This method is similar to Chainfire's adbd Insecure, I tried Chainfire method, adb wireless didn't work for me, so I made my own, I needed to use adb wireless on some devices.
I made this adbd for my BLU Studio 5.0 C Cell phone, but I am sure it will work for other arm devices.
Anyway long story short, you need a rooted device, you push a script and an adbd file to /system/xbin then you add a line to /etc/install-recovery.sh to load the script each boot.
To install download replace_adbd.zip
extract zip place all three files on sdcard, and use rooted file manager to copy them to to their correct places, or use adb.
adb shell
mount -o rw,remount /system
adb push adbd /system/xbin/adbd
adb push adbd-Insecure /system/xbin/adbd-Insecure
adb push install-recovery.sh /system/etc/install-recovery.sh
adb shell
chmod 755 /system/xbin/adbd
chmod 755 /system/xbin/adbd-Insecure
chmod 755 /system/etc/install-recovery.sh
reboot
Or use file manager like ES File Explorer File Manager to copy files from sdcard to correct place and set permission then reboot.
https://www.androidfilehost.com/?fid=24052804347763661
#
# ADDITIONAL_DEFAULT_PROPERTIES
#
ro.secure=1
ro.allow.mock.location=0
persist.mtk.aee.aed=on
ro.debuggable=0
ro.adb.secure=1
persist.sys.usb.config=mtp,adb
persist.service.acm.enable=0
ro.mount.fs=EXT4
ro.persist.partition.support=no
[email protected] STUDIO 5.0 C:/ #
credits
@carliv for CarlivScreenshot
http://forum.xda-developers.com/android/development/tool-carlivscreenshot-screenshots-t3075992
@Chainfire for the ideal of making adbd insecure
http://forum.xda-developers.com/showthread.php?t=1687590
Download link didn't sync correctly, file was corrupt first link, I have now changed the link, this one should now work correctly.
Thanks, I will test on my device and report back. I've always wanted some manual way instead of using the app.
@vampirefo
Is it possible to integrate in your batch the latest version of adbd demon get from adb insecuere 2.0.apk?
Is it possible to check the adbd version? How to?
Is it possible to create a dos batch with all need commands via adb commands? Like
adb shell mount -o rw,remount /system
adb push adbd /system/xbin/adbd
adb push adbd-Insecure /system/xbin/adbd-Insecure
adb shell cp /system/etc/install-recovery.sh /system/etc/install-recovery.sh.old
adb push install-recovery.sh /system/etc/install-recovery.sh
adb shell chmod 755 /system/xbin/adbd
adb shell chmod 755 /system/xbin/adbd-Insecure
adb shell chmod 755 /system/etc/install-recovery.sh
adb reboot
Thanks.
bovirus said:
@vampirefo
Is it possible to integrate in your batch the latest version of adbd demon get from adb insecuere 2.0.apk?
Is it possible to check the adbd version? How to?
Is it possible to create a dos batch with all need commands via adb commands? Like
adb shell mount -o rw,remount /system
adb push adbd /system/xbin/adbd
adb push adbd-Insecure /system/xbin/adbd-Insecure
adb shell cp /system/etc/install-recovery.sh /system/etc/install-recovery.sh.old
adb push install-recovery.sh /system/etc/install-recovery.sh
adb shell chmod 755 /system/xbin/adbd
adb shell chmod 755 /system/xbin/adbd-Insecure
adb shell chmod 755 /system/etc/install-recovery.sh
adb reboot
Thanks.
Click to expand...
Click to collapse
Yes, one can use the adbd binary from adb insecure 2.0.apk.
There isn't any version number to check, we both just build the adbd binary from source, mine was built from CM 12.1 source, not sure about chainfire's.
Chainfire's may have used AOSP source.
Yes one can create a Windows batch file, to execute the adb commands, or create a flashable zip, provided the devices has a custom recovery.
Sent from my Venue 8 3830 using Tapatalk
Related
adb devices
adb push asroot2 /data/local
adb shell chmood 0755 /data/local/asroot2
adb shell
$ /data/local/asroot /system/bin/sh
$ mount -o remount,rw -t yaffs2 /dev/block/mtdblock /system (or is it -zero)
$ cd /system/bin
$cat sh > su
$ chmod 4775 su (or 4755?)
$exit
adb push recovery-RA-heroc-v1.2.3.img
adb shell
$ su
# flash_image recovery recovery-RA-heroc-v1.2.3.img
then boot to recovery by typing: reboot recovery while pressing volume down and the when it boots to screen press home?
is this how to do it? help please
Code:
adb devices
adb push asroot2 /data/local
adb push recovery-RA-heroc-v1.2.3.img /data/local
adb shell
Code:
chmod 0755 /data/local/asroot2
/data/local/asroot2 /system/bin/sh
mount -o remount,rw -t yaffs2 /dev/block/mtdblock /system
cd /system/bin
cat sh > su
chmod 4755 su
flash_image recovery /data/local/recovery-RA-heroc-v1.2.3.img
reboot recovery
corrected some stuff for ya make sure asroot2 and recovery-RA-heroc-v1.2.3.img is in same directory as adb.exe
and that's good to go
UPDATE: no longer requires a sd card to root + recovery image + made copy/pasteable
fullgrown said:
adb devices
adb push asroot2 /data/local
adb shell chmood 0755 /data/local/asroot2
adb shell
$ /data/local/asroot /system/bin/sh
$ mount -o remount,rw -t yaffs2 /dev/block/mtdblock /system (or is it -zero)
$ cd /system/bin
$cat sh > su
$ chmod 4775 su (or 4755?)
$exit
adb push recovery-RA-heroc-v1.2.3.img
adb shell
$ su
# flash_image recovery recovery-RA-heroc-v1.2.3.img
then boot to recovery by typing: reboot recovery while pressing volume down and the when it boots to screen press home?
is this how to do it? help please
Click to expand...
Click to collapse
Up to the exit is the rooting part, yes. After that you can shell in and type "su" and have root access.
The rest of it is installing a custom recovery image.
thank you!!! now i'm rooted!!!
I have upgraded from 309 to 318.......wanting to root it using z4root and universal androot but both apps dont work for this 318 version.....
does anyone have any clues to what i can do? please advise, thanks
Please Do Not Post the Same Question in 2 Forums i will Lock this one as i have answered the other one
Quoted from fards' thread: http://forum.xda-developers.com/showthread.php?t=844966&highlight=rageagainstthecage
Been rooting this way since day 1 -- if you aren't the type in command prompt, you can also just copy and paste the command lines exactly~
GET ECLAIR/FROYO version of Superuser.apk and su
from http://forum.xda-developers.com/showthread.php?t=682828 extract the two files to the directory you're working from..
GET rageagainstthecage from
http://stealth.openwall.net/xSports/RageAgainstTheCage.tgz
extract the rageagainstthecage-arm5.bin to the same directory you're working from
open a terminal/command line
adb push rageagainstthecage-arm5.bin /data/local/tmp/rageagainstthecage
adb push Superuser.apk /data/local/tmp/Superuser.apk
adb push su /data/local/tmp/su
adb push busybox /data/local/tmp/busybox
adb shell chmod 700 /data/local/tmp/rageagainstthecage
adb shell chmod 700 /data/local/tmp/busybox
adb shell
cd /data/local/tmp
./rageagainstthecage
******this will kill adb server but manually kill it anyway and restart it ******
adb kill-server
adb start-server
* daemon not running. starting it now *
* daemon started successfully *
adb shell
mount -o remount,rw -t yaffs2 /dev/block/mtdblock6 /system
**********Follow the following steps to install Superuser.apk, busybox,su ****************
cd /data/local/tmp
./busybox cp busybox /system/bin/
chmod 4755 /system/bin/busybox
busybox cp Superuser.apk /system/app/
busybox cp su /system/bin/
chmod 4755 /system/bin/su
exit
exit
then reboot streak
************to remount filesystem as readonly,*************
adb shell
# su
su
#mount -o remount,ro -t yaffs2 /dev/block/mtdblock6 /system
# exit
exit
Click to expand...
Click to collapse
Hi,
a pin of my USB connector is broken so I cannot get a USB data connection to a PC (but charging still works ...).
How can I root the official 318 build of froyo ? More specifically, in the new build, there doesn't seem to be any mounted filesystem on which one can copy RATC to run it.
Any hint welcome.
Have you already tried superoneclick, androot, or z4root? If so, then maybe try the below.
I don't know if this will work but you can try fard's instructions to root manually and use "Terminal Emulator" from Market instead of ADB SHELL, but i don't know what will happen when you run rageinthecage~ You will need to change the instruction a bit for your case.
http://forum.xda-developers.com/showthread.php?t=844966&highlight=rageagainstthecage
Instructions:
1. Copy all the needed files (from fards thread) into the SDCARD.
2. run Terminal Emulator
3. cd /sdcard/
4. busybox cp rageagainstthecage-arm5.bin /data/local/tmp/rageagainstthecage
5. busybox cp Superuser.apk /data/local/tmp/Superuser.apk
6. busybox cp su /data/local/tmp/su
7. busybox cp busybox /data/local/tmp/busybox
8. chmod 700 /data/local/tmp/rageagainstthecage
9. chmod 700 /data/local/tmp/busybox
10. cd /data/local/tmp
11. ./rageagainstthecage
12. Reset Terminal
13. Start Terminal Emulator again
14. mount -o remount,rw -t yaffs2 /dev/block/mtdblock6 /system
15. follow the rest of the instructions below "mount -o remount,rw -t yaffs2 /dev/block/mtdblock6 /system "
In case you can't find it in the thread, here is the original post by fards:
GET ECLAIR/FROYO version of Superuser.apk and su
from http://forum.xda-developers.com/showthread.php?t=682828 extract the two files to the directory you're working from..
GET rageagainstthecage from
http://stealth.openwall.net/xSports/RageAgainstTheCage.tgz
extract the rageagainstthecage-arm5.bin to the same directory you're working from
open a terminal/command line
adb push rageagainstthecage-arm5.bin /data/local/tmp/rageagainstthecage
adb push Superuser.apk /data/local/tmp/Superuser.apk
adb push su /data/local/tmp/su
adb push busybox /data/local/tmp/busybox
adb shell chmod 700 /data/local/tmp/rageagainstthecage
adb shell chmod 700 /data/local/tmp/busybox
adb shell
cd /data/local/tmp
./rageagainstthecage
******this will kill adb server but manually kill it anyway and restart it ******
adb kill-server
adb start-server
* daemon not running. starting it now *
* daemon started successfully *
adb shell
mount -o remount,rw -t yaffs2 /dev/block/mtdblock6 /system
**********Follow the following steps to install Superuser.apk, busybox,su ****************
cd /data/local/tmp
./busybox cp busybox /system/bin/
chmod 4755 /system/bin/busybox
busybox cp Superuser.apk /system/app/
busybox cp su /system/bin/
chmod 4755 /system/bin/su
exit
exit
then reboot streak
************to remount filesystem as readonly,*************
adb shell
# su
su
#mount -o remount,ro -t yaffs2 /dev/block/mtdblock6 /system
# exit
exit
Click to expand...
Click to collapse
Well...
yes, I have tried all that.
The main problem with the last option (i.e. CLI) is that the directory /data/local/tmp/ is not user writable (actually /data permissions are 751). So I was in search of a another directory (in an executable partition) where I can copy rageagainstthecage-arm5.bin.
Finally found it : "find" was my friend. /firstboot/sqlite/jackpal.androidterm/ is owned by my user (ID 10123)! It's the only one I found in all the filesystems!
Note that "find" is available through /system/bin/busybox_1P8P1. Btw /firstboot/sqlite/jackpal.androidterm/ seems to be linked to the terminal process.
Ran rageagainstthecage-arm5.bin various times to no avail ! It didn't give me root!
So I posted a question yesterday to see if anyone could instruct me on how to root my phone using a MAC, no PC AT ALL. And then install CWM w/o having to use ODIN, b/c I do not have a PC. Well after some researching on my own I found out how and here is how I did it.
To root: Follow this thread (it requires using adb commands)
http://forum.androidcentral.com/ver...s/34188-rooting-using-mac-video-tutorial.html
To install CWM reference this thread, but here are the steps. You must download and install ROM Manager from market and also download zimage file. This also requires adb commands.
http://forum.xda-developers.com/showthread.php?t=804248
Copy zImage to the root folder of your SD Card
Open Terminal
$ cd (path to android sdk)/tools
$ ./adb push (path to redbend_ua)/redbend_ua /data/local
$ ./adb shell
$ cd /data/local/tmp
$ chmod 0755 rage.bin
$ ./rage.bin
(username)$ ./adb shell
# mount -t rfs -o remount,rw /dev/block/stl9 /system
# cd /data/local
# chmod 755 redbend_ua
# ./redbend_ua restore /sdcard/zImage /dev/block/bml7
--Phone Reboots--
$ ./adb shell
$ su
# cd /data/local
# ./redbend_ua restore /sdcard/zImage /dev/block/bml8
I know this is vague, but if you know what you are doing and reference the threads you should have no problem. Let me know if you have any questions.
Maybe I'm the only one but this is the method I prefer to use to root my phone. I'm not always sure which OS I'll be working with when I have to do this and this one works on all of them as long as you have the Android SDK.
Put the files into your platform-tools folder to make them easy to find.
Not sure if I need this but I'm not responsible for bricks or any other complication, etc, etc.
adb push psneuter /data/local/tmp
adb push bin/su /data/local/tmp
adb shell chmod 6755 /data/local/tmp/psneuter
$ ./data/local/tmp/psneuter
adb shell
# mount -o rw, remount /dev/block/mmcblk0p12 /system
# rm /data/local/tmp/su /system/bin/su
#chmod 6755 /system/bin/su
exit
really? psneuter only works for 1.26 froyo
I used this method on 1.83 when I first got the phone. Might need to look back into this. Someone asked about this method so I posted it.
Sent from my MB860 using XDA Premium App