The Complete Noob-iots Guide To Rooting, Recovery, and Troubleshooting - Kindle Fire General

The purpose of this tutorial is not to teach you everything. It's just to give the less-than-average user (noob) an idea of why certain steps are taken and how to prevent and or troubleshoot problems that most people have when rooting or flashing ROMs on their device. I am also assuming that if you do decide to root your device you have at least a basic working knowledge of a computer. If you don't know what a desktop is or how to find the "any" key, you have no business being anywhere near a computer much less an android device…continue no further. Read my tutorial…If you like it, let me know. If I missed anything or got something wrong, let me know…I'll try to fix it. If you're impartial to it, I couldn't care less. If you hate it, PM me…I have some important information for you about anger management.
ROOTING
While there are different rooting "methods" they all rely on the same basic concept. Get temporary root access to your system in order to use the adb (Android Debug Bridge) to transfer necessary files and change permissions to permanently root (take ownership of) the device.
Before programs like KindleFireUtility and KindleWater, rooting the Kindle Fire was done manually through a command line interface (command prompt). Although those programs still use the same methods, you never see it. But why use command prompt? What do those commands mean anyway? Anyone can point and click but if you don't know what is going on behind the scenes then you are big trouble when things go wrong…and they inevitably will. So, let's get started.
From here on out we will consider this the beginning of the tutorial. Read everything first before doing anything. Pay close attention to what's being said and follow instructions carefully. Now...
Before anything your device needs to be fully charged and have the Android SDK and the Kindle adb drivers installed onto your computer. I'm not going to go into how to install SDK or Kindle adb drivers here because there are millions of pages on the internet that will teach you, and quite frankly that's not the purpose of this tutorial. That being said, lets get down to business and talk about the older (manual) methods of rooting the Kindle Fire.
First, lets start with the device turned on. Now go to your Kindle Fire settings and scroll down and select "Devices". Make sure "Allow Installation of Applications" is set to ON. This allows you to install apps not downloaded from the Amazon App Store. Next we open the App Store and search for and install a file management utility (ES File Explorer is a good one to start with). This will be necessary to temporarily root your device. Exit the App Store.
Now plug your device into the computer. For the purposes of this exercise there are two USB modes you will need to know, USB debugging and USB file transfer. On stock devices when you plug into your computer you will see a black screen that says "You can now transfer files from your computer to Kindle". This we will call USB file transfer mode. You will use this to transfer a program to your device that will give you temporary root permissions. The old program for this was ZergRush, nowadays its BurritoRoot and tomorrow it will probably be something else. Whatever it is, find whichever one works for your device's software version and transfer it to your device using Explorer (Windows) or Finder (Mac). Since you don't have root access yet, everything you put on your device for now will go directly to the SDcard partition, far away from system folders (for all intents and purposes).
Press "disconnect" on your Kindle Fire. Now, and by default, your Kindle is in USB debugging mode. What that means is that when you are not in USB file transfer mode your device is constantly listening for debugging commands coming from the USB port. We will be using this to send adb commands to the device which are necessary for rooting and setting up recovery. Now open the file management app you installed from the App Store, navigate to the temporary root program you transferred from your computer and open it. Install and follow the instructions, if any. Next go to your computer and navigate to your Android SDK folder and look for a folder called "platform-tools" if you don't see it, open the tools folder and double-click the file named "Android". Select "platform-tools" and install.
To make things simple, lets to take the platform-tools folder and place it on your desktop (just be sure to put it back when this is all over).
At this point we need to get Superuser. This is what we will use to give your apps root access. Go to http://www.androidsu.com/superuser and download the one for Gingerbread. Extract the superuser.zip file, open the folder and navigate to the system folder inside. There, inside the "app" and "bin" folders you will see two files called "superuser.apk" and "SU". Place them in the platform-tools folder that is now on your desktop. And now the fun part, it's time to start rooting.
Open your command prompt (or terminal for mac users) and type and enter:
cd Desktop/platform-tools
Here, you are telling the computer to cd (change directory) to the platform-tools folder located inside the Desktop folder. This is going to be your workspace. Everything you do from here on will be done from this folder. If you don't get any errors then you are in good shape. Otherwise you messed up somewhere and probably skipped a step...go back and read from the beginning. Make sure your Kindle Fire is turned on and NOT in USB file transfer mode. If you are not sure what mode you're in, go back to the beginning. If this is your second time around, stop. You need to learn more about how to change directories using command line interface.
When you are in the platform-tools folder, type and enter this command:
adb devices
Mac and Linux users will put ./ before all adb and fastboot commands from here on out. It will look like: ./adb devices
Here you are using the adb program to print a list of connected devices. You should see a bunch of numbers that mean nothing to you at this skill level. Move on. If you don't see any numbers then you either don't have your drivers installed properly or you skipped a step; go back to the beginning.
If you do get a bunch of numbers your device is connected. Now type and enter:
adb root

...gives root permissions to the adb
adb remount
...mounts the system partition to a "read/write" state allowing you to make changes to system files and folders. Consequentially, if you enter adb remount a second time, you will change it back to "read only". Don't do that.
adb push su /system/xbin/su
...will push (transfer) the file named "SU" that is in your workspace (platform-tools folder) to the su folder inside the xbin folder of your device's system folder. The SU binary file is what other apps call to when they need superuser rights.
adb shell chown 0.0 /system/xbin/su
...this is where it gets a little funky. It opens a shell interface within the adb in order to chown (give ownership permissions) to user 0.0 for the su folder. A shell is a piece of software with a particular set of commands built in to act as sort of a go-between between the user, operating system and hardware kernel services. But who is user 0.0? [Edit:] User 0.0 is the root user. Thanks to b63 for that piece of knowledge
adb shell chmod 06755 /system/xbin/su
...opens a shell within the adb to chmod (change mode) of the su folder to 06755. What that basically means is you are changing the folder permissions to rwxr-xr-x or read/write/execute for the owner, and read/execute for the group and others.
adb install superuser.apk
...installs the program superuser.apk located in the platform-tools folder. Superuser.apk maintains a database of what apps you allow to access SU binary file.
That's how the rooting process works. Again if you get any errors, you did something wrong. Go back to the beginning and read it all over again. Attention is key.
Also, I suggest you skip the one-click methods for rooting and get used to using the command line interface so you understand how the process works in order to quickly troubleshoot problems should they arise. Oh and congratulations, you are rooted.
RECOVERY
Now lets install a custom recovery utility and a new boot-loader. For this you will be using the fastboot command. Before we go on, one thing you absolutely must get your head around is the difference between how fastboot interacts with your device versus how adb interacts with your device. fastboot deals with the boot portion of the device whereas adb only deals with the system portion. What that means is adb will only work when the device is completely booted. If for some reason your device doesn't boot properly then you should not be issuing adb commands. It's like trying to light a match in a vacuum. Fastboot works in the same way in that you must be in the fastboot bootmode in order to issue fastboot commands. Unless you have custom recovery installed or a factory programming cable there is only one way to get into fastboot mode. We'll talk about that later.
Installing recovery is a simple process but it is where people tend to have the most problems. Part of the reason is the misunderstanding of the different bootmodes. For now, you only need to be concerned with two of them; normal bootmode (4000) and fastboot bootmode (4002). The main reason people run into trouble is that once you are in a particular bootmode, it doesn't change until you tell it to (with the exception of temporary fastboot which we will get into later).
In normal bootmode your device will boot...normally (imagine that). With the fastboot bootmode the boot-loader will hang at the Kindle Fire splash screen (or yellow triangle if you have recovery installed) to wait for further commands. If this happens to you, chances are your only problem is you are in the wrong bootmode, which is easy to fix. Knowing that, installing a custom recovery should be a breeze.
First find whatever recovery you want to use (unzip it if you have to) and place the .img file into your platform-tools folder that you were using earlier. We're going to use adb to change the bootmode to fastboot in order to install custom recovery. Remember, anything that pertains to the boot-loader, (Kindle Fire logo/yellow triangle) will be done in the fastboot bootmode; that includes custom recovery installation. For more information on Kindle Fire bootmodes, boot-loaders, fastboot and just about everything else, see this post:
http://forum.xda-developers.com/showthread.php?t=1552547
From your command prompt type and enter:
adb shell
su
idme bootmode 4002
reboot
What that does is tells adb to open a shell and su (substitute user) for the root user, change the bootmode from normal (4000) to fastboot (4002) and reboot. The root user has the necessary permissions to change the bootmode from the adb. Your device will reboot then hang at the splash screen because it is in the fastboot bootmode.
Now install your custom recovery (we'll call it customrecovery.img for now)
fastboot -i 0x1949 boot customrecovery.img
again, for Mac and Linux you would type: ./fastboot -i 0x1949 boot customrecovery.img
That tells your computer to, using the fastboot program that is in your platform-tools folder, boot the device with the ID of 0x1949 (your Kindle) with the file named "customrecovery.img"
After installation, reboot, but you will still be in the fastboot bootmode. So type:
fastboot -i 0x1949 oem idme bootmode 4000

fastboot reboot
…tells the device to reset the partition where the recovery(?) is located, change the bootmode to normal (4000) and reboot.
TROUBLESHOOTING
Flashing custom ROMS are another source of frustrations as they add too many variables to the equation. Some ROMS can be very unstable and cause weird things to happen to your device. But just knowing how this stuff works will help you fix 90% of the problems that may come up. If you are having trouble with your device, troubleshoot the problem:
Does the device turn on?
No

Is it fully charged?
No--> Charge it

Is it fully charged?
Yes--> Hold the power button for 30 seconds and restart

Does the device turn on?
No--> Hold the power button for 3 minutes and restart
Does the device turn on?

No--> Google search "Motorola USB factory programming cable"

Does it boot normally?
No

Do you have custom recovery installed
No--> You need to get into fastboot mode to issue fastboot commands. Google search "Motorola USB factory programming cable"

Do you have custom recovery installed?
Yes--> During the first 5 seconds of seeing the boot splash screen (this is temporary fastboot mode that comes with custom recovery) issue fastboot command to change bootmode to 4000. Reboot

Does it boot normally?

No

Can you get into recovery?
No--> During the first 5 seconds of seeing the boot splash screen (temporary fastboot mode) issue fastboot command to install a new customrecovery.img. Reboot.

Can you get into recovery?

Yes--> Re-flash your ROM. Reboot.

Does it boot normally?

No--> Enter recovery, factory reset, wipe cache, wipe dalvik cache, re-flash your ROM. Reboot

Does it boot normally?
No--> Enter recovery, factory reset, wipe cache, wipe dalvik cache, flash a different ROM. Reboot

Does it boot normally?
No--> Post your problem on the XDA forum. Include all pertinent information such as what rom you are using, what the exact problem is, what you were doing before the problem occurred and all the steps you have taken to try and fix the problem.

Does it boot normally?
Yes--> Give yourself a pat on the back, because you rock!
Do you Rock?
No--> Start over from the beginning

nice
--sent from my glacier.

Related

[GUIDE] Linux Ubuntu: Unlocking Bootloader / Rooting Nexus S

One thing I've noticed is there isn't a lot of documentation for getting set up and unlocking your bootloader on a Linux OS. Setting up your machine to get adb and fastboot to recognize your device takes a tiny bit of extra work on a Linux operating system, but what exactly needs to be done may not be clear to everyone. Whether it's because you're new to the Android SDK/adb, somewhat new to Linux, or can't simply can't seem to find the Vendor Code for the Nexus S. (For those who are looking specifically for this, it's '18d1', and I assume will be the same on all Nexus devices to come; If this means nothing to you right now, read on.)
Disclaimer: I take no responsibility if something goes wrong (if it does, it should be fixable though), Unlocking your bootloader voids your warranty (but you can lock it back), Unlocking the bootloader will wipe your entire phone, including USB Storage; so make a copy of all those family photos and other files you may have put onto the USB storage if you want to keep them.
For the sake of sanity, this guide assumes you are using Ubuntu. If you're using something else (or different applications), there are terminal commands offered, and you probably have an idea on how to adapt the given instructions to your Linux OS.
Preparation: Installing the Android SDK, ADB, Fastboot & Setting Up Your Nexus S to be Recognized
1. Download the Android SDK for Linux: http://dl.google.com/android/android-sdk_r08-linux_86.tgz
2. Save it in a folder of your choice. I chose to keep it in my Downloads folder, myself. If you'd like, you can rename it to the simpler name of 'AndroidSDK.tgz'. The rest of the guide will assume that you did, because I'm lazy, and it makes things simpler; it will also assume you saved it in Downloads. If you feel that you have the intuition to rename and edit the path names based on your own choices, then fine; but if you're utterly lost here, just stick with what I'm doing; download to 'Downloads', rename to 'AndroidSDK.tgz'.
3. Now that you have it, navigate to the folder you downloaded it to, right-click, and click 'Extract' to unzip it. If for some reason you cannot do this, open up a terminal and try this command:
Code:
tar zxvf /home/<your-user-name>/Downloads/AndroidSDK.tgz
You may have to adjust the command if you didn't save it under Downloads or didn't rename the file to AndroidSDK.tgz.
4. Now, we'll install adb and some other software packages by starting up the Android SDK and AVD Manager. Start it either by:
- Navigating to your AndroidSDK folder, going to the 'tools' folder and double-clicking the file called 'android'; if a popup opens asking you what you want to do with it click 'Run'.
- Using this command:
Code:
/home/<your-user-name>/Downloads/AndroidSDK/tools/android
5. In Android SDK and AVD Manager, click on "Available packages". Check the box next to "Android SDK Tools, revision 8" and "Android SDK Platform-tools", and click on "Install Selected" then "Install". When prompted click "Yes" to restart ADB.
6.You should now have a folder in /home/<your-user-name>/Downloads/AndroidSDK/ called "platform-tools".
7. Download fastboot here: http://developer.htc.com/adp.html
- Save it to the aforementioned platform-tools folder.
- Now, navigate to the file, right click it, click 'Properties', go to the 'Permissions' Tab and check 'Allow executing file as program'. Alternatively, run this command:
Code:
chmod +x /home/<your-user-name>/Downloads/AndroidSDK/platform-tools/fastboot
8. Now to set things up so adb and fastboot recognize your Nexus.
- Type this command into a terminal:
Code:
gksudo gedit /etc/udev/rules.d/51-android.rules
- Paste this into the blank file:
Code:
SUBSYSTEM=="usb", SYSFS{idVendor}=="18d1", MODE="0666"
- Click save and close.
- Then, type the following terminal command:
Code:
sudo restart udev
9. Almost done with preparations! Run this command:
Code:
gedit .bashrc
And add this line to the top of the file:
Code:
#AndroidDev PATH
export PATH=${PATH}:/home/<your-user-name>/Downloads/AndroidSDK/tools:/home/<your-user-name>/Downloads/AndroidSDK/platform-tools
Then save the file and close.
10. Download this file and save it to /home/<your-user-name>/Downloads/AndroidSDK/platform-tools: http://www.mediafire.com/?4pe5y906zr67nfh
10.We're ready to go!
Unlocking the Bootloader on your Nexus S and Rooting
Once again, unlocking your bootloader wipes everything on your device, including USB storage. Make a backup of any files you want to keep.
1. On your Nexus S, go to Menu>Settings>Applications. Select "Development" and check the box next to "USB debugging"
2. Power off the phone, and then hold down the Volume Up button and the Power button simultaneously to get into Bootloader/Fastboot mode. Connect your Nexus to the computer via USB.
3. Run this command to unlock your bootloader: (Once again WIPES EVERYTHING!)
Code:
fastboot oem unlock
Hit Enter and on your phone you will be prompted to confirm the action. (Use Volume +/- buttons to choose, power button to confirm choice) Confirm. At this point you will have an unlocked bootloader.
4. Copy/paste the following into the Terminal window:
Code:
fastboot flash recovery /home/<your-user-name>/AndroidSDK/platform-tools/recovery-clockwork-herring.img
5. Use the Volume +/- buttons to choose the Recovery option, then press the power button.
6. In Recovery, go to 'mounts and storage' and choose 'mount USB storage'.
7. Go to this page: http://forum.xda-developers.com/showthread.php?t=682828
About 1/5 of the way down on that page, find the link for "su-2.3.6.1-ef-signed.zip", which is the link for the Froyo version of Superuser. Control-click (right click) on that link and choose "Download Link As..." Save that file to your desktop and then copy it to the main directory of your mounted phone.
8. Click 'Unmount'. Go back to 'mounts and storage' and choose 'mount /system'. Then Go Back and choose 'install zip from sdcard'>'choose zip from sdcard'>su-2.3.6.1-ef-signed.zip
9. When it's finshed installing, reboot. You are now rooted.
Special Thanks
Amin Sabet; I used your Mac guide as a reference and copy/pasted some things for convenience.
Koush; For first posting the unlocking information, developing ClockworkMod Recovery, and ROM Manager. You should probably hook him up with a donation. https://www.paypal.com/us/cgi-bin/w...63663d3faee8d9384d85353843a619606282818e091d0
Michael.B.; for suggesting adding the platform-tools folder to the .bashrc file.
Linus Torvalds; Without which we'd have neither Android nor Ubuntu.
Feel free to leave your comments on the guide below.
Good guide for beginners, I would throw in how to update their path so they can just type adb or fastboot
On Linux, edit your ~/.bash_profile or ~/.bashrc file. Look for a line that sets the PATH environment variable and add the full path to the tools/ and platform-tools directories to it. If you don't see a line setting the path, you can add one:
export PATH=${PATH}:/home/<your-user-name>/Downloads/AndroidSDK/tools:/home/<your-user-name>/Downloads/AndroidSDK/platform-tools
Click to expand...
Click to collapse
Be sure to update your username above.
Thanks a lot man, great guide. I didn't get my NS yet but this is gonna be very useful soon
ps: someone please stick this
Michael.B. said:
Good guide for beginners, I would throw in how to update their path so they can just type adb or fastboot
Be sure to update your username above.
Click to expand...
Click to collapse
Thanks for the tip. I added your tip and instructions for marking fastboot as executable.
Stuck due to the thread's usefulness
I forgot to ask: will this work for 64 bit systems?
nicholasbgr said:
I forgot to ask: will this work for 64 bit systems?
Click to expand...
Click to collapse
It should work just fine.
Thanks, got me rooted nice and quickly.
BlackOtaku said:
It should work just fine.
Click to expand...
Click to collapse
Yes but don't forget to install 32 libs.
Thanks for guide
Useful !
I'm waiting for cyanogen ROM so i'll able to install
Cheers
To confirm, yes it works on 64bit. I am running that
Thanks for the confirmation, guys
Good stuff, much appreciated.
I'm working on a simple shell script that should automate some of the more menial tasks while holding the user's hand through the process. I should have it up later today.
UPDATE: It's up! Link on the first page.
Sent from my Nexus S using XDA App
question:
If I use
Code:
fastboot boot recovery.img
instead of
Code:
fastboot flash recovery recovery.img
will i get OTA updates?
confiq said:
question:
If I use
Code:
fastboot boot recovery.img
instead of
Code:
fastboot flash recovery recovery.img
will i get OTA updates?
Click to expand...
Click to collapse
Or, I don't get OTA until i change OS with zip file (ex: su app) ?
confiq said:
Or, I don't get OTA until i change OS with zip file (ex: su app) ?
Click to expand...
Click to collapse
You shouldn't flash the recovery in the boot partition, I think that will cause problems with the phone period. :S
If you flash a custom boot.img (which this guide doesn't cover, though the script will flash Superboot) or kernel like Paul's Superboot, Supercurio's Voodoo Kernel, or Koush's insecure boot.img, OTA updates will fail to install. OTA updates will also reflash your recovery back to stock. One of the devs around here will probably start modifying them so they don't check the boot.img or reflash the recovery though.
Thanks for this! Worked perfectly
Hi all,
I have a strange problem. I can install ClockworkMod recovery but, when I reboot the phone, I don't have superuser installed and su doesn't work. If I reboot the phone, I have to install the recovery every time. It seems it isn't permanent.
Thanks
Matroska
matroska said:
Hi all,
I have a strange problem. I can install ClockworkMod recovery but, when I reboot the phone, I don't have superuser installed and su doesn't work. If I reboot the phone, I have to install the recovery every time. It seems it isn't permanent.
Thanks
Matroska
Click to expand...
Click to collapse
To fix the problem, before selecting zip file, you have to select mount /system. Then go to apply update.zip and proceed as usual.
Thanks
ok im stock
with this part fastboot oem unlock ware i put this code in my terminal of my pc ,,i put the cell in fasboot , i intall everiting if i put that code in my terminal
bash: /home/toshiba/.bashrc: line 2: syntax error near unexpected token `('
bash: /home/toshiba/.bashrc: line 2: `export PATH=${PATH}:/home/<your-user-name>/Downloads/AndroidSDK/tools:/home/<your-user-name>/Downloads/AndroidSDK/platform-tools# ~/.bashrc: executed by bash(1) for non-login shells.'
[email protected]:~$ fastboot oem unlock
fastboot: command not found
[email protected]:~$
what can i do or im doing wrong

[HOW-TO] Root / Install a ROM / Unroot / Revert to Stock (A KFFB Supplement)

This how-to originally started out as a part of the Kindle Fire For Beginners (KFFB) guide, but evolved into this supplemental guide. Because of its origin, this guide assumes the reader is already familiar with KFFB, so reading it is a mandatory prerequisite. Users who post questions in this thread already covered in KFFB will be directed to go back and read it again.
My motives for writing this guide are very much in line with the reasons why I wrote KFFB. I'm hoping users will take the time to learn what they are doing and why they are doing it instead of crossing their fingers and hitting a button on an automated program. While I understand this is the more tedious route to their destination, the knowledge gained here can be used to get back on track when things go wrong or methods inevitably change over time.
The first post in this series details the process of rooting and installing a ROM on a stock device. The two share many of the same preliminary steps, so it makes sense to go over both at the same time.
Preparations
Again, please read Kindle Fire For Beginners before continuing. The conventions introduced in KFFB (e.g. having KFU installed in "C:\kfu") will continue to be used here. Make sure the battery is fully charged. A drained battery is not something you'll ever want to encounter and especially not while in the middle of this process. Create a new folder "C:\kfu\software" on your hard drive. Downloaded software to be installed on the Kindle Fire will be moved there.
Download and install WinMD5Free to some place on your Computer. The developers for most of the software you'll download for the Kindle Fire will provide an MD5 checksum. The checksum is used to verify the integrity of downloaded file, so you can be sure that you haven't gotten a bad download or a corrupted file. Tell WinMD5Free what file you want to check and compare the calculated checksum with the one provided by the developer. If the two match, you can be confident about installing it on your Kindle Fire.
For all required software listed in this document...
Extract (unzip) the files from the compressed archive (unless otherwise noted)
Verify the MD5 checksums if they have been provided
Move them to the C:\kfu\software folder
As with any other how-to guide, it's always a good idea to just read through the document first to get a basic idea of the process involved. Once you are comfortable with the concepts, then go back through and actually perform the steps required.
Getting to fastboot mode
The first step to modifying the Kindle Fire is to get the device into fastboot mode. The easiest and safest way to do this on a stock device is to use a factory cable. The factory cable is safe because it does not require the bootmode to be changed on the device. If something unexpected happens, you'll be able to disconnect the factory cable and reboot straight back into the stock software.
If you choose not to use a factory cable and change the bootmode to get into fastboot mode, you'll be taking a small gamble that you'll be able to issue fastboot commands to the device and change the bootmode back to normal. If you cannot change the bootmode back for some reason (e.g. your device drivers for fastboot mode fail to recognize the device), the device will be stuck in fastboot mode until you find a way to do so. In nearly every case, if you are able to issue the adb commands to get into fastboot mode, you should be able to send the fastboot commands necessary to get out of it. This is just a fair warning out of an abundance of caution... make sure you've done everything to ensure the ADB device drivers have been installed properly.
If you have a factory cable, you can turn the Kindle Fire off and connect the cable to the device, then the computer. The Kindle Fire will power up and put you directly into fastboot mode. You can then skip the rest of this section and go directly to flashing a recovery and bootloader. Otherwise...
Required software:
pokey9000's fbmode​
1) Boot up the Kindle Fire normally and connect a USB cable to the device and computer.
2) Copy pokey9000's fbmode program into a user writeable location on the Kindle Fire...
Code:
adb push C:\kfu\software\fbmode /data/local/tmp/
3) Change the permissions on the fbmode program so it can be executed (run) on the device...
Code:
adb shell chmod 755 /data/local/tmp/fbmode
4) Execute (run) the fbmode program to change the bootmode to fastboot...
Code:
adb shell /data/local/tmp/fbmode
5) Reboot the device...
Code:
adb reboot
Note: In case you are wondering why the "adb shell idme bootmode 4002" command previously discussed in KFFB was not used here, that command requires root privileges not available in the stock configuration. Without root privileges, the above workaround is required.
Installing a recovery and custom bootloader
Required software:
FIREFIREFIRE bootloader
TeamWin Recovery Project (TWRP) recovery
Note: Do not extract the contents of the FIREFIREFIRE bootloader zip file. It will be flashed as-is with TWRP recovery.​
1) Install the TWRP recovery...
Code:
fastboot -i 0x1949 flash recovery C:\kfu\software\openrecovery-twrp-2.2.2.1-blaze.img
2) Set the bootmode to recovery (5001)...
Code:
fastboot -i 0x1949 oem idme bootmode 5001
3) Reboot the device into TWRP recovery. If you used a factory cable to get into fastboot mode, turn off the device by holding down the power button for about 20 seconds. Replace the factory cable with a generic USB cable and the device will start up again automatically. Otherwise...
Code:
fastboot -i 0x1949 reboot
4) Copy the FIREFIREFIRE bootloader zip file to the /sdcard directory on the Kindle Fire...
Code:
adb push C:\kfu\software\fff-u-boot_v1.4a.zip /sdcard/
5) From the main menu of TWRP, press the "Install" button to flash the FFF bootloader onto the bootloader partition. Navigate to the /sdcard directory on the left (should be the default the first time you use TWRP) and select the file from the list on the right. Then simply "Swipe to Confirm Flash" to install.
6) Optional: Make a nandroid backup of the stock software. From the main menu of TWRP, press the "Backup" button and then "Swipe to Back Up" to create a snapshot of the stock system. If you change your mind later about rooting or have second thoughts about the ROM, just "Restore" the backup and return to the stock configuration.
Rooting the stock software
Users interested in flashing a custom ROM may elect to skip this section. Rooting the stock software is not a requirement to flash a custom ROM because the custom ROM will completely overwrite the stock software. However, if you are undecided on the question of rooted stock vs. custom ROM, root the stock software first and try that out for a while. The option to flash a custom ROM will still be available at a later time.
The following method of rooting the Kindle Fire stock software has been tested on 6.3.x and 6.2.x systems. Skip step #5 when rooting 6.2.x systems because the root checker does not exist in those versions.
Required software:
Superuser by ChainsDD
Note: Two separate files will be needed from the contents of this zip file: the su binary from the system\bin folder and the Superuser.apk file from system\app folder.​
This section assumes the device is already booted into TWRP recovery.
1) Remount the /system partition in read/write mode...
Code:
adb shell mount system
2) Copy the su binary onto the device...
Code:
adb push C:\kfu\software\su /system/xbin/
3) Change the owner of the su binary to root...
Code:
adb shell chown root:root /system/xbin/su
4) Set permissions for the su binary to run as root...
Code:
adb shell chmod 6755 /system/xbin/su
5) Disable the root checker by renaming the check_rooted executable...
Code:
adb shell mv /system/bin/check_rooted /system/bin/check_rooted.bak
6) Change the bootmode back to normal...
Code:
adb shell idme bootmode 4000
7) Reboot the system...
Code:
adb reboot
8) Once the Kindle Fire has rebooted into the system, install the Superuser app...
Code:
adb install C:\kfu\software\Superuser.apk
Congratulations! You have gained root privileges on the stock Kindle Fire software!
Installing a custom ROM
It should go without saying, but users who intend on staying with a rooted stock device need to skip this section. Flashing a custom ROM will overwrite the stock software and leave no trace of the original Kindle Fire interface.
Required software:
Any ROM you choose to install. Check the KF Development List as a starting point.
Note: Do not extract the contents of the ROM archive. The recovery program will need the actual zip file to install.​
This section assumes the device is already booted into TWRP recovery.
1) Carefully read the ROM thread for specific directions and warnings provided by the developer when flashing any new ROM.
2) Copy the custom ROM zip file to the /sdcard directory on the Kindle Fire...
Code:
adb push C:\kfu\software\ROM.zip /sdcard/
You must replace the "ROM.zip" part of the above command to the actual name ROM's zip file you've downloaded.
3) From the main menu of TWRP, "Wipe -> Factory Reset" to remove the existing files in the data and cache partitions that could interfere with the operation of the new system software. A "Factory Reset" will delete any installed apps, software/network settings, etc. It will not touch the /sdcard directory that contains music, eBooks, and files of that nature.
4) From the main menu of TWRP, "Install" to flash the ROM onto your device. Navigate to the /sdcard directory on the left (should be the default the first time you use TWRP) and select the file from the list on the right. Then simply "Swipe to Confirm Flash" to install.
5) From the main menu of TWRP, "Reboot -> System" to boot into the newly flash ROM.
Congratulations! You have completely replaced the stock Kindle Fire software with a custom ROM!
Cleaning up
The zip files pushed onto the /sdcard during installation are only necessary during the installation process and do not need to take up space on the device after completing the install. Use a file manager or mount the storage device on the host computer to delete the files and reclaim the used space.
Coming soon...?
I've got some other topics in mind, but like I did with the KFFB, I'll see how users respond to this post before I continue. Please feel free to comment and make suggestions. I may not respond to everything, but I will keep the helpful comments in mind if/when I decide to expand this how-to guide. Thanks for reading.
Credits
jcase - For providing the basis for this guide and lending his expertise in rooting devices
pokey9000 - For his work on FFF and providing the fbmode exploit
TeamWin and Dees_Troy - For providing the TWRP recovery and continuing its development
ChainsDD - For the Superuser package​
Unroot or Revert to Stock Software
This second post in the series details the procedures required to undo the steps taken in the first. Use it to unroot or revert back to the stock software like it just came from the factory. If you tried out the rooted stock software or a custom ROM for a while, but just prefer the no-frills stock software, you've come to the right place.
Unrooting the stock software
Required software:
None​
This section assumes the device is already booted into the system software.
1) Uninstall the Superuser app
Code:
adb uninstall com.noshufou.android.su
2) Optional: Set the bootmode to recovery. Alternatively, use the recovery selection feature in FFF to boot into recovery during startup without manipulating the bootmode setting here. If you are more comfortable setting the bootmode directly...
Code:
adb shell su -c 'idme bootmode 5001'
3) Reboot the device into recovery...
Code:
adb reboot
4) Mount the data partition...
Code:
adb shell mount data
5) Optional: Delete the files that the Superuser app left behind...
Code:
adb shell rm -rf /data/data/com.noshufou.android.su
6) Mount the system partition...
Code:
adb shell mount system
7) Re-enable the root checker by renaming the check_rooted executable...
Code:
adb shell mv /system/bin/check_rooted.bak /system/bin/check_rooted
8) Delete the su binary from the device...
Code:
adb shell rm /system/xbin/su
9) From the main menu of TWRP, "Reboot -> System" to restart the device into the system software.
Congratulations! You have unrooted the stock Kindle Fire software!
Reverting to stock software
Required software:
Amazon Kindle Fire Software Update​
Warning: Installing the Amazon Kindle Fire Software Update will not only replace the system software, but also overwrite the bootloader and recovery with the stock versions. Any custom bootloader and recovery like FFF and TWRP will be overwritten in the process.
This section assumes the device is already booted into TWRP recovery.
1) Copy the update bin file to the /sdcard as update.zip
Code:
adb push C:\kfu\software\update-kindle-6.3.1_D01E_4107720.bin /sdcard/update.zip
2) From the main menu of TWRP, "Wipe -> Factory Reset" to remove the existing files in the data and cache partitions that could interfere with the operation of the new system software. A "Factory Reset" will delete any installed apps, software/network settings, etc. It will not touch the /sdcard directory that contains music, eBooks, and files of that nature.
3) From the main menu of TWRP, press the "Install" button to flash the stock software onto your device. Navigate to the /sdcard directory on the left and select the "update.zip" file from the list on the right. Then simply "Swipe to Confirm Flash" to install.
4) Optional: From the main menu of TWRP, "Wipe -> SD Card" to remove all files on the USB mountable storage space. This step will permanently delete all of the files that appear on a computer when the device is connected as a USB storage device.
5) From the main menu of TWRP, "Reboot -> System" to restart the device into the system software.
Congratulations! You have reverted the device to a completely stock Kindle Fire!
KFFB Supplement Post #3
Reserved...
Great explanations!
I wanted to thank you for explaining everything clearly so that people can understand what they are doing when installing their bootloader, recovery and new ROMs.
Thanks again... plee3
Thanks so much!
This worked flawlessly. I had gotten stuck trying to root with KFU (I think the driver is slightly funky in fastboot - so KFU failed to flash either recovery or bootloader and left me in fastboot mode) but using the '-i 0x1949' option with fastboot made everything work perfectly.
Once again you have done a beautiful guide. You are very good at this, and always look forward to more guides from you.
Keep um coming !!
Cheers
Thibor69 said:
Once again you have done a beautiful guide. You are very good at this, and always look forward to more guides from you.
Keep um coming !!
Cheers
Click to expand...
Click to collapse
I know, right?
can i follow this to root 6.3.1?
xXezmacXx said:
can i follow this to root 6.3.1?
Click to expand...
Click to collapse
Yes, it's been tested to work from 6.2.0 and up.
Needs Sticky
Great Work. Gets my vote (and really needs) to be sticky'd.
Thanks for listening
Sincerely,
William
[Kindle Fire: gedeROM v1.25 [KeyClicks Added] {3.0 Kernel, CM9, Android 4.0.4} - Stock Kernel]
[HTC Evo 4G Supersonic: MikG 3.11 ROM - Chop Suey Custom Kernel]
[Retired: HTC CDMA Hero: Gingerbread Hero Deck ROM - Stock Kernel]
end.
Thanks to all. I'm glad some of the readers got some use out of it.
Docs009 said:
Great Work. Gets my vote (and really needs) to be sticky'd.
Thanks for listening
Sincerely,
William
[Kindle Fire: gedeROM v1.25 [KeyClicks Added] {3.0 Kernel, CM9, Android 4.0.4} - Stock Kernel]
[HTC Evo 4G Supersonic: MikG 3.11 ROM - Chop Suey Custom Kernel]
[Retired: HTC CDMA Hero: Gingerbread Hero Deck ROM - Stock Kernel]
end.
Click to expand...
Click to collapse
If you think this guide will be useful to other users here, you can ask the moderators to review the thread and possibly make it a sticky. I would ask, but it seems a bit... uncouth to nominate my own post for sticky status.
Thanks for reading!
Gotta tell you, there should be some warnings/things to look out for in this guide. If you install all the latest Android SDKs (I pretend to develop in my spare time) it loads the wrong drivers. It will show up as "Android Device" or something like that. The correct drivers have it show up as "Android Composite Device". If you have the SDK in your path (which you need for Eclipse) after the first reboot it might load the wrong drivers again as it did with me which are the wrong ones and basically you won't be able to communicate with the Kindle again.
Took me almost an hour to get this thing off the "Kindle Fire" loading screen because of this problem/unawareness.
ExploreMN said:
Well, I followed the instructions. Got as far as "adb shell reboot" after the fbmode command. Now it just sits at "kindle fire" and shows up as an unknown device in device manager.
Is there anyway to recover from this or did I just junk my fire?
Click to expand...
Click to collapse
Your Kindle Fire is fine... it's in fastboot mode. The computer is most likely the problem. You'll have to make sure your device drivers are working properly, so the computer can send fastboot commands to the device.
http://forum.xda-developers.com/showpost.php?p=23747671&postcount=2
kinfauns said:
Your Kindle Fire is fine... it's in fastboot mode. The computer is most likely the problem. You'll have to make sure your device drivers are working properly, so the computer can send fastboot commands to the device.
http://forum.xda-developers.com/showpost.php?p=23747671&postcount=2
Click to expand...
Click to collapse
Thanks Kinfauns. I actually got it fixed without even reading about it...I get a little medieval on things that frustrate me and eventually got it figured out...I edited my post to warn people about what tripped me up!
ExploreMN said:
Gotta tell you, there should be some warnings/things to look out for in this guide. If you install all the latest Android SDKs (I pretend to develop in my spare time) it loads the wrong drivers. It will show up as "Android Device" or something like that. The correct drivers have it show up as "Android Composite Device". If you have the SDK in your path (which you need for Eclipse) after the first reboot it might load the wrong drivers again as it did with me which are the wrong ones and basically you won't be able to communicate with the Kindle again.
Took me almost an hour to get this thing off the "Kindle Fire" loading screen because of this problem/unawareness.
Click to expand...
Click to collapse
Well, I actually tell you at the beginning of this guide to read my guide for beginners. In that guide, I tell you to use the driver installer included in KFU. Any how-to guide has to make some set of assumptions and I made the assumption that you'd actually follow the previous set of instructions before proceeding onto the next. I think you'd agree that I cannot possibly account for every possible deviation a user might take away from my actual directions. If I even attempted such a thing, this guide would turn into Encyclopedia Britannica.
In addition, I also gave you ample warning about putting your device into fastboot mode by manipulating the bootmode. I made a clear suggestion for you to get a factory cable and use it to get into fastboot mode the "safe" way. I've never seen any other rooting guide/utility even make mention of this possibility, so I've gone above and beyond what you'd get anywhere else.
With those things together, I believe I've done the very best I can to minimize the possibility that you might get stuck and have to "get a little medieval" on your device. Regardless, I'm glad you got it figured out. Good luck with the rest of it.
kinfauns said:
Well, I actually tell you at the beginning of this guide to read my guide for beginners. In that guide, I tell you to use the driver installer included in KFU.
Click to expand...
Click to collapse
True enough. Just didn't think it would keep reloading the drivers from the SDK if the SDK was in the path for Eclipse. I'm guessing anyone who set up Eclipse would not think this is an issue and might get stuck like I did...so it's still worth mentioning. (to me at least)
The second installment of this how-to guide has been posted. Included are instructions on unrooting and reverting back to the stock software. Suggestions and comments are always appreciated. Thanks!
Thank you for the excellent guide.
For what it's worth, this guide is very helpful for the admitted "noob" who has somehow failed with a utility like KFU and needs to go back and work through the pieces step by step. Thank you for laying out an instruction manual with enough detail to not only do the steps needed - but also to begin to understand what I'm doing.
I've rooted my KF (thanks to your assistance) so that I could install Swype. I then was able to use OTA-Rootkeeper to "hide" my SU file so that I can use Amazon media on my Fire as I want to, but still get the benefits I wanted from a rooted device (primarily the use of the Android Market, "Google Play", and the use of Swype).
For those that don't *really* want to unroot but do want to still use the Amazon content tools, I HIGHLY recommend the OTA-Rootkeeper utility.
Thanks again!
Kinfauns,
My Kinde Fire was bricked, with power problems. So I did the short trick to repair the bootloaders, using the linux stick and this script here, provided by firekit: usb_fix_parts_and_install_fff_twrp
When I look into device manager i have "Android Phone - Android Composite ADB Interface", at printers and devices the name shows as Kindle.
Can I go direct to these instructions here?
Rooting the stock software
Users interested in flashing a custom ROM may elect to skip this section. Rooting the stock software is not a requirement to flash a custom ROM because the custom ROM will completely overwrite the stock software. However, if you are undecided on the question of rooted stock vs. custom ROM, root the stock software first and try that out for a while. The option to flash a custom ROM will still be available at a later time.
The following method of rooting the Kindle Fire stock software has been tested on 6.3.x and 6.2.x systems. Skip step #5 when rooting 6.2.x systems because the root checker does not exist in those versions.
Required software:
Superuser by ChainsDD
Note: Download the latest zip for Gingerbread/ICS (the filename should end in "efghi-signed.zip"). Two separate files will be needed from the contents of this zip file: the su binary from the system\bin folder and the Superuser.apk file from system\app folder.
This section assumes the device is already booted into TWRP recovery.
1) Remount the /system partition in read/write mode...
Code:
adb shell mount system
2) Copy the su binary onto the device...
Code:
adb push C:\kfu\software\su /system/xbin/
3) Change the owner of the su binary to root...
Code:
adb shell chown root:root /system/xbin/su
4) Set permissions for the su binary to run as root...
Code:
adb shell chmod 6755 /system/xbin/su
5) Disable the root checker by renaming the check_rooted executable...
Code:
adb shell mv /system/bin/check_rooted /system/bin/check_rooted.bak
6) Change the bootmode back to normal...
Code:
adb shell idme bootmode 4000
7) Reboot the system...
Code:
adb reboot
8) Once the Kindle Fire has rebooted into the system, install the Superuser app...
Code:
adb install C:\kfu\software\Superuser.apk
Congratulations! You have gained root privileges on the stock Kindle Fire software!
Click to expand...
Click to collapse
DuendePaladino said:
Kinfauns,
My Kinde Fire was bricked, with power problems. So I did the short trick to repair the bootloaders, using the linux stick and this script here, provided by firekit: usb_fix_parts_and_install_fff_twrp
When I look into device manager i have "Android Phone - Android Composite ADB Interface", at printers and devices the name shows as Kindle.
Can I go direct to these instructions here?
Click to expand...
Click to collapse
If you used that script in Firekit, you should have FFF 1.2 and TWRP 2.0.0 installed, so technically, yes.... you can boot into TWRP and start following those directions. However, I would recommend that you upgrade your bootloader and recovery to the versions I have in the previous section... FFF 1.4a and TWRP 2.1.1. I won't go into all the reasons why, but they are "better" and likely to keep you out of trouble in the future. Since you already have FFF installed, it will be easy for you to get into fastboot mode. Once you are in fastboot mode, start with flashing TWRP and continue on from there.

[noob-read] adb and fastboot. What is it? How can it help you?

Please note, I can only speak with any degree of certainty about devices bought from Play / Moto. I cannot attest to the accuracy of this information for US carrier versions etc. Anything you do is at your own risk
Contents / Thread overview
Introduction
What is Fastboot?
What is adb?
How to install adb and fastboot
How to test adb and fastboot work
OK Gimme some useful fastboot commands please!
OK Gimme some useful adb commands please!
A little more about using Windows command prompt
Myth Busters
Introduction
adb and fastboot are very useful command line tools. They can be used from Windows, Linux or Mac to carry out tasks on your android device, such as moving and backing up files, rooting and restoring your phone to it's factory state. Understanding how to use these tools could save your phone when you get yourself in trouble. This is especially true of rooted users. Particularly those of you who are "new to the scene". You definitely should read and understand this thread before you do ANYTHING root related.
This thread is not intended to be a non-exhausted reference. It is merely here to give an overview of the most basic of basics
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
What is fastboot?
Fastboot comprises of 2 components.
1) Fastboot mode on the phone (The Bootloader)
2) Fastboot tool on your computer
Fastboot is a small command line tool that you can use from your computer whilst the phone is connected via USB and you are booted into the bootloader. The most common uses for fastboot are:
Unlocking the bootloader - needed as part of the rooting process
Flashing a custom recovery to the device - needed as part of the rooting process
Flashing factory images - used for saving / trestoring your device back to stock
Being able to do these 3 things are essential before rooting. Many new users skip learning these and use a toolkit to root. As a result, when they mess up and we try to explain what they need to do to fix their issues, it becomes very difficult for us to help as fastboot is not understood. It is YOUR responsibility to understand these things BEFORE you mess up.
What is adb?
adb is another small command line tool that stands for "Android Debugging Bridge". Again, it can be used from a computer connected via USB to your android device. It can be used whilst the device is booted into Android or (if you have a custom recovery), it can be used in recovery too, unlike fastboot (yes, adb and fastboot are NOT the same thing) which can only be used in the bootloader.
adb can be used to push files to (or pull files from) your phone. It can also be used to execute many of the commands available in Linux terminals (Or Android terminal emulators) on the device itself. We're not here to cover all these commands however. We just want to cover the basics.
How to install adb and fastboot
adb and fastboot are very easy to install and can be installed on Windows, Linux and MAC computers. The Windows install can be a little bit more complicated than the other 2 and may need additional drivers installing too.
Windows.
There is a very handy tool that can install adb and fastboot in 15 seconds. It is recommended that you use this to install adb and fastboot. Please see the link immediately below for that tool:
ADB, Fastboot and Drivers - 15 seconds ADB Installer - Really quick and easy way to install adb and fastboot (by @Snoop05). Download links are at the bottom of post 1.
This tool asks if you want to install adb and fastboot (to which you should answer Y) and then creates c:\adb\adb.exe and c:\adb\fastboot.exe
It then asks if you want to install it system wide .. This is asking to install for all windows users. < 15 second installer needs updating to SDK 23, which is required for latest Android versions.
Download the latest SDK (adb and fastboot) versions here: https://developer.android.com/sdk/index.html (Scroll down to SDK tools only) then download the Windows *Installer*.
Open the installer and select "Platform-tools" and install the packages. This should create "C:\Program Files (x86)\Android\android-sdk\platform-tools"
Now we want to set this path as a Windows Environment variable PATH to make the executables work system wide:
right-click computer > properties > advanced > environment variables.
under system variables click "path" and click "edit"
at the end of the line, add the below:
Code:
;C:\Program Files (x86)\Android\android-sdk\platform-tools
Please note, the semi-colon ; is VERY important.
You may also need to install drivers.
Here is a link to the Google USB Driver: DOWNLOAD THIS
Code:
To install on Windows 7:
- Ensure existing drivers are uninstalled first*
- Extract the zip to c:\adb (created earlier by the installer)
- Right-click "Computer" > Manage in windows and choose "Device Manager"
- Boot the Nexus 6 to the bootloader (Volume down + Power) and connect the USB Cable
- Watch for any new devices with exclamation marks appearing
- Right-Click the new device > Update driver software
- Choose the "browse" method and browse to c:\adb, find teh folder you extracted then follow the wizard to the end - using amd6 64 if you're on a 64 bit system and i386 if you're on a 32 bit system.
*To uninstall existing drivers, boot into Android and connect the USB cable. Monitor device manager for the device showing up. To uninstall the device, right-click it to uninstall it. At the prompt, ensure you also choose to delete the driver. Repeat this for bootloader and recovery.
Code:
To Install on Windows 8, you may need to additionally disable driver enforcement
- From the Metro Start Screen, open Settings (move your mouse to the bottom-right-corner of the screen and wait for the - -- pop-out bar to appear, then click the Gear icon).
- Click ‘More PC Settings’.
- Click ‘General’.
- Scroll down, and click ‘Restart now’ under ‘Advanced startup’.
- Wait a bit.
- Click ‘Troubleshoot’.
- Click ‘Advanced Options’
- Click ‘Windows Startup Settings’
- Click Restart.
Once that is done, your Windows computer is configured for adb and fastboot.
In device manager, the device should show up as below, depending whether you are booted into recovery or bootloader...
Recovery - Android Device > Google Nexus 4 ADB Interface
Bootloader - Android Device > Google Nexus 4 Bootloader Interface
If it shows as something different, either you have existing drivers in the way or something went wrong.
Linux and Mac
Here is a really simple tool to install adb and fastboot on the above OS. The only expectation is you know how to open and run a terminal command. Please see the link immediately below:
Nexus Tools 2.2 (Featured by XDA) - adb and fastboot installer for Linux and Mac (by @corbin052198)
Once you have installed adb and fastboot from the above link, you're ready to go.
How to test adb and fastboot work
As previously mentioned, adb and fastboot are both command line tools. That means you must run these tools from command prompt (cmd in Windows) or Terminal (Linux and Mac).
Remember earlier, I mentioned that fastboot can only be used in bootloader? and adb can only be used in Android (or custom recovery - lets cover that later)? We can use the command "fastboot devices" and "adb devices to see if we have adb and fastboot working correctly.
Lets try it.
Boot your phone into android
Connect it to your computer via USB
Open cmd (start > type "cmd" on Windows) or Terminal (Mac/ Linux
Type in the windows "adb devices" and press enter
Here is what we don't want to see:
Notice how there is nothing underneath where it says "List of attached devices" That means it cannot see any device
Here is what we DO want to see:
We can see that there is now a device listed.
OK lets test fastboot. Unplug the USB and turn off the phone. When it is off, hold down Volume down + power until you feel the vibrate. You will now be in the bootloader. Reconnect the USB cable.
In the same window (cmd or terminal) we're going to now type "fastboot devices".
Again, here is an example of what we don't and do want to see:
If in both modes, you can see your devices "Serial Number", then you know they are both working.
Please note that if you cannot get adb and fastboot to work "system wide", you can open the command prompt to the location of the adb and fastboot executables exist and try from there.
OK Gimme some useful fastboot commands please!
Here are some of the most useful fastboot commands you will come across. Fastboot is used mostly for flashing images to the devices partitions on the internal memory.
Code:
fastboot oem unlock
This unlocks your bootloader and allows you to flash a recovery to root. WARNING, this will wipe your device. Rooting the N6 is essentially unlocking the bootloader, flashing a recovery and then putting the SuperSU zip on your sdcard and flashing it via the recovery. This thread covers rooting: [HOW-TO] The Nexus 6 All-In-One Beginner's Guide by @xBeerdroiDx
Code:
fastboot flash recovery recovery.img
This will flash a recovery.img to the recovery partition. The command is broken down into "fastboot flash" (what to do) "recovery" (where to flash to) "recovery.img" what to flash there. In the terminal or command prompt, you cannot just type "recovery.img" though. It has to be the path to where the recovery image is. For example, if my recovery image is on my desktop, I would have to type:
Code:
fastboot flash recovery c:\users\rootsu\desktop\recovery.img
It is worth noting, that it IS case sensitive, meaning if your file is called Recovery.img, you must type the capital R...
Other things you would flash:
Code:
fastboot flash system system.img
fastboot flash boot boot.img
These will flash the system image (ROM) and boot image (kernel) as you would if you were returning to stock.
A full guide to returning to stock can be found here: [TUTORIAL][GUIDE][HOW TO] Flash Factory Images || Unroot || Relock bootloader by @Mr hOaX
You can also boot into a recovery.img without flashing it...
Code:
fastboot boot c:\users\rootsu\desktop\recovery.img
which is "fastboot boot" (what to do) "c:\users\rootsu\desktop\recovery.img" what to do it with. As you may have noticed, we did not define the recovery partition in this command, that's because we're not flashing it....
OK Gimme some useful adb commands please!
At the moment, we are going to assume you have a custom recovery and you have booted into recovery. The reason for this is using adb in recovery can be much simpler.
Here are some useful scenarios for using adb.
Backup your sdcard to your PC
Code:
adb shell
mount data
exit
adb pull data/media/0 c:\MyBackup
**Please note, some recoveries may "mount data" automatically on boot, so don't be disheartened if you get an error stating device or resource busy. This probably just means you can't mount what is already mounted**
/data/media/0 is the real location of /sdcard for your information. Also referred to as "The mount point". What we have done here is "adb pull" (what to do) "data/media/0" (what to move) "c:\MyBackup" (where to move it to)
Push a zip file from your PC to your sdcard (useful if you wiped your sdcard and rom)
Code:
adb shell
mount data
exit
adb push c:\rom.zip data/media/0
What we have done here is "adb push" (what to do) "c:\rom.zip" (what to move) "data/media/0" (where to move it to)
You can of course also use adb to push and pull files to and from /system too. You just need to:
Code:
adb shell
mount system
exit
I mentioned earlier that using custom recovery is much easier for adb than whilst booted into Android. You need to ensure you have a kernel that allows insecure adb before you do anything with system and data partitions. You also need to ensure that USB debugging has been enabled in developer options.
For example, to mount system to pull files whilst android is running you have to:
Code:
adb root
adb shell
mount -o rw,remount /dev/block/platform/msm_sdcc.1/by-name/system /system
...which is clearly a little bit more involved, so I recommend you use recovery for adb push and pull. You can find more detailed information on adb here: http://developer.android.com/tools/help/adb.html
A little more about using Windows command prompt
One thing to understand is that like Windows, command prompt (cmd.exe) works with directories (or folders if you like). The Linux and Mac terminals are the same, but most linux users, we expect you would already know this.
Here you will see I have downloaded a recovery image that I want to flash using fastboot.
As you can see, the recovery.img is located in C:\users\rootSU\Desktop
Usually when you open the command prompt from the start menu, or run command, the command prompt will default to your user location as seen below:
So lets try and fastboot flash recovery recovery.img...
It fails with a not-too-accurate error message. It has failed because you have not told it where the recovery image is. It assumes it is in the directory as listed in the prompt
So, how do we deal with this? Well, there are 3 ways.
1) We tell the command prompt where the recovery.img actully is in the command itself
Success! As you can see, we have told the command that the location for the file is Desktop\recovery.img
2) We can change the directory in command prompt to the directory where the file is. In this example, we change directory to "Desktop". The change directory command is "cd " or in this case "cd Desktop"
3) ...and possibly the simplest method. We hold shift whilst we right-click on the folder we want to change directory to, and directly open a command prompt there:
Another point to make with command prompt or terminals, is if you do a particular command, it is "pre-programmed" to "expect" a particular format of that command.
For example, we know that adb push as a command expects after it . This means the command is actually
Code:
adb push
BUT if you put something AFTER , for example -
Code:
adb push somethingelse
, it will assume that the "somethingelse" is a bad parameter, and the command will fail. It will probably display (or "print" which is the technical term in a terminal) a helpful guide of how the command should be used instead of trying to run the command which it does not understand.
You're probably wondering why I am telling you this. Well quite simply, it is a warning about folder names. Imagine you have c:\users\rootSU\My Documents as a folder. You assume the command is then
Code:
adb pull /data/media/0 c:\users\rootSU\My Documents
but it is not... There is a space in between My and Documents. What you have actually done is
Code:
adb pull Documents
because it uses a space to signify the end of a command or parameter. It is best to avoid using folders with spaces in them. Avoid as much as you can. In the event it is unavoidable (Although when is it ever>) then please surround the path with quotation marks,
Code:
adb pull /data/media/0 "c:\users\rootSU\My Documents"
so that way, it sees everything between the " " as a single parameter.
Myth Busters
Myth 1: You need USB debugging on to use adb and fastboot
If you cannot boot into Android, it doesn't matter. You DO NOT need USB Debugging turned on to use adb outside of android. USB Debugging is an Android ONLY setting. Fastboot obviously also does not need debugging either as this too is outside of Android
Myth 2: to adb push or fastboot flash files, they must be in the same folder as adb or fastboot executables. Sorry but this is rubbish. You can pass the full path of the image you're flashing or file you're pushing in the command and fastboot / adb can be called system wide if you've set them as an environment variable or used the 15 second installer
thanks(im out of thanks). but ill be back to leave one here!!!!!
simms22 said:
thanks(im out of thanks). but ill be back to leave one here!!!!!
Click to expand...
Click to collapse
No worries. Just putting it here for info. It's not a new work, just a slightly amended version of my N5 thread. No need for thanks
rootSU said:
No worries. Just putting it here for info. It's not a new work, just a slightly amended version of my N5 thread. No need for thanks
Click to expand...
Click to collapse
it was up in the n5 threads before, and was needed here. but its here now as well, so thank you
Good guide. Needs to be a sticky. In fact, I think every device general forum should have a sticky like this. Would have saved me a lot of grief back when....
Excellent update.
Very good to see. I'm sure lots of people will be sending noobs here for the basics.
Up to your usual helpful, good work I see.
rootSU said:
This tool asks if you want to install adb and fastboot (to which you should answer Y) and then creates c:\adb\adb.exe and c:\adb\fastboot.exe
It then asks if you want to install it system wide (to which again, you should answer Y)... This then allows you to type adb commands in the command prompt without having to open a particular directory first. You may or may not understand what I mean when I say that, but take it from me, its much more convenient and easier to use this way.
Click to expand...
Click to collapse
Y option = System-wide = install to "C:\adb" and add path for system variable - This mean you can use it by any account on your pc.
N option = Current user only = install to "C:\Users\[YOUR USERNAME]\adb" and add path for user only - Only user account used for installation can actually use it.
So if you say Y or N you will be still able to use it from any directory with cmd.
rootSU said:
It will also ask if you want to install device drivers. Actually, say N to this as we're going to cover that next, using the google USB drivers
Here is a link to the Google USB Driver: DOWNLOAD THIS
Click to expand...
Click to collapse
Drivers in my installer are the one from the link you posted here. I'm not using any modified drivers, just the one that come with SDK. And they are also digitally signed.
I hope you will fix these But still nice work, beginners should understand it :good:
Snoop05 said:
Y option = System-wide = install to "C:\adb" and add path for system variable - This mean you can use it by any account on your pc.
N option = Current user only = install to "C:\Users\[YOUR USERNAME]\adb" and add path for user only - Only user account used for installation can actually use it.
So if you say Y or N you will be still able to use it from any directory with cmd.
Drivers in my installer are the one from the link you posted here. I'm not using any modified drivers, just the one that come with SDK. And they are also digitally signed.
I hope you will fix these But still nice work, beginners should understand it :good:
Click to expand...
Click to collapse
Thanks for the info. I thought system wide meant it was putting it as a path environment variable. Reason I didmt use the drivers from your tool originally is (well I wrote this thread for N5 originally) they didnt work so had to install the universal naked driver. But if yours are the same as the ones linked, I can update that.
rootSU said:
Thanks for the info. I thought system wide meant it was putting it as a path environment variable. Reason I didmt use the drivers from your tool originally is (well I wrote this thread for N5 originally) they didnt work so had to install the universal naked driver. But if yours are the same as the ones linked, I can update that.
Click to expand...
Click to collapse
Path is added in both cases.
Sooo I need a little help here. I followed the directions to unlock the bootloader and everything went good. I did the CF auto-root, and the phone booted back up as normal. Now, I was trying to flash the M preview, and all of a suddon now my phone isn't recognized in adb. You posted a pic of what we don't want to see when testing for adb, but you don't say how to fix it if we run into the problem. Any way to get it to recognize my phone again so I can get this build on?
papeshfoo said:
Sooo I need a little help here. I followed the directions to unlock the bootloader and everything went good. I did the CF auto-root, and the phone booted back up as normal. Now, I was trying to flash the M preview, and all of a suddon now my phone isn't recognized in adb. You posted a pic of what we don't want to see when testing for adb, but you don't say how to fix it if we run into the problem. Any way to get it to recognize my phone again so I can get this build on?
Click to expand...
Click to collapse
Can you be very specific with your issue please?
papeshfoo said:
Sooo I need a little help here. I followed the directions to unlock the bootloader and everything went good. I did the CF auto-root, and the phone booted back up as normal. Now, I was trying to flash the M preview, and all of a suddon now my phone isn't recognized in adb. You posted a pic of what we don't want to see when testing for adb, but you don't say how to fix it if we run into the problem. Any way to get it to recognize my phone again so I can get this build on?
Click to expand...
Click to collapse
Android M no like root, you'll either have to live with stock or wait for chainfire to do his thing.
This all worked well until I had to find my device in the cmd prompt. It listed no devices when I typed in "ADB Devices". The issue I found was with the ADB Interface Driver. I uninstalled it and reinstalled it thinking it might've been a driver issue, but it still wouldn't work. I tried the "Uninstall driver" then "scan for hardware changes" but that didn't work. Finally I found the universal ADB driver and tried using that. STILL nothing. I figured that, because I don't have my device's driver installed, it might've been that, so I tried to DL it and yet again, nothing. I have a Kyocera Hydro Life, if that helps. Also, I tried looking through the "update driver manually" in order to update the driver software by looking through the different ADB interfaces that it had but my Kyocera driver wasn't there. Is it supposed to be there or do I just use one of the ones provided?
I checked my programs and apps and it says that the Kyocera usb driver was installed. Did I do something wrong?
ScottyChaos said:
This all worked well until I had to find my device in the cmd prompt. It listed no devices when I typed in "ADB Devices". The issue I found was with the ADB Interface Driver. I uninstalled it and reinstalled it thinking it might've been a driver issue, but it still wouldn't work. I tried the "Uninstall driver" then "scan for hardware changes" but that didn't work. Finally I found the universal ADB driver and tried using that. STILL nothing. I figured that, because I don't have my device's driver installed, it might've been that, so I tried to DL it and yet again, nothing. I have a Kyocera Hydro Life, if that helps. Also, I tried looking through the "update driver manually" in order to update the driver software by looking through the different ADB interfaces that it had but my Kyocera driver wasn't there. Is it supposed to be there or do I just use one of the ones provided?
I checked my programs and apps and it says that the Kyocera usb driver was installed. Did I do something wrong?
Click to expand...
Click to collapse
Try a different USB port. If that doesn't work try a different USB cable. If that also doesn't work, you could try disabling driver signature checking for Windows.
If those don't work, try this thread > http://forum.xda-developers.com/showthread.php?t=1583801
cam30era said:
Try a different USB port. If that doesn't work try a different USB cable. If that also doesn't work, you could try disabling driver signature checking for Windows.
If those don't work, try this thread > http://forum.xda-developers.com/showthread.php?t=1583801
Click to expand...
Click to collapse
EDIT: I also forgot to mention that the error code that came up while I was in the dev manager was compatibility error code (28) when I clicked on "Device ADB interface".
ScottyChaos said:
EDIT: I also forgot to mention that the error code that came up while I was in the dev manager was compatibility error code (28) when I clicked on "Device ADB interface".
Click to expand...
Click to collapse
Error 28 means drivers not installed. Try the driver help thread that I linked above.
---------- Post added at 12:33 PM ---------- Previous post was at 12:04 PM ----------
cam30era said:
Error 28 means drivers not installed. Try the driver help thread that I linked above.
Click to expand...
Click to collapse
@ScottyChaos,
Just a fundamental question: I assume you have enabled "Developer Options" in Settings, and then checked "enable USB debugging"?
---------- Post added at 12:39 PM ---------- Previous post was at 12:33 PM ----------
[/COLOR @ScottyChaos,
Here is a thread that you might find interesting > http://forum.xda-developers.com/android/help/metro-pcs-kyocera-hydro-life-rooted-t2870678
Windows 10 device driver management is even more locked down then windows 8. I got two of the three drivers loaded but when going into adb mode on the phone through recovery it just disappeared out of the device manager. I had to unplug and plug in while in that mode to trigger a unloaded driver in the device manager. Once there I had to force the adb driver manually with the nasty windows driver warning and all. Once I did that I could see the device in adb mode and sideload my marshmallow OTA. woot!
I decided to drop a thanks bomb...
ADB is good.
But that fastboot.
Seriously, its ONE command. OK, a few different arguments to use.... But it is so easy, and so powerful. People are afraid to mess up on command line, but its actually way harder to type the wrong thing out then to click the wrong thing.
LEARN IT. Forget your toolkit.
You can fix almost anything, Its not too hard for you. It may be new... YOU CAN DO IT.
Also, I have to say it... Its not going to help anyone, but it will keep me from punching something. ADB and Fastboot... Not the same. You don't ADB a new system image....

[GUIDE][ROOT]How to install TWRP and ROOT your X507, X509 (PC Guide)

Okay, I have seen many people using the unofficial TWRP on their device, and that's a little dangerous because it may be malicious, and you might not even know that.
I am not saying it is, but it can be.
Now, back to the topic here,
HOW TO INSTALL TWRP[2] AND GET ROOT ACCESS[3] and more​Here goes..
Before anything, you need to get ADB and FASTBOOT programs on your PC and get your drivers installed so you can communicate with the device through your computer.
To Download ADB and fastboot program, you can download this file (not my upload)
Extract it anywhere you want(and remember that location).
(lets say "C:\workspace\ADB" and I will use this path for this guide).​Typically, the driver for ADB will install the first time you connect your device to your computer and:
Internet is available
USB Debugging is enabled on your phone
But the FASTBOOT driver would probably not be available yet. to get fastboot drivers, follow these steps:
Turn on and Unlock your device and connect it to PC via the USB cable.
Open CMD and execute "cd C:\workspace\ADB".(or you can open C:\workspace\ADB in file explorer and type CMD in the address bar to open CMD directly there.
Type "adb devices".
Now, your phone will ask something(permission to allow ADB access on the connected PC)allow it. After you allow it, the CMD will show a list of attached devices and the mode they are attached in, your device should show "device" for now.
If it does not, there is some problem, search on internet or ask for help here
Now type "adb reboot bootloader".
now your Phone will shutdown and open in a different state. It will say Fastboot on the screen.
Now the driver is installing or is already installed, to check, type this:
"adb devices" and it should show a list and your device's mode should change to "fastboot".
That's it for the ADB and FASTBOOT. You have the necessary things to continue.
Continue to next post for TWRP and the post next to it for ROOT ACCESS.
Now, we will talk about how to install TWRP​
@DroidThug has been kind enough to get Official support of TWRP for this device.
Head over to this thread to download the official image file of the TWRP Recovery and keep it on your computer, this is the very first step you need to take.
Here is the thread: https://forum.xda-developers.com/leeco-le-1s/development/official-twrp-t3527566
If you are lazy enough to go through the thread, which i suggest you to visit, here is the direct link to the download page: https://dl.twrp.me/x3/
And here is the direct download link of the v3.0.3(latest as of 31st Jan, 2017): https://dl.twrp.me/x3/twrp-3.0.3-0-x3.img
Once you have the recovery image, you need to flash it through fastboot.
If you are following this guide from start, you should already be in fastboot and have CMD open on your PC in adb folder.
Now, a few things you might want to follow strictly if you are unsure how to do it:
Copy the recovery image file to "C:\workspace\ADB" (adb folder).
Rename that file to "twrp.img"
Now you need to execute this command from CMD to flash the file:
"fastboot flash recovery twrp.img" and press enter.
This will take a few seconds and will will be over soon.
Now you need to reboot directly into RECOVERY, because if you will boot to the system first, the Device will replace your newly flashed recovery with the stock recovery and all this will be wasted. But if you reboot to recovery first, it will patch those things up and will stay.
So, to reboot to recovery, you need to use the key combo to get into the recovery,
Press and hold "Volume UP" and "Power" Buttons till the screen goes off(from fastboot mode) and is lit up again and then leave the power key and 2-3 seconds later, leave the Volume key too.
You will enter into recovery mode and it will ask you "if you want to keep the System partition to read only or not?"
I'd recommend keeping it to read only unless you know what you are doing.
There you have it!
You have successfully installed TWRP on your device!
GET ROOT ACCESS​
Okay, So you have the RECOVERY installed already
Now go to this page and download the latest "Recovery Flashable ZIP" from there. (Here is the latest one as on 31st Jan, 2017).
You can do this in two ways through Phone(with TWRP already present) and through PC.
Through Phone​All you need to do is flash it through the recovery and thats it, you will have root access!
Here are the steps to flash ZIPs from Recovery:
Get the zip file you want to flash(the one downloaded above) and place it somewhere in the Phone's internal storage.
Reboot to recovery(Power off and then hold "Vol UP" and "Power" keys till the screen is lit up.).
Tap on "Install".
Navigate to the ZIP file you placed in your phone's internal storage.
Select it and swipe to flash it.
The last step might take a few seconds and will be done then.
After its done, that't it!
Reboot to system and you have ROOT ACCESS!
Through PC​Okay, you would still need to reboot to recovery, but you can follow this guide if you don't want to copy the zip file on your phone for whatever reason you may have.
Here are the steps:
Enter recovery.
Select "Advanced->ADB Sideload" and swipe to start sideload.
Now connect your phone to PC.
Now open CMD in ADB folder.
Check if your device is detected by typing "adb devices". It should show a device with sideload state.
Now type "adb sideload " and drag the zip file into the cmd window.
OR
you can copy the zip to the adb folder and rename it to supersu.zip and write "adb sideload supersu.zip" in the CMD.
Now Press enter.
After this, in a few seconds, it will be over and you can reboot to system(it might automatically reboot to system too).
And that's it! There you have it!
You have ROOT ACCESS on your device!
5. Now the driver is installing or is already installed, to check, type this:
"adb devices" and it should show a list and your device's mode should change to "fastboot".
Click to expand...
Click to collapse
If the phone is on fastboot mode, "adb devices" supposed to not give any output. "fastboot devices" will show the device and mode as fastboot.
You will enter into recovery mode and it will ask you "if you want to keep the System partition to read only or not?"
I'd recommend keeping it to read only unless you know what you are doing.
Click to expand...
Click to collapse
My screen is broken (that's only white light and no digitiser). I dont have any other Le 1S to get idea.
1. Are you sure Vol Up + Power will enter into Recovery? Mine is 5.5.014S.
2. I want to make my system partition as writable. Can you tell how to achieve with hardware keys like Vol Up or down & power.
3. After step 2. Can I flash SuperSu from PC without enabling sideload. While on custom recovery , "adb devices" will show mode as recovery. So flashing supersu from here. Not sure if this is correct. On my Moto G falcon. whenever I go into TWRP, adb recovery and MTP works.
Also can you check whats the combination Vol Up+Vol Dn+Power. When it starts I can connect to adb but all partitions are read only and not allowing to make any change to device. Not sure if its due to encryption.
C:\Users\Mkn\Downloads\Le1s drivers\minimal_adb_fastboot_1.4.1_portable>adb devices
List of devices attached
0123456789ABCDEF device
C:\Users\Mkn\Downloads\Le1s drivers\minimal_adb_fastboot_1.4.1_portable>adb shell
[email protected]_HK:/ $ cat /data/misc/adb/adb_keys
/system/bin/sh: cat: /data/misc/adb/adb_keys: Permission denied
1|[email protected]_HK:/ $ id
uid=2000(shell) gid=2000(shell) groups=1003(graphics),1004(input),1007(log),1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),3002(net_bt),3003(inet),3006(net_bw_stats) context=u:r:shell:s0
[email protected]_HK:/ $ su
/system/bin/sh: su: not found
[email protected]_HK:/ $ cd
[email protected]_HK:/data $ pwd
/data
[email protected]_HK:/ $ exit
C:\Users\Mkn\Downloads\Le1s drivers\minimal_adb_fastboot_1.4.1_portable>adb reboot bootloader
C:\Users\Mkn\Downloads\Le1s drivers\minimal_adb_fastboot_1.4.1_portable>fastboot devices
0123456789ABCDEF fastboot
**
C:\Users\Mkn\Downloads\Le1s drivers\minimal_adb_fastboot_1.4.1_portable>adb devices
List of devices attached
0123456789ABCDEF device
C:\Users\Mkn\Downloads\Le1s drivers\minimal_adb_fastboot_1.4.1_portable>adb install mirror.apk
[100%] /data/local/tmp/mirror.apk
Error: java.lang.NullPointerException: Attempt to invoke interface method 'android.os.IBinder android.os.IServiceManager.getService(java.lang.String)' on a null object reference
C:\Users\Mkn\Downloads\Le1s drivers\minimal_adb_fastboot_1.4.1_portable>adb shell am start -n com.android.settings/.wifi.WifiSettings
java.lang.NullPointerException: Attempt to invoke interface method 'android.os.IBinder android.os.IServiceManager.getService(java.lang.String)' on a null object reference
at android.os.ServiceManager.getService(ServiceManager.java:55)
at android.app.ActivityManagerNative$1.create(ActivityManagerNative.java:2494)
at android.app.ActivityManagerNative$1.create(ActivityManagerNative.java:2492)
at android.util.Singleton.get(Singleton.java:34)
at android.app.ActivityManagerNative.getDefault(ActivityManagerNative.java:88)
at com.android.commands.am.Am.onRun(Am.java:295)
at com.android.internal.os.BaseCommand.run(BaseCommand.java:47)
at com.android.commands.am.Am.main(Am.java:99)
at com.android.internal.os.RuntimeInit.nativeFinishInit(Native Method)
at com.android.internal.os.RuntimeInit.main(RuntimeInit.java:250)
C:\Users\Mkn\Downloads\Le1s drivers\minimal_adb_fastboot_1.4.1_portable>adb shell dumpsys wifi
adb shell dumpsys wifi^C
C:\Users\Mkn\Downloads\Le1s drivers\minimal_adb_fastboot_1.4.1_portable>adb shell
[email protected]_HK:/ $ ls -ld sdcard
lrwxrwxrwx root root 2017-03-21 11:12 sdcard -> /storage/sdcard0
[email protected]_HK:/ $ cd /storage/sdcard0
/system/bin/sh: cd: /storage/sdcard0: Permission denied
2|[email protected]_HK:/ $ ls -ld
drwxr-xr-x root root 2017-03-21 11:12 .
[email protected]_HK:/ $ ls -ld /storage/sdcard0
d--------- system system 2017-03-21 11:12 sdcard0
[email protected]_HK:/ $
Update:
I some how managed to side load. My Phone got bootlop after installing twrp. Then flashed userdata by following http://forum.le.com/in/index.php?th...op-restart-solution-letv-le1s-x507-x509.1155/ . Now its factory reset as I can see the screenshot from PC.
Still interested in knowing what's that Vol Up+Vol Down + Power.
If any one have le 1s related problem and solution or any one want to try new rom or kernal asap then all of u are welcome in our group on telegram so plz join with us
Requriemt
1. Download telegram from play store
2. Just click below link
https://telegram.me/LeSuperGroup
Thanks all of u

[Guide] OnePlus 8T EASY ROOT (for all unlocked variants)

DO NOT FOLLOW THIS GUIDE IF YOU HAVE ANDROID 12
Visit this thread for more information
________________________________________________________
CAVEAT
I've only tested this on my device running Android 11 (KB2005 / KB05AA), but it should be universally helpful as it's using your own boot.img so there's no need to find a matching package for your variant and os version.
CREDIT
The steps were buried across a few threads, I'm posting this so it'll be easier for others to find the information. All credit goes to xb360, FullOfHell, and TheUnkn0wn.
INFO​The basic rundown is:
Use the semi-broken TWRP package to give yourself temporary su access through adb.
Extract the boot.img your phone is currently using to your pc.
Reboot to OxygenOS, copy over the boot.img you just extracted and then use Magisk to patch it.
Copy the boot.img back to your pc and use adb to temporarily boot your phone with it, giving you root access until reboot.
Use your temporary root access to allow Magisk to patch your internal as-yet unmodified boot.img to give you permanent root.
There seems to be some confusion in the thread, I'll try to clear up what's happening and why:
The primary issue at hand is that you can't root your device without already having root privileges, for security reasons. Without a custom recovery like TWRP, there are a few more steps than usual (but mostly simple stuff).​
Because we don't flash anything with this guide, it shouldn't cause any permanent bootloops if you use the wrong boot.img, if you get stuck in one just power cycle your phone. ​
Updating with OTAs should be the same process as the other guides here.​
Because of changes in Android, devices that launched with Android 10 and above will not allow you to modify the system partition, even with root. This is not a fault of this rooting method.​
Prerequisites:
ADB and Fastboot installed.​
An unlocked bootloader and USB debugging enabled.​
Android 11. (Android 12 introduced problems with this method, per other users. See link at top of page)​
________________________________________________________
STEPS:​
1. Connect your phone to your pc and boot it into fastboot mode. You can leave it connected throughout this guide.
2. On your computer open a terminal/cmd prompt. Set the directory (on your pc) you want to work from, I'm using the desktop:
for Windows, type cd C:\Users\Yourname\Desktop​for Mac, type cd desktop or cd /Users/yourname/Desktop​
Spoiler: How to set up adb and fastboot properly
To usb adb and fastboot commands outside of the folder those programs are located in, you'll need to add their location to the PATH list so your terminal can still find them when it's pointing to a different folder. If you want to skip this step, set the directory to the folder that contains adb instead of the desktop.
3. Next, use the terminal to check which A/B partition is active on your phone:
Code:
fastboot getvar all
a. You'll find it on this line: (bootloader) current-slot:a/b​b. For simplicity I'll be referring to boot_a.img throughout the guide, make sure to use boot_b.img if that's the one marked as active on your device. ​​
4. Download the semi-broken TWRP package to your desktop. We'll be using it to extract a copy of your active boot_a.img. It will give you temporary su access via adb, but there won't be a gui. Only boot from it, DO NOT FLASH IT:
Code:
fastboot boot recovery.img
adb shell
dd if=/dev/block/by-name/boot_a of=/sdcard/boot_a.img
exit
adb pull /sdcard/boot_a.img boot_a.img
adb reboot
5. Copy the extracted boot_a.img file to a user accessible area of your phone, like your downloads folder.
6. Install the latest Magisk Canary apk on your phone. Open it and:
a. Select the Install option.​b. Use Select and Patch a File on boot_a.img​
7. Copy the patched magisk_patched_a.img file back to your computer. In terminal, type adb reboot bootloader to get back to fastboot mode.
8. Temporarily boot with the patched image that corresponds to the active partition, DO NOT FLASH IT:
Code:
fastboot boot magisk_patched_a.img
Spoiler: Why we're booting and not flashing.
You could flash this boot.img, but it's safer to temporarily boot from it without overwriting your existing image in case anything went wrong along the way. The effect is that you still get root access without modifying your device, and then you can use the much safer Magisk direct install option, which has some safeguards in place.
9. By booting with the patched image, you now have temporary root access. To make it permanent open Magisk:
a. Select the Install option.​b. Use Direct Install (Recommended) to root your internal boot.img​
10. Reboot and verify it worked.
Forgot to tag it... if an admin is able to do so I'd appreciate it.
Just applied for a bootloader unlock today. When i get approved ill attempt this guide.
I am currently on T-Mobile 11.0.5.7.KB09CB.
Unlike other methods prvoided here for the 8T I got this method to work. Thank you very much!
clarification update: I own the t-mobile kb2007 model of phone
a couple of notes for any either newBs or old OPO users rejoining the party with a new onplus phone..
Some prework I had to do for my OnePlus 8T KB2005
-ensure you have the correct ADB driver installed, I installed the "15sec adb installer 1.4.2" found here on xda, watch the videos provided.
-ensure to unlock your bootloader first (*this will wipe your device.. didn't think about that..no pain no gain...)
-With device in bootloader/fastboot, run: fastboot flashing unlock
-verify with your phone to accept
-phone will reboot, just through the setup, I just skipped it all and opted for offline setup..
-renable OEM lock and USB debug
-restart back into bootloader/fastboot
-now you are ready to root
Just came here to say that this is the most genius way to go about it and thanks OP for this solution. To add your screen would flicker in TWRP but you just want to type adb reboot bootloader after you are done copying off the boot files from your phone. Thanks OP!
After performing this, I am unable to write to /system even with root?
Unable to get through with es explorer, root explorer pro, or even use a app like Titanium to move a user app to system,unable to get r/w access.
Thanks in advance
lordxcom said:
After performing this, I am unable to write to /system even with root?
Unable to get through with es explorer, root explorer pro, or even use a app like Titanium to move a user app to system,unable to get r/w access.
Thanks in advance
Click to expand...
Click to collapse
I'm having the same issue although its more tied in with removing youtube as a system app for vanced
lordxcom said:
After performing this, I am unable to write to /system even with root?
Unable to get through with es explorer, root explorer pro, or even use a app like Titanium to move a user app to system,unable to get r/w access.
Thanks in advance
Click to expand...
Click to collapse
Actually Is not possible on devices borned with android 10 or above.
giacomowrc said:
Actually Is not possible on devices borned with android 10 or above.
Click to expand...
Click to collapse
To be clear, you're saying this isn't a fault with this root method and is just a security measure since Android 10?
Mpolo87 said:
To be clear, you're saying this isn't a fault with this root method and is just a security measure since Android 10?
Click to expand...
Click to collapse
Yes of course.
Mpolo87 said:
CAVEAT
I've only tested this on my device (KB2005 / KB05AA), but it should be universally helpful as it's using your own boot.img so there's no need to find a matching package for your variant.
CREDIT
The steps were buried across a few threads, I'm posting this so it'll be easier for others to find the information. All credit goes to xb360, FullOfHell, and TheUnkn0wn.
INFO​The basic rundown is:
Use the semi-broken TWRP package to give temporary su access through adb.​
Extract boot_a.img and boot_b.img to your computer.​
Reboot into OxygenOS and copy boot_a.img and boot_b.img back to your phone.​
Use Magisk to patch both images.​
Copy the patched images back to your computer.​
Use fastboot to temporarily boot using the patched image, giving you temporary root.​
Use Magisk to direct install for permanent root.​
Prerequisites:
ADB and Fastboot installed.​
An unlocked bootloader and USB debugging enabled.​
________________________________________________________
STEPS:​
1. Get the semi-broken TWRP .img. This won't give you a gui but will give you su access over adb. You DON'T want to flash this, we're just booting with it temporarily.
2. Restart your phone into fastboot mode.
3. On your computer open a terminal/cmd prompt and set the directory where you want to dump the files (ex: cd /your/path/here). Run the following:
Code:
fastboot boot recovery.img
adb shell
dd if=/dev/block/by-name/boot_a of=/sdcard/boot_a.img
dd if=/dev/block/by-name/boot_b of=/sdcard/boot_b.img
exit
adb pull /sdcard/boot_a.img boot_a.img
adb pull /sdcard/boot_b.img boot_b.img
4. Copy the extracted files to a user accessible area of your phone.
5. Install the latest Magisk Canary release to your phone.
a. Select the Install option.​b. Use Select and Patch a File on both boot_a.img and boot_b.img​c. You should rename them or make note of the new names given by Magisk. You'll need to use one or the other depending on which partition is active. ​
6. Copy the patched .img files back to your computer.
7. Restart your phone back into fastboot mode.
8. On your computer, run:
Code:
fastboot getvar all
9. Find which A/B partition is active on this line: (bootloader) current-slot:a/b
10. Temporarily boot with the patched image that corresponds to the active partition, DO NOT FLASH IT:
Code:
fastboot boot patched-boot-a/b.img
11. You now have temporary root access, to make it permanent open Magisk:
a. Select the Install option.​b. Use Direct Install (Recommended) to root your internal boot.img​
12. Reboot and verify it worked.
Click to expand...
Click to collapse
hey there! I was just about to try this method but confused with this syntax -- don't mind the quotes
"On your computer open a terminal/cmd prompt and set the directory where you want to dump the files (ex: cd /your/path/here)"
I'm painfully confused about this: cd /your/path/here. is this done during fastboot? I know fastboot commands but adb is where my brain doesn't get it. Please elaborate further and thanks.
sameog said:
hey there! I was just about to try this method but confused with this syntax -- don't mind the quotes
"On your computer open a terminal/cmd prompt and set the directory where you want to dump the files (ex: cd /your/path/here)"
I'm painfully confused about this: cd /your/path/here. is this done during fastboot? I know fastboot commands but adb is where my brain doesn't get it. Please elaborate further and thanks.
Click to expand...
Click to collapse
When you open a terminal or command prompt on your computer it is, by default, 'pointing' to a certain folder. Since we're pulling files from the phone to pc it'll dump there, so it's easiest to set the location in advance, for your own convenience. You can just make a folder on your desktop and drag it onto the terminal window to automatically input that path after typing cd, which just means 'change directory'. This isn't a fastboot or adb thing, just a feature of terminals, so you'd do this in advance.
Mpolo87 said:
When you open a terminal or command prompt on your computer it is, by default, 'pointing' to a certain folder. Since we're pulling files from the phone to pc it'll dump there, so it's easiest to set the location in advance, for your own convenience. You can just make a folder on your desktop and drag it onto the terminal window to automatically input that path after typing cd, which just means 'change directory'. This isn't a fastboot or adb thing, just a feature of terminals, so you'd do this in advance.
Click to expand...
Click to collapse
Attached are 2 photos -- the 1st photo is the "before" I dragged my intended folder into command prompt. the 2nd photo is the "after" I dragged my intended folder into command prompt. Still hella confused.
Please note: I love this guide. It's cohesive and well-written. I just need pictures to "see" on what and where to do. I'm visual.
UPDATE: I followed the tuturial to the best of my ability and I got nothing. I'm giving up and taking a step back.
PS C:\Program Files (x86)\platform-tools_r30.0.5-windows> ./fastboot boot recovery.img
Sending 'boot.img' (64964 KB) OKAY [ 1.660s]
Booting OKAY [ 0.084s]
Finished. Total time: 1.939s
PS C:\Program Files (x86)\platform-tools_r30.0.5-windows> ./adb shell
* daemon not running; starting now at tcp:5037
* daemon started successfully
OnePlus8T:/ # dd if=/dev/block/by-name/boot_a of=/sdcard/boot_a.img
196608+0 records in
196608+0 records out
100663296 bytes (96 M) copied, 0.194981 s, 492 M/s
OnePlus8T:/ # dd if=/dev/block/by-name/boot_b of=/sdcard/boot_b.img
196608+0 records in
196608+0 records out
100663296 bytes (96 M) copied, 0.185497 s, 518 M/s
OnePlus8T:/ # exit
PS C:\Program Files (x86)\platform-tools_r30.0.5-windows> ./adb pull /sdcard/boot_a.img boot_a.img
/sdcard/boot_a.img: 1 file pulled, 0 skipped. 27.7 MB/s (100663296 bytes in 3.470s)
PS C:\Program Files (x86)\platform-tools_r30.0.5-windows> ./adb pull /sdcard/boot_b.img boot_b.img
/sdcard/boot_b.img: 1 file pulled, 0 skipped. 32.0 MB/s (100663296 bytes in 2.997s)
PS C:\Program Files (x86)\platform-tools_r30.0.5-windows> ./adb reboot
PS C:\Program Files (x86)\platform-tools_r30.0.5-windows>
sameog said:
Attached are 2 photos -- the 1st photo is the "before" I dragged my intended folder into command prompt. the 2nd photo is the "after" I dragged my intended folder into command prompt. Still hella confused.
Click to expand...
Click to collapse
You're missing the command "cd" before the path to change the directory to the new one. It should be cd C:\Users\Mr. Lew\Desktop\oneplus 8t boot image then press enter. Now you can reference any file in that folder by just the name without its entire path as a prefix being required.
A difficult method
zengin said:
Diğer yöntemden hiç de kolay değil.
Click to expand...
Click to collapse
huh?
Honestly, if there's a kind of soul out there who can share their unpatched kb2007 boot image (tmobile version), I would greatly appreciate it. I'm been banging my head on the wall with this for about 2 months with no help. I've received TONS of half-baked one liner answers but no "full-scale" tutorial. I'm giving up on this.
NOTE: I'm just frustrated guys. Not bashing the OP. It shouldn't be this hard but it became this way.
sameog said:
Honestly, if there's a kind of soul out there who can share their unpatched kb2007 boot image (tmobile version), I would greatly appreciate it. I'm been banging my head on the wall with this for about 2 months with no help. I've received TONS of half-baked one liner answers but no "full-scale" tutorial. I'm giving up on this.
NOTE: I'm just frustrated guys. Not bashing the OP. It shouldn't be this hard but it became this way.
Click to expand...
Click to collapse
While this is a temporary solution, it is also a bad solution because you can land with not being able to boot your phone every time an incremental update comes along.

Resources