Database Users

Temp root on 2.3.20 firmware

It's not pretty, but I managed to get the exploit used by Archangel to work on the 2.3.20 firmware. Hopefully someone can think of something to automate this process, or knows of a better way to do this.
I believe what Archos is doing is simply restricting your ability to execute the Archangel application in the required directories, with the addition of the psneuter exploit, you can get around this.
This exploit requires that you have ADB setup, the Archangel APK, and the psneuter exploit.
Create a folder on your computer titled archosroot (or anything you would like)
Download Archangel from http://forum.xda-developers.com/showthread.php?t=928767 rename the apk to zip and extract the files.
From the extracted files navigate to "res" then to "raw"
In this folder copy "ls" and "su" to your "archosroot" folder
Download psneuter from http://www.thinkthinkdo.com/trac/project1/attachment/wiki/psneuter/psneuter.zip and extract the files.
Copy the extracted psneuter to your "archosroot" folder.
Enable USB Debugging on your Archos, and connect it to your computer with USB.
From a command prompt, navigate to the directory ADB is installed in.
Verify that the device is connected by running
adb devices
Your archos should be listed, if not please refer to the forum on how to setup ADB for the archos
Once your archos is detected run the following commands.
adb push pathto\archosroot\psneuter /data/local/tmp
(replace pathto with the location your archosroot folder is in, for example c:\archosroot\psneuter)
adb shell chmod 777 /data/local/tmp/psneuter
adb shell /data/local/tmp/psneuter
This may take a few moments
Copy ls and su to your sdcard
adb push pathto\archosroot\ls /sdcard
adb push pathto\archosroot\su /sdcard
Connect to the shell
adb shell
move ls and su to /tmp
mv /sdcard/ls /tmp/
mv /sdcard/su /tmp/
Execute the ls exploit
/tmp/ls 0x62c7a315 0x260de680
Install the superuser application from the market (if you don't already have it)
You should now be able to run su to get root access from a terminal.
Note 1: I was previously rooted with archangel so I already had these files, I have not tried without the files being installed at all, however since this is only a temp root, the process should be the same.
Note 2: I was not able to get Titanium Backup to work, it could be the psneuter exploit prevents the application from properly requesting the right permissions.

This is good, but you should post this in the developer sup-forum
its too hard to do this for beginners

Thanks! It's very simple instruction, will try it today. As easy as install Urukdroid.
I postponed to upgrage to 2.3.20 just due to lack of root method without SDK.
I need the root just for copy some scripts to \system\bin

this has already been done in the following thread with perm root.
http://forum.xda-developers.com/showthread.php?t=897877
Firmwares have already been made that include overclock as well, the first post reveals all.
cool.

the_Danzilla , the way you pointed to requires SDE installation. I don't want to use SDE.

Inciner8Fire said:
Download psneuter from http://www.thinkthinkdo.com/trac/project1/attachment/wiki/psneuter/psneuter.zip and extract the files.
Copy the extracted psneuter to your "archosroot" folder.
Enable USB Debugging on your Archos, and connect it to your computer with USB.
From a command prompt, navigate to the directory ADB is installed in.
Verify that the device is connected by running
adb devices
Your archos should be listed, if not please refer to the forum on how to setup ADB for the archos
Once your archos is detected run the following commands.
adb push pathto\archosroot\psneuter /data/local/tmp
(replace pathto with the location your archosroot folder is in, for example c:\archosroot\psneuter)
adb shell chmod 777 /data/local/tmp/psneuter
adb shell /data/local/tmp/psneuter
Click to expand...
Click to collapse
From what I can read psneuter is a root exploit for the adbd service. So you don't need archangel to complete the root.
Can you verify what user adbd is running after you execute psneuter.
adb shell whoami
The other thing that is mentioned in the first lines of the source code of psneuter is that it effectively disables reading the settings this will probably affect a lot of programs and probably is the reason Titanium backup is not working. So this method is effectively useless to have a working root.

wdl1908 said:
From what I can read psneuter is a root exploit for the adbd service. So you don't need archangel to complete the root.
Can you verify what user adbd is running after you execute psneuter.
adb shell whoami
The other thing that is mentioned in the first lines of the source code of psneuter is that it effectively disables reading the settings this will probably affect a lot of programs and probably is the reason Titanium backup is not working. So this method is effectively useless to have a working root.
Click to expand...
Click to collapse
I was doing some more looking and you are right that because of breaking the settings this is not a good long term root.
However I would not call it useless, since you should be able to manually back up an application.
Perhaps the property file that this setting is in can be modified with this, so that it can be rooted using a more standard method.

Not sure what I did, but I was able to get root with the properties intact.
My archos had froze today and I was forced to power it off so I know the properties were no longer be neutered. I was looking at some of the properties files and for the heck of it I tried running su from a terminal, and it worked.
I opened Titanium backup and it prompted for root permissions.
Perhaps something about the forced power cycle?

I found out that when I connect to a wireless network (as required by archangel) if the disable network shares option is chosen it's not possible to root.
However it would appear that if you connect and don't select this option Archangel will still work.
I suppose there could be something else I did without realizing it, but this has worked after rebooting 5 times so far.

[Q] CWM ADB Shell All Commands Permission Denied

Greetings,
I'm new here, and can't get over to the developers forums to ask. I have two GT-I9500s for development purposes, one if full of junk, and the other is still stock, except for recovery. They both have CWM Recovery v6.0.3.2, the latest available pre-compiled I've found. The stock phone has only been booted once. That system is not rooted (and this is my whole point, I want as close to stock as possible)
I am attempting to extract the system image from Stock I9500. I have booted into CWM Recovery mode, then "adb shell" into the device. All commands I issue to the shell return "Permission Denied"
Code:
:$ adb shell
~ $ ls
/sbin/sh: ls: Permission denied
~ $ dd of=/storage/extSdCard/SYSTEM.img if=/dev/block/mmcblk0p20 bs=4069
/sbin/sh: dd: Permission denied
~ $ su
/sbin/sh: su: Permission denied
~ $ sudo su
/sbin/sh: sudo: Permission denied
I have tried to use Advanced->Fix Permissions to no avail.
CWM is pure and latest from www dot clockworkmod dot com slash rommanager (new users apparently cannot post links). CWM is able successfully operate "Backup to External" from the stock device.
The end goal is to clone the clean, stock device onto the other one. CWM claims success on "Restore from External" to the other device, but it sits on the "Samsung" loading screen forever.
A solution to either or both of these problems would be appreciated.
This was accidentally posted to General a few minutes ago, but as a new user, I don't have the ability to delete it.
-MM

You need to boot the device and then connect it to adb. Then you get a popup on your phone to allow your pc. After that you can use adb from cwm.

Lennyz1988 said:
You need to boot the device and then connect it to adb. Then you get a popup on your phone to allow your pc. After that you can use adb from cwm.
Click to expand...
Click to collapse
I booted into android, connected it to Ubuntu, enabled ADB, authorized the device, chose to remember the device, then "adb shell" into the phone. I can LS and CD around.
I rebooted into CWM Recovery, did "adb shell" and still cannot execute LS. CD works but that is bash internal not a program. Other programs are still "Permission Denied"

I am not that an expert of adb, but couldn't that be caused by the fact that you are not rooted?

Lennyz1988 said:
I am not that an expert of adb, but couldn't that be caused by the fact that you are not rooted?
Click to expand...
Click to collapse
You're conflating the environments. CWMis inherently rooted; when in recovery, Android is never booted. I have execute permission in Android, not in CWM.

nvm

As resolution to my problem, I never did fix Clockwork Mod. Instead, I flashed TWRP for the I9500 and it allows me to execute
Code:
adb shell su -c ...

[Q] ADB Permission Denied

I'm trying to follow this thread (http://forum.xda-developers.com/showthread.php?t=2515141) to get IR working on my MIUI 5.5.8 ROM. I have root permissions (SuperSU) and I have adb shell granted root permissions on SuperSU.
I'm trying to run this part:
adb root
adb shell "mkdir -p /data/local/userinit.d"
But that's what I get:
C:\Users\Leandro\Downloads\platform-tools>adb devices
List of devices attached
06902d4f16cf0d35 device
C:\Users\Leandro\Downloads\platform-tools>adb root
restarting adbd as root
C:\Users\Leandro\Downloads\platform-tools>adb shell "mkdir -p /data/local/userin
it.d
mkdir failed for /data/local/userinit.d/, Permission denied
What could I do to solve this?
Thank you.

Have you tried it like this
adb devices
adb shell
su
mkdir -p /data/local/userinit.d

Art Vanderlay said:
Have you tried it like this
adb devices
adb shell
su
mkdir -p /data/local/userinit.d
Click to expand...
Click to collapse
I'm trying to push TWRP and Loki flash tool via ADB but I'm getting permission denied. Do you know what I can to gain access?
It says root access when in download mode but I don't have root while OS is running. Does this mean my phone is semi rooted? What should I do now?

y300owner said:
I'm trying to push TWRP and Loki flash tool via ADB but I'm getting permission denied. Do you know what I can to gain access?
It says root access when in download mode but I don't have root while OS is running. Does this mean my phone is semi rooted? What should I do now?
Click to expand...
Click to collapse
What android version are you on?

Art Vanderlay said:
What android version are you on?
Click to expand...
Click to collapse
Was on Stock Verizon VS980_27A 4.4.2. Tried many ways. Didn't work. Stumproot.apk fixed the problem.

how to allow root for apps?

I have a nvidia shield tv with full android 6.
adb root and and adb remount is working, so I have root access on shell level.
Also I have /system/xbin/su which goes into root if I do not use "adb root".
But root for apps does not work. No app gets root access, RootChecker says "no".
I installed Superuser.apk but this did not help.
What is missing?
I see that this:
java.io.IOException: Error running exec(). Command: [su] Working Directory: null Environment: null
Caused by: java.io.IOException: Permission denied
I saw that RootChecker tells me "SELinux enforcing", is this the problem?
I do not want to download any ready-made root miracle and flash the whole device.
Since I have adb root, I can adb push everything.

Just flash su.zip and all will be fine.

I don't need SuperSU. I want to root my device i.e. that apps can execute su.
I have /system/xbin/su but it seems that apps cannot use it.

SuperSU is required to give root access to apps, even with full Android. You will need to flash the zip file from TWRP recovery.

How does SuperSU work?
As far as I understand, there is a /system/xbin/su which is called by apps wanting root access.
This su binary then starts the app to verify access. Right?

Not sure, but I think that su is just for adb and maybe system apps.

On my system I have "adb root" access. But apps do not have root access, I do not have supersu or su.

How do I adb pull root directories (like "/" or "/system"?)

Hi there, I'm trying to pull root directories like /system and /data without any luck. My purpose it to have them on my PC as a backup, and be able to browse them to pull out apps and pieces of data as necessary if it ever becomes necessary.
Device: Nexus 6P (North American version)
ROM: Stock 6.0.1 Rooted, using Wugfresh Nexus Root Toolkit and SuperSU
PC OS: Windows 7 PC (64 bit)
Adb is working properly and I can easily pull non-root directories like "/sdcard" and so on. I'd like to be able to backup the entire root directory ("/") or at least the child directories (like "/system" and "/data", etc.) Unfortunately, when I try
Code:
adb pull -p "/system" "C:\somewhere"
it skips a bunch of files, so I need to come up with a better method.
I've tried
Code:
adb root
and it tells me it's already running in root mode.
I try
Code:
adb remount
and it does this properly, but doesn't change the effects of all the commands I've tried.
When I run
Code:
adb shell
it enters shell and gives me # by default, so seemingly it is giving me su permission by default?
*** Oddly, when I enter "su" while in shell, it tells me "/sbin/sh: su: not found" which seems odd to me. I think it's possibly that SuperSU is installed as systemless root, or there's something else screwy here, so I guess I'm not sure how to proceed. Still, if that were case, why would adb already be running as root, and why would shell automatically give me the #?
Any help is appreciated!!
Thanks!

@Heisenberg I figured I'd tag you because of your extensive experience with the Nexus 6P in particular (and rooting.) Not sure if you may be able to shed some light on the issue here?