Sharp IS01: introduce the root acquisition - Android Software/Hacking General [Developers Only]

Hi, I'm Japanese developer.
Please excuse my poor English.
I introduce the root acquisition these steps.
Take full responsibility for your actions.
Please download here and extract it.
root.7z: j.mp/fRq6Nr mirror: j.mp/eok7vq
Require: superuser.apk
Prepare:
Code:
$adb push install.tar.gz /sqlite_journals
$adb push busybox_s /sqlite_journals
$adb shell chmod 0755 /sqlite_journals/busybox_s
$adb shell
$cd /sqlite_journals
$./busybox_s tar xvzf install.tar.gz
Step1: Get root.
from IS01 Android Terminal,
Code:
$cd /sqlite_journals/install
$sh install.sh
Input install step [1/2/3/4/update/uninstall] : 1
If you become superuser, the dollar sign should change to a hash (or sharp) sign.
Success: $ → #
Step2: Install hack binaries at "/sqlite_journals/root".
from IS01 Android Terminal,
Code:
$cd /sqlite_journals/install
$sh install.sh
Input install step [1/2/3/4/update/uninstall] : 2
Enable iptables?[Y/n] : n
Enable samba?[Y/n] : n
Enter to reboot : Enter
Step3: Write Hacked kernel in recovery area.
from IS01 Android Terminal,
Code:
$/sqlite_journals/install/au
↑You have to get root.
Code:
#cd /sqlite_journals/install
#sh install.sh
Input install step [1/2/3/4/update/uninstall] : 3
Write kernel?[y/N] : y
Enter to reboot recovery
*UPDATE
You're free to do so. XD
Step4: Create symbolic links in system.
and replace libshsecure_jni.so.
from IS01 Android Terminal,
Code:
$/sqlite_journals/install/au
↑You have to get root.
Code:
#cd /sqlite_journals/install
#sh install.sh
Input install step [1/2/3/4/update/uninstall] : 4
Q. What is hacked kernel?
A. This kernel is release of the NAND lock.
You can write after mount system.
Q. What is /sqlite_journals/install/au?
A. It is su binary. But it became impossible to use the market when it was a name of su, it changed on purpose to the name of au.
Q. Why don't you write it at boot area?
A. Also there is no way to repair broken IS01 because blocked fastboot(cant use fastboot).
Q. So boot area?
A. NV softs built recovery_kit image.
recovery_kit_v130.7z: j.mp/hXEp7C mirror: j.mp/f4SHCq
Code:
$adb push recovery_kit.img /data/recovery_kit.img
from IS01 Android Terminal,
Code:
$/sqlite_journals/install/au
↑You have to get root.
Code:
#cd /sqlite_journals/install
#flash_image boot_wr /data/recovery_kit.img
Q. How to use recovery_kit?
A. When mirror recovery image is hidden, you input "Home+Power".
But if your PC is Windows, unplug USB cable.
Code:
HotKey:
Boot recovery partition: Home+Back
Boot boot partition: Home+Menu
Enable QXDM: Alt+Q
Start adbd recovery: Alt+A
Start recovery utility: Alt+R
Support command:
sh
toolbox
busybox
mount_system: Mount system partision to /system2
mount_data: Mount data partision to /data
Thanks, love_marijuana@twitter, MobileHackerz@twitter, goroh_kun@twitter, gcd_org@twitter, nvsofts@twitter, Yukto8492@twitter and more.
Wrote by DevRenax@twitter. j.mp/g0pDZz
P.S I am transplanting CM6 for IS01.

[: permission denied
Took the plunge and tried this...
Got stuck at step 1:
$ sh install.sh
sh install.sh
IS01 root installer ver0.1.0
Input install step [1/2/3/4/update/uninstall] : 1
1
[: permission denied
Install STEP1
[*] CVE-2010-EASY Android local root exploit (C) 2010 by 743C
[*] checking NPROC limit ...
[+] RLIMIT_NPROC={1856, 1856}
[*] Searching for adb ...
[+] Found adb as PID 31307
[*] Spawning children. Dont type anything and wait for reset!
[*]
[*] If you like what we are doing you can send us PayPal money to
[*] [email protected] so we can compensate time, effort and HW costs.
[*] If you are a company and feel like you profit from our work,
[*] we also accept donations > 1000 USD!
[*]
[*] adb connection will be reset. restart adb server on desktop and re-login.
[: permission denied
Shut down terminal and reexecute this script!
$

xxolloxx said:
Took the plunge and tried this...
Got stuck at step 1:
$ sh install.sh
sh install.sh
IS01 root installer ver0.1.0
Input install step [1/2/3/4/update/uninstall] : 1
1
[: permission denied
Install STEP1
[*] CVE-2010-EASY Android local root exploit (C) 2010 by 743C
[*] checking NPROC limit ...
[+] RLIMIT_NPROC={1856, 1856}
[*] Searching for adb ...
[+] Found adb as PID 31307
[*] Spawning children. Dont type anything and wait for reset!
[*]
[*] If you like what we are doing you can send us PayPal money to
[*] [email protected] so we can compensate time, effort and HW costs.
[*] If you are a company and feel like you profit from our work,
[*] we also accept donations > 1000 USD!
[*]
[*] adb connection will be reset. restart adb server on desktop and re-login.
[: permission denied
Shut down terminal and reexecute this script!
$
Click to expand...
Click to collapse
hmm...
ok, tell me the results
1: What is your baseband version?
2:
Code:
$adb shell uname -a
3: from android terminal. Try running a few times, about 10times?
Code:
$/sqlite_journals/install/rageagainstthecage
4: after running Step1: Get root,
from android terminal.
Code:
$id

Baseband: 1.00.05
adb shell uname -a
uname: permission denied
$id
id
uid=2000(shell) gid=2000(shell) groups=1003(graphics),1004(input),1007(log),1011
(adb),1015(sdcard_rw),3001(net_bt_admin),3002(net_bt),3003(inet)
I ran
$/sqlite_journals/install/rageagainstthecage
...about 7 times, $ changed to #
Then I got stuck at:
$ cd /sqlite_journals/install
cd /sqlite_journals/install
$ sh install.sh
sh install.sh
IS01 root installer ver0.1.0
Unable to chmod ./busybox: Operation not permitted
Input install step [1/2/3/4/update/uninstall] : 1
1
[: permission denied
Install STEP1
Unable to chmod ./rageagainstthecage: Operation not permitted
[*] CVE-2010-EASY Android local root exploit (C) 2010 by 743C
[*] checking NPROC limit ...
[+] RLIMIT_NPROC={1856, 1856}
[*] Searching for adb ...
[+] Found adb as PID 8052
[*] Spawning children. Dont type anything and wait for reset!
[*]
[*] If you like what we are doing you can send us PayPal money to
[*] [email protected] so we can compensate time, effort and HW costs.
[*] If you are a company and feel like you profit from our work,
[*] we also accept donations > 1000 USD!
[*]
[*] adb connection will be reset. restart adb server on desktop and re-login.
[: permission denied

Baseband: 1.00.05
Click to expand...
Click to collapse
No problem.
I ran
$/sqlite_journals/install/rageagainstthecage
...about 7 times, $ changed to #
Click to expand...
Click to collapse
You got root. Next, run this command after reboot Android Term.
Code:
$/sqlite_journals/install/su
If you got root and installed superuser.apk, it will auto start superuser.apk.

triangle and exclamation point on boot
I did the steps above and I see it boot the recovery image, then it transitions into a boot screen that has a triangle with exclamation point. What do I do now?
Thanks in advance

I got to the recovery screen and enabled adb recovery, but adb states the device is offline. How do I get it online or push a new image.

plenpak said:
I did the steps above and I see it boot the recovery image, then it transitions into a boot screen that has a triangle with exclamation point. What do I do now?
Thanks in advance
Click to expand...
Click to collapse
you, too.
Sorry, I did not explain qxdm...
Code:
from hacked kernel
#echo 1 > /sys/devices/platform/msm_hsusb_periphera/qxdm_enable
or
recovery_kit -> Enable QXDM
And recovery_kit is unstabled. Try running a few times.
Be all about timing.
ScreenShot(recovery_kit) j.mp/hbHiL9

Thanks. You were right. Timing was everything. I now have a rooted device. I did have to modify the install.sh script. It wasnt working for me intially.
Have you tried to load Froyo or Gingerbread on it yet? Have you tried Cyanogen mod? I have Cyanogen mod 7 running on my N1, and would like to attempt a port to the IS01.

I did have to modify the install.sh script. It wasnt working for me intially.
Click to expand...
Click to collapse
Actually, I did not created it, and I have not tried. XD
this script was created by love_marijuana@twitter.
If that's ok, upload modified scripts please?
Have you tried to load Froyo or Gingerbread on it yet? Have you tried Cyanogen mod? I have Cyanogen mod 7 running on my N1, and would like to attempt a port to the IS01.
Click to expand...
Click to collapse
Wow, you have nice device!
I transplanting CM6.
I have github acount. -> github.com/CM4IS01
But this rom is very buggy.
Not work:
Bluetooth, GPS, Accelerator Sensors, 3D Acceleration, Sound and more...

Sharp IS01
Hi Sharp IS01 users....don t waist your time with this device.....AU launch this month 04/2011...a HTC EVO 4G...with HDMI and WIMAX router mode for acess a internet from a notebook or others devices....GOOD DEAL...

Help me pls,
I'm stuck at Step1, too
$cd /sqlite_journals/install
$sh install.sh
IS01 root installer ver0.1.0
Unable to chmod .busybox: Operation not permitted
Input install step [1/2/3/4/update/uninstall] :
My phone's build number: 01.00.02
Model number: SH-01B
(Docomo)
Thanks much

@ DevRenax, I can't find this file, CM6byDevRenax-06242011-IS01.7z . Are you still working on it? I'd like to try it for my SH-10B device, base band 01.00.02. Could you post another link to it? Thanks

plenpak said:
I did the steps above and I see it boot the recovery image, then it transitions into a boot screen that has a triangle with exclamation point. What do I do now?
Thanks in advance
Click to expand...
Click to collapse
I skip all the way to flash recovery_kit.img since I didnt use the steps to get root. Now I am stuck at the triangle with exclamation point screen. How did you bypass it?
Edit: ok, the recovery_kit works with the hotkeys but, it still won't let my SH-10B boot the system. Does anyone have the ADB usb driver for win7-64? The one that came with the cd-rom and from Sharp's webite doesn't install on my computer. If I can use adb, I could probably fix this.

I'm very new to do rooting
I try to understand your description.
But i don't know how to start.
I have already download and try to use superuser but i don't know how to write the command line as you shown.
What program i need for writing command?
Actually I just want my LYNX SH-10B to read another language beside Jap and Eng.
If you have another easier way pls help......
BEN

Ok, I believe I know what screwed my system from booting. This;
Code:
#cd /sqlite_journals/install
#flash_image boot_wr /data/recovery_kit.img
From this code that I use the recovery_kit was flash to my boot partition and replaced the boot.img. That is why it goes from recovery-kit boot screen to recovery mode screen and does not start android as mentioned in my previous post. It should have been: flash_image recovery. So I've lost my boot.img for the stock android 1.6. Can anyone who has the device post it so I may flash it back on and get my SH-10B running again. Thanks

Related

How to root the Droid 2

All credit for the binary goes to Sebastian Krahmer at http://c-skills.blogspot.com/. Please see fit to donate via Paypal to [email protected]
If you want a simpler 'one-click' process, go to this thread: Easier 1-2-3 Droid 2 Root for Windows / Linux / Mac
***NOTE: Proceed at your own risk. I and the providers of this code are not responsible for anything you do to your phone!***
Setup:
- Install adb (here) and Motorola drivers for windows(32-bit or 64-bit)
- Download attached archive
- Extract to a directory, I used c:\Droid2Root
- Make sure you have USB degugging enabled
- Change connection to PC Mode
Process:
- Open command prompt
- cd c:/wherever-your-sdk-tools-folder-is
- adb devices (to verify the connection)
- cd c:/Droid2Root
- adb push Superuser.apk /sdcard/Superuser.apk
- adb push su /sdcard/su
- adb push busybox /sdcard/busybox
- adb push rageagainstthecage-arm5.bin /data/local/tmp/rageagainstthecage-arm5.bin
- adb shell
- cd data/local/tmp
- chmod 0755 rageagainstthecage-arm5.bin
- ./rageagainstthecage-arm5.bin
- let the process run until it 'kicks' you out (may take a minute or two) to c:/Droid2Root
- cd c:/wherever-your-sdk-tools-folder-is
- adb kill-server
- adb devices (to verify the connection)
- adb shell (you should now have a # prompt, if not return to ./rage step above)
- mount -o rw,remount -t ext3 /dev/block/mmcblk1p21 /system
- cp /sdcard/Superuser.apk /system/app/Superuser.apk
- cp /sdcard/su /system/bin/su
- cp /sdcard/busybox /system/bin/busybox
- chmod 4755 /system/bin/su
- chmod 4755 /system/bin/busybox
- mount -o ro,remount -t ext3 /dev/block/mmcblk1p21 /system
- exit
- exit
I'm sure there are certain steps that could be streamlined or eliminated, so please feel free to make a suggestion and I'll edit the post.
Additional thanks to @rainabba and AllDroid.org for their excellent Droid X rooting tutorial, which assisted me greatly in this process.
waiting for a recovery, glad to see its rooted
Android n00b here, I can remove the Verizon crapware with this right? And tether?
thelolotov said:
Android n00b here, I can remove the Verizon crapware with this right? And tether?
Click to expand...
Click to collapse
yes and yes
thelolotov said:
Android n00b here, I can remove the Verizon crapware with this right? And tether?
Click to expand...
Click to collapse
I wouldn't remove anything yet since we don't have a sbf file to recover from partial bricks. However, tethering and any other apps that require root can be used now.
I'm new to doing this all the adb way.
When you say extract to a directory what do you mean to extract. After it downloads the achive files its done.....
i understand the rest of the commands but im lost there
Hmm, alright, that's still worth it, will I lose my data/have to hard reset to root?
Right click the downloaded archive and "extract files". You need to do this so adb can push them to the phone.
thelolotov said:
Hmm, alright, that's still worth it, will I lose my data/have to hard reset to root?
Click to expand...
Click to collapse
Nope, it just gives you access. Nothing deleted.
I'm retarded i didnt realize it was attached to the post, i thought it was what adb downloaded when i first opened it cause it called them archives.
cannot access
I got as far as pushing super user su and busy box onto my phone but it says that system in read only.. how do i fix this?
Anybody actually try this?
Hello,
I am following your directions and when I get to the "adb push Superuser.apk" step I receive the following error:
"failed to copy 'Superuser.apk' to '/system/app/Superuser.apk': Read-only file system"
I get this same error for the other adb push steps that follow.
Edit: To verify, I get a # shell.
Edit 2: I tried pushing the Superuser.apk to /data/local/tmp then cp to /system/app/, this also popped up a read-only file system error.
I'm currently trying it.
I have a 64 bit driver on my computer that i used to use for my D1 but it doesn't recognize my D2 when doing adb devices and i cant install the 32 bit driver
GSletta said:
I got as far as pushing super user su and busy box onto my phone but it says that system in read only.. how do i fix this?
Click to expand...
Click to collapse
Did you verify you have the # prompt three steps before that?
Yeah i get the # but it wont let me push superuser su and busybox
GSletta said:
Yeah i get the # but it wont let me push superuser su and busybox
Click to expand...
Click to collapse
Weird.. I didn't need to mount the system manually, but let me if there's a step I left out.
and some more screens (feel free to use in first post):
http://i.imgur.com/nPllt.jpg
http://i.imgur.com/COTEA.jpg
http://i.imgur.com/open3.jpg
djh816 said:
and some more screens (feel free to use in first post):
http://i.imgur.com/nPllt.jpg
http://i.imgur.com/COTEA.jpg
http://i.imgur.com/open3.jpg
Click to expand...
Click to collapse
Did you add any steps to mount the system? I don't believe I did, but it seems others are finding it to be read-only.
jerseyh22accord said:
I'm currently trying it.
I have a 64 bit driver on my computer that i used to use for my D1 but it doesn't recognize my D2 when doing adb devices and i cant install the 32 bit driver
Click to expand...
Click to collapse
Don't know if it will help you, but if it's anything like the DInc, you could just use the SDK's drivers and add a few device identifier lines to the INF file before installing them.

[Huawei IDEOS U8150] How to gain root access

I hold no responsibility to how you use or not use this info and if you brick phone - you do this at your own risk
There is a couple away you can go about gaining root access with this phone I have tested all 3 ways but only had success with 2 of them.
a) You can download 'z4root' from the Android Market (If is still available) or search XDA forums for it.
b) Search the XDA forums for 'SuperOneClick' which requires mono to work on Linux. I have read people that have had success with 'SuperOneClick' but that was not the case for me.
c) My preferred method:
Prerequisite:
knowledge of Linux and Terminal
knowledge of ADB (guide available in forums)
I did all this using Debian (testing) 64bit, Android SDK.
Creating correct permissions to access the phone via USB:
i) create
Code:
/etc/udev/rules.d/51-android.rules
ii) in the file put
Code:
SUBSYSTEM=="usb", ATTR{idVendor}=="12d1", MODE="0666"
iii) then
Code:
chmod a+r /etc/udev/rules.d/51-android.rules
iv) restart udev or reboot
Downloading and/or Installing required software:
1) Downloading and installing the android-sdk from: developer.android.com/sdk/index.html
2) Downloading and extracting 'SuperOneClick' (you will only need these 5 files: rageagainstthecage, sqlite3, su, busybox and superuser.apk)
3) Copy rageagainstthecage, sqlite3, su, busybox and superuser.apk into the platform-tools directory of android-sdk. Put phone in debug mode.
4) From a terminal (command line) change to the android/platform-tools directory and carefully do these steps.
Check to see if adb can see your phone properly:
Code:
./adb devices
You should see the serial number of you device, if you see bunch of '?' you have done something wrong.
Now for the fun part rooting the phone: <= no phun intended hehe
Code:
./adb push rageagainstthecage /data/local/tmp/rageagainstthecage
Code:
./adb shell
Code:
cd /data/local/tmp
Code:
chmod 0755 rageagainstthecage
Code:
./rageagainstthecage
5) Now wait until you get kicked out from adb before you do the following:
Code:
./adb shell
If everything worked now you should see a "#" instead of the "$" you saw previously in the adb shell which means you shouldn't get "permission denied" in the following steps:
Code:
mount -o rw,remount /dev/block/mdtblock4 /system
Code:
exit
Code:
./adb push su /system/bin/su
Code:
./adb push busybox /system/bin/busybox
Code:
./adb push sqlite3 /system/bin/sqlite3
Code:
./adb push Superuser.apk /system/app/Superuser.apk
Code:
./adb shell
Code:
cd /system/bin
Code:
chmod 4755 su
Code:
chmod 4755 busybox
Code:
chmod 4755 sqlite3
Code:
./adb reboot
Now you should be able to use apps like 'Cache Cleaner NG', 'Root Explorer', 'SetCPU' etc that require root access to work correctly.
Enjoy
Guide reflash FW for those who did some damage:
* Download from here that you want to install the FW
* Copy the folder in the microSD DLOAD (with the file inside UPADATE.APP)
* From phone off, Volume + Hold down RED BUTTON UP and power button.
* start the firmware upgrade, take a few minutes and then restart the phone . is a bit slow, do not be afraid, let him work and then back on (like the first time)
Help to get into recovery mode:
* down the 'volume up 'and 'green button'and then switch the device
Guide to bootloader mode:
* switch off, press and hold power button + volume down + red key
Overclock
Can this fone be oveclocked
SethIsHere said:
Can this fone be oveclocked
Click to expand...
Click to collapse
yes it can be OCed, I recommend using setCPU from the market
SethIsHere said:
Can this fone be oveclocked
Click to expand...
Click to collapse
Yes it can, to a Maximum of 600mhz (0.6 ghz) on the stock kernel
setCPU is no longer available on the market for free afaik.
Also can someone better translate the instructions to get into recovery mode? i can barely make sense of the above instructions ^^^
.produkt-R said:
Also can someone better translate the instructions to get into recovery mode? i can barely make sense of the above instructions ^^^
Click to expand...
Click to collapse
does this help:
http://forum.xda-developers.com/showpost.php?p=10371747&postcount=5
quail said:
does this help:
http://forum.xda-developers.com/showpost.php?p=10371747&postcount=5
Click to expand...
Click to collapse
Helped, Thanks.
Although after reading the entire page, i wonder if i should have a Recovery ROM installed. But i wonder if the phone will be left in it's current working state after installing it ?
i used z4root, worked fine for me
quail said:
Code:
chmod 4755 su
Code:
chmod 4755 busybox
Code:
chmod 4755 sqlite3
Click to expand...
Click to collapse
I think only "su" should be 4755 (setuid root), busybox and sqlite3 should just be 0755? Thanks for the instructions.
pb05life said:
i used z4root, worked fine for me
Click to expand...
Click to collapse
Ok I figured it ill shut up you have to use crappy dos command prompt and type everything in manually install proggies lol Google must die!
quail said:
Creating correct permissions to access the phone via USB:
i) create
Code:
/etc/udev/rules.d/51-android.rules
ii) in the file put
Code:
SUBSYSTEM=="usb", ATTR{idVendor}=="12d1", MODE="0666"
iii) then
Code:
chmod a+r /etc/udev/rules.d/51-android.rules
iv) restart udev or reboot
Click to expand...
Click to collapse
Anyone know this part for windows XP?Not linux?
I got to rageagainstthecage and it says permission denied.
fvckyougooglescammer said:
So would you tell us, exactly how you did it?
Without using the market place?
Because I have tried 100 things downloaded all that junk wasted 5 hours.
And I do not know how to run the z4root on my phone.
I do not want to install another ROM.
I do not know why you can not run z4root and a file manager from the SD card I have tried methods with the SDK they are total rubbish.
Once again *without* using the market place.
Thanks
Click to expand...
Click to collapse
Download it mediafire.com/u8150
Sent from my Ideos using XDA App
could you explain why you prefer this way instead using z4root?
nitro-ale said:
could you explain why you prefer this way instead using z4root?
Click to expand...
Click to collapse
I have Z4root on the phone and its supposedly rooted.
Yet, I can install apps from PC onto phone, but can not uninstall them.
Adb always gives me failure.
And if I try from shell it always says permission denied.
tilal6991 said:
Download it
Sent from my Ideos using XDA App
Click to expand...
Click to collapse
Hi thanks downloaded it fine its on the phone but this doesn't tell me how to remove apps.
I have been able to install but not remove adb always says failure.
Thanks man,
Just worked perfectly on my IDEOS brought from 2degrees in NZ.
The copy of SuperOneClick that I downloaded contained a file called su-v2 instead of su. In order to get the hack to work I had to rename su-v2 to su before running ./rageagainstthecage . Pretty obvious, but it might help someone out.
Thanks
fvckyougooglescammer said:
I have Z4root on the phone and its supposedly rooted.
Yet, I can install apps from PC onto phone, but can not uninstall them.
Adb always gives me failure.
And if I try from shell it always says permission denied.
Click to expand...
Click to collapse
I followed your instructions and installed SetCPU to test my phone was rooted. It worked great! Thanks.
I still have a problem. When I try adb root it still says "adbd cannot run as root in production builds". I'm trying this to be able to control my phone with pc mouse/keyboard with androidscreencast.
Any suggestions will be much appreciated.
Answering to myself: I updated my phone with FUSIONideos 1.5 and now adb runs as root without problems.
Z4root
http://forum.xda-developers.com/showthread.php?t=833953
Worked for me
Does it removes simlock I have Huawei U8150 IDEOS Android phone with career lock ( Simlock ), so will this remove it
can there be a batch file / command / app for all this, too techy out there
also how to setup the environment to run these commands, i m windows user can i do it ?

Huawei Ideos Super FAQ

This is an FAQ for the Huawei Ideos as there have been many questions on how to do the same things. Hopefully this should help. There are other FAQs but this one tries to compile as many as it can into one FAQ.
Feel free to reply to this if there are any questions or if you want me to make any additions. The FAQ won't be complete to begin with but I will add as I get time.
One thing I will say is that I WON'T TAKE RESPONSIBITY IF YOU DAMAGE YOUR PHONE. I AM PROVIDING THE INFORMATION AND WILL TRY TO HELP YOU IF SOMETHING BAD HAPPENS BUT I CAN'T TAKE ANY RESPONSIBILITY
1. How to root the IDEOS
This can be done quite simply by adapting what quail wrote:
There is a couple away you can go about gaining root access with this phone I have tested all 3 ways but only had success with 2 of them.
a) You can download 'z4root' from here (WORKS)
b) Search the XDA forums for 'SuperOneClick' which requires mono to work on Linux. I have read people that have had success with 'SuperOneClick' but that was not the case for me. (HAVEN'T CHECKED)
c) My preferred method: (HAVEN'T CHECKED)
Prerequisite:
knowledge of Linux and Terminal
knowledge of ADB (guide available in forums)
I did all this using Debian (testing) 64bit, Android SDK.
Creating correct permissions to access the phone via USB:
i) create
Code:
/etc/udev/rules.d/51-android.rules
ii) in the file put
Code:
SUBSYSTEM=="usb", ATTR{idVendor}=="12d1", MODE="0666"
iii) then
Code:
chmod a+r /etc/udev/rules.d/51-android.rules
iv) restart udev or reboot
Downloading and/or Installing required software:
1) Downloading and installing the android-sdk from: developer.android.com/sdk/index.html
2) Downloading and extracting 'SuperOneClick' (you will only need these 5 files: rageagainstthecage, sqlite3, su, busybox and superuser.apk)
3) Copy rageagainstthecage, sqlite3, su, busybox and superuser.apk into the platform-tools directory of android-sdk. Put phone in debug mode.
4) From a terminal (command line) change to the android/platform-tools directory and carefully do these steps.
Check to see if adb can see your phone properly:
Code:
./adb devices
You should see the serial number of you device, if you see bunch of '?' you have done something wrong.
Now for the fun part rooting the phone: <= no phun intended hehe
Code:
./adb push rageagainstthecage /data/local/tmp/rageagainstthecage
Code:
./adb shell
Code:
cd /data/local/tmp
Code:
chmod 0755 rageagainstthecage
Code:
./rageagainstthecage
5) Now wait until you get kicked out from adb before you do the following:
Code:
./adb shell
If everything worked now you should see a "#" instead of the "$" you saw previously in the adb shell which means you shouldn't get "permission denied" in the following steps:
Code:
mount -o rw,remount /dev/block/mdtblock4 /system
Code:
exit
Code:
./adb push su /system/bin/su
Code:
./adb push busybox /system/bin/busybox
Code:
./adb push sqlite3 /system/bin/sqlite3
Code:
./adb push Superuser.apk /system/app/Superuser.apk
Code:
./adb shell
Code:
cd /system/bin
Code:
chmod 4755 su
Code:
chmod 4755 busybox
Code:
chmod 4755 sqlite3
Code:
./adb reboot
Now you should be able to use apps like 'Cache Cleaner NG', 'Root Explorer', 'SetCPU' etc that require root access to work correctly.
Enjoy​
2. How to flash the Ultrakiller Recovery Image
Now this has been covered many times but there have been a lot of problems with the BSOD on the IDEOS. A few days ago Ultrakiller came up with a solution that works regardless of the LCD type. Now this was distributed as an IMG file so many people were confused so here is a link to one with everything you need included. All I did was remove the amon'ra image and copied the Ultrakiller recovery IMG to the folder and edited the scripts to point to the new file.
After you download the file:
* Put your device in bootloader mode - turn it off, then press the power button while holding the 'Volume Down' and 'End (Red)' keys (Yes, bootloader is just the IDEOS logo) WHILE YOUR DEVICE IS PLUGGED IN
* WINDOWS - double click 'install-recovery-windows.bat'
* MAC - Open a terminal window to the directory containing the files, and type 'chmod +x install-recovery-mac.sh' followed by './install-recovery-mac.sh'
* LINUX - Open a terminal window to the directory containing the files, and type 'chmod +x install-recovery-linux.sh' followed by './install-recovery-linux.sh'​
See Q3 if you have Windows and the prompt hangs on "Waiting for Device"
3. How to solve problems with drivers on Windows in bootloader mode?
1. Unplug your phone
2. Download and install PDANet from here - at the end of the setup it will tell you to plug in your phone - do that
3. Put the phone into bootloader (See Q2 above)
4. Go to device manager and right click on "Android 1.0" and click "Update drivers"
5. Click "No, not this time" and Next
6. When it asks you where to look for drivers point it to PDANet's install location
7. Hopefully it should find the driver and prompt you to install it - it will take some time
8. You can now access your device in bootloader!​
Thanks to the following people:
Quail for the base of the guide and the ROM I'm using - it's amazing BTW
Ultrakiller for the recovery image
Changelog:
21/01/2010: Initial writeup
22/01/2010: Added Q3 and made some minor changes​
i unfortunately deleted a system app and upon restarting my phone it wont boot.....it keeps hanging at the startup and reboots.. help me how to system restore...
Hi - the Ultrakiller recovery IMG in the ZIP from the Link above is "Ultrakiller.img.img". Dunno if it didnt work cause of this - sry didnt test, just downloaded new Ultrakillers "UltraJack-Recovery_v4.6.2.img", saved into that folder and changed the .bat to "fastboot-windows.exe flash recovery UltraJack-Recovery_v4.6.2.img" and it worked for me Even superuser.apk didnt work for usb-root but z4root does it perfect and DroidExplorer showing files now .
Thanks so far to all investing their time here
P.S.: the HUAWEI background of Ultrakillers recovery is very delicious
General guide to Flash ROM
Can you please provide a detailed guide for flashing Huawei Ideos. Because it is super guide. So it must contain this topic also.
I want to flash official ROM on following link:
http://forum.xda-developers.com/wiki/index.php?title=Huawei_U8150_IDEOS
Waiting for your response
yrnehukuht said:
i unfortunately deleted a system app and upon restarting my phone it wont boot.....it keeps hanging at the startup and reboots.. help me how to system restore...
Click to expand...
Click to collapse
Dear have u find out the solution of this problem?? COZ im also suffering from this if u find it then plz tell me [email protected]
I have downloaded a rom from xda-developers wiki from this link
http://forum.xda-developers.com/wiki/index.php?title=Huawei_U8150_IDEOS
then updated my device software by going in to update mode(press vol up + end key + power button) .
This step returned me my original recovery.
But I am not going to recommend it bcoz i am facing problems like my cd drive which is automatically displayed has become inaccessible.
I am having problem to copy files to sd card.
My upgrade mode is not working now.
all these things were working immediately after the above mentioned process but I am now stuck with these things.
I think it is because i have flashed lower version number of rom on phone.
If you want to recover recovery mode only then I have successfully flashed UltraJack-Recovery 5.2.1 from this link
http://forum.xda-developers.com/showthread.php?t=860189&page=24
Inform about your progress
Thanx. Very useful
Hi guys. I am in a lot of trouble with my ideos.
Tried installing a custom ROm using ROM manager and it failed, although the original ROM is still there and its booting up and working perfectly.
However, when i try to boot into recovery, only the lit blackscreen shows.
I have tried everything from running ULTRAjack recovery on windows(which only shows 'waiting for device' on cmd, with the pdanet drivers installed) to ubuntu(which shows 'waiting for device' on Amon-ra recovery and permission denied on ULTRAjack).
Could it be i didnt root the device properly since i used z4 root?
Any more ideas?
900/2100 or 850/1700/1900/2100
Hello, How do I tell which sub-model my U8150 is please? Either HSDPA 900 / 2100 / AWS or HSDPA 850 / 1900 / 2100 / 1700. baseband = 22201003; build no.= U8150V100R001C183B825; IMEC = 355093040562676; IMEC-SV = 39.
Check out your fcc id suffix. I have heard there is a b version and a d version.
hi do flashing many roms affects my ideos mobile?
netskink said:
Check out your fcc id suffix. I have heard there is a b version and a d version.
Click to expand...
Click to collapse
All I got is a U8510-1, no letter... any thoughts?
Unlock u8150
Hello.
i have a T-Mobile Ideos u8150, also known as Comet.
it is locked to T-Mobile and requests a pin code when using another sim card.
is there a way to unlock the phone?
please help me...
thank you.
Enable USB Debugging & One Click Root with Unlock Root Tool

USCC Mesmerize Rooting on Official 2.2 (Froyo)

Okay, this was my first time trying to root my phone and it would figure that non of the automated methods worked for me. Still, I was able to get root on my US Cellular Samsung Galaxy S Mesmerize (SCH-i500 for the kids keeping track at home) and these are the steps that I took. I hope this helps others who may be scratching their head wondering what to do when the developers haven't gotten around to (read: forsaken) us.
The nice thing about this method is that it doesn't require Windows (though you still do download SuperOneClick).
NOTE: This is only for an officially updated Mesmerize. Rooting is unnecessary for the leaked version.
APOLOGY: I can't post any links to anything outside the forum as I am a newer member, so, sorry for not being able to post URLs.
1. Download the Android SDK from the Android developer website and install/unzip it. You may need to add the path to the adb tool (found under platform-tools for me) to your PATH variable.
2. Download the SuperOneClick tool and unzip it
3a. If you are using Windows, then make sure to install the drivers for your phone. I don't have Windows, so don't ask me which file to download. Sorry.
3b. Enable USB Debugging on your phone (Settings->Applications->Development->Check "USB Debugging").
4. Connect your phone to your computer using the USB cable
5. Open a shell (or command prompt on Windows) and change directories to where you unzipped SuperOneClick
6. Run the following commands to copy files to your device
A. adb push psneuter /data/local/tmp/psneuter
B. adb push busybox /sdcard/busybox
C. adb push su-v2 /sdcard/su
NOTE: A quick note of each of these files.
A. psneuter - an exploit to gain root access temporarily on your phone
B. busybox - a compilation of common unix commands to help you along the CLI world
C. su - the super-user command used to gain elevated privileges
7. Run the following command to get a command line interface to your device
adb shell
At this point, you should see a $ prompt indicating that you are on your phone.
From here, you will change directories to where you put the exploit, change the permissions so you can run it, copy over the files that we need to sustain root access, and finally, install the Superuser.apk app so that you can manage root access from the UI.
Execute the following commands:
$ cd /data/local/tmp
$ chmod 777 psneuter
$ ./psneuter
Here, you will be disconnected from your device. This is normal. Just run "adb shell" again to get back in, though now, you will notice that the prompt has changed to a #. The following commands will reflect that.
# mount -t rfs -o remount,rw /dev/block/st19 /system
# cd /system/xbin
# cat /sdcard/busybox > busybox
# cat /sdcard/su > su
# chmod 4755 busybox
# chmod 4755 su
# exit
Now, you will be back on your computer. Type the following to install the Superuser.apk app.
adb install Superuser.apk
That should do it! You now have root access. Go ahead and try to install Titanium Backup (requires root). You can also install a terminal app or anything else.
I hope this helps. Report your successes/failures in the comments.

RE:[GUIDE] Downgrade G2 (2.3.X) & DZ (2.3.X) & mT4g (2.3.4) & DHD w/ S-ON to Froyo

RE:[GUIDE] Downgrade G2 (2.3.X) & DZ (2.3.X) & mT4g (2.3.4) & DHD w/ S-ON to Froyo
Wanted to document my musings... All the following how to's are other peoples with some of my(VERY LITTLE) comments mixed in.. Thanks to all those peeps!!! hope it helps someone to downgrade and root!
Introduction
This guide is written with the assumption that the user has previously used "adb". If you are unfamiliar with "adb" or do not even know what "adb" is, download the Android SDK (found at http://developer.android.com/sdk/index.html). There are a couple guides to help you get started setting up the Android SDK and understanding ADB. If you have not installed the Android SDK or you are unfamiliar with ADB, please take some time and read a couple guides to get a basic understanding of it.
* [GUIDE] ADB Workshop and Guide for everyone
* [HOW-TO] ADB for Dummies(How-To Learner's Guide)
* How To Set Up ADB/USB Drivers for Android Devices
Gaining Temp Root
1. Download the attached files, unzip them, and place the files in your platform-tools folder. To elaborate, place the fre3vo file inside of the fre3vo.zip file and the misc_version file inside the misc_version_01.zip file in your platform-tools directory.).
2. Make sure you have your sdcard inserted in your phone, and you are NOT in USB Storage Mode, and your sdcard is NOT FULL.
3. Run the following command to verify the exploit has access to what it needs. (Only the first line is the command. The second line should be the result returned if all goes well.)
Code:
> adb shell cat /dev/msm_rotator
/dev/msm_rotator: invalid length
4. If you received the same message, you're good to continue on. If not... I'd recommend going back to #g2root and asking them. (I am just passing along the information after all).
5. Run the following commands from your platform-tools directory.
Code:
> adb push fre3vo /data/local/tmp
> adb shell
$ chmod 777 /data/local/tmp/fre3vo
$ /data/local/tmp/fre3vo -debug -start FAA90000 -end FFFFFFFF
6. After you enter that command, with luck you should see something similar to the last few lines in the following displayed. (It may take a minute or two. From what I can tell, this appears to be the quickest method as the exploit seems to be found in the latter regions.)
Code:
Buffer offset: 00000000
Buffer size: 8192
Scanning region fb7b0000...
Scanning region fb8a0000...
Scanning region fb990000...
Scanning region fba90000...
Potential exploit area found at address fbb4d600:a00.
Exploiting device...
7.
1. If the exploit works, you will be kicked out of ADB shell, proceed to Step #8.
2. If the above does not work, and fails, you can try the following, and hopefully one will work, try the following (you must reboot your phone before you try another set):
Code:
$ /data/local/tmp/fre3vo -debug -start 10000000 -end 1FFFFFFF
$ /data/local/tmp/fre3vo -debug -start 20000000 -end 2FFFFFFF
$ /data/local/tmp/fre3vo -debug -start 30000000 -end 3FFFFFFF
$ /data/local/tmp/fre3vo -debug -start F0000000 -end FFFFFFFF
$ /data/local/tmp/fre3vo -debug -start E0000000 -end EFFFFFFF
8. If you did get kicked out of adb shell, open it again. You should now see the lovely # instead of $, thus granting you temp root. Go ahead and exit out of shell to proceed to the next stage.
Code:
> adb shell
# exit
Changing Version Number to Allow Downgrade
1. If you followed the first portion of this, you should of unzipped misc_version_01.zip in the platform-tools directory.
If you haven't done that yet, do that now and then run the following commands from your platform-tools directory.
2.
Code:
> adb push misc_version /data/local/tmp/misc_version
> adb shell chmod 777 /data/local/tmp/misc_version
> adb shell
# /data/local/tmp/misc_version -s 1.00.000.0
--set_version set. VERSION will be changed to: 1.00.000.0
Patching and backing up partition 17...(MIXING THIS IN (specially the folderand file ref) COMPAIRE THE METHOD BELOW WITH THIS ABOVE IF ONE DOES NOT WORK TRY THE DIFFRENT PATHS MISC_VERSION/MISC_VERSION...DID THE TRICK FOR ME:
1.
# /data/local/tmp/misc_version -s 1.00.000.0
2.
/data/local/tmp/misc_version -s 1.00.000.0
3.
/data/local/tmp/misc_version: permission denied
4.
5.
# chmod 777 /data/local/tmp/misc_version/misc_version
6.
chmod 777 /data/local/tmp/misc_version/misc_version
7.
# /data/local/tmp/misc_version/misc_version -s 1.00.000.0
8.
/data/local/tmp/misc_version/misc_version -s 1.00.000.0
9.
--set_version set. VERSION will be changed to: 1.00.000.0
10.
Patching and backing up partition 17...
3.
*Note: If you get the following error, please make sure your sdcard is inserted in your phone and is NOT mounted to your computer (ie: make sure you are NOT in USB Storage Mode).
Code:
Error opening backup file.
4.
Code:
# sync
5. Double check and make sure everything looks good so far by running the following command (still in adb shell).
Code:
# dd if=/dev/block/mmcblk0p17 bs=1 skip=160 count=10 {did not return this 4 me but ok!!!}
1.00.000.010+0 records in
10+0 records out
10 bytes transferred in 0.001 secs (10000 bytes/sec)
6. BE SURE TO BACKUP ANY DATA!!!***
Temp-Rooting to Backup
If you have nothing to back up or don't care to back anything up, proceed to the next section.
Credit goes to Nipqer from #g2root for providing me with this method.
1. Download the attached file, "Vision-fre3vo-temp-root.zip".
2. Extract the contents to your platform-tools directory.
3. Run the following commands in command prompt while in platform-tools directory: notice the / at the end of the commands here DIFFRENT!
4. adb devices is good to check u have proper driver connection, u can enable and then disabe usb debug to glitch usbport into connecting to phone as well as finding another usb port uninstalling reinstalling HTCdrivers of course while untethered
Code: > adb devices (make sure u have a connection)
> adb push su /data/local/tmp/
> adb push busybox /data/local/tmp/
> adb push fixsu.sh /data/local/tmp/
> adb install SuperUser.apk
> adb shell chmod 755 /data/local/tmp/fixsu.sh
> adb shell /data/local/tmp/fixsu.sh
5. Download a backing up application such as...
1. Titanium Backup
2. MyBackup Root
6. Make a backup!
Downgrading
* Download the Stock Rom for your device:
o G2: PC10IMG_Vision_TMOUS_1.19.531.1_Radio_12.21.60.09b _26.02.01.15_M2_release_149459_signed.zip
+ MD5: 531c08dc402e15577b947bf4cd22aec2
o Desire Z: 1.34.405.5_PC10IMG.zip
+ MD5: 2ff42897cd27e0db425a2cf36c8bd078
o myTouch 4G: PD15IMG.zip
+ MD5: 49d07f0ee7de1765a6a84cb12fa53110
o Desire HD: RUU_Ace_HTC_WWE_1.24.405.1_Radio_12.27.60.14b_26.0 2.00.29_M4_release_151852_signed.zip
+ MD5: a107b30a4b397c9238ddc7f4571c2ee8
* Please follow either Manual Downgrade OR Fastboot Downgrade
Manual Downgrade
1. Rename the downloaded rom to it's proper update name:
(Please note, the filenames MUST be all uppercase except for the extension, and if file extensions are hidden, do not include ".zip"):
* G2: "PC10IMG.zip"
* Desire Z: "PC10IMG.zip"
* myTouch 4G: "PD15IMG.zip"
* Desire HD: "PD98IMG.zip"
2. Place the zip file in the root of your sdcard.
3. Reboot your phone into bootloader by typing the following command:
Code:
> adb reboot bootloader
u should have PD15IMG.zip on your newly formatted sd card
4.
Your phone will reboot once or twice - this is completely normal.
This process will take roughly 5-10 minutes so make sure your phone is plugged in, either to an outlet or your computer.
5. THEN I DID THIS
6. EASY PERM/S-OFF FOR MYTOUCH 4G: G2/Desire Z PermRoot/S-OFF I've rooted over 50 Mytouch 4G's and i always have issues lol.
BUT I ALWAYS ROOT THEM IN THE END, and might I add with a headache
lol.
I tried this method, and IT WORKED, tried on over 5 phones now.
**NOTE! R E A D!NOTE!**
UNINSTALL ALL ANTI-VIRUS, LOOKOUT, OR ALL THAT CRAP BEFORE INSTALL.
[]ROOT WAS ACHIEVED FROM:
http://forum.xda-developers.com/showthread.php?t=928160
by: ianmcquinn
*REFORMAT SD CARD TO FAT+32
*TEMPROOT ROOT YOUR PHONE WITH VISIONARY+ (LEAVE EVERYTHING UNCHECKED)now redo the phone connect to market get astro file mgr and install clockwork after installing temp root with visionary 14 nothing checked and temp root then run : set to charge or usb tether usb debuging install non market apps.
-DOWNLOAD ANDROID TERMINAL EMULATOR FROM MARKET.
Step one:
-you need root_files.rar
http://forum.xda-developers.com/atta...6&d=1296452641
-then create a new folder on the root of the SD CARD named root_files and extract everything
in the rar there.
Step Two:
Open term. emu. and type.
(DO NOT TYPE */# just commands.)
$) su
#) cp /sdcard/root_files/perm_root /data/local/perm_root
#) chmod 777 /data/local/*
#) /data/local/perm_root
Now turn off phone, take battery out, vol+down, S-OFF PERM ROOT...
Install Rom Manager, flash CWM, and flash your fav. rom (RoyalGinger)
The most painless way I rooted mytouch!
hope it saves you a headache.
1.
Code:
> adb reboot bootloader
Sources:
1. #g2root: http://fishporn.ca/vision.gingerbread.root.html
2. Using fre3vo: http://therootofallevo.com/forums/vi....php?f=6&t=120
3. [GUIDE] ADB Workshop and Guide for everyone
4. [HOW-TO] ADB for Dummies(How-To Learner's Guide)
5. How To Set Up ADB/USB Drivers for Android Devices
6. [ROM]Ace Test & Stock ROMS [RE-UPLOADED]
7. Instructions for flashgc
8. Temp-Root Backup Post by Nipqer
9. Various Chats I've had with individuals.
If anyone needs further help and would prefer messaging me, feel free.
* AIM: IgnorantNihilist
* G-Talk: [email protected]
* MSN: leon.yandel[email protected]
Troubleshooting
Originally Posted by Cimer View Post
[...] If [the downgrade] does not work, Right click your Command prompt, Select All, Right click again. Then go to pastebin.com, paste there, Scroll down, name it and hit submit. After that post the link here and we'll take a look at it.
EVERYONE: If you want a faster diagnostic please do this in advance and other people can see your mistakes.
I wanted to give credit to specific individuals whom have helped write this guide, provided important feedback to further improve this guide, and/or in any other way further improved this guide. I think these invidiuals should be recognized, as if it were not for them, this would wouldn't be as elaborate, dynamic, and informative as it is. So a special thanks to, Cimer, petarpLab, iDylan1357, asharma5290, Nipqer, guhl, pierre_ja, and skorgon from #g2root
Change Log
* 2011/10/27
o Changed the download link for the Desire HD.
o Added MD5 checksums next to the rooms.
* 2011/10/26
o Re-added the manual downgrade method due to people having issues with the fastboot method.
* 2011/10/23
o Fixed a slightly error in code during the temp-root backup section. Had "adb install install Superuser.apk", replaced it with "adb install Superuser.apk"
* 2011/10/22
o Added a method to be able to backup data prior to downgrading! (thanks to Nipqer from #g2root)
* 2011/10/20
o Added Desire HD.
o Changed the downgrading method to use fastboot rather than manually downgrading.
o Added "Creating A Goldcard" method from http://www.thinkthinkdo.com/trac/pro...c_instructions
* 2011/08/26
o Changed modified version number for each device to 1.00.000 as it is more universal and works for each one.
o Made it more clear to extract the attached files and place them in the platform-tools directory for use.
* 2011/08/06
o Added a couple links to ADB guide.
* 2011/08/05
o Added myTouch 4G
o Added link to an "adb" guide.
o Changed title from "[GUIDE] Downgrade G2 2.13.531.8 (2.3.3 T-Mobile Rom w/ S-ON) & DZ 2.3.3 w/ S-ON" to "[GUIDE] Downgrade G2 (2.3.3) & DZ (2.3.3) & mT4g (2.3.4) w/ S-ON to Stock Froyo"
Attached Files
File Type: zip misc_version_01.zip - [Click for QR Code] (10.0 KB, 10460 views)
File Type: zip fre3vo.zip - [Click for QR Code] (5.5 KB, 15754 views)
File Type: zip fastboot.zip - [Click for QR Code] (398.7 KB, 3353 views)
File Type: zip Vision-fre3vo-temp-root.zip - [Click for QR Code] (1.01 MB, 3398 views)
Last edited by Setherio; 27th October 2011 at 10:10 PM. Reason: Added a "Change Log" to keep track of past and future updates. --- Revised the intro to adb portion and added a couple links for further reference --- Added myTouch 4G to the guide.
Just some suggestions to avoid confusion when you run the command
Code:
adb shell cat /dev/msm_rotator
you should get the return of
Code:
/dev/msm_rotator: invalid length
you do not need to enter in this line.
Also after entering
Code:
/data/local/tmp/fre3vo -debug -start FAA90000 -end FFFFFFFF
or one like it and it fails (It should not) you need to reboot the phone between these attempts.
Thanks for writing the guide! We just posted the log lol
Thanks for the tips Cimer, I edited the post, hopefully that clarifies it a bit more.
I've been a quiet browser here on XDA for quite a while but I believe that was actually the first post I made =3 It took me a while to try to get it formatted... fluently / tried to make it easy to read and follow.
And hey, if it wasn't for you all posting the logs from #g2root, I would of never gotten my G2 back to being rooted. I think I had like 8 different pages open when I was doing it, reading the chat log, reviewing the pastebin data, et cetera. But it worked, after searching every day, the trick has been found.
On a side note, I picked the range "-start FAA90000 -end FFFFFFFF" because it appears that the exploit is most likely within that range. It was for yours "FBB47C00:1400", mine was "FBB4D600:A00", and a friend of mine was also an FBB*.

Categories

Resources