epic 4g initramfs. possible root exploit! - Epic 4G Android Development

http://www.sdx-downloads.com/devs/noobnl/initramfs.tar.gz
possible root exploit
cat /sbin/dfta > /data/dfta
chmod 777 /data/dfta
chown root.root /data/dfta

Related

Android 2.2/2.3 stock,Flash recovery without unlocking bootloader (GRJ22 Nexus One)

Hi,
I found a nice exploit for Xperia which works fine for Nexus one too ( the DooMLoRD exploit ).
I modified the script to flash the recovery without unlocking the bootloader, so you can flash the rom you like
The exploit works fine on Nexus one 2.3.4 GRJ22 with stock rom and locked bootloader, if you don't have a nexus one:
- remplace files/recovery.img with the right one!
- modify the line in script with the right system partition path.
here's the linux script to do the trick :
2shared.com/file/4uu5h2NH/zergRush_automated_Linux_roott.html
i'm sure someone will port it to windows
NB : backup data, and apps, when you flash a new rom, all data are deleted ( except SD Card).
Automatic installation using the script :
tar -xjvf zergRush_automated_Linux_root.tar.bz2
cd zergRush_automated_Linux_root/
chmod a+x runme-linux
sudo ./runme-linux
Manual installation :
tar -xjvf zergRush_automated_Linux_root.tar.bz2
cd zergRush_automated_Linux_root/
./files/adb kill-server
./files/adb wait-for-device
./files/adb shell rm -r /data/local/tmp
./files/adb shell mkdir /data/local/tmp
./files/adb push ./files/zergRush /data/local/tmp/
./files/adb shell chmod 755 /data/local/tmp/zergRush
./files/adb shell /data/local/tmp/zergRush
./files/adb wait-for-device
./files/adb push ./files/busybox /data/local/tmp
./files/adb shell chmod 755 /data/local/tmp/busybox
./files/adb shell /data/local/tmp/busybox mount -o remount,rw /system
./files/adb push files/busybox /system/xbin
./files/adb shell chown root.shell /system/xbin/busybox
./files/adb shell chmod 04755 /system/xbin/busybox
./files/adb shell /system/xbin/busybox --install -s /system/xbin
./files/adb shell rm -r /data/local/tmp/busybox
./files/adb push ./files/su /system/bin/su
./files/adb shell chown root.shell /system/bin/su
./files/adb shell chmod 06755 /system/bin/su
./files/adb shell rm /system/xbin/su
./files/adb shell ln -s /system/bin/su /system/bin/su
./files/adb push files/Superuser.apk /system/app/
./files/adb shell rm -r /data/local/tmp
./files/adb push files/flash_image /data/flash_image
./files/adb shell chmod 755 /data/flash_image
./files/adb push files/recovery.img /data/recovery.img
./files/adb shell /data/flash_image recovery /data/recovery.img
./files/adb shell rm /data/flash_image
./files/adb reboot recovery
In less than a minute, your phone will reboot to amonRA recovery, flash the rom you want, and Enjoy!

[Q] chmod MOD after 2.3.6 result

i was rooted on supercharged V4, i did the forever root and upgraded to the new OTA UPDATE.
i still have root.
however when i downloaded root explorer, and checked in system/bin.mount_ext3.sh and find that the order that i had written them in before is different now.
here is what it looks like now.
chmod 4755 /system/bin/su
chmod 644 /system/app/Superuser.apk
chmod 4755 /system/xbin/su
Completely different! Like i said before I STILL HAVE ROOT. why did it change?

[Q] Sharp Aquos Zeta sh02e Root

I recently purchased this device in hopes a root method would soon become available. Has anyone out there had any success? Even temporary root access would be greatly appreciated considering the amount of bloatware on this device. Thanks in advance
andyeternity said:
I recently purchased this device in hopes a root method would soon become available. Has anyone out there had any success? Even temporary root access would be greatly appreciated considering the amount of bloatware on this device. Thanks in advance
Click to expand...
Click to collapse
I really hope someone does something. I also bought one of this babies in Japan and I wish this can be tinkered with. There is an enormous potential within this phone that is locked down on DoCoMo's crappy bloatware and prohibitions. Can't use nothing: TV receiver, radio, pedometer, and all the other functions found on most Sharp phones alone.
I got some text and some files but I really don't know what to do with them or who created them. I just translated some text from Japanese and this seems like a way to get root in the device.
PLEASE. If this can be seen by someone with experience, could this be turned into an app that is useful for us non-devs? The file is attached at the bottom.
adb push sh02eunlock /data/rootkit
adb push acdbwritevalue /data/rootkit
adb push su /data/rootkit
adb shell chmod 777 /data/rootkit/
adb shell chmod 777 /data/rootkit/sh02eunlock
adb shell chmod 777 /data/rootkit/acdbwritevalue
adb shell chmod 777 /data/rootkit/su
adb shell
su
cd /data/rootkit/
./acdbwritevalue 0xc0e74998 0x80200000
./acdbwritevalue 0xc0e749a8 0x01000000
./sh02eunlock 0
cat /data/rootkit/su >cat /data/rootkit/su > /system/xbin/su
mount -o rw,remount /system /system
cat /data/rootkit/su > /system/xbin/su
chown root.root /system/xbin/su
chmod 06755 /system/xbin/su
cat /data/rootkit/sh02eunlock > /system/xbin/soff
chmod 755 /system/xbin/soff
mount -o ro,remount /system /system
chmod 755 /system/xbin/soff
sync;sync;sync
That's all I got. I really need to delete all this spy/statistics apps from the phone and without root it's impossible.

[Q] yarvik luna 474 rooting

Does anyone know how to root luna tab474 as the firmware on it is terrible, even the touch does not respond well and yarvik r not any help what so ever. My kids cant play half the games and it does not seem to support flash.
Its running android 4.0 and there seems to b lack of updates off yarvik
toiletroll said:
Does anyone know how to root luna tab474 as the firmware on it is terrible, even the touch does not respond well and yarvik r not any help what so ever. My kids cant play half the games and it does not seem to support flash.
Its running android 4.0 and there seems to b lack of updates off yarvik
Click to expand...
Click to collapse
try this: http://forum.xda-developers.com/showpost.php?p=41229206&postcount=3
Tried that but no joy. Used bin4ry root and restore now have Su on it that's as far as I got so far
Sent from my HTC One S using xda app-developers app
Yarvik 474 root
The Yarvik 474 by default is "rooted", but technically is not . The busybox and the su don't work propoerly.
To make it work, we have to change them.
Preparation :
1.) download ADB,SU, Supersuser.apk ("www48.zippyshare.com/v/60795775/file.html")
2.) download busybox to the same directory ("busybox.net/downloads/binaries/latest/busybox-armv7l" )
2.b.) rename "busybox-armv7l" to "busybox".
Start the rooting:
1.) Connect your Yarvik 474 to your PC with USB "debug on"
2.) Open "DOS" terminal on your PC and type:
adb devices
adb remount
adb shell "mkdir /data/busybox"
adb push busybox /data/busybox/busybox
adb push busybox /system/sbin/busybox
adb push su /system/sbin/su
adb push Superuser.apk /system/app/
adb shell
chmod 644 /system/app/Superuser.apk
mv /bin/su /bin/su2
mv /bin/busybox /bin/busybox2
cd /data/busybox
chmod 04755 busybox
chown root.root busybox
./busybox --INSTALL /system/sbin
cd /system/sbin
chmod 04755 su
chmod 04755 busybox
chown root.root su
chown root.root busybox
cd /bin
ln /system/sbin/su su
ln /system/sbin/busybox busybox
3.) restart your tablet
You have a full rooted Yarvik 474!!!

[SCRIPT / TOOL] zro's ultimate permission fixer script v1.0

Do I need to explain what a permission fixer script is supposed to do?
It fixes all the permissions (currently only for /system) and removes some knox bloatware folders along the way.
Root and busybox is required.
---
NOTE: This is the first step for a "rom installer script".
Please let me know if you find any errors or want any folders added to the additional permission fixes.
Or if you know any enhancements too off course.
There might be some redundancy within the script, but I wanted to better be safe
---.
So here it goes (download attached below):
Copy it to wherever you like and make it runnable (chmod 755) to execute.
I just copied it to my /system/xbin folder so I just have to type "fix_permissions.sh" when I want to fix em.
(could even get rid of the ".sh" to get the fix_permission command back kind of)
Code:
#!/system/bin/sh
echo
echo zro\'s ultimate permission fixer script v1.0
echo ============================================
echo
echo Step 1: Mounting /system writable
echo ---------------------------------
mount -o rw,remount /system
# >>> STOCK PERMISSIONS >>>
echo
echo Step 2: Fixing stock permissions
echo --------------------------------
# /system
echo fixing permissions for /system
busybox chown 0.0 /system
busybox chown 0.0 /system/*
busybox chown 0.2000 /system/bin
busybox chown 0.2000 /system/vendor
busybox chown 0.2000 /system/xbin
busybox chmod 755 /system/*
find /system -type f -maxdepth 1 -exec busybox chmod 644 {} \;
# /system/app
echo fixing permissions for /system/app
busybox chown 0.0 /system/app/*
busybox chmod 644 /system/app/*
# /system/cameradata
echo fixing permissions for /system/cameradata
busybox chown -R 0.0 /system/cameradata
find /system/cameradata \( -type d -exec busybox chmod 755 {} + \) -o \( -type f -exec busybox chmod 644 {} + \)
# /system/bin
echo fixing permissions for /system/bin
busybox chmod 755 /system/bin/*
busybox chown 0.2000 /system/bin/*
busybox chown -h 0.2000 /system/bin/*
busybox chown 0.0 /system/bin/log /system/bin/ping /system/bin/sysinit
busybox chmod 777 /system/bin/log
busybox chown 0.3003 /system/bin/netcfg
busybox chmod 2750 /system/bin/netcfg
busybox chmod 750 /system/bin/run-as
busybox chown 0.0 /system/bin/su
busybox chmod 6755 /system/bin/su
busybox chown 0.0 /system/bin/daemonsu
busybox chmod 6755 /system/bin/daemonsu
# /system/containers - Knox Bloatware (will be removed)
echo fixing permissions for /system/containers - Knox Bloatware - will be removed
rm -r /system/containers
# /system/csc
echo fixing permissions for /system/csc
busybox chown -R 0.0 /system/csc
find /system/csc \( -type d -exec busybox chmod 755 {} + \) -o \( -type f -exec busybox chmod 644 {} + \)
# /system/etc
echo fixing permissions for /system/etc
busybox chown -R 0.0 /system/etc
find /system/etc \( -type d -exec busybox chmod 755 {} + \) -o \( -type f -exec busybox chmod 644 {} + \)
busybox chown 0.2000 /system/etc/init.goldfish.sh
busybox chmod 550 /system/etc/init.goldfish.sh
busybox chmod 664 /system/etc/boot_fixup
busybox chown 1014.2000 /system/etc/dhcpcd/dhcpcd-run-hooks
busybox chmod 550 /system/etc/dhcpcd/dhcpcd-run-hooks
busybox chmod 755 /system/etc/init.d/*
busybox chmod 6755 /system/etc/install-recovery.sh
# /system/finder_cp
echo fixing permissions for /system/finder_cp
busybox chown 0.0 /system/finder_cp/*
busybox chmod 644 /system/finder_cp/*
# /system/fonts
echo fixing permissions for /system/fonts
busybox chown 0.0 /system/fonts/*
busybox chmod 644 /system/fonts/*
# /system/framework
echo fixing permissions for /system/framework
busybox chown 0.0 /system/framework/*
busybox chmod 644 /system/framework/*
# /system/lib
echo fixing permissions for /system/lib
busybox chown -R 0:0 /system/lib
find /system/lib \( -type d -exec busybox chmod 755 {} + \) -o \( -type f -exec busybox chmod 644 {} + \)
# /system/media
echo fixing permissions for /system/media
busybox chown -R 0:0 /system/media
find /system/media \( -type d -exec busybox chmod 755 {} + \) -o \( -type f -exec busybox chmod 644 {} + \)
# /system/preloadedkiosk - Bloatware (will be removed)
echo fixing permissions for /system/preloadedkiosk - Bloatware - will be removed
rm -r /system/preloadedkiosk
# /system/preloadedsso - Knox Bloatware (will be removed)
echo fixing permissions for /system/preloadedsso - Knox Bloatware - will be removed
rm -r /system/preloadedsso
# /system/sipdb
echo fixing permissions for /system/sipdb
busybox chown 0.0 /system/sipdb/*
busybox chmod 655 /system/sipdb/*
# /system/tts
echo fixing permissions for /system/tts
busybox chown -R 0:0 /system/tts
find /system/tts \( -type d -exec busybox chmod 755 {} + \) -o \( -type f -exec busybox chmod 644 {} + \)
# /system/usr
echo fixing permissions for /system/usr
busybox chown -R 0:0 /system/usr
find /system/usr \( -type d -exec busybox chmod 755 {} + \) -o \( -type f -exec busybox chmod 644 {} + \)
# /system/vendor
echo fixing permissions for /system/vendor
find /system/vendor \( -type d -exec busybox chown 0.2000 {} + \) -o \( -type f -exec busybox chown 0.0 {} + \)
find /system/vendor \( -type d -exec busybox chmod 755 {} + \) -o \( -type f -exec busybox chmod 644 {} + \)
# /system/voicebargeindata
echo fixing permissions for /system/voicebargeindata
busybox chown -R 0:0 /system/voicebargeindata
find /system/voicebargeindata \( -type d -exec busybox chmod 755 {} + \) -o \( -type f -exec busybox chmod 644 {} + \)
# /system/vold
echo fixing permissions for /system/vold
busybox chown 0.0 /system/vold/*
busybox chmod 644 /system/vold/*
# /system/wakeupdata
echo fixing permissions for /system/wakeupdata
busybox chown -R 0:0 /system/wakeupdata
find /system/wakeupdata \( -type d -exec busybox chmod 755 {} + \) -o \( -type f -exec busybox chmod 644 {} + \)
# /system/wallpaper
echo fixing permissions for /system/wallpaper
busybox chown 0.0 /system/wallpaper/*
busybox chmod 644 /system/wallpaper/*
# /system/xbin
echo fixing permissions for /system/xbin
busybox chmod 755 /system/xbin/*
busybox chown 0.2000 /system/xbin/*
busybox chown -h 0.2000 /system/xbin/*
busybox chown 0.0 /system/xbin/su
busybox chmod 6755 /system/xbin/su
busybox chown 0.0 /system/xbin/daemonsu
busybox chmod 6755 /system/xbin/daemonsu
# <<< STOCK PERMISSIONS END <<<
# ==============================
# >>> ADDITIONAL PERMISSIONS >>>
echo
echo Step 3: Fixing additional permissions
echo -------------------------------------
# /system/photoreader
echo fixing permissions for /system/photoreader
busybox chown -R 0.2000 /system/photoreader/*
find /system/photoreader/ \( -type d -exec busybox chmod 755 {} + \) -o \( -type f -exec busybox chmod 644 {} + \)
# <<< ADDITIONAL PERMISSIONS END <<<
RESERVED
zroice said:
RESERVED
Click to expand...
Click to collapse
Thanks for this, just what is was needing on my N3...
The thing is, I cannot boot the system... can you help me to run it on CWM recovery? Maybe converting it into a 'flashable script'?
this stuff is old - the kn0x0ut toolbox includes the current version of the fix permission script.
This should also work over adb on recovery. But you need some adb skills.
zroice said:
...
There might be some redundancy within the script, but I wanted to better be safe
...
Click to expand...
Click to collapse
I wonder if (for max safety) you might need to add selinux refresh stuff in some places?

Categories

Resources