Hey all, just wanted to let the community know that the current 'tr.apk' download from Towelroot.com (filesize 103003 bytes, md5 of 59193b68a8a2a9a2e6fc898df81e491b) trips my ClamScan virus scanner. I got impatient trying to get it to download on my phone via Firefox, so I downloaded it via my desktop and emailed it to myself. I happen to run a virus scanner on all incoming mail, and it went crazy with this message:
A virus was found: Andr.Exploit.Ratc
Scanner detecting a virus: ClamAV-clamscan
Content type: Virus
Internal reference code for the message is 31908-19/qifk-moTWpxp
First upstream SMTP client IP address: [173.160.x.x]
173-160-x-x-Washington.hfc.comcastbusiness.net
According to a 'Received:' trace, the message apparently originated at:
[173.160.x.x], laws-mbp.mydomain.lan
173-160-x-x-Washington.hfc.comcastbusiness.net [173.160.x.x]
Return-Path: <[email protected]>
From: Lee Whalen <[email protected]>
Message-ID: <[email protected]>
Subject: tr
The message has been quarantined as: q/virus-qifk-moTWpxp
The message WAS NOT relayed to:
<[email protected]>:
250 2.7.0 Ok, discarded, id=31908-19 - INFECTED: Andr.Exploit.Ratc
Virus scanner output:
p008: OK
p009: OK
p006: OK
p012: Andr.Exploit.Ratc FOUND
p004: OK
p011: OK
p010: OK
p005: OK
p007: OK
p001: OK
Perhaps that's part of the exploit route, but I'm personally going to hold off on installing this APK until I learn more. If anyone could shed some light on this, that'd be super. I'm EXTREMELY eager to root my S5, and hope to get this straightened out soon!
False positive
Just install it it's fine. "Virus scanners" are a waste of time
Of course it trips it, it's an exploit of a security vulnerability. A virus can be used for good in this case.
Sent from my SM-G900T using Tapatalk
dynospectrum said:
False positive
Click to expand...
Click to collapse
It is NOT a false positive.
This is what the AV said it is: Andr.Exploit.Ratc
An Android Exploit.
AV alert on this is totally legit as this vulnerbility could be used by any malware to expolit your system.
Just ignore AV if you know what this code does or if you feel you want to blindly trust it to run on your system.
kgyirhj said:
It is NOT a false positive.
This is what the AV said it is: Andr.Exploit.Ratc
An Android Exploit.
AV alert on this is totally legit as this vulnerbility could be used by any malware to expolit your system.
Just ignore AV if you know what this code does or if you feel you want to blindly trust it to run on your system.
Click to expand...
Click to collapse
ok so the main reason It trips the Antivirus stuff is because it is a one click root app lol it is the only way for lots of people I hope you understand. that it is not bad but using a exploit to get root like any other root software.
Sent from my SM-G900V using Tapatalk
Does this really work for the Verizon galaxy s5? It worked for my Verizon G-pad well...
Sent from my SM-G900V using XDA Premium 4 mobile app
Yes it works !!
Sent from my SM-G900V using Tapatalk
K ty
Sent from my SM-G900V using XDA Premium 4 mobile app
The guy mentioned in his thread that it will trip anti virus programs lol
This is hilarious! :laugh:
These things always freak out Anti Virus programs. Of course they do, it exploits a security fault. That's what enables you to root your devices. And security exploits is what Virus Scanners are designed to detect.
My kaspersky is showing the download as HEUR:Exploit.Script.Blocker.U,is this safe
Viruses on non rooted phone? Is it ever possible?
MOPKOBKA said:
Viruses on non rooted phone? Is it ever possible?
Click to expand...
Click to collapse
Does this method work with a unlocked at&t samsung galaxy S3 mini running android 4.4.2?
ljfnky said:
Does this method work with a unlocked at&t samsung galaxy S3 mini running android 4.4.2?
Click to expand...
Click to collapse
Try it, or ask in the S3 mini forums
Related
Hello everyone. I am a kindle fire hdx user from China. We all waited your root method and turned out that we rooted first.
The method is very simple.
1. Install the attached software in your compurter, connect your device .(be sure you installed driver)The software will connect your device.
2. Click the low right button. Your device will be rebooted in five seconds. Root completed.
joetech1989 said:
Hello everyone. I am a kindle fire hdx user from China. We all waited your root method and turned out that we rooted first.
The method is very simple.
1. Install the attached software in your compurter, connect your device .(be sure you installed driver)The software will connect your device.
2. Click the low right button. Your device will be rebooted in five seconds. Root completed.
Click to expand...
Click to collapse
Can you show the source. I really don't trust this, if it works or not. Can we see the code. I put together code from other known Devs. The package seems shady, just saying. Anybody else install this?
Faznx92 said:
Can you show the source. I really don't trust this, if it works or not. Can we see the code. I put together code from other known Devs. The package seems shady, just saying. Anybody else install this?
Click to expand...
Click to collapse
It's a pretty popular rooting tool use among people how lack knowledge of Linux. Btw I rooted mine use the same tool, and I'm chinese too. We don't really know what exploit they use but it seems to work pretty well.
Sent from my KFTHWI using Tapatalk
wz7820431lb said:
It's a pretty popular rooting tool use among people how lack knowledge of Linux. Btw I rooted mine use the same tool, and I'm chinese too. We don't really know what exploit they use but it seems to work pretty well.
Sent from my KFTHWI using Tapatalk
Click to expand...
Click to collapse
I would like to know what exploit they used. Hold onto that for a future root. That is what I'm really interested in.
Faznx92 said:
Can you show the source. I really don't trust this, if it works or not. Can we see the code. I put together code from other known Devs. The package seems shady, just saying. Anybody else install this?
Click to expand...
Click to collapse
I didn't since this was the first post by someone just claiming it works without any source code or proof. I have to agree with you that this seems shady.
R1Mike said:
I didn't since this was the first post by someone just claiming it works without any source code or proof. I have to agree with you that this seems shady.
Click to expand...
Click to collapse
Either way I'm not install this to my computer. I really want to see what exploit they used. But yah, I don't know what this is. Better to be safe then sorry.:angel:
joetech1989 said:
Hello everyone. I am a kindle fire hdx user from China. We all waited your root method and turned out that we rooted first.
The method is very simple.
1. Install the attached software in your compurter, connect your device .(be sure you installed driver)The software will connect your device.
2. Click the low right button. Your device will be rebooted in five seconds. Root completed.
Click to expand...
Click to collapse
And doubt you rooted first since this suddenly appears 2 days after it was first rooted here on XDA from our great jcase.
Faznx92 said:
Can you show the source. I really don't trust this, if it works or not. Can we see the code. I put together code from other known Devs. The package seems shady, just saying. Anybody else install this?
Click to expand...
Click to collapse
I don't know how it works but it works. Show you the evidence.
Is this work for the model HDX 8.9" as well?
lanegan said:
Is this work for the model HDX 8.9" as well?
Click to expand...
Click to collapse
Just tested on HDX 7. Not suggest you to try.
joetech1989 said:
Just tested on HDX 7. Not suggest you to try.
Click to expand...
Click to collapse
If you can find who made this or what the exploit code is it may be a future rooting method.
Faznx92 said:
If you can find who made this or what the exploit code is it may be a future rooting method.
Click to expand...
Click to collapse
It's a very popular root tool in China that made by a company. I tested it OK and here to share with you. Can't get any code.
The best and quickest method to root.
joetech1989, Thank you, bro!!!
Your method really works fine.
Very easy and fast.
Equinox666 said:
joetech1989, Thank you, bro!!!
Your method really works fine.
Very easy and fast.
Click to expand...
Click to collapse
Can you please tell us your version? Are you on the latest version of hdx7? Give us more specific would be very helpful. Thanks bud!
andyt315 said:
Can you please tell us your version? Are you on the latest version of hdx7? Give us more specific would be very helpful. Thanks bud!
Click to expand...
Click to collapse
Current version: 13.3.1.0. At first it is necessary to include in settings Enable ADB, then to install adb drivers.
Seems sketchy. So seeing as you only have a few posts...it seems you just joined XDA developers. And you have a root tool but you cannot tell us more about it. I mean if it works then GREAT but most people would want to know what exactly it is that they are downloading..just saying. don't be offended.
equisbox said:
Seems sketchy. So seeing as you only have a few posts...it seems you just joined XDA developers. And you have a root tool but you cannot tell us more about it. I mean if it works then GREAT but most people would want to know what exactly it is that they are downloading..just saying. don't be offended.
Click to expand...
Click to collapse
This kind of reminds me of the whole fiasco with Kango root, which was secretly sending peoples IMEI numbers to a server in China, even though the dev claimed to be from Canada. It was a very easy to use program to root many different phones but was eventually pulled from XDA because of security concerns. It was/is sending 'sensitive' data without encrypting it and then also sent the IMEI as well. It also connected to the internet to download 'drivers' so a virus scan was not of much use for Kango Root. That is a completely separate program which was posted by a different XDA member.
Just to be clear... I am not at all inferring the original poster has malicious intent or has posted a malicious tool. I am merely explaining why some would view it with such skepticism especially in light of previous events. I don't yet own a Kindle Fire HDX, so, I don't have to make the difficult choice of choosing which way to root the device. Virus Total reports the files as being clean, but, that does not always mean it is safe, especially if something is downloaded once the file has been executed.
If you could shed some additional light on the tool it would likely help to put a lot of people's minds at ease.
joetech1989 said:
It's a very popular root tool in China that made by a company. I tested it OK and here to share with you. Can't get any code.
Click to expand...
Click to collapse
What is the company's name in China and do they have a webpage that we can see and get the root tool from?
Yes ,it works. maybe they use exploit we get it on XDA.
FYI : thus is just one of a few xda posts I've seen concerning vroot.... http://forum.xda-developers.com/showthread.php?t=2473354
Sent from my SCH-I545 using Tapatalk
Hi,
I'm trying to find out if I can install the AVG Anti-theft (free, rooted) app without tripping knox. It wants to either do a direct write or have me flash a update.zip in case I don't have NAND access (S-OFF). Do I? Anyone tried this? I like AVG's Anti-theft and it's free. Just wondering if I'll screw up my device flashing it. I haven't found anything via google. TIA.
This is a good question actually. I just rooted my Note 3 using Knox and USB 3.0 last night for the first time. I had the N3 since day 1 but had no PC to root it. Finally was able to pick up my new PC so I went ahead and rooted just being excited I was able to. But now that u mention it, before rooting with Knox I was using the paid version of Lookout mobile security and I thought when I rooted it would have wiped my phone completely but I still had all my apps. Needless to say Lookout was still installed and is still working after root without issue so far. Wether or not I tripped Knox idk? I did get the pop up asking me if I wanted to disable Knox after rooting which I said yes to, but at the time I wasn't even thinking about the fact I had Lookout installed. Like I said no issues so far, but if I tripped the counter or not I do not know? I'm not sure how u check even?
Sent from my SM-N900V using Tapatalk
You can check by booting into download mode with vol down + home + power i believe. It will say know 0x0 or 0x1. Interesting that you were able to install Lookout. Which method did you choose? was their an option? I'm using AVG, which lets you do writes to protected areas which is why I made this thread...
shutin said:
You can check by booting into download mode with vol down + home + power i believe. It will say know 0x0 or 0x1. Interesting that you were able to install Lookout. Which method did you choose? was their an option? I'm using AVG, which lets you do writes to protected areas which is why I made this thread...
Click to expand...
Click to collapse
I honestly don't remember what permissions or method I chose with Lookout on my N3. like I said I installed the premium version before rooting and it just ended up staying on the phone. Only reason I was even using Lookout was because I recently picked up the Z1s on my T-Mobile line and it came with the premium service of Lookout for free so I figured what the hell and installed it on my Verizon N3 as well. I'm sure whatever method I chose was just the method Lookout suggests by default though. I'll have to try n check n see if I tripped it or not and I'll let ya know.
Sent from my SM-N900V using Tapatalk
Ibkevin said:
I honestly don't remember what permissions or method I chose with Lookout on my N3. like I said I installed the premium version before rooting and it just ended up staying on the phone. Only reason I was even using Lookout was because I recently picked up the Z1s on my T-Mobile line and it came with the premium service of Lookout for free so I figured what the hell and installed it on my Verizon N3 as well. I'm sure whatever method I chose was just the method Lookout suggests by default though. I'll have to try n check n see if I tripped it or not and I'll let ya know.
Sent from my SM-N900V using Tapatalk
Click to expand...
Click to collapse
cool man, let us know the results. of course, you might have tripped know some other way but im very curious to find out your status. thanks for your help.
Is there any way to root my phone.
The system version is 183.46.15.
If your boot loader is locked, no.
Sent from my HTC6525LVW using Tapatalk
Nope. Sorry. Both bootloader and root are patched.
RikRong said:
If your boot loader is locked, no.
Sent from my HTC6525LVW using Tapatalk
Click to expand...
Click to collapse
Is there any guru working on the root? thinking about selling the phone if no hope
everseen said:
Is there any guru working on the root? thinking about selling the phone if no hope
Click to expand...
Click to collapse
Not gonna come as far as I can see from now. Just go ahead and sell it. Plenty of alternatives on the market.
Sent from Google Nexus 4 @ CM11
[WARNING: XDA Premium 4.0.13 lacks Signature function - do not update]
There are some RAZR M that are unlocked on Swappa as well.
tianor said:
Is there any way to root my phone.
The system version is 183.46.15.
Click to expand...
Click to collapse
Did u get unlocked, i am also stricken with it
Love Cyaan said:
Did u get unlocked, i am also stricken with it
Click to expand...
Click to collapse
No luck yet.
root and unlock 183.46.15
everseen said:
No luck yet.
Click to expand...
Click to collapse
Me too, me too!
Googleing this search daily " unlock 183.46.15 site:forum[.]xda-developers[.]com"
Checked ever corner of XDA, alas no solution on how to root and unlock 183.46.15
Devs @ XDA, come on champs gave us something, so can we also enjoy the privilege of CM12. Many are waiting for it fingers crossed
Mods/all, its only a humble request to Dev & not that if being annoyed.
Qualcomm patched the second layer (sbl2) of the second-stage bootloader, to take care of possible exploitation, effectively making it impenetrable. So for some individuals, we're pretty much out of luck. I wouldn't be sure of the possible exploits (the problem is, after that patch, it makes it even harder, although not impossible). Previous Kit Kat rooting exploitation relies on the permission requestion layer (futex) of the Linux kernel, as discovered by the former PS3 hacker, GeoHot, while it's patched by now. It's possible there is already a new rooting exploit by now, just don't hold the breath.
It's possible there is already a new rooting exploit by now, just don't hold the breath.
Click to expand...
Click to collapse
Can you please be more concretely?
I may not be up to date, been out of town for a bit, and figuring out a way to unbrick a few RAZR Ms.
However, the reason I said not to hold the breath is because of Verizon demanding a hard fix for rooting so that way almost any root exploits simply fail on arrival. This phone company also WANTS locked BIOS so no one can install custom recovery and OS "just because it put customer services in jeopardy".
That's really bad, can't believe that there is no chance to root or bootunlock this device.
By the way, do you know any way to disable/delete/freeze modem fast dormancy service without rooting phone? Or to made some changes in build.prop file?
Simply force close Modem fastdormancy first then disable it in app manager, it will then quit. And, editing build.prop requires root (write protection).
Force close works but disable button is inactive.
Sent from my XT907 using XDA Free mobile app
Ah, right.... I wonder why Verizon would disable some app manager features.
I'm outside of us, my carrier operates in gsm network and does not support fast dormancy, therefore phone reboots and can't wake up on power button when using h+. Thats why I need to edit build.prop and to dothis I need root access to file system.
Sent from my XT907 using XDA Free mobile app
Makes sense. However, I may look for new exploit, but since Futex is removed, it is not so simple.
Dr. Mario, are you developer?
Sent from my XT907 using XDA Free mobile app
Not officially, yet. But I know how the software works underneath the pretty UI, even down to the machine codes. I have been modding Android for 3 years.
Does anyone know if this is legit and fully working?
http://www.xda-developers.com/galaxy-s7-root/
And can someone confirm it's not full of spyware etc. I've never heard of them before.
Supposedly Kingoroot & Framaroot are risky to use, so I would wait a bit more for a more "official" way to root it
MouldingClay said:
Does anyone know if this is legit and fully working?
http://www.xda-developers.com/galaxy-s7-root/
And can someone confirm it's not full of spyware etc. I've never heard of them before.
Click to expand...
Click to collapse
Stay away from that stuff...
If I see another kingo root post.... ????
Sent from my SM-N920W8 using Tapatalk
So is the link an advertisement that the Kingo people sponsored? I don't see the ability to comment on that page so if its not legit there's no way to know (except for posts like this in a separate part of the site) which would then beg the question, why was it allowed to be posted?
I have tried this three times on my Verizon Galaxy s7 edge, and it failed all three times. First time it froze at about 20% and the other 2 times it got to 100% but said it failed at the end.
Naw dawg. Wait for the devs to release a legit root method. Stay away from this noise.
But the advantages of Kingroot are plentiful.
According to the OP here on XDA, "KingRoot is an amazing tool for 'lazy people'"
It sends unspecified information from your device to a Chinese server
It roots your device using exploits potentially making it more vulnerable
It makes changes to /system and allows you to make further changes to /system, sometimes putting noobs in really awkward situations that are hard to get out of--they get de-noobified
Edit:
XDA finally took down the link to the Kingroot guide that didn't work:
http://www.xda-developers.com/galaxy-s7-root/
[/THREAD]
The XDA guide for root which was false, has now been removed
Sent from my SM-G935F using Tapatalk
CafeKampuchia said:
But the advantages of Kingroot are plentiful.
According to the OP here on XDA, "KingRoot is an amazing tool for 'lazy people'"
It sends unspecified information from your device to a Chinese server
It roots your device using exploits potentially making it more vulnerable
It makes changes to /system and allows you to make further changes to /system, sometimes putting noobs in really awkward situations that are hard to get out of--they get de-noobified
Edit:
XDA finally took down the link to the Kingroot guide that didn't work:
http://www.xda-developers.com/galaxy-s7-root/
[/THREAD]
Click to expand...
Click to collapse
My replÿ in response to kingroot. I have used it to root Samsung tab s and blu life xl using the app it's quick and it's easy to use as described I tried to root using kingroot on European s7 with app and did not work I'll try on computer next then use kingorooy
Looks like there's a new vulnerability that is able to achieve root through a couple security holes.
Ran the Quadroot scanner app on my galaxy s7 edge PD8 and it does show its vulnerable to this.
From what I've read, this malware can achieve root just by installing it like any other Apk app.
Would it be possible for Devs to purposely download the malicious malware and make a working towelroot like root method for our devices?
Link:
http://wccftech.com/quadrooter-vulnerability-affects-900-million-android-devices-check-infected/
I just ran the app on the latest PG1 firmware and the app said this:
KillerClaw321 said:
I just ran the app on the latest PG1 firmware and the app said this:
Click to expand...
Click to collapse
My rooted SGS 7 flat on pd8 ( the previous update) says not affected by it.
Well, I used a different app for the scan. Using the same app as you, I got the same results as you. S**t
Someone should contact @geohot and beg him to work on this :3
That or @jcase. Both would be great at this methinks.
Xshooter726 said:
Looks like there's a new vulnerability that is able to achieve root through a couple security holes.
Ran the Quadroot scanner app on my galaxy s7 edge PD8 and it does show its vulnerable to this.
From what I've read, this malware can achieve root just by installing it like any other Apk app.
Would it be possible for Devs to purposely download the malicious malware and make a working towelroot like root method for our devices?
Link:
http://wccftech.com/quadrooter-vulnerability-affects-900-million-android-devices-check-infected/
Click to expand...
Click to collapse
These are no more dangerous than any other kernel exec vulns, and alone wont offer you anything. These will not unlock the bootloader, allow you to flash supersu, or let you change system.
jcase said:
These are no more dangerous than any other kernel exec vulns, and alone wont offer you anything. These will not unlock the bootloader, allow you to flash supersu, or let you change system.
Click to expand...
Click to collapse
So if you can't change the system, then why should anyone be worried about this? Sounds like if we can't use these to access the system, neither can malicious attackers unless I'm missing something.
sirslipzalot said:
So if you can't change the system, then why should anyone be worried about this? Sounds like if we can't use these to access the system, neither can malicious attackers unless I'm missing something.
Click to expand...
Click to collapse
Well they can exec code as the kernel, anf you could stack it with some DM verity or bootloader exploit, but alone the best you MIGHT get is a temp root
jcase said:
Well they can exec code as the kernel, anf you could stack it with some DM verity or bootloader exploit, but alone the best you MIGHT get is a temp root
Click to expand...
Click to collapse
I have been talking to an agent from T-Mobile and he confirmed that they are doing nothing regaurding a bootloader unlock like some have been hoping for. So now I'm kinda pissed at them and mostly Samsung. It seems devs need to find another way to unlock the bootloader. :/
KillerClaw321 said:
I have been talking to an agent from T-Mobile and he confirmed that they are doing nothing regaurding a bootloader unlock like some have been hoping for. So now I'm kinda pissed at them and mostly Samsung. It seems devs need to find another way to unlock the bootloader. :/
Click to expand...
Click to collapse
If you really thought that they were going to unlock the bootloader for us then I'm the prince of Nigeria and I would like your e-mail address.
Binary100100 said:
If you really thought that they were going to unlock the bootloader for us then I'm the prince of Nigeria and I would like your e-mail address.
Click to expand...
Click to collapse
xD
Binary100100 said:
If you really thought that they were going to unlock the bootloader for us then I'm the prince of Nigeria and I would like your e-mail address.
Click to expand...
Click to collapse
Best comment I've heard all year....
Magnifik81 said:
Someone should contact @geohot and beg him to work on this :3
Click to expand...
Click to collapse
I already did and it's being worked on.
I'm a p1neapple dev team member in the iPhone world
0DegreeCod3r said:
I already did and it's being worked on.
I'm a p1neapple dev team member in the iPhone world
Click to expand...
Click to collapse
Nice to hear that! I'm geting excited, yezz.
i hope they unlock the bootloader of my sony z3 with status no xD
Magnifik81 said:
Nice to hear that! I'm geting excited, yezz.
Click to expand...
Click to collapse
but... we need to remember we still got accompany of dm verity
0DegreeCod3r said:
I already did and it's being worked on.
I'm a p1neapple dev team member in the iPhone world
Click to expand...
Click to collapse
Isn't he working full time on his self driving car?
billydroid said:
Isn't he working full time on his self driving car?
Click to expand...
Click to collapse
He is well aware we request his hand in this one buddy and he will get to us soon.
He will announce and release via Twitter so just look out for it.
Binary100100 said:
If you really thought that they were going to unlock the bootloader for us then I'm the prince of Nigeria and I would like your e-mail address.
Click to expand...
Click to collapse
On an unrelated note, I damn near lost my **** at what you said...I originally came here from the Verizon S7E forums to see if you guys made any discoveries.
All I can say is that I may not have found anything useful in terms of progress for our devices. But I still leave satisfied. Thank you sir, thank you very much.
0DegreeCod3r said:
He is well aware we request his hand in this one buddy and he will get to us soon.
He will announce and release via Twitter so just look out for it.
Click to expand...
Click to collapse
very encouraging! please inform us if you any good news!:fingers-crossed: