Just received...any word on Rooting this bad boy. So Far love ICS!!
+1. We need to root it ASAP. Thanks.
Having some wifi issues...cutting off on randomly...n e thoughts
i wanna root too. maybe try z4? will report back.
dLo GSR said:
i wanna root too. maybe try z4? will report back.
Click to expand...
Click to collapse
Picking mine up after work, hopefully this will get some dev love.
Just a heads up; I picked one of these up on Sunday, tried using Z4 a little while ago, and wasn't able to obtain root. Might try a couple other methods later on. Hopefully this device gets its own subforum pretty soon. Haha.
What sound chip is used in this Tab 2? Did Samsung go back to Wolfson or are they still using the (ugh) Yamaha?
UPDATE: It's a Wolfson WM1811 Stereo CODEC (WM1811AE 22AGKGW)! And.. it sounds great!
I found a universal root method that may be able to help us, but I am no developer. This appears to work on a number of phones and tablets.
https://github.com/saurik/mempodroid/
I'd just like to see the tab 2 get its own sub forum. I'd like to follow any development.
So far so good. I love this little thing. Coming from a nexus s, i really thought Touch Wiz was going to be annoying. Took me no time to adjust.
I havent had any WIFI issues. I connect to several wifi networks in a day. Never a problem.
Sent from my GT-P3113 using XDA
dmuntean said:
I'd just like to see the tab 2 get its own sub forum. I'd like to follow any development.
So far so good. I love this little thing. Coming from a nexus s, i really thought Touch Wiz was going to be annoying. Took me no time to adjust.
Click to expand...
Click to collapse
just grab apex or novalauncher to replace the sammy launcher
GRZLA said:
I found a universal root method that may be able to help us, but I am no developer. This appears to work on a number of phones and tablets.
Click to expand...
Click to collapse
Tu use mempodroid you need the exit and call "offsets", this is the usage command for the Galaxy Nexus:
$ ./mempodroid 0xd7f4 0xad4b mount -o remount,rw '' /system
$ ./mempodroid 0xd7f4 0xad4b sh
#
Galaxy Nexus 4.0.2: 0xd7f4 0xad4b
Does anyone know how to obtain this parameters for the galaxy tab 2 ???
Using this post:
Nesquick95 said:
Saurik's mempodroid exploit needs offsets of "exit" and "setresuid" fuctions calls in order to work.
Here's a tool that may find this two offsets while running on your ICS device and give you the mempodroid command line to run for gaining a temporary root shell.
This tool doesn't add any capability to Saurik's exploit.
Please let me know if you have any idea for improvement.
Feel free to use this tool, at your own risks.
1- download and unzip
2- push the two binaries to /data/local/tmp with adb
3- chmod 755
4- run n95-offsets
5- copy / paste the command line given by the tool
If the trick works, you will see the $ prompt change to a # one.
Hope it will help.
Click to expand...
Click to collapse
I got this offsets for mempodroid:
n95-offsets by Nesquick95
Gets requiered offsets for mempodroid exploit
./mempodroid 0xd904 0xae5f sh
Click to expand...
Click to collapse
But when i try to copy the "su binary" file it still displays error
C:\Program Files (x86)\Android\android-sdk\platform-tools>adb push su /system/bin
failed to copy 'su' to '/system/bin/su': Read-only file system
Click to expand...
Click to collapse
Any clues... anyone ??
do this:
adb push <path to mempodroid> /data/local/tmp/
adb shell
$ chmod 755 /data/local/tmp/mempodroid
$ /data/local/tmp/mempodroid 0xd904 0xae5f sh
# id
what is the output of the id command after running those commands in adb shell?
if it says uid=0 then i'll be happy
elitrix said:
do this:
adb push <path to mempodroid> /data/local/tmp/
adb shell
$ chmod 755 /data/local/tmp/mempodroid
$ /data/local/tmp/mempodroid 0xd904 0xae5f sh
# id
what is the output of the id command after running those commands in adb shell?
if it says uid=0 then i'll be happy
Click to expand...
Click to collapse
This is what i tried on my GT-3113 Galaxy Tab 2:
Code:
C:\Program Files (x86)\Android\android-sdk\platform-tools>adb shell
[email protected]:/ $ cd /data/local/tmp
cd /data/local/tmp
[email protected]:/data/local/tmp $ ls
ls
boomsh
busybox
mempodroid
n95-offsets
output
psneuter
sh
zergRush
[email protected]:/data/local/tmp $ chmod 777 mempodroid
chmod 777 mempodroid
[email protected]:/data/local/tmp $ chmod 755 n95-offsets
[email protected]:/data/local/tmp $ ./n95-offsets
n95-offsets by Nesquick95
Gets requiered offsets for mempodroid exploit
./mempodroid 0xd904 0xae5f sh
1|[email protected]:/data/local/tmp $ ./mempodroid 0xd904 0xae5f mount -o remount,rw
'' /system
ae5f mount -o remount,rw '' /system <
then
Code:
1|[email protected]:/data/local/tmp $ ./mempodroid 0xd904 0xae5f sh
./mempodroid 0xd904 0xae5f sh
1|[email protected]:/data/local/tmp $
STILL the '$' sign !!! i dont have "su" privileges, this feels I'm so close...
when i try again with....
Code:
1|[email protected]:/data/local/tmp $ /data/local/tmp/mempodroid 0xd904 0xae5f sh
/data/local/tmp/mempodroid 0xd904 0xae5f sh
1|[email protected]:/data/local/tmp $
I still get the '$' sign instead of the '#'.
exploit doesn't work on this tab then... on to the next.
elitrix said:
exploit doesn't work on this tab then... on to the next.
Click to expand...
Click to collapse
Either that or the offsets reported by n95-offsets are incorrect. I have no idea how reliable it is or how it works though. Wish I had my tablet with me to dig deeper.
machx0r said:
Either that or the offsets reported by n95-offsets are incorrect. I have no idea how reliable it is or how it works though. Wish I had my tablet with me to dig deeper.
Click to expand...
Click to collapse
I went ahead and check the source code for the “n95-offsets” and found that this code searches for a pattern in memory. :
static const unsigned char exit_pattern[8] = { 0xB0, 0xFF, 0xFF, 0xFF, 0x04, 0x46, 0x00, 0x20};
static const unsigned char suid_pattern[8] = { 0xD0, 0x40, 0xE0, 0x3D, 0x68, 0x28, 0x46, 0x29};
Click to expand...
Click to collapse
So maybe it’s a different pattern for the GT-3113, cause it depends on the kernel version, so my theory is that the offsets are incorrect.
I had spoken to saurik and supplied him the run-as from the tab and he confirmed those offsets...of course he could've been using.the same tool on his end didn't ask so take with a grain of salt in the face of your theory.
Chase Bank app, trying to make a check deposit, it fails when it tries to start the camera. The deposit part of the app wants to take pictures of the check front & back. Then it uploads the pictures.
Sent from my Samsung Galaxy Tab 2 7.0
Wifi antenna seems 2 be a little weak..erratic. i think my old dellstreak 5" had better signal....battery sure takes long to charge
How do you bring up My Apps in Play Store on the Samsung Galaxy Tab 2 - 7.0?
Sent from my Samsung Galaxy Tab 2. - 7.0
Related
Looking for assitance installing HTC hero drivers and Devtool ( adb shell ) on a Linux OS based laptop
I have Jolicloud ( Ubuntu base OS for netbooks ) (sudo commands)
if someone could provide a guide or assitance..
The drivers are there already
as for dev tools that pretty easy
download the sdk, extract it to a folder in ~/bin, run
Code:
cd ~/bin
chown +x *
then edit ~/.bashrc and add the line PATH="$HOME/bin:$PATH"
should do it for ya, now you just run adb by putting adb in the terminal
Vrekk said:
The drivers are there already
as for dev tools that pretty easy
download the sdk, extract it to a folder in ~/bin, run
Code:
cd ~/bin
chown +x *
then edit ~/.bashrc and add the line PATH="$HOME/bin:$PATH"
should do it for ya, now you just run adb by putting adb in the terminal
Click to expand...
Click to collapse
thanks but i am having problems moving it to the bin folder ..gives permission denied
whast the line comand to extract file to bin folder?
never mind i got it
sudo mv android-sdk-linux_86
rgildoss said:
whast the line comand to extract file to bin folder?
Click to expand...
Click to collapse
Sorry I was cleaning up. Make sure you are extracting it to the bin folder in your home, NOT THE ROOT ONE. If the folder doesn't exist create it
I realized that the first thing I told you to do was wrong, we want the stuff in the tools folder NOT everthing in the sdk, cd into the folder the android sdk is in and run this: (skip the chmod +x step above, I moved it to down here
command:
Code:
tar -xzf android-sdk_r05-linux_86.tgz
chmod +x android-sdk-linux_86/tools/*
cd -r android-sdk-linux_86/tools/* ~/bin
rm -r android-sdk-linux_86 'this will remove anything you don't need Optional
If you get an error saying that ~/bin dosn't exist, run
Code:
mkdir ~/bin
then edit the .bashrc like described in my first post
EDIT:If should not have needed sudo if you moved it to /home/rgildoss/bin only if you moved it to /bin should it have caused problems. You don't want it in /bin
that cd -r gives me an error
bash: cd -r: invalid option
cd: usage: cd [-L|-P]..[dir]
Oops! typo! try cp no cd lol
Vrekk said:
Oops! typo! try cp no cd lol
Click to expand...
Click to collapse
LOL
okay that worked
one last thing
chown +x * also gives error
chown: invalid user: `+x'
also tried
chown +x*
chown: missing operand after `+x*'
It shouldn't have to be in bin unless you're going to need access to the executable from anywhere in the directory tree. I run mine out of ~/android/ and it's fine. As far as permissions go, chown changes the owner of the file, chmod changes the permissions. If you're the only user on the machine, change the permissions with the octal: chmod 777 path/to/files/*
rgildoss said:
LOL
okay that worked
one last thing
chown +x * also gives error
chown: invalid user: `+x'
also tried
chown +x*
chown: missing operand after `+x*'
Click to expand...
Click to collapse
damn I really off my game tonight, should be chmod not chown
okay everything is good except for the last step:
then edit ~/.bashrc and add the line PATH="$HOME/bin:$PATH"
how do i edit this ? and were is the file at?
im sorry about all the question, its been over 4 years sisnce i used linux ( ubuntu ) and i wasnt very good at then either...lol
HELP!
lol
EDIT: my files are in [email protected]:/home/rico/bin#
rgildoss said:
okay everything is good except for the last step:
then edit ~/.bashrc and add the line PATH="$HOME/bin:$PATH"
how do i edit this ? and were is the file at?
im sorry about all the question, its been over 4 years sisnce i used linux ( ubuntu ) and i wasnt very good at then either...lol
HELP!
lol
EDIT: my files are in root@mini:/home/rico/bin#
Click to expand...
Click to collapse
One thing, why are you loged in as root?
and nano ~/.bashrc should do it
or gedit ~.bashrc if you like gui better
rgildoss said:
okay everything is good except for the last step:
then edit ~/.bashrc and add the line PATH="$HOME/bin:$PATH"
how do i edit this ? and were is the file at?
Click to expand...
Click to collapse
A user specific .bashrc doesn't exist by default in most Ubuntu based distros. Create it with...
Code:
touch ~/.bashrc
...and add the path statement. There should also be a systemwide bashrd located at /etc/bash.bashrc
Vrekk said:
One thing, why are you loged in as root?
and nano ~/.bashrc should do it
or gedit ~.bashrc if you like gui better
Click to expand...
Click to collapse
force of habit from old days ....
rgildoss said:
thanks but i am having problems moving it to the bin folder ..gives permission denied
Click to expand...
Click to collapse
If you want to send to /bin or /usr/bin, you'll need superuser access:
Command is: sudo su
Then type your password.
What was recommended was creating a bin directory in your home directory. Then edit your .bashrc to include the new bin directory.
[email protected]:~$ adb devices
List of devices attached
???????????? no permissions
[email protected]:~$
did i do something wrong?
comintern said:
A user specific .bashrc doesn't exist by default in most Ubuntu based distros. Create it with...
Code:
touch ~/.bashrc
Click to expand...
Click to collapse
I forgot that, been so long sence the last time I booted up anything ubuntu based or even
rgildoss said:
force of habit from old days ....
Click to expand...
Click to collapse
did it work? You will need to reopen a terminal in order for it to use the new file, but then you should be able to use adb like any other linux command
EDIT: you answered my question before I posted it, nice
Hmm, I don't know what to do about that part, when ever I get an error like I can't get it to go away
rgildoss said:
[email protected]:~$ adb devices
List of devices attached
???????????? no permissions
[email protected]:~$
did i do something wrong?
Click to expand...
Click to collapse
1. Try adb kill-server first, then rerun the command.
2. If that doesn't work, run as superuser...see if that fixes it.
tkirton said:
1. Try adb kill-server first, then rerun the command.
2. If that doesn't work, run as superuser...see if that fixes it.
Click to expand...
Click to collapse
nope
wtf....
lol
[email protected]:~$ adb kill-server
[email protected]:~$ adb devices
* daemon not running. starting it now *
* daemon started successfully *
List of devices attached
???????????? no permissions
[email protected]:~$
To downgrade your HBOOT to go back to 2.2 visit this link http://forum.xda-developers.com/showthread.php?t=1255474
This will allow you to flash 2.2 to perm root the phone
If you wish to help with perm root status for Android 2.3.3, please visit this thread http://forum.xda-developers.com/showthread.php?t=1218580
Thanks to everyone in this post who has helped get this far. You will need to have the Android SDK installed and working knowledge of ADB and basic file system structure.
Major help from minneyar
TEMP ROOT Instructions:
Download http://tinyw.in/1lI
Unzip if required and put in your ADB folder
Launch command prompt and navigate to your ADB folder
adb push fre3vo /data/local/tmp/
adb shell
chmod 777 /data/local/tmp/fre3vo
/data/local/tmp/fre3vo -debug -start fbb58a00 -end FFFFFFFF (if this doesn't work, try rebooting phone)
Download these 2 files here and put them in your ADB directory: http://forum.xda-developers.com/showthread.php?p=14927732#post14927732
exit back to command prompt if you aren't there already
adb push Superuser3-beta1.apk /data/app/
adb push su-3.0-alpha7 /data/local/tmp
adb shell (should now see # instead of $)
cd /data/local/tmp
chmod 777 su-3.0-alpha7
./su-3.0-alpha7
cd /
mount -o remount,rw -t rootfs rootfs /
rm vendor
mkdir vendor
mkdir vendor/bin
cat /data/local/tmp/su-3.0-alpha7 > /vendor/bin/su
chmod 4755 /vendor/bin/su
You now have temp root. Disregard any notification about outdated SU binary. Root will go away if you reboot. If you reboot your phone you can obtain root again by just running the following
adb shell
chmod 777 /data/local/tmp/fre3vo
/data/local/tmp/fre3vo -debug -start fbb58a00 -end FFFFFFFF
adb shell (should now see # instead of $)
cd /data/local/tmp
chmod 777 su-3.0-alpha7
./su-3.0-alpha7
cd /
mount -o remount,rw -t rootfs rootfs /
rm vendor
mkdir vendor
mkdir vendor/bin
cat /data/local/tmp/su-3.0-alpha7 > /vendor/bin/su
chmod 4755 /vendor/bin/su
I haven't found a way to re-root after rebooting without connecting to a PC
Type su and see if it gives you root permissions
Sent from my MiuiSpeedy
says su: not found.
You are saying you cannot install the superuser app? From reading in the Evo3D forums, you could install Superuser, even without being rooted, but it obviously won't allow root access, until you run a root exploit.
Try rebooting the phone, installing superuser, run fre3vo, and then try the adb shell, and su method.
This is getting interesting. Hopefully you are on to something.
Stuke00 said:
See screenshot. Doesn't the # mean temp rooted? Tho I cannot install SU and Root Explorer isn't working. Anything else I need to do first or something?
Click to expand...
Click to collapse
Looks hopeful!
tokuzumi said:
You are saying you cannot install the superuser app? From reading in the Evo3D forums, you could install Superuser, even without being rooted, but it obviously won't allow root access, until you run a root exploit.
Try rebooting the phone, installing superuser, run fre3vo, and then try the adb shell, and su method.
This is getting interesting. Hopefully you are on to something.
Click to expand...
Click to collapse
Okay let me clarify
I can install SU but it wouldn't install the binaries. I did all of the above. Says su: not found.
I then tried something else.
# mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
# cat /system/bin/sh > /system/bin/su
# chmod 4755 /system/bin/su
I was then able to get the SU binaries to install but Titanium Backup says:
"Busybox works but the "su" command does not elevate to root: "whoami" reports "app_135" instead of root/uid 0.
then su from the command prompt was saying "link_image[1935]: 3160 missing essential tablesCANNOT LINK EXECUTABLE" and now back to su: not found again....
I don't know enough about linux commands to give you any real info. Like in the other thread, talk to agrabren, to see what he has to say.
tokuzumi said:
I don't know enough about linux commands to give you any real info. Like in the other thread, talk to agrabren, to see what he has to say.
Click to expand...
Click to collapse
Yeah I tweeted him with what I could provide with 160 characters. Just waiting now.
Well here's a tweet he put out a couple of hours ago.
@agrabren: For those with the SHIFT, it's a known bug in my code that we missed the address. One too many zeroes in the list. I'll try to fix it soon.
Sent from my PG06100 using XDA App
crump84 said:
Well here's a tweet he put out a couple of hours ago.
@agrabren: For those with the SHIFT, it's a known bug in my code that we missed the address. One too many zeroes in the list. I'll try to fix it soon.
Sent from my PG06100 using XDA App
Click to expand...
Click to collapse
Yeah he posted that right after I gave him the memory address for the exploit. Just means that I did it the manual way through debugging. At least I think so... hopefully soon!
Good news, everybody! I have successfully acquired temp root on my Shift!
First, fre3vo has to be pointed at the right address. After copying it over to my phone, I did "adb shell" and then ran it like so:
/data/local/tmp/fre3vo -debug -start fbb58a00 -end FFFFFFFF
That printed out a message that it found an exploit and kicked me out of the shell. After doing "adb shell" again, I got a command prompt. I tried installing the 2.3.6.3 version of Superuser, but it complained about being unable to install "su"; I tried to find a separate su binary and copy it over manually, but it didn't work due to a linker error.
After searching around, I found a beta version of Superuser 3:
http://forum.xda-developers.com/showthread.php?p=14927732#post14927732
First I uninstalled the old version of Superuser and then used adb to install the new one from that thread. I ran it and it said it was unable to install su, so I downloaded the version of su provided there and installed it manually. The process went something like:
Code:
adb push su-3.0-alpha7 /data/local/tmp
adb shell
# cd /data/local/tmp
# chmod 4755 su-3.0-alpha7
# ./su-3.0-alpha7
# mount -o remount,rw -t ext3 /dev/block/mmcblk0p26 /system
# cat su-3.0-alpha7 > /system/bin/su
# chmod 4755 /system/bin/su
I don't know if explicitly running "./su-3.0-alpha7" is necessary, it just seemed like a good idea at the time. I don't know if everybody's block device will be named "mmcblk0p26", I used "mount" to figure out what was mounted at /system.
Anyway, after all that was done, I ran Superuser again and it didn't complain. To test it out, I started up Wireless Tether. It asked me for superuser permissions, which I granted it, and it's working fine.
Root successful!
Good job!!
Sent from my Speedy HTC EVO shift on XDA Premium app
I followed those steps exactly and got what I would call a partial root. Some of the 'you need root' errors are gone but "su" still results in 'not found' even though "mkdir su" results in 'file exists.'
mmcblk0p26 exists on this unit.
The weirdest part is that Adfree will accept the device as rooted and with superuser but says it can't find a partition to modify. And after a reboot root is definitely gone.
I think you're on to it but it isn't quite there yet.
It seems to be fully temprooted to me; I have to redo it if I reboot, but otherwise it's working perfectly. After following the steps I listed above, running "ls -l /system/bin/su" should produce this output:
Code:
# ls -l /system/bin/su
ls -l /system/bin/su
-rwsr-xr-x root root 22228 2011-07-25 19:14 su
If it says "No such file or directory" instead, then the su binary isn't in the right place.
Looking back over what I wrote, I think I left out a step -- if you were following what I listed exactly, it probably won't work, because I forgot to change to the /data/local/tmp directory. I'll update that...
Update: after playing around with it for a while, something is definitely not quite right. Everything works fine at first; I've tested Wireless Tether and Titanium Backup and they're both fine. After leaving my phone for a while and coming back, though, applications that try to get root access mysteriously fail. The dialog prompt doesn't even appear.
Going back into the adb shell, /system/bin/su is still there, but trying to run "su" causes this to happen:
Code:
# su
su
link_image[1935]: 3802 missing essential tablesCANNOT LINK EXECUTABLE
But if I use cat to overwrite su and then chmod it again, everything works. su must somehow be getting modified by something else and replaced with a bad version... but I'm not sure where to look.
I caught something like that.
I think there should be a chmod 777 su-3.0-alpha7 after cd /data/local/tmp
minneyar said:
It seems to be fully temprooted to me; I have to redo it if I reboot, but otherwise it's working perfectly. After following the steps I listed above, running "ls -l /system/bin/su" should produce this output:
Code:
# ls -l /system/bin/su
ls -l /system/bin/su
-rwsr-xr-x root root 22228 2011-07-25 19:14 su
If it says "No such file or directory" instead, then the su binary isn't in the right place.
Looking back over what I wrote, I think I left out a step -- if you were following what I listed exactly, it probably won't work, because I forgot to change to the /data/local/tmp directory. I'll update that...
Update: after playing around with it for a while, something is definitely not quite right. Everything works fine at first; I've tested Wireless Tether and Titanium Backup and they're both fine. After leaving my phone for a while and coming back, though, applications that try to get root access mysteriously fail. The dialog prompt doesn't even appear.
Going back into the adb shell, /system/bin/su is still there, but trying to run "su" causes this to happen:
Code:
# su
su
link_image[1935]: 3802 missing essential tablesCANNOT LINK EXECUTABLE
But if I use cat to overwrite su and then chmod it again, everything works. su must somehow be getting modified by something else and replaced with a bad version... but I'm not sure where to look.
Click to expand...
Click to collapse
YES! I have root! I was able to install a screenshot app and test it this is amazing progress! Thanks for that.
So now when I reboot, you have to do the entire thing again? SU and all?
Stuke00 said:
So now when I reboot, you have to do the entire thing again? SU and all?
Click to expand...
Click to collapse
Yes, every time you reboot you'll have to redo the whole process, including running fre3vo and then copying su into /system/bin. Hopefully somebody will figure out a permanent root soon.
Wow those SU binaries are disappearing before I even reboot! Already gone and I haven't rebooted the phone
I think I had that issue too. I just couldn't believe the files just disappeared and thought I did something wrong somewhere.
Would a logcat help anyone at all? Anything I should look for?
Can anyone help me with rooting U8800pro running the official 2.3.5 ?
I tried all the methods I was using for the U8800 but all of them doesn’t work... Any advice ?
i have the same problem, how to root???
linomaniac said:
i have the same problem, how to root???
Click to expand...
Click to collapse
i'm searching everywhere for 3 days now with nothing usefull
If automatic ways failed try this:
http://forum.xda-developers.com/showthread.php?t=1423422
dancer_69 said:
If automatic ways failed try this:
http://forum.xda-developers.com/showthread.php?t=1423422
Click to expand...
Click to collapse
i think its not that easy to me to do it manual
but thanks anyway for trying to help
Of course automatic ways are easier, but it' s not that difficult, just need a little more time and attention.
The other way is to find a prerooted boot.img and put it to .cust_backup/image folder(replacing the original). I haven't pro model, so my boot.img will not work
dancer_69 said:
Of course automatic ways are easier, but it' s not that difficult, just need a little more time and attention.
The other way is to find a prerooted boot.img and put it to .cust_backup/image folder(replacing the original). I haven't pro model, so my boot.img will not work
Click to expand...
Click to collapse
i tried this way but it didn't work too.. i found a prerooted boot.img.. replaced the original one but it didnt work
To just say didn't work doesn't help. Write where you get an error and which is. Then maybe I can help you(or someone with more knowledge).
dancer_69 said:
To just say didn't work doesn't help. Write where you get an error and which is. Then maybe I can help you(or someone with more knowledge).
Click to expand...
Click to collapse
i got the prerooted boot.img file for the U8800pro... replaced it with the original one.. But the phone is not booting.. It stuck on the huawie logo (the 1st logo before the one with the animation) so i had to put back the original one to make it work
I mean the error on manual rooting.
As fro prerooted boot.img file, are you sure that is compatible with ther rom you have? If is from a custom rom will not work. You need the boot.img of a phone with the same rom as yours, just rooted.
well, maybe it wasn't compatible with my stock rom.. do you have anywhere where i can find some prerooted imgs ?
and about the manual root.. i didnt got any errors coz i didnt know how to wirte those codes :s
Sorry I' don't know because I haven't a pro model and I don't know if there is a rooted boot.img uploaded fro pro mode. Maybe a member with pro read your thread and upload his img file.
-About manual rooting, you need to open DOS command prompt window. It' s in all progarms -> accessories
If you put the DoomLordRoot program in the root directory of your C drive and rename this folder to DoomLordRoot.v3(if have another name), you need to just put the commands one by one as given on the link I posted.
You just need to put first the command:
cd \DoomLordRoot.v3\files
to go to directory in which adb.exe is.
You can check if you are in the right path if you enter the command:
dir
afterwards. If you are in correct folder you'll see the files which are in c:\DoomLordRoot.v3\files directrory listed.
After that just start to follow the directions of the link. Just hit enter after every command you put. If you don' t see errors after every command you're ok. If you get an error on a command, write it here, for farther help. I don' t think that you' ll get an error, because I've done this proccess about 5 times and never get an error. But if you do, just put it here to see if we can help.
Thanks alot bro for the help.
well, i followed what u said but i think i got confused somewhere.. i'll type what i got.
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\User>cd\
C:\>cd DoomLordRoot.v3
C:\DoomLordRoot.v3>cd files
C:\DoomLordRoot.v3\files>adb shell
$ chmod 777 /data/local/tmp/zergRush
chmod 777 /data/local/tmp/zergRush
$
$ ./data/local/tmp/zergRush
./data/local/tmp/zergRush
[**] Zerg rush - Android 2.2/2.3 local root
[**] (C) 2011 Revolutionary. All rights reserved.
[**] Parts of code from Gingerbreak, (C) 2010-2011 The Android Exploid Crew.
[+] Found a GingerBread ! 0x00000118
[*] Scooting ...
bugreport dir[/data/local/tmp] exist.
[*] Sending 149 zerglings ...
bugreport dir[/data/local/tmp] exist.
[*] Sending 189 zerglings ...
[-] Hellions with BLUE flames !
$
$ ^C
C:\DoomLordRoot.v3\files>adb shell
$ chmod 755 /data/local/tmp/busybox
chmod 755 /data/local/tmp/busybox
$
$ /data/local/tmp/busybox mount -o remount,rw /system
/data/local/tmp/busybox mount -o remount,rw /system
mount: permission denied (are you root?)
$
$ dd if=/data/local/tmp/busybox of=/system/xbin/busybox
dd if=/data/local/tmp/busybox of=/system/xbin/busybox
/system/xbin/busybox: cannot open for write: Read-only file system
$
VaMpYMaSTeR said:
Thanks alot bro for the help.
well, i followed what u said but i think i got confused somewhere.. i'll type what i got.
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\User>cd\
C:\>cd DoomLordRoot.v3
C:\DoomLordRoot.v3>cd files
C:\DoomLordRoot.v3\files>adb shell
$ chmod 777 /data/local/tmp/zergRush
chmod 777 /data/local/tmp/zergRush
$
$ ./data/local/tmp/zergRush
./data/local/tmp/zergRush
[**] Zerg rush - Android 2.2/2.3 local root
[**] (C) 2011 Revolutionary. All rights reserved.
[**] Parts of code from Gingerbreak, (C) 2010-2011 The Android Exploid Crew.
[+] Found a GingerBread ! 0x00000118
[*] Scooting ...
bugreport dir[/data/local/tmp] exist.
[*] Sending 149 zerglings ...
bugreport dir[/data/local/tmp] exist.
[*] Sending 189 zerglings ...
[-] Hellions with BLUE flames !
$
$ ^C
C:\DoomLordRoot.v3\files>adb shell
$ chmod 755 /data/local/tmp/busybox
chmod 755 /data/local/tmp/busybox
$
$ /data/local/tmp/busybox mount -o remount,rw /system
/data/local/tmp/busybox mount -o remount,rw /system
mount: permission denied (are you root?)
$
$ dd if=/data/local/tmp/busybox of=/system/xbin/busybox
dd if=/data/local/tmp/busybox of=/system/xbin/busybox
/system/xbin/busybox: cannot open for write: Read-only file system
$
Click to expand...
Click to collapse
Put su or sudo before command. like this "su /data/local/tmp/busybox mount -o remount,rw /system"
Yes, seems that you didn' t give the su command before(I think I've include command su, on my tutorial but I' m not sure. I'll check it).
If you see the symbol $ this means that you haven't get root rights yet.
Seems that zergrush succeed, so everytime after adb shell command, first you need to give the command:
su
If device is rooted, you'll see that the symbol changes to #
I think that you' re in good way though.
when i put SU in the begining it give me this :
su: permission denied
if you rebooted the phone you must run zergrush again.
Zergrush is the hack that unlocks the root account temporary. If you didn' t success to put su program on the right place, rooting access loosed after rebooted. su makes root permanent, busybox is an advanced shell and superuser is the app which used to give or denied root rights to apps which asking for this.
First be sure that zergrush is copied to data/local/tmp and you give to it the right permissions(all commands are in tutorial)
These messages mean that zergrush running
[+] Found a GingerBread ! 0x00000118[*] Scooting ...
bugreport dir[/data/local/tmp] exist.[*] Sending 149 zerglings ...
bugreport dir[/data/local/tmp] exist.[*] Sending 189 zerglings ...
[-] Hellions with BLUE flames !
Click to expand...
Click to collapse
after that check if root succeed by input su command. If you get the # sign you're good to go to continue(exit shell etc)
i'm so sorry, but what do you mean with "If you didn' t success to put su program on the right place" ???? what where is the right palce ?
Some of the commands on tutorial handle the su program.
Push it to /system/bin(this is the right place), change its ownership, permissions etc.
For these commands to succeed(and also the commands for busybox and superuser), first need to enter to root account, by command su:
adb shell (press enter)
su (press enter)
these give the # sign which means that you are root.
If you don' t do this all commands will fail with errors as:
permission denied or cannot write to...
now i'm getting this:
C:\DoomLordRoot.v3\files>adb shell
* daemon not running. starting it now *
* daemon started successfully *
$ chmod 777 /data/local/tmp/zergRush
chmod 777 /data/local/tmp/zergRush
Unable to chmod /data/local/tmp/zergRush: No such file or directory
$
i think i will give up
Hello everyone...
I have a Motorola RAZR 201M(XT902) in Japan and use Motofail2go to root it.But it doesn't work.
(follow http://forum.xda-developers.com/showthread.php?p=32889627)
I installed Sudoku.apk and push the motofail2go to the device(also su,Superuser.apk,busybox).
when
$ run-as com.motorola.bug2go /data/local/tmp/motofail2go prep2
Here is the error message:
"run-as: exec failed for /data/local/tmp/motofail2go Error: Operation not permitted"
and i try $ run-as com.motorola.bug2go
but error message : "run-as: exec failed"
Anyone help? Thanks...
Sorry buddy. Nothing works. We 201m users are SOL.
Have you tried this?
http://www.droidrzr.com/index.php/topic/15208-root-motochopper-yet-another-android-root-exploit/
Thanks Paul!
No luck with that either. Appreciate the feedback, however.
I hope somebody will study the XT902 root.
goodayoo said:
I hope somebody will study the XT902 root.
Click to expand...
Click to collapse
I really want this thing rooted. How do one go about figuring out how to root it? I assume because of it's lack of popularity, no one has done it, but I'm willing to do the grunt work if there's some sort of guide or assistance. I changed over to DoCoMo with the GS4 and now have this paperweight that I would want to actually use.
Thanks!
Almalieque said:
I really want this thing rooted. How do one go about figuring out how to root it? I assume because of it's lack of popularity, no one has done it, but I'm willing to do the grunt work if there's some sort of guide or assistance. I changed over to DoCoMo with the GS4 and now have this paperweight that I would want to actually use.
Thanks!
Click to expand...
Click to collapse
There some Japanese guys doing some things to try and get root. They are active. The site has a lot of rather unpleasant (read offensive) advertisements. PM if you are interested (its in Japanese)
root
help!!!
Root and Unlocked bootloaders!
Proceed at yor own risk
hungln03 said:
help!!!
Click to expand...
Click to collapse
1)Prep
Android SDKと各種ドライバを導入する。
以下の必要ファイルをC:\***(何でも良い)に配置する。
・XT902_SBMの中身(http://www1.axfc.net/uploader/so/2991543 >>125氏)
・su(http://www1.axfc.net/uploader/so/2918729 password:f10d)
・Superuser.apk(in the above downloaded)
・busybox(in the above downnloaded)
201M Plug the phone into the comp
any port will do
2)adb pushで必要ファイルを/data/local/tmp転送
コマンドプロンプトを開く
C:\Users\(ユーザー名) >cd C:\***
adb push su /data/local/tmp
adb push Superuser.apk /data/local/tmp
adb push busybox /data/local/tmp
adb push unlock_security_module /data/local/tmp
adb push break_setresuid /data/local/tmp/
adb push mole-plough-ccsecurity.so /data/local/tmp/
adb push mole-plough-lsm.so /data/local/tmp/
3)unlock_security_module(temp root)
adb shell
[email protected]:/ $ cd /data/local/tmp/
[email protected]:/data/local/tmp $ chmod 777 *
[email protected]:/data/local/tmp $ ./unlock_security_module
[email protected]:/data/local/tmp $ ./break_setresuid
(unlock_security_moduleが動いてMIYABIとNANDロック解除)
(色々表示されるので↓が出る間で待つ)
Unlocked LSM.
Do setresuid...
OK.
[email protected]:/data/local/tmp #
(#if done correctly temp root should be achieved)
271 :270:2013/09/15(日) 23:31:42.67 ID:tIg7fkl6
4)system putting together su,Superuser.apk,busybox
[email protected]:/data/local/tmp # mount -o rw,remount /system /system
[email protected]:/data/local/tmp # cat /data/local/tmp/su > /system/xbin/su
[email protected]:/data/local/tmp # cat /data/local/tmp/busybox > /system/xbin/busybox
[email protected]:/data/local/tmp # cat /data/local/tmp/Superuser.apk > /system/app/Superuser.apk
[email protected]:/data/local/tmp # chmod 644 /system/app/Superuser.apk
[email protected]:/data/local/tmp # cd /system/xbin
[email protected]:/system/xbin # chown root.root su
[email protected]:/system/xbin # chown root.root busybox
[email protected]:/system/xbin # chmod 6755 su
[email protected]:/system/xbin # chmod 755 busybox
[email protected]:/system/xbin # mount -o ro,remount /system /system
After the opperation is done it is ok to remove the cable from the pc。
check and see if「SuperSU」was installed if it wasn't download chainfire (su) from the play store
⇒SU --> update
Fro the play store download busybox。
⇒busybox -->update
Get the right CWM.img http://forum.xda-developers.com/showthread.php?t=2298521の201M
put the CWM.img you downloaded in motoapoc file you find here
adb push unlock /data/local/tmp/
adb shell chmod 755 /data/local/tmp/unlock
adb shell
cd /data/local/tmp/
chmod 777 *
./unlock_security_module
./break_setresuid
./unlock
New Command prompt
5)Inserting CWM(PC Operation)
adb shell "su -c 'mount -o remount,rw /system'"
adb shell "su -c 'mv /system/etc/install-recovery.sh /system/etc/install-recovery.bak'"
adb shell "su -c 'mv /system/recovery-from-boot.p /system/recovery-from-boot.bak'"
adb push cwm.img /data/local/tmp/cwm.img > nul
adb shell "su -c 'dd if=/data/local/tmp/cwm.img of=/dev/block/platform/msm_sdcc.1/by-name/recovery'"
adb shell "su -c 'rm /data/local/tmp/cwm.img'"
adb reboot recovery
You should be in CWM
Cheers! I take 0 credit. Long Live the Developers!!
I don't own the 902, but it's good to see this. I know quite a few people have been looking for this. You should start your own thread with the procedures, so it will get more publicity.
Thank u!
thank u so much.!1
sbeaber4 said:
Proceed at yor own risk
271 :270:2013/09/15(日) 23:31:42.67 ID:tIg7fkl6
Get the right CWM.img http://forum.xda-developers.com/showthread.php?t=2298521の201M
put the CWM.img you downloaded in motoapoc file you find here
adb push unlock /data/local/tmp/
adb shell chmod 755 /data/local/tmp/unlock
adb shell
cd /data/local/tmp/
chmod 777 *
./unlock_security_module
./break_setresuid
./unlock
New Command prompt
5)Inserting CWM(PC Operation)
adb shell "su -c 'mount -o remount,rw /system'"
adb shell "su -c 'mv /system/etc/install-recovery.sh /system/etc/install-recovery.bak'"
adb shell "su -c 'mv /system/recovery-from-boot.p /system/recovery-from-boot.bak'"
adb push cwm.img /data/local/tmp/cwm.img > nul
adb shell "su -c 'dd if=/data/local/tmp/cwm.img of=/dev/block/platform/msm_sdcc.1/by-name/recovery'"
adb shell "su -c 'rm /data/local/tmp/cwm.img'"
adb reboot recovery
You should be in CWM
Cheers! I take 0 credit. Long Live the Developers!!
Click to expand...
Click to collapse
Can you tell me more about this step
Confirm?
Can confirm if the latest instructions have worked for your 201m?
That your rooted and bootloader unlock.
Thanks a bunch!
Boot loader is unlocked and CWM is installed. Initially I still
Had temp root so I flashed slim beans xt907 rom. It works. I'm unable to test data with it as I don't have a SoftBank sim. Also I still can't connect to the play store.
sbeaber4 said:
Boot loader is unlocked and CWM is installed. Initially I still
Had temp root so I flashed slim beans xt907 rom. It works. I'm unable to test data with it as I don't have a SoftBank sim. Also I still can't connect to the play store.
Click to expand...
Click to collapse
Thanks for the feedback.
Still awaiting more confirmation with others. It's a step forward though.
I've had my phone for almost a year now. If I cancel my softbank service or run the contract to the end I want an option to root and unlock the bootloader in the future.
could u provide more friendly filehost?
i can't find the download button there
Root! (temp root that is...)
I'm just posting to confirm I've rooted my 201m (xt902).
Props to sbeaber4!
From my limited knowledge since it's temp root if I restart my phone I lose root access...
Next step in the future unlock bootloader.
Peace y'all.
Quick Tip
zenstarlight said:
I'm just posting to confirm I've rooted my 201m (xt902).
Props to sbeaber4!
From my limited knowledge since it's temp root if I restart my phone I lose root access...
Next step in the future unlock bootloader.
Peace y'all.
Click to expand...
Click to collapse
Found that if I a did restart my phone root was lost but I found a quick fix without going through the whole process again.
Just do these steps
unlock_security_module(temp root)
adb shell
[email protected]:/ $ cd /data/local/tmp/
[email protected]:/data/local/tmp $ ./unlock_security_module
Just enter those three steps then you're back to temp root
Also you can just to a quick reboot with link2sd or any other app that just reboots the android ui. You don't have to enter commands every time you reboot unless it's a full reboot.
Help for Gaigin rooting 201M
sbeaber4 said:
Proceed at yor own risk
...
You should be in CWM
Cheers! I take 0 credit. Long Live the Developers!!
Click to expand...
Click to collapse
Noob on XDA, and rooted a MT4G in the past wth help from these forums.
Can someone help translate the kanji for rooting the 201M? Will rooting allow you to change the device location and prevent random all Japanese pop-up alerts/"are you sure" messages? Thanks for any help
kprower said:
Noob on XDA, and rooted a MT4G in the past wth help from these forums.
Can someone help translate the kanji for rooting the 201M? Will rooting allow you to change the device location and prevent random all Japanese pop-up alerts/"are you sure" messages? Thanks for any help
Click to expand...
Click to collapse
Once CWM is online you might be able to flash a VZW or Aussie stock ROM. Actually, you could probably flash CM... That'll fix the Japanese popups. Of course, it also could very possibly brick it. Proper precautions must be made... On my tablet at the moment, does anyone know if sbf.droid-developers has 902 images?
Sent from my Nexus 7 using Tapatalk 4
Been reading this guide here --» https://forum.xda-developers.com/v20/development/dirtysanta-h990-t3624296
despite much of a mess that it is and poorly written in some regards. I can make perfectly good sense of it all, but the commands issued most of them are pretty useless, or don't work as they're instructed to do.
Let me point out some stuff here, cuz I'm trying to work my way through the tutorial to root my LG V20 H990DS (International) btw;
ok so the first part here it explains the following;
6. Using dirtysanta's steps: Run "RUNMEFIRST.bat" <-- Do not close.
7. Run "step1.bat" <-- Wait until you can type something again.
Click to expand...
Click to collapse
in my case here I'm using Linux, not Windows to do this, so things are simpler, the RUNMEFIRST.sh executable literally does nothing, when I can see it clearly is suppose to do something, let's take a look at what that files trying to run;
Code:
#!/bin/sh
# runmefirst.sh
#
#
# Created by me2151 on 12/13/16.
#
adb logcat | grep -a dirtysanta
OK, so it's using logcat to see what the phone is doing while piping to grep to watch out for dirtysanta being written to the phone while you have step1.sh running in another terminal instance, when that command completes you're left in ADB Shell of your device. Meanwhile the first shell script doesn't report anything going on, OK that's fine, doesn't matter since it wrote the contents of the required files to the phone, so it's there, as it should and as it's described in the shell script;
Code:
#!/bin/sh
# Step1.sh
#
#
# Created by me2151 on 12/11/16.
#
adb push dirtysanta /storage/emulated/0
adb push aboot.img /storage/emulated/0
adb push dirtycow /data/local/tmp
adb push my-run-as /data/local/tmp
adb shell chmod 0777 /data/local/tmp/*
adb shell /data/local/tmp/dirtycow /system/bin/run-as /data/local/tmp/my-run-as
adb shell /data/local/tmp/dirtycow /system/bin/applypatch /data/local/tmp/dirtycow
adb shell
Now this next part, doesn't work at all, because in the tutorial guide, they said to do chmod 777 permissions on "/storage/emulated/0/*" this doesn't work because operation is not permitted by the file owner and group root, there is no write permission to change permissions of that directory structure.
Code:
chmod: chmod '/storage/emulated/0/Android' to 40777: Operation not permitted
and yes /storage/emulated/0/ is suppose to be your storage userspace of where you save your files and stuff. Your "virtualized" SD Card space, you have normal read-write access there anyways. The next part of that tutorial says to check the id output from the Terminal Emulator app on Android, and check for the response "untrusted_app", that I do get, if you're doing it through ADB Shell you'll get "context=u:r:shell:s0" instead.
Part 12 of the tutorial has misuse or incorrect command line usage for applypatch, it will not simply execute because the command line usage is incorrect like so;
Code:
applypatch /system/bin/atd /storage/emulated/0/dirtysanta
it'll just simply return the following;
Code:
usage: applypatch [-b <bonus-file>] <src-file> <tgt-file> <tgt-sha1> <tgt-size> [<src-sha1>:<patch> ...]
or applypatch -c <file> [<sha1> ...]
or applypatch -s <bytes>
or applypatch -l
Filenames may be of the form
MTD:<partition>:<len_1>:<sha1_1>:<len_2>:<sha1_2>:...
to specify reading from or writing to an MTD partition.
obviously the step2 shell script can't do anything because there is nothing to backup, since it's calling to backup the boot images off the device.
So far I haven't been able to find any comprehensive or updated rooting guide for LG V20 H990DS in particular, nothing new worked on seems to popup anywhere as of yet.
bump this
No help for this at all? Just gonna be another one of those dead-end topics with no answers?