Related
So I got this phone a while back and I want to get rid of bloatware on it so I was going to use Titanium Backup, trouble is you need root(obviously).
I don't have much experience rooting as I've only ever rooted an Xperia E, and I only used a downloaded application on my laptop to do the work for me.
Help would be much appreciated, I will leave possibly useful info below.
Android Version : 5.1.1
Model Number : SM-G361F
Android Security Patch Level : 2016-02-01
Baseband Version : G361FXXU1APC2
Kernel Version : 3.14.27.-986474 [email protected] #1
SE for Android Status : Enforcing SEPF_SM-G361F_5.1.1_0045
Thank you and goodbye!
Hey,
Check for a pre-rooted firmware for your version available on XDA then flash it using Odin.
There are lot of tutorials to root this model over there.
brbninjaa said:
So I got this phone a while back and I want to get rid of bloatware on it so I was going to use Titanium Backup, trouble is you need root(obviously).
I don't have much experience rooting as I've only ever rooted an Xperia E, and I only used a downloaded application on my laptop to do the work for me.
Help would be much appreciated, I will leave possibly useful info below.
Android Version : 5.1.1
Model Number : SM-G361F
Android Security Patch Level : 2016-02-01
Baseband Version : G361FXXU1APC2
Kernel Version : 3.14.27.-986474 [email protected] #1
SE for Android Status : Enforcing SEPF_SM-G361F_5.1.1_0045
Thank you and goodbye!
Click to expand...
Click to collapse
Wait, you want to remove JUST bloatware?
Root can do much more than that and many guides use root and a custom recovery. But, as Atronid suggested, you can download and flash pre-rooted firmware for the device, but (ironically), to get rid of the bloat, you use the firmware, but the firmware usually comes with MORE bloat, so it's just plain stupid!
Also, I have had a major issue with this particular firmware in which the device overheats and soft-reboots constantly... I checked if it was anything else, but after switching back to stock, the issue stopped.
I am not condoning this method, it's just that I'd advise you to be careful with the overheating. It may not be an issue for you, I don't know. But here is the one I used for a bit:
https://forum.xda-developers.com/ga...re-rooted-firmwares-samsung-sm-g361f-t3207432
OR, there is another method which only works if you have a custom recovery and are ready to ditch Google.
You COULD install a custom recovery for your device and flash a SuperSU ZIP file. People may shout ''Doesn't work! He's lying! Blah! Blah! Blah!''
Well, I own the exact same phone as you and I know that method works.
But, for most things, you'll need a custom recovery anyway. It adds so much more to your device that allows you to unlock it's potential. HOWEVER, unless you are confident in Odin and how things work on a device, I'd slightly recommend that you avoid a custom recovery for now if you don't have much experience with Odin and flashing images.
BUT, if you can flash the pre-rooted firmware okay, you should be able to install a custom recovery fine.
You know what? If you want to know how, you can either PM me asking for instructions or search around the forums for a method.
MelonChickens said:
Wait, you want to remove JUST bloatware?
Root can do much more than that and many guides use root and a custom recovery. But, as Atronid suggested, you can download and flash pre-rooted firmware for the device, but (ironically), to get rid of the bloat, you use the firmware, but the firmware usually comes with MORE bloat, so it's just plain stupid!
Also, I have had a major issue with this particular firmware in which the device overheats and soft-reboots constantly... I checked if it was anything else, but after switching back to stock, the issue stopped.
I am not condoning this method, it's just that I'd advise you to be careful with the overheating. It may not be an issue for you, I don't know. But here is the one I used for a bit:
https://forum.xda-developers.com/ga...re-rooted-firmwares-samsung-sm-g361f-t3207432
OR, there is another method which only works if you have a custom recovery and are ready to ditch Google.
You COULD install a custom recovery for your device and flash a SuperSU ZIP file. People may shout ''Doesn't work! He's lying! Blah! Blah! Blah!''
Well, I own the exact same phone as you and I know that method works.
But, for most things, you'll need a custom recovery anyway. It adds so much more to your device that allows you to unlock it's potential. HOWEVER, unless you are confident in Odin and how things work on a device, I'd slightly recommend that you avoid a custom recovery for now if you don't have much experience with Odin and flashing images.
BUT, if you can flash the pre-rooted firmware okay, you should be able to install a custom recovery fine.
You know what? If you want to know how, you can either PM me asking for instructions or search around the forums for a method.
Click to expand...
Click to collapse
I have also tried (and disliked) one of those pre-rooted firmwares; it is a pity that all there is available for this device are a couple of outdated and bloated versions. I even tried to build my own firmware, but failed to create anything bootable (fortunately, I managed to not brick my device).
Then I tried the TWRP route: following a couple of guides I found here, I managed to install it, and use it to install the latest SuperSU .zip file. TWRP reported no errors, and everything seemed correct, but when the device boots there is no trace of any rooting: no SuperSU app, no "su" binary, no nothing at all...
Thus, if you could post here how you managed to make this work, I would be very grateful.
Well I own actually an outdated but fully working firmware and this got no bloats. I will re-upload it soon and give the link here.
This is not to get likes or thing like this but because I am sick of this **** to mess around with firmwares and integrate bloatwares (and spywares, everything is possible...)
Atronid said:
Well I own actually an outdated but fully working firmware and this got no bloats. I will re-upload it soon and give the link here.
This is not to get likes or thing like this but because I am sick of this **** to mess around with firmwares and integrate bloatwares (and spywares, everything is possible...)
Click to expand...
Click to collapse
Right on.
eduardo.perezesteban said:
I have also tried (and disliked) one of those pre-rooted firmwares; it is a pity that all there is available for this device are a couple of outdated and bloated versions. I even tried to build my own firmware, but failed to create anything bootable (fortunately, I managed to not brick my device).
Then I tried the TWRP route: following a couple of guides I found here, I managed to install it, and use it to install the latest SuperSU .zip file. TWRP reported no errors, and everything seemed correct, but when the device boots there is no trace of any rooting: no SuperSU app, no "su" binary, no nothing at all...
Thus, if you could post here how you managed to make this work, I would be very grateful.
Click to expand...
Click to collapse
Well, first I installed TWRP 3.0.2.0 also using the guide somewhere in the forums, then I downloaded SuperSU 2.46 .zip from the Chainfire website and flashed it using TWRP.
If the SuperSU .zip file didn't work for you, then try CF-Autoroot, whatever that is. I don't know because I have not tried it on my phone. I believe that it finds exploits and uses them somehow?
Anyway, did you flash the ZIP without extracting it? I don't see how it can't work, really. Call me stupid, but I don't know why that happened.
Anyways, good luck to all, for I am not active on these forums nowadays (as much)
MelonChickens said:
Well, first I installed TWRP 3.0.2.0 also using the guide somewhere in the forums, then I downloaded SuperSU 2.46 .zip from the Chainfire website and flashed it using TWRP.
If the SuperSU .zip file didn't work for you, then try CF-Autoroot, whatever that is. I don't know because I have not tried it on my phone. I believe that it finds exploits and uses them somehow?
Anyway, did you flash the ZIP without extracting it? I don't see how it can't work, really. Call me stupid, but I don't know why that happened.
Anyways, good luck to all, for I am not active on these forums nowadays (as much)
Click to expand...
Click to collapse
Same TWRP version, same SuperSU version, did not extract the ZIP file. It took me several attempts, but I finally managed to install TWRP and "install" SuperSU without errors. I do not doubt it worked for you, perhaps my base ROM is different, and has some type of protection that deletes any "su" file.
Will have a look to CF-Autoroot, thanks for the tip!
---------- Post added at 08:46 PM ---------- Previous post was at 08:39 PM ----------
CF-Autoroot website looked very promising, I could select a recent ROM and configure it, but the build process produced an error:
Code:
Current status: ERROR
Estimated wait: NOT APPLICABLE
Will keep investigating.
Atronid said:
Well I own actually an outdated but fully working firmware and this got no bloats. I will re-upload it soon and give the link here.
This is not to get likes or thing like this but because I am sick of this **** to mess around with firmwares and integrate bloatwares (and spywares, everything is possible...)
Click to expand...
Click to collapse
As promised I re-uploaded the original version (without bloats) of the firmware. Check this: https://forum.xda-developers.com/ga...odified-pre-rooted-firmware-sm-g361f-t3693589
MelonChickens said:
Wait, you want to remove JUST bloatware?
Root can do much more than that and many guides use root and a custom recovery. But, as Atronid suggested, you can download and flash pre-rooted firmware for the device, but (ironically), to get rid of the bloat, you use the firmware, but the firmware usually comes with MORE bloat, so it's just plain stupid!
Also, I have had a major issue with this particular firmware in which the device overheats and soft-reboots constantly... I checked if it was anything else, but after switching back to stock, the issue stopped.
I am not condoning this method, it's just that I'd advise you to be careful with the overheating. It may not be an issue for you, I don't know. But here is the one I used for a bit:
https://forum.xda-developers.com/ga...re-rooted-firmwares-samsung-sm-g361f-t3207432
OR, there is another method which only works if you have a custom recovery and are ready to ditch Google.
You COULD install a custom recovery for your device and flash a SuperSU ZIP file. People may shout ''Doesn't work! He's lying! Blah! Blah! Blah!''
Well, I own the exact same phone as you and I know that method works.
But, for most things, you'll need a custom recovery anyway. It adds so much more to your device that allows you to unlock it's potential. HOWEVER, unless you are confident in Odin and how things work on a device, I'd slightly recommend that you avoid a custom recovery for now if you don't have much experience with Odin and flashing images.
BUT, if you can flash the pre-rooted firmware okay, you should be able to install a custom recovery fine.
You know what? If you want to know how, you can either PM me asking for instructions or search around the forums for a method.
Click to expand...
Click to collapse
I flashed that same firmware before and I had the same issues. Had to download my original firmware from some site with terrible download speeds, took forever. Nice to know you found an alternative and I'm sure I would find more cool things to do with root.
brbninjaa said:
I flashed that same firmware before and I had the same issues. Had to download my original firmware from some site with terrible download speeds, took forever. Nice to know you found an alternative and I'm sure I would find more cool things to do with root.
Click to expand...
Click to collapse
So, just wondering, but I like to wrap things neatly;
Have you managed to root your device or are you still trying?
brbninjaa said:
So I got this phone a while back and I want to get rid of bloatware on it so I was going to use Titanium Backup, trouble is you need root(obviously).
I don't have much experience rooting as I've only ever rooted an Xperia E, and I only used a downloaded application on my laptop to do the work for me.
Help would be much appreciated, I will leave possibly useful info below.
Android Version : 5.1.1
Model Number : SM-G361F
Android Security Patch Level : 2016-02-01
Baseband Version : G361FXXU1APC2
Kernel Version : 3.14.27.-986474 [email protected] #1
SE for Android Status : Enforcing SEPF_SM-G361F_5.1.1_0045
Thank you and goodbye!
Click to expand...
Click to collapse
I just need the root because I have to retrieve attachments whatsapp that I deleted by mistake on the internal memory. as the software with which I should recover (dr fone) fails to do the root.
So I've had my S7 Edge for about a month now. Great stuff it is, but I honestly do find it a bit lacking compared to my S6 Edge. You can tell the difference between the Exynos7420 and MSM8996 right away with its responsiveness.
But I've updated my vzw S7 to the G935UUEU4BQD2 Nougat firmware. And I've used the ENG Kernel posted by @jrkruse to root my device no problems at all. Although I've figured out a few tweaks that should be added to your Rooting Batch Scripts. These tweaks include which packages to disable in order to prevent random reboots with the ENG Kernel, and CSC tweaks to fix the UI.
I have some questions & observations I'd really appreciate clarification on though, before I get to work on making some real mods.
****
1.) It is very interesting that my device is/was an SM-G935V, but I've flashed the full G935U firmware and the AT&T ENG Nougat Kernel using ODIN 3.12.5 without a hitch.
1A.) The "ENG-ROOT-USA.zip" for S7e Nougat, is an ENG build of Our Stock Kernel/RAMDisk with this in its "default.prop":
Code:
*#
# BOOTIMAGE_BUILD_PROPERTIES
#
ro.bootimage.build.date=Tue Jan 31 15:03:01 KST 2017
ro.bootimage.build.date.utc=1485842581
ro.bootimage.build.fingerprint=samsung/hero2qlteuc/hero2qlteatt:7.0/NRD90M/G935AUCE4BQA6:eng/test-keys
Do those boot.img properties really say our ENG Kernel is actually just signed with the Android 7.0 Test Keys? Aren't those supposed to be publicly available? Can't we then use them with the aosp signbootimg utility? Carliv's image kitchen says that the ENG Kernel uses an aosp format ramdisk.
I mean, That means our G935V and/or the G935U firmware will accept firmware from any of the carriers. So why couldn't we flash the Canadian W8 Bootloader overtop of the U firmware?* Or is there something I'm missing there?
3.) I've always thought that AT&T and Verizon firmware don't mix. But the G935U Modem carries all the U.S. bands already. Technically my AP is that of Sprint. But my kernel/boot.img is that of AT&T. And my device is originally that of Verizon.
So I ask good sirs & madams, what gives?
4.) I bring up point number 3 because I couldn't Willy Nilly just flash firmware cross carrier on my AT&T Note 5 or My Verizon S6 Edge. So apparently there IS an Obvious difference between the G925 and G935 device platforms in the United States. Then again, I've been without a carrier contract/plan since December. I've only used my devices as Wi-Fi Devices for months and haven't had to worry about GSM/CDMA network services since then. If my device boots, it boots. Go me!
I prefer to have the hardware rooted anyways. It saves me from going and buying a whole laptop for the same price as my mobile phone, when the two sets of hardware are comparable in most ways.
5.) My CSC code is XAS regardless if I flash the HOME CSC or the OYM CSC. I think because I don't have a SIM Card present in the device. When I try to update through Samsung SmartSwitch PC, is tries to download and install the firmware updates for the XAS CSC.
Delgoth said:
So I've had my S7 Edge for about a month now. Great stuff it is, but I honestly do find it a bit lacking compared to my S6 Edge. You can tell the difference between the Exynos7420 and MSM8996 right away with its responsiveness.
But I've updated my vzw S7 to the G935UUEU4BQD2 Nougat firmware. And I've used the ENG Kernel posted by @jrkruse to root my device no problems at all. Although I've figured out a few tweaks that should be added to your Rooting Batch Scripts. These tweaks include which packages to disable in order to prevent random reboots with the ENG Kernel, and CSC tweaks to fix the UI.
I have some questions & observations I'd really appreciate clarification on though, before I get to work on making some real mods.
****
1.) It is very interesting that my device is/was an SM-G935V, but I've flashed the full G935U firmware and the AT&T ENG Nougat Kernel using ODIN 3.12.5 without a hitch.
1A.) The "ENG-ROOT-USA.zip" for S7e Nougat, is an ENG build of Our Stock Kernel/RAMDisk with this in its "default.prop":
Code:
*#
# BOOTIMAGE_BUILD_PROPERTIES
#
ro.bootimage.build.date=Tue Jan 31 15:03:01 KST 2017
ro.bootimage.build.date.utc=1485842581
ro.bootimage.build.fingerprint=samsung/hero2qlteuc/hero2qlteatt:7.0/NRD90M/G935AUCE4BQA6:eng/test-keys
Do those boot.img properties really say our ENG Kernel is actually just signed with the Android 7.0 Test Keys? Aren't those supposed to be publicly available? Can't we then use them with the aosp signbootimg utility? Carliv's image kitchen says that the ENG Kernel uses an aosp format ramdisk.
I mean, That means our G935V and/or the G935U firmware will accept firmware from any of the carriers. So why couldn't we flash the Canadian W8 Bootloader overtop of the U firmware?* Or is there something I'm missing there?
3.) I've always thought that AT&T and Verizon firmware don't mix. But the G935U Modem carries all the U.S. bands already. Technically my AP is that of Sprint. But my kernel/boot.img is that of AT&T. And my device is originally that of Verizon.
So I ask good sirs & madams, what gives?
4.) I bring up point number 3 because I couldn't Willy Nilly just flash firmware cross carrier on my AT&T Note 5 or My Verizon S6 Edge. So apparently there IS an Obvious difference between the G925 and G935 device platforms in the United States. Then again, I've been without a carrier contract/plan since December. I've only used my devices as Wi-Fi Devices for months and haven't had to worry about GSM/CDMA network services since then. If my device boots, it boots. Go me!
I prefer to have the hardware rooted anyways. It saves me from going and buying a whole laptop for the same price as my mobile phone, when the two sets of hardware are comparable in most ways.
5.) My CSC code is XAS regardless if I flash the HOME CSC or the OYM CSC. I think because I don't have a SIM Card present in the device. When I try to update through Samsung SmartSwitch PC, is tries to download and install the firmware updates for the XAS CSC.
Click to expand...
Click to collapse
To answer your first question. You didnt look hard enough at the build properties of the engboot.img. If you notice adb secure=0 this means adb is insecure meaning we can mount the system and data partitions which allows us too push files.
Why do we use an ATT engboot.img? Because its all we have
To answer your other question, you can flash any carrier firmware on your S7 as all carrier phones are the same other than them being carrier locked which verizon is not.
Your csc on Ufirm will not change until a carrier sim is inserted. Thats the only way it knows what csc to install the default csc is XAS so with no sim thats what you get. If you want different on flash csc file only from the carriers firmware you want your csc to be
My real question about the ENG Kernel was if it is actually signed with the Google test keys for the Android 7.0 platform or not. Or are those private AT&T only test keys?
Because if it is signed with Google's keys and the device accepts it, doesn't that mean we can sign kernels with the same keys and get it to flash.
I understand why we are able to have ADB Root.
Delgoth said:
My real question about the ENG Kernel was if it is actually signed with the Google test keys for the Android 7.0 platform or not. Or are those private AT&T only test keys?
Because if it is signed with Google's keys and the device accepts it, doesn't that mean we can sign kernels with the same keys and get it to flash.
I understand why we are able to have ADB Root.
Click to expand...
Click to collapse
It's a Samsung signature not Google. If you can figure out how to sign a custom kernel with a Samsung signature then you would probably be a pretty popular guy
Well I was able to find what I believe to be the Verizon Test Keys for 6.0.1 (the .pem & .pk8) back around new years. But I honestly forget what all I can do with those files. I know MM doesn't help for the N firmware. But it's a start. I've been trying to read up on the related topics, but I won't have internet for a couple more weeks.
Do any of the S7 Edge variants have the Maintenance boot mode present in the G925V?
It may be possible to customize the AOSP 'signbootimg' utility in the same ways people like @osm0sis or Cyanogen modify the AOSP 'mkbootimg' & 'unpackbootimg' utilities to help. I mean Samsung must have already done the same thing.
Delgoth said:
Well I was able to find what I believe to be the Verizon Test Keys for 6.0.1 (the .pem & .pk8) back around new years. But I honestly forget what all I can do with those files. I know MM doesn't help for the N firmware. But it's a start. I've been trying to read up on the related topics, but I won't have internet for a couple more weeks.
Do any of the S7 Edge variants have the Maintenance boot mode present in the G925V?
It may be possible to customize the AOSP 'signbootimg' utility in the same ways people like @osm0sis or Cyanogen modify the AOSP 'mkbootimg' & 'unpackbootimg' utilities to help. I mean Samsung must have already done the same thing.
Click to expand...
Click to collapse
There is no "signbootimg" that I know of, only recently with BootSignature.jar for the May Pixel bootloader, and Xiaomi has been using it as well. There's also a newer avbtool from Brillo AOSP but we're not seeing that one in the wild yet.
Other than that there are a few reverse-engineered signing methods like Bump and SignBlob, but as far as I know all Samsung has really had going on is that SEANDROIDENFORCE string to avoid the bootloader message.
osm0sis said:
There is no "signbootimg" that I know of, only recently with BootSignature.jar for the May Pixel bootloader, and Xiaomi has been using it as well. There's also a newer avbtool from Brillo AOSP but we're not seeing that one in the wild yet.
Other than that there are a few reverse-engineered signing methods like Bump and SignBlob, but as far as I know all Samsung has really had going on is that SEANDROIDENFORCE string to avoid the bootloader message.
Click to expand...
Click to collapse
Well then I'm going to have to go back through some bookmarks, in order to find out where I read that. Because AT one point I read an article about how to use the utility to sign a boot.img using the .pem and .pk8 files.
Delgoth said:
Well then I'm going to have to go back through some bookmarks, in order to find out where I read that. Because AT one point I read an article about how to use the utility to sign a boot.img using the .pem and .pk8 files.
Click to expand...
Click to collapse
You must be thinking about kernel flashing zips? SignApk.jar uses .pk8 and .x509.pem to sign flashable zips and APKs. That's what vendors use for OTA zips.
Google's stock recoveries are always locked to their corporate keys, but often other OEMs' stock recoveries will accept the standard testkeys, which is why Chainfire signs SuperSU's zip with them.
osm0sis said:
You must be thinking about kernel flashing zips? SignApk.jar uses .pk8 and .x509.pem to sign flashable zips and APKs. That's what vendors use for OTA zips.
Google's stock recoveries are always locked to their corporate keys, but often other OEMs' stock recoveries will accept the standard testkeys, which is why Chainfire signs SuperSU's zip with them.
Click to expand...
Click to collapse
A boot.img is the Kernel right? Isn't that why when you unpack the boot.img you get the kernel ram disk and the initial kernel addresses.
So I would say you are correct, that I am talking about signing a kernel zip in a way.
In chainfire's thread about Android Verified Boot, he talks about what I'm talking about I believe.
Our S7 Edge has a keystore.mbn file which Is new to me as is the Snapdragon. But it's also said that the recovery.img houses the otacerts the device/dm-verity uses to authenticate.
In the case of locked bootloader devices, they don't use standard Google keys, but they use their own private carrier keys. As well as Samsung Factory Keys, which is why Combination Firmware files can be flashed on a locked BL no problem.
But unless they've come up with an entirely closed source addition to Android, I would venture to say Samsung spent some time customizing AVB/SecureBoot & bootimg.h the same way they did to The ART runtime to change the signature structure. More so than trying to reinvent the wheel that stock aosp provides.
I know I say that like it's simpler than it really is. But I still feel like there is a way. What seems impossible now, I don't forsee being as big of a problem in the nearish future.
Please supply a boot.img and I'll tell you if it's AVB or something else. A number of vendors have their own closed signing methods, unfortunately.
Edit: I found the engineering kernels you mentioned from @jrkruse's thread. Definitely not AVB. Definitely something proprietary. Kind of like the Samsung/Marvell pxa1088 board signatures described here (specifically the Xcover 3), except those weren't being enforced.
I'm at work right now. I'll give them a closer look when I'm home, but if just re-appending the signature doesn't work then you're likely out of luck.
osm0sis said:
Please supply a boot.img and I'll tell you if it's AVB or something else. A number of vendors have their own closed signing methods, unfortunately.
Edit: I found the engineering kernels you mentioned from @jrkruse's thread. Definitely not AVB. Definitely something proprietary. Kind of like the Samsung/Marvell pxa1088 board signatures described here (specifically the Xcover 3), except those weren't being enforced.
I'm at work right now. I'll give them a closer look when I'm home, but if just re-appending the signature doesn't work then you're likely out of luck.
Click to expand...
Click to collapse
Cool beans! I looked over that first post, and it may actually help me do what I was thinking. The header format they list for those devices looks pretty similar to how the PIT file repartitions the Emmc with ODIN. So with tools like gdisk and the like, I feel it shouldn't be too hard to put 2 and 2 together.
Gotta read that thread some more first. Seems like I was headed in the right direction though.
Maybe I can also find some more information in the Z3X support forums for the Connie Board and safety net stuff to help with the boot image headers.
Delgoth said:
Cool beans! I looked over that first post, and it may actually help me do what I was thinking. The header format they list for those devices looks pretty similar to how the PIT file repartitions the Emmc with ODIN. So with tools like gdisk and the like, I feel it shouldn't be too hard to put 2 and 2 together.
Gotta read that thread some more first. Seems like I was headed in the right direction though.
Maybe I can also find some more information in the Z3X support forums for the Connie Board and safety net stuff to help with the boot image headers.
Click to expand...
Click to collapse
That signature on those engineering images is SEANDROIDENFORCE + 256 bytes just like the Xcover 3. Difference is the header is normal AOSP instead of Marvell/Samsung's crazy version. I'm guessing that reappending the signature doesn't make it valid, but that should be your first test before going any further.
My Android Image Kitchen will do everything but add the signature back on. Do a repack with no changes and add the signature back on with a hex editor to see if it'll boot.
osm0sis said:
That signature on those engineering images is SEANDROIDENFORCE + 256 bytes just like the Xcover 3. Difference is the header is normal AOSP instead of Marvell/Samsung's crazy version. I'm guessing that reappending the signature doesn't make it valid, but that should be your first test before going any further.
My Android Image Kitchen will do everything but add the signature back on. Do a repack with no changes and add the signature back on with a hex editor to see if it'll boot.
Click to expand...
Click to collapse
Thank you for this. I've been moving my house this week, and I'm getting my internet back today. Woop woop. I've been wanting to dive into the topic of signatures for like a month now at least.
I'll see what I can dig up.
As some of you may know, jrkruse has a rom out for the phone, that allows the system to be modified to an extent without tripping knox and such. Can we possibly install the Crom Service apk as a system app, and unlock the bootloader that way? Won't it have all necessary permissions to unlock it?
CyanideHD said:
As some of you may know, jrkruse has a rom out for the phone, that allows the system to be modified to an extent without tripping knox and such. Can we possibly install the Crom Service apk as a system app, and unlock the bootloader that way? Won't it have all necessary permissions to unlock it?
Click to expand...
Click to collapse
I forget where I read on XDA, that the Crom Service APK talks to servers in China in order to send and receive the unlock instructions.
ConsIdering the APP is a first party Samsung Application, I wonder how exactly it goes about turning off the signature verification. Unless the Crom APK actually downloads an unlocked bootloader and flashes it directly to the device itself.
The signatures are stored in the footer of the images. At least in the System Image anyways. Because the fstab file specifically says to mount the system partition with an encryptable footer. That is how ODIN checks if what you are flashing matches the device binary revision.
Using a rooted device on newer builds, or the greyhat root console on older builds, we can pull the stock recovery and find the keystore. Which houses all the signatures the device will accept.
But yes, technically if you can get the APK to load without a Force Close, it should have the needed permissions. It was built using the Knox/Galaxy SDK's.
Hi, first, I am pretty new to rooting, yet I have done similar things on other devices. Second, here is the info on my android phone:
Samsung galaxy S5 model SM-G900V
Android Version 6.0.1
EMMC: 11xx...
it is a verizon phone so I'm pretty sure the bootloader is locked, and the latest towelroot throws the "this phone isn't currently supported" error on any of the modstrings I use, as well.
I am looking for some more direction on how to root this phone, and would like some help.
TimX24968B said:
Hi, first, I am pretty new to rooting, yet I have done similar things on other devices. Second, here is the info on my android phone:
Samsung galaxy S5 model SM-G900V
Android Version 6.0.1
EMMC: 11xx...
it is a verizon phone so I'm pretty sure the bootloader is locked, and the latest towelroot throws the "this phone isn't currently supported" error on any of the modstrings I use, as well.
I am looking for some more direction on how to root this phone, and would like some help.
Click to expand...
Click to collapse
You can't. Root is not available for 6.0.1. At this late in the game, it's unlikely to ever be rootable.
painiac said:
You can't. Root is not available for 6.0.1. At this late in the game, it's unlikely to ever be rootable.
Click to expand...
Click to collapse
hmm, wondering if any other new verizon android phones will be rootable since I am available for an upgrade
painiac said:
You can't. Root is not available for 6.0.1. At this late in the game, it's unlikely to ever be rootable.
Click to expand...
Click to collapse
I got mine into a 4.4.2 rom and it was successfully rooted w busybox, but I can't install the SU binary or activate safestrap since it seems like I need one to get the other. is there a way around that?
painiac said:
You can't. Root is not available for 6.0.1. At this late in the game, it's unlikely to ever be rootable.
Click to expand...
Click to collapse
Also, I have seen sites claim things like you can root it, such as the one below:
androidinfotech.com/2016/07/root-samsung-galaxy-s5-sm-g900v-verizon.html
(had to edit out the www. part of the link)
however, they all require doing stuff with odin, and I am still concerned about files being lost.
Trying to get more info on this, I would appreciate any and all help.
TimX24968B said:
Also, I have seen sites claim things like you can root it, such as the one below:
androidinfotech.com/2016/07/root-samsung-galaxy-s5-sm-g900v-verizon.html
(had to edit out the www. part of the link)
however, they all require doing stuff with odin, and I am still concerned about files being lost.
Trying to get more info on this, I would appreciate any and all help.
Click to expand...
Click to collapse
I find it highly suspicious that this method hasn't been trumpeted here on xda. The broken english doesn't ease my suspicion, either. Personally, I would want to have a disposable phone on hand to try it out, since it hasn't been vetted here first.
Before you do anything, read through the guide linked in my sig to get yourself familiar with the process. If you decide to tackle it, let us know how it turns out.
painiac said:
I find it highly suspicious that this method hasn't been trumpeted here on xda. The broken english doesn't ease my suspicion, either. Personally, I would want to have a disposable phone on hand to try it out, since it hasn't been vetted here first.
Before you do anything, read through the guide linked in my sig to get yourself familiar with the process. If you decide to tackle it, let us know how it turns out.
Click to expand...
Click to collapse
yea I know it seemed suspicious, so I didn't want to try it. However, would you happen to know of any newer androids that can be rooted, particularly verizon ones? I saw the guide but I don't think I can downgrade since I'm on verizon and 6.0.1, and I'm still afraid of losing my data if I do. Thanks for the help.
You can root that phone, there is a guide in the general section: [GUIDE] Root, Bootloader Unlocks, and More!
Look at the cid 11 section. It will erase all of your data though and downgrade you to lolipop. I used that guide on a marshmellow cid 11 Verizon S5 recently and it worked just fine.
Sadly, the bootloader of cid 11 Verizon S5s are still locked. I dont think there is a way yet to root Verizon S5s with cid 11 without losing your data.
Thanks for letting me know! How would I go about backing up my data for this kind of task, in that case? I am pretty sure I do not use verizons cloud services, but i do use their app for messaging.
As long as I can get root access so i can free up some space on my phone and possibly do other stuff in the future as well, it would be great if theres a way to back everything up aside from just copying the whole sd card, particularly things like contacts and text messages in that verizon app. Im fine being on lolipop, and if i can back up my data, i do have my escape method of just ditching this phone and using my upgrade.
Second question: what would be a newer verizon phone that would be rootable on the latest android?
I didn't need the data when I rooted the S5 I had, so I didnt back anything up.
There should be various apps on google play you can use to backup your text messages and contacts. You can manually backup any pictures and other media to a pc or something. I dont think there is much you can do to save your app data without root already. You can probably look up the save loactions of some of your apps and manually backup those.
I dont keep up with phone releases, so I cant reccomend anything.
Sorry I can't be of more help.
Ammalin said:
You can root that phone, there is a guide in the general section: [GUIDE] Root, Bootloader Unlocks, and More!
Look at the cid 11 section. It will erase all of your data though and downgrade you to lolipop. I used that guide on a marshmellow cid 11 Verizon S5 recently and it worked just fine.
Sadly, the bootloader of cid 11 Verizon S5s are still locked. I dont think there is a way yet to root Verizon S5s with cid 11 without losing your data.
Click to expand...
Click to collapse
The problem here is the understanding of the word ROOT, those instructions allow you to do stuff to you cid11 s5's yes, however, if you install the LL stuff then yes you can achive root, or even flash an LL rom that already has root, if you install the MM stuff YOU CANNOT and WILL NOT achieve ROOT. There is NO root exploit or method for 6.0.1 What you will be able to do after puting the MM stuff in there is be able to flash a small file and access safestrap to flash whatever zips or things (within context) that you might need, but this will be needed everytime you want to access safestrap. You will also need to flash another file once in safestrap to correctly exit. It Will NOT EVER give you root in MM. But with this you can flash a debloat script and even an add block to make your phone more usable to you. (All of which is explained in detail in the MM section of that thread).
tong6998 said:
The problem here is the understanding of the word ROOT, those instructions allow you to do stuff to you cid11 s5's yes, however, if you install the LL stuff then yes you can achive root, or even flash an LL rom that already has root, if you install the MM stuff YOU CANNOT and WILL NOT achieve ROOT. There is NO root exploit or method for 6.0.1 What you will be able to do after puting the MM stuff in there is be able to flash a small file and access safestrap to flash whatever zips or things (within context) that you might need, but this will be needed everytime you want to access safestrap. You will also need to flash another file once in safestrap to correctly exit. It Will NOT EVER give you root in MM. But with this you can flash a debloat script and even an add block to make your phone more usable to you. (All of which is explained in detail in the MM section of that thread).
Click to expand...
Click to collapse
I never said he could have root on marshmellow. Sorry if that was confusing as I never said it exactly. The linked guide says no root on marshmellow in bold near the top. Just wanted to let the OP know he could get root on the phone in some way at least.
To all:
I'm perfectly fine with downgrading. It was just the issue with backing up data which was holding me back there. However, I am still looking into doing this and appreciate the help. I think all I would need now is to know if anyone knows if there is any relatively new verizon phone that could be rooted out of box. Thanks.
If you know little about rooting, I will advice you to read more information about sm-g900v marshmallow root, like rooting with one click rooting software, just try their free trail and see if you can accept. Android Root from RenewAndroid has help me to solve this similar issue before, my device is Samsung S6.
tong6998 said:
The problem here is the understanding of the word ROOT, those instructions allow you to do stuff to you cid11 s5's yes, however, if you install the LL stuff then yes you can achive root, or even flash an LL rom that already has root, if you install the MM stuff YOU CANNOT and WILL NOT achieve ROOT. There is NO root exploit or method for 6.0.1 What you will be able to do after puting the MM stuff in there is be able to flash a small file and access safestrap to flash whatever zips or things (within context) that you might need, but this will be needed everytime you want to access safestrap. You will also need to flash another file once in safestrap to correctly exit. It Will NOT EVER give you root in MM. But with this you can flash a debloat script and even an add block to make your phone more usable to you. (All of which is explained in detail in the MM section of that thread).
Click to expand...
Click to collapse
If you compile the Greyhat Root Console for the S5 Device and use a 6.0.1 ROM still exploitable by dirtycow, there is a chance you may be able to adjust the sepolicy on your device enough, or setup supersu manually. I have yet to try this on my MM G900V. But the code is there. It is just down to the device specific commands to run.
People say dirtycow is a tethered/temporal root that only lasts until you reboot the device, but that isn't always the case if you run the right commands in the right order, or have an APP that sets up the temporal root after boot has completed automatically.
Delgoth said:
If you compile the Greyhat Root Console for the S5 Device and use a 6.0.1 ROM still exploitable by dirtycow, there is a chance you may be able to adjust the sepolicy on your device enough, or setup supersu manually. I have yet to try this on my MM G900V. But the code is there. It is just down to the device specific commands to run.
People say dirtycow is a tethered/temporal root that only lasts until you reboot the device, but that isn't always the case if you run the right commands in the right order, or have an APP that sets up the temporal root after boot has completed automatically.
Click to expand...
Click to collapse
My biggest gripe is the native emulated disk-space....I have had LL PB1 rooted on 900V S5 (CID 11) for sometime. But even with de-bloat, tons of lockups, freezing, constantly wiping cache, was hoping a move to MM (with root, hadn't checked in a while hoping bootloader was solved...) would be the savior....
Alas, it seems PB1 rooted is still the way to go as I have an additional "APPS" EXT FORMATTED partition mounted for apps that behave on it...and use APPS2SD and soft-links to keep storage balanced...but it's still a pain...
Now I have that same question, what is panacea?
If I have to get a new phone (pay exorbitant retail price or some "bargain" on ebay) which is the best root-able/boot-load-able or allows for miniSD expansion (hate the finite XXGB storage ever dictates) with space that can all be recognized for Apps+....
Replies bc or otherwise welcome
Col. P.
Adopting MM...
c0lp4nik said:
My biggest gripe is the native emulated disk-space....I have had LL PB1 rooted on 900V S5 (CID 11) for sometime. But even with de-bloat, tons of lockups, freezing, constantly wiping cache, was hoping a move to MM (with root, hadn't checked in a while hoping bootloader was solved...) would be the savior....
Alas, it seems PB1 rooted is still the way to go as I have an additional "APPS" EXT FORMATTED partition mounted for apps that behave on it...and use APPS2SD and soft-links to keep storage balanced...but it's still a pain...
Now I have that same question, what is panacea?
If I have to get a new phone (pay exorbitant retail price or some "bargain" on ebay) which is the best root-able/boot-load-able or allows for miniSD expansion (hate the finite XXGB storage ever dictates) with space that can all be recognized for Apps+....
Replies bc or otherwise welcome
Col. P.
Click to expand...
Click to collapse
I stand corrected... I now see *Storage Adoption* as part of MM, that could be the ticket for me! Obviously it formats the whole SD as EXT format...which is no big deal for me...at that point, since MM is un-rootable....do I take the leap? Will it really improve the S5?
Thanks for listening!
C0l. P.
painiac said:
You can't. Root is not available for 6.0.1. At this late in the game, it's unlikely to ever be rootable.
Click to expand...
Click to collapse
Is it possible to go back to Lollypop version from 6.1
Billy7891 said:
Is it possible to go back to Lollypop version from 6.1
Click to expand...
Click to collapse
Yes
how can you that be done .It is my understanding that downgrades would be blocked. Is there another way?
Hello,
I need to help someone with the CAZ-AL10 version of this phone recover some accidentally deleted photos on android 7.0. Though I have rooted phones in the past, I have never been asked to recover deleted pictures. From the research I have done in the past hour or so, I have found that file recovery on android phones:
Requires root
Requires you to use software on a computer
I wanted to reach out to see if anyone here has experience with either of these. The software I was going to try to use at this point is called "Dr. fone," as it seems the most reliable, but they clearly say you need root if your phone isn't in the model/android version on a list they have. If anyone else has any other suggestions/techniques, please let me know. I am particularly wary of third party software, as most of the websites seem really scammy to me, so if anyone can vouch for any that would be great.
Also, regarding root, I guess this is the Chinese version of the phone, and I can not read Chinese, so I really want to make sure I don't mess anything up. Could someone point me to a root method which will work with this version? Is it the same as other versions?
Thanks in advance for any help.
EDIT 3: It appears this device has a locked bootloader, which means that twrp wont work, and that device tree was a waste of time... I guess I'll just wait until someone or Samsung releases the firmware for Magisk.
EDIT 2: I have successfully built a device tree for this device using TWRPBuilder's script on github. Although it might not be fully complete, it is still a start. Note: I built using an android 8 release. Does the boardconfig.mk file still work for android 9????
I plan on comparing it with a different device tree to make sure nothing is blatantly wrong with it, but I'm not a developer so I don't know if that will help.
(Anyone willing to help me? If I could efficiently navigate the linux CLI I would probably be much faster...)
My current plan is to build TWRP for this device to back up the ROM so that I can use Magisk.
https://github.com/TwrpBuilder/twrpbuilder_tree_generator/blob/master/README.md
Link to device tree builder for those interested. Dont even ask how long it took me to realize I had to add the commands to the end of the java executive instead of typing TWRPBuilder -r recovery.img. command.
-------
EDIT: To those that read, Samsung has restrictions against downgrading apparently. Currently, the only way for root is by waiting for someone to share the official stock ROM. The first half of this method about getting the firmware Does Not Work I don't know about the rest...
-----
Hello everyone,
I would first like to say that I think this is a working method, but I want to double check with someone who has rooted before.
I have the above mentioned phone, and after a ton of research, have determined a path to rooting it through Magisk. I'm currently running Android Pie 9, on the latest stock firmware from att.
This phone does not have A/B partitioning, but has system-as-root and it will require a copy (and Magisk patched) ROM to root.
One of the main problems I have is not having the latest firmware for my device. (Don't tell me to look it up. Its non-existent on the web) I have found that Samsung's Smart Switch will allow you to obtain the official ROM.
However, to download the ROM, I have to have an outdated phone. The most recent update for my phone was to upgrade from Android 8.0 to 9.0.
I assume such an upgrade requires the whole ROM to be downloaded.
Is it possible to use an outdated ROM for my phone (Yes, I have one for android 8) and downgrade my OS so that I can then update from Smart Switch and get a copy of the current firmware to use with Magisk?
Edit: apparently Samsung has protections against downgrading. I tried samfirm but to no avail.
Anyone know of any compatible custom ROMs?
Will keep trying to root though...
I know many people will immediately say yes, but this phone is different.
There is no OEM unlock in Developer options (read more about this further!), and there is no fastboot. There is no TWRP for this phone either (some older threads on Magisk mentioned TWRP, so I am confused if I need it for rooting via Magisk)
I have discovered, that if you were to hold HOME + POWER + UP, on powerup, you can get to a warning about installing custom OSes and an option to continue.
I pressed continue.
Someone on the web said pressing up will wipe the phone, since it unlocks the bootloader.
My phone did not get wiped.
Is my phone's bootloader/OEM unlocked?
I want to know because I Think Magisk requires an unlocked bootloader.
If Magisk doesn't, I'm all good, and I am glad I can install custom OSes (not my goal, but will do if desperate)
If it does require it, I believe my hone already has an unlocked bootloader/OEM
One last note, does downgrading trip anything? I have no warranty, but I know there are other protections (like KNOX) that could affect the outcome.
(I've heard downgrading won't change anything)
Is there anything I need to turn off?
To Recap:
Downgrade OS
Update via Smart Switch to get stock ROM
Use Magisk to root my phone.
I'm simply asking if everything will turn out OK.
(Sorry for the exceedingly long post)
Thanks.
I don't have this phone but I wanted to have one, but after I realized there is no method to unlock it, you are out of luck I also have a phone laying around (Zte Avid Plus with android lolipop), I built a ROM and recovery for it but I realized there is no method to unlock the bootloader. The only method is to get your hands on the bootloader from this device and try and modify it and pray that it works. That is just how a lot budget devices are built nowadays. And that's sad. The thing is that there was a successor to the Zte Avid with the same specs but it ran Android Oreo. Meanwhile the Avid ran Lolipop. A method from manufacturers to always force us to buy new phones.