU.zip
-Reboot
ROOT:
-Plug in USB cable to phone and computer. Tap on USB icon in notifications panel; select MTP (file transfer) mode.
-Run the unziped "root.bat" file and select option 1.
-The device will reboot to bootloader,then boot the boot.img which will install the SU and then the device will twice reboot
-check if you have superSU installed, if yes, then You are done.
BACKUP under windows:
-so now you have root rights and you can what ever you want, but first do not forget to backup your device
-for that occasion i made a simple BACKUP_all.bat file
-download the file and place it to the directory, where you extracted the root.zip
-run the bat file it will create a backup folder on external sd card in the phone! extract the system partitions and in the end it copies it to the subdirectory "blocks" in the dir where you ran the bat file.
BE AWARE to share the modemst and persist files because they are device specific!!!
here is the code:
PHP:
@echo BACKUP IDOL3 6045 partitions by DallasCZ
adb shell mkdir /storage/sdcard1/mybckup
echo Press any key to begin
pause >nul
adb shell su -c "dd if=/dev/block/mmcblk0p1 of=/storage/sdcard1/mybckup/modem"
adb shell su -c "dd if=/dev/block/mmcblk0p2 of=/storage/sdcard1/mybckup/tunning"
adb shell su -c "dd if=/dev/block/mmcblk0p3 of=/storage/sdcard1/mybckup/traceability"
adb shell su -c "dd if=/dev/block/mmcblk0p4 of=/storage/sdcard1/mybckup/fsc"
adb shell su -c "dd if=/dev/block/mmcblk0p5 of=/storage/sdcard1/mybckup/ssd"
adb shell su -c "dd if=/dev/block/mmcblk0p6 of=/storage/sdcard1/mybckup/sbl1"
adb shell su -c "dd if=/dev/block/mmcblk0p8 of=/storage/sdcard1/mybckup/rpm"
adb shell su -c "dd if=/dev/block/mmcblk0p10 of=/storage/sdcard1/mybckup/tz"
adb shell su -c "dd if=/dev/block/mmcblk0p12 of=/storage/sdcard1/mybckup/hyp"
adb shell su -c "dd if=/dev/block/mmcblk0p14 of=/storage/sdcard1/mybckup/modemst1"
adb shell su -c "dd if=/dev/block/mmcblk0p15 of=/storage/sdcard1/mybckup/modemst2"
adb shell su -c "dd if=/dev/block/mmcblk0p16 of=/storage/sdcard1/mybckup/simlock"
adb shell su -c "dd if=/dev/block/mmcblk0p17 of=/storage/sdcard1/mybckup/persistent"
adb shell su -c "dd if=/dev/block/mmcblk0p18 of=/storage/sdcard1/mybckup/splash"
adb shell su -c "dd if=/dev/block/mmcblk0p19 of=/storage/sdcard1/mybckup/tctpersist"
adb shell su -c "dd if=/dev/block/mmcblk0p20 of=/storage/sdcard1/mybckup/hdcp"
adb shell su -c "dd if=/dev/block/mmcblk0p21 of=/storage/sdcard1/mybckup/DDR"
adb shell su -c "dd if=/dev/block/mmcblk0p22 of=/storage/sdcard1/mybckup/fsg"
adb shell su -c "dd if=/dev/block/mmcblk0p23 of=/storage/sdcard1/mybckup/sec"
adb shell su -c "dd if=/dev/block/mmcblk0p24 of=/storage/sdcard1/mybckup/aboot"
adb shell su -c "dd if=/dev/block/mmcblk0p26 of=/storage/sdcard1/mybckup/boot"
adb shell su -c "dd if=/dev/block/mmcblk0p27 of=/storage/sdcard1/mybckup/recovery"
adb shell su -c "dd if=/dev/block/mmcblk0p28 of=/storage/sdcard1/mybckup/system"
adb shell su -c "dd if=/dev/block/mmcblk0p29 of=/storage/sdcard1/mybckup/persist"
adb shell su -c "dd if=/dev/block/mmcblk0p30 of=/storage/sdcard1/mybckup/fota"
adb shell su -c "dd if=/dev/block/mmcblk0p32 of=/storage/sdcard1/mybckup/misc"
adb shell su -c "dd if=/dev/block/mmcblk0p33 of=/storage/sdcard1/mybckup/keystore"
adb shell su -c "dd if=/dev/block/mmcblk0p34 of=/storage/sdcard1/mybckup/config"
@echo BACKUP copied partitions to hard drive
@mkdir blocks
adb pull /storage/sdcard1/mybckup %CD%/blocks/
@echo BACKUP Done!
@echo Press any key to exit
@ECHO OFF
@pause >nul
FOR LINUX USERS:
for unlocking the bootloader see THIS POST by Fankee207
for backup on linux please see THIS POST by Frankee207
and dont forget to thank him. :good:
If someone send me a linux/mac guide i will post it to this post so we have all the info in one thread.
reservation 1
reservation 2
To unlock bootloader on linux, just make sure adb and fastboot are installed
Code:
sudo apt-get install android-tools-adb android-tools-fastboot
on ubuntu based linux for example. No need to install full SDK.
just add sudo before each command
Ex:
Code:
sudo fastboot -i 0x1bbb oem unlock
Should work, but I'have not tried myself since I have not received my idol yet
No need specific drivers. Before beginning, you can run
Code:
adb devices
to make sure your device is correctly detected
Don't forget if problem with adb on linux, run
Code:
sudo adb kill-server
sudo adb start-server
Thnaks you for the backup script. May I share it on french android forum forum.frandroid.com ?
frankee207 said:
Thnaks you for the backup script. May I share it on french android forum forum.frandroid.com ?
Click to expand...
Click to collapse
Of course you can..no wait ...you must!
Awesome it works on dual sim? 6045k? I need to send my ohone to repair the microphone so i will lost the warranty right? I need to wait few months:/
DallasCZ said:
Of course you can..no wait ...you must!
Click to expand...
Click to collapse
thansk you ,I will !
Running both Linux and Windows, I converted your script for Linux usage. Please find it here.
PHP:
echo -e "#### Backup all your idol 3's partitions - DallasCZ & frankee207 @XDA ####\n\n"
echo -e "Please make sure your device is connected\n"
read -p "Press ENTER to continue"
cd ~/
echo -e "/!\ root access must be granted for using adb on linux /!\ \n"
sudo adb kill-server
sudo adb start-server
sudo adb shell mkdir /storage/sdcard1/mybckup/
sudo adb shell su -c "dd if=/dev/block/mmcblk0p1 of=/storage/sdcard1/mybckup/modem"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p2 of=/storage/sdcard1/mybckup/tunning"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p3 of=/storage/sdcard1/mybckup/traceability"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p4 of=/storage/sdcard1/mybckup/fsc"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p5 of=/storage/sdcard1/mybckup/ssd"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p6 of=/storage/sdcard1/mybckup/sbl1"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p8 of=/storage/sdcard1/mybckup/rpm"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p10 of=/storage/sdcard1/mybckup/tz"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p12 of=/storage/sdcard1/mybckup/hyp"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p14 of=/storage/sdcard1/mybckup/modemst1"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p15 of=/storage/sdcard1/mybckup/modemst2"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p16 of=/storage/sdcard1/mybckup/simlock"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p17 of=/storage/sdcard1/mybckup/persistent"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p18 of=/storage/sdcard1/mybckup/splash"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p19 of=/storage/sdcard1/mybckup/tctpersist"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p20 of=/storage/sdcard1/mybckup/hdcp"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p21 of=/storage/sdcard1/mybckup/DDR"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p22 of=/storage/sdcard1/mybckup/fsg"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p23 of=/storage/sdcard1/mybckup/sec"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p24 of=/storage/sdcard1/mybckup/aboot"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p26 of=/storage/sdcard1/mybckup/boot"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p27 of=/storage/sdcard1/mybckup/recovery"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p28 of=/storage/sdcard1/mybckup/system"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p29 of=/storage/sdcard1/mybckup/persist"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p30 of=/storage/sdcard1/mybckup/fota"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p32 of=/storage/sdcard1/mybckup/misc"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p33 of=/storage/sdcard1/mybckup/keystore"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p34 of=/storage/sdcard1/mybckup/config"
sudo mkdir blocks/
sudo adb pull /storage/sdcard1/mybckup/ ~/blocks/
echo -e "Backup done ! You can find it in ~/blocks/"
read -p "Press ENTER to exit"
exit
You can download the script here: https://mega.nz/#!QtEG3TSb!DJ8N1dVRUYNPOLk8kQj2ggZfx8o5M9whiag5WFfANtc
If you use the script for linux, don't forget to make it executable by running
Code:
sudo chmod +x backup_all_AOTI3.sh
It work on 6045k or not? Thank you for the tutorial
---------- Post added at 02:27 PM ---------- Previous post was at 02:23 PM ----------
Another question we will have problems with a next update?
during the root process, does it really "flash" a boot.img?
from the batch file, it appears we are booting a boot.img, from which we [presumably] push supersu to the system. thanks.
deepasadish said:
during the root process, does it really "flash" a boot.img?
from the batch file, it appears we are booting a boot.img, from which we [presumably] push supersu to the system. thanks.
Click to expand...
Click to collapse
my mistake, of course it only boot to the boot.img
I get device not found on adb and the drivers url isn't working i used the phone usb cd... Drivers
RodrigoIsaac said:
I get device not found on adb and the drivers url isn't working i used the phone usb cd... Drivers
Click to expand...
Click to collapse
you have to install the drivers from the phone mounted as Cd and then enable the usb debugging...
I clicked sevenntimes in debugging mode, I installed thebphone as drivers cd (on pc clicked onbsetup, install) then disconnected and connect again, open prompt in idol3_6045_root folder (shift right click...) wrote adb reboot bootloader. Then appeared not running daemon. Starting it now on pprt 5037 daemon started successfully error:device not found
But the dispositive is connected and can access the files etc... I tried in two diffdifferent pc's. Tank you for your help
you have enable usb debbuging in developer settings, then you have to switch the connect mode feom cd to PTP
Error: device not found
I think the drivers are not installed because when e conect in mtp or ptp it install the drivers again so i unistall the drivers and connect on cd again and install the drivers then i change to mtp and the pc install the drivers automatically if i change to ptp the same thing happens
reboot computer
Iagain the same error :'( i don't know what is going on.
for me worked to download pdanet software, or try to google adb drivers... will make research when i am at home, now i am drinking beer...
Ok, tank you so much, i will really happy when it's possible to use root apps, sorry my bad english ehehe
---------- Post added at 04:14 PM ---------- Previous post was at 04:02 PM ----------
Unlock worked, i activate debugging but not check ☑ on usb settings on notification bar
---------- Post added at 04:21 PM ---------- Previous post was at 04:14 PM ----------
Rooted successfully omg tank you, tank you!!!!!!
frankee207 said:
thansk you ,I will !
Running both Linux and Windows, I converted your script for Linux usage. Please find it here.
PHP:
echo -e "#### Backup all your idol 3's partitions - DallasCZ & frankee207 @XDA####\n\n"
echo -e "Please make sure your device is connected\n"
read -p "Press any key to continue"
cd ~/
echo -e "/!\ root must be granted for using adb on linux\n"
sudo adb kill-server
sudo adb start-server
sudo adb shell mkdir /storage/sdcard1/mybackup/
sudo adb shell su -c "dd if=/dev/block/mmcblk0p1 of=/storage/sdcard1/mybckup/modem"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p2 of=/storage/sdcard1/mybckup/tunning"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p3 of=/storage/sdcard1/mybckup/traceability"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p4 of=/storage/sdcard1/mybckup/fsc"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p5 of=/storage/sdcard1/mybckup/ssd"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p6 of=/storage/sdcard1/mybckup/sbl1"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p8 of=/storage/sdcard1/mybckup/rpm"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p10 of=/storage/sdcard1/mybckup/tz"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p12 of=/storage/sdcard1/mybckup/hyp"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p14 of=/storage/sdcard1/mybckup/modemst1"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p15 of=/storage/sdcard1/mybckup/modemst2"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p16 of=/storage/sdcard1/mybckup/simlock"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p17 of=/storage/sdcard1/mybckup/persistent"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p18 of=/storage/sdcard1/mybckup/splash"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p19 of=/storage/sdcard1/mybckup/tctpersist"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p20 of=/storage/sdcard1/mybckup/hdcp"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p21 of=/storage/sdcard1/mybckup/DDR"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p22 of=/storage/sdcard1/mybckup/fsg"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p23 of=/storage/sdcard1/mybckup/sec"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p24 of=/storage/sdcard1/mybckup/aboot"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p26 of=/storage/sdcard1/mybckup/boot"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p27 of=/storage/sdcard1/mybckup/recovery"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p28 of=/storage/sdcard1/mybckup/system"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p29 of=/storage/sdcard1/mybckup/persist"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p30 of=/storage/sdcard1/mybckup/fota"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p32 of=/storage/sdcard1/mybckup/misc"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p33 of=/storage/sdcard1/mybckup/keystore"
sudo adb shell su -c "dd if=/dev/block/mmcblk0p34 of=/storage/sdcard1/mybckup/config"
sudo mkdir blocks/
sudo adb pull /storage/sdcard1/mybackup/ ~/blocks/
echo -e "Backup done ! You can find it in ~/blocks/"
read -p "Press any key to exit"
exit
You can download the script here: https://mega.nz/#!E9MnGSjR!XHreY39vw7YIxFqOncDZNcBfn5LSgdhYsbcO4DGlubM
If you use the script for linux, don't forget to make it executable by running
Code:
sudo chmod +x backup_all_AOTI3.sh
Click to expand...
Click to collapse
%frankee207, there is at least one error in your backup script: you create a directory "mybackup" but then you try to write to a directory "mybckup". You will need to change one name or the other.
I will try a corrected version later today on my Mac (in general most stuff for linux should also work on Mac, though you don't need to run as root on the mac to run adb, so "sudo adb" can be replaced by "adb".)
Someone please test this. I can't right now (at work, don't have G5) so please update me. It works on my HTC 10 but I do not know if it will work on the G5...
CODE:
adb push arm64-v8a/dirtycow /data/local/tmp
adb push arm64-v8a/run-as /data/local/tmp
adb shell 'chmod 777 /data/local/tmp/run-as'
adb shell 'chmod 777 /data/local/tmp/dirtycow'
adb shell '/data/local/tmp/dirtycow /system/bin/run-as /data/local/tmp/run-as'
adb shell /system/bin/run-as
Honestly Annoying said:
Someone please test this. I can't right now (at work, don't have G5) so please update me. It works on my HTC 10 but I do not know if it will work on the G5...
CODE:
adb push arm64-v8a/dirtycow /data/local/tmp
adb push arm64-v8a/run-as /data/local/tmp
adb shell 'chmod 777 /data/local/tmp/run-as'
adb shell '/data/local/tmp/dirtycow /system/bin/run-as /data/local/tmp/run-as'
Click to expand...
Click to collapse
I tested those commands but what result are you waiting for ?
YassGo said:
I tested those commands but what result are you waiting for ?
Click to expand...
Click to collapse
Well, what happened?
Also, try and open an adb shell with "adb shell"
EDIT Goddamnit I forgot the last command. My bad! Please try again.
Honestly Annoying said:
Well, what happened?
Also, try and open an adb shell with "adb shell"
Click to expand...
Click to collapse
That's what I've did for the last two commands :
C:\>adb push arm64-v8a/dirtycow /data/local/tmp
[100%] /data/local/tmp/dirtycow
C:\>adb push arm64-v8a/run-as /data/local/tmp
[100%] /data/local/tmp/run-as
C:\>adb shell
[email protected]:/ $ chmod 777 /data/local/tmp/run-as
tmp/dirtycow /system/bin/run-as /data/local/tmp/run-as
/system/bin/sh: /data/local/tmp/dirtycow: can't execute: Permission denied
YassGo said:
That's what I've did for the last two commands :
C:\>adb push arm64-v8a/dirtycow /data/local/tmp
[100%] /data/local/tmp/dirtycow
C:\>adb push arm64-v8a/run-as /data/local/tmp
[100%] /data/local/tmp/run-as
C:\>adb shell
[email protected]:/ $ chmod 777 /data/local/tmp/run-as
tmp/dirtycow /system/bin/run-as /data/local/tmp/run-as
/system/bin/sh: /data/local/tmp/dirtycow: can't execute: Permission denied
Click to expand...
Click to collapse
You aren't running my commands. Just copy and post exactly what I posted
C:\>adb push arm64-v8a/dirtycow /data/local/tmp
[100%] /data/local/tmp/dirtycow
C:\>adb push arm64-v8a/run-as /data/local/tmp
[100%] /data/local/tmp/run-as
C:\>adb shell 'chmod 777 /data/local/tmp/run-as'
/system/bin/sh: chmod 777 /data/local/tmp/run-as: not found
C:\>adb shell '/data/local/tmp/dirtycow /system/bin/run-as /da
s'
/system/bin/sh: /data/local/tmp/dirtycow /system/bin/run-as /d
as: not found
C:\>adb shell /system/bin/run-as
run-as: Usage:
run-as <package-name> [--user <uid>] <command> [<args>]
YassGo said:
C:\>adb push arm64-v8a/dirtycow /data/local/tmp
[100%] /data/local/tmp/dirtycow
C:\>adb push arm64-v8a/run-as /data/local/tmp
[100%] /data/local/tmp/run-as
C:\>adb shell 'chmod 777 /data/local/tmp/run-as'
/system/bin/sh: chmod 777 /data/local/tmp/run-as: not found
C:\>adb shell '/data/local/tmp/dirtycow /system/bin/run-as /da
s'
/system/bin/sh: /data/local/tmp/dirtycow /system/bin/run-as /d
as: not found
C:\>adb shell /system/bin/run-as
run-as: Usage:
run-as <package-name> [--user <uid>] <command> [<args>]
Click to expand...
Click to collapse
It sounds like there's a problem with your /tmp/ directory. Try running "adb shell 'chmod 777 /data/local/tmp/' "
C:\>adb shell 'chmod 777 /data/local/tmp/'
/system/bin/sh: chmod 777 /data/local/tmp/: not found
I can't even ls local directory....but I see your two files in tmp
255|[email protected]:/data/local $ cd tmp
[email protected]:/data/local/tmp $ ls
dirtycow
run-as
[email protected]:/data/local/tmp $
YassGo said:
C:\>adb shell 'chmod 777 /data/local/tmp/'
/system/bin/sh: chmod 777 /data/local/tmp/: not found
I can't even ls local or tmp directory....
Click to expand...
Click to collapse
What the heck dude?? I've never heard of that error... it seems like you just don't have a tmp directory.
Honestly Annoying said:
What the heck dude?? I've never heard of that error... it seems like you just don't have a tmp directory.
Click to expand...
Click to collapse
Sorry dude I edited my message.
adb push arm64-v8a/dirtycow /data/local/tmp
adb push arm64-v8a/run-as /data/local/tmp
adb shell 'chmod 777 /data/local/tmp/run-as'
adb shell 'chmod 777 /data/local/tmp/dirtycow'
adb shell '/data/local/tmp/dirtycow /system/bin/run-as /data/local/tmp/run-as'
--> warning: new file size (5960) and file old size (14192) diffe
size 14192
[*] mmap 0x7f7eb44000
[*] exploit (patch)
[*] currently 0x7f7eb44000=10102464c457f
[*] madvise = 0x7f7eb44000 14192
[*] madvise = 0 1048576
[*] /proc/self/mem 1996488704 1048576
[*] exploited 0x7f7eb44000=10102464c457f
adb shell /system/bin/run-as
--> running as uid 2000
uid 0
YassGo said:
Sorry dude I edited my message.
Click to expand...
Click to collapse
Ah okay see that now. Do this
adb shell
/data/local/tmp/dirtycow /system/bin/run-as /data/local/tmp/run-as
/system/bin/run-as
Basically, this adds the "run-as" to the /system/bin directory, which is only accessible by root
Honestly Annoying said:
Ah okay see that now. Do this
adb shell
/data/local/tmp/dirtycow /system/bin/run-as /data/local/tmp/run-as
/system/bin/run-as
Basically, this adds the "run-as" to the /system/bin directory, which is only accessible by root
Click to expand...
Click to collapse
Okay you forgot chmod 777 on the dirtycow file. Here's what I get now with the last two commands :
adb push arm64-v8a/dirtycow /data/local/tmp
adb push arm64-v8a/run-as /data/local/tmp
adb shell 'chmod 777 /data/local/tmp/run-as'
adb shell 'chmod 777 /data/local/tmp/dirtycow'
adb shell '/data/local/tmp/dirtycow /system/bin/run-as /data/local/tmp/run-as'
--> warning: new file size (5960) and file old size (14192) diffe
size 14192
[*] mmap 0x7f7eb44000[*] exploit (patch)[*] currently 0x7f7eb44000=10102464c457f[*] madvise = 0x7f7eb44000 14192[*] madvise = 0 1048576[*] /proc/self/mem 1996488704 1048576[*] exploited 0x7f7eb44000=10102464c457f
adb shell /system/bin/run-as
--> running as uid 2000
uid 0
YassGo said:
Okay you forgot chmod 777 on the dirtycow file. Here's what I get now with the last two commands :
adb push arm64-v8a/dirtycow /data/local/tmp
adb push arm64-v8a/run-as /data/local/tmp
adb shell 'chmod 777 /data/local/tmp/run-as'
adb shell 'chmod 777 /data/local/tmp/dirtycow'
adb shell '/data/local/tmp/dirtycow /system/bin/run-as /data/local/tmp/run-as'
--> warning: new file size (5960) and file old size (14192) diffe
size 14192
[*] mmap 0x7f7eb44000[*] exploit (patch)[*] currently 0x7f7eb44000=10102464c457f[*] madvise = 0x7f7eb44000 14192[*] madvise = 0 1048576[*] /proc/self/mem 1996488704 1048576[*] exploited 0x7f7eb44000=10102464c457f
adb shell /system/bin/run-as
--> running as uid 2000
uid 0
Click to expand...
Click to collapse
Oh crap so sorry! Now run
adb shell
whoami
cd /data
ls
Please post results of that!
[email protected]:/data/local/tmp $ whoami
shell
[email protected]:/data/local/tmp $ cd /data
[email protected]:/data $ ls
opendir failed, Permission denied
YassGo said:
[email protected]:/data/local/tmp $ whoami
shell
[email protected]:/data/local/tmp $ cd /data
[email protected]:/data $ ls
opendir failed, Permission denied
Click to expand...
Click to collapse
Okay, so here's what I can see of this then. This DOES open a root shell, but it closes the shell right after placing "run-as" into /system/bin. If we can keep the shell open then bam root!
YassGo said:
[email protected]:/data/local/tmp $ whoami
shell
[email protected]:/data/local/tmp $ cd /data
[email protected]:/data $ ls
opendir failed, Permission denied
Click to expand...
Click to collapse
WAIT actually try running
SEE NEXT POST
[email protected]:/data $ cd /data/local/tmp
[email protected]:/data/local/tmp $ run-as cat /init.flo.diag.rc
running as uid 2000
uid 0
YassGo said:
[email protected]:/data $ cd /data/local/tmp
[email protected]:/data/local/tmp $ run-as cat /init.flo.diag.rc
running as uid 2000
uid 0
Click to expand...
Click to collapse
Oops, close that root shell and just do
adb shell
run-as cat /init.flo.diag.rc
C:\>adb shell
[email protected]:/ $ run-as cat /init.flo.diag.rc
running as uid 2000
uid 0
YassGo said:
C:\>adb shell
[email protected]:/ $ run-as cat /init.flo.diag.rc
running as uid 2000
uid 0
Click to expand...
Click to collapse
wtf it should be working.
Here's some to try, tell me if any of these work
adb shell
run-as id
run-as ls -lZ /sbin/
run-as ls -lZ /data/