This is a simple script to root (and unroot) Android from Linux.
It only installs su and Superuser.apk, nothing more.
This should work on most Linux (and unix) systems, and should be able to root a number of devices (any device rootable with RageAgainstTheCage: that's the exploit I'm using). I used it on my own LG GT540 with the stock android 2.1.
I'd like to keep working on it, so for any question or suggestion I'll be here.
Usage:
Extract the file graphically or with tar xvf peoroot.tar (why isn't this forum accepting .tar.bz2 attachments?!)
Move into the directory and run root.sh or unroot.sh, still graphically or with cd peoroot; ./root.sh
Related
I've searched through the forums, and could not find an answer.
I'm familiar with Linux and Unix system administration, so I am more comfortable with using command line interfaces to move files around. This should make it fairly straightforward to root my wife's Skyrocket while maintaining a stock root. I know that it basically involves installing the superuser APK, moving the su command file and expanding the busybox files into /system/bin. The problem is that /system/bin is owned by root, and that it is also read-only. To my knowledge, the stock Skyrocket is locked.
My question is - does the fastboot OEM unlocker allow me to remount /system as read-write as a normal user, or is there another way to do this on a Linux command line?
I have Alcatel OT 995 with Android Gingerbread 2.3.6 and use Ubuntu. I tried Superoneclick (but it works with 2.3.5 :/ ), Casual (doesn't work), Superuser.apk.. all without effects. Anyone has any suggestions?
Hi I did it the following way (Alcatel OT 995):
Get the android sdk, run path_to_sdk/tools/android sdk and install the platform-tools (you need adb and fastboot, they then are placed into path_to_sdk/platform-tools )
Get the cwm recovery for the device from hxxp://dump.pargon.nl/alcatel/cwm-recovery/
Get the su binary (arm) from superuser.apk: hxxp://androidsu.com/superuser/
Follow hxxp://dump.pargon.nl/alcatel/cwm-recovery/README for how to boot into cwm recovery
Inside recovery go to the mount menu and mount /system (and it is a good idea to use the backup menu item before doing this all )
Unpack the su binary somewhere and do adb push path_to_your_su/su /system/bin/su
Use adb shell chmod 4755 /system/bin/su to give it proper rights.
Boot back into the android system, run Superuser.apk, it will, of course, tell you if it worked.
Maybe you should include the device Name into the Thread title because rooting is a somewhat device specific issue.
Oh it seems someone here decided to be unfriendly to new users so hxxp==http...
Try memprodroid
tamtamtam23 said:
I have Alcatel OT 995 with Android Gingerbread 2.3.6 and use Ubuntu. I tried Superoneclick (but it works with 2.3.5 :/ ), Casual (doesn't work), Superuser.apk.. all without effects. Anyone has any suggestions?
Click to expand...
Click to collapse
If you only want root, otherwise want to stick to a stock system, the most conservative method (rooting, no tampering with any other ROM partitions) is mempodroid. It only works within a specific range of linux kernels (it relies on a bug that got introduced into linux kernel but was fairly rapidly stomped on), but I think 2.3.6 kernel is probably one of them. See http://forum.xda-developers.com/showthread.php?t=1461736 for details. If it doesn't work (you don't have the right kernel), you haven't broken anything, you just won't have root.
I am trying to root the PMP3084 using Linux.
I found this thread about the device.
Directly on the first page #post404 is quotet as "cooking under linux".
But the links given in this post are down.
My Questions:
- Is there a change that they might be updatet?
- Can you name tools (besindes kitchen) that might be usefull and work in Linux?
- Is anyone interested in setting up a Linux-Tutorial?
Thanx in advance
tm_h
Have you tried rooting it with a tool like
z4root?
Yes,
I tried z4root.
I also tried UniversalAndroot.
z4root states that there is a temporarily root access granted, but obviously, it is not.
The filesystem remains read only.
On the device I am using the terminal emulator and the OpenFileManger from the fdroid repositories.
After typing "su" in the terminal, a # indicates that the user should be "root", but still it is not pissble to rename a file in the root or system folder.
I tried to (re)mount the filesystem rw, but without success.
I can access the device via adb and, more conveniant, through Qtabd.
The resulst are the same and Qtadb states "adbd cannot run as root in production builds".
(The files are shown but likewise ro)
Currently I am using the latest firmware provided by prestigio (updated with the rkandroidbatchupdate).
So I am wondering if it is possible to dump, unpack and repack this firmware in a way that it is not recognized as a produciton build.
If anyone knows how to do that - it would be a great help!
The RKcooking tools in the thread (post#3) mentionend above won't work under linux - wine hangs.
Best
tm_h
Hi all,
this thread would like to be a shortly introduction about root user permission on general android platform!
As we all know the root user in Unix-based OS is the user with UID equal to 0.
Many threads talks about gain root on android by means of magic oneclick tool or by way of flashing custom recovery on device then copy the fantastic ChainsDD's su binary and install superuser or another apk to manage privileged action request .
Do we really need? Probably! But we maybe only want a root prompt, root privilege through adb shell or on the terminal emulator, this is certainly possible.
Deafult android shell is /system/bin/sh, if we could run it through, for example, an executable owned by user with UID 0, and if there was a Unix access rights flags that allow users to run an executable with the permissions of the executable's owner, we probably would get a root shell only by running that executable! Easy!
Only one thing, we should know a method for push our unsecure setuidded executable owned by root under the /system/xbin directory, which is also owned by root!
For example, might be possible to dump our /system, mount the filesystem data on a Linux box (which we know the root password), copy the unsecure elf under the correct path, and then flash back the modified /system image to our device, all with the original bootloader, without any custom recovery.
Once done, if we run the executable, ta daaan....
If someone wants to get his hands dirty:
Code:
void main()
{
setuid(0);
system("/system/bin/sh");
}
this can be enough!
Anyone...?
I can't find much of any information on hacking the microsoft android emulator. Ideally, I'd like to get it working with superuser, exposed, etc, so it can be a fully functional way to see how android itself and apps work in different environments, all from my desktop. Also, I can just play around with stuff that I wouldn't touch on my tablet for fear of bricking it. I like playing with things.
Disclaimer: I'm not interested in maintaining anything, but as mentioned above, I can't find any information. Therefore, I'm simply posting what information I have here, in the hopes it will interest someone else enough to take a harder look at it. My original post was over here, but I've expanded beyond simply adding supersu to the image.
Things I can't do:
- Install superuser
- Install Xposed
- Install Google Play for anything more recent than KitKat
- Install recovery scripts
Things I can do:
- Run commands as root.
- Install Google Play Services on KitKat
- Change the screen resolution
- Change the amount of internal disk space
- Change the amount of memory and cpu cores available.
- Install busybox
- Flash simple scripts that don't require recent versions of cwm/twrp/other modern recovery.
----------------------------------------
Background information: The Microsoft Android "Emulator" is actually a HyperV virtual machine. When you install it, it enables the HyperV virtualization service in windows*. The effect of this is that instead of running android by emulating an arm processor, it runs android natively, with far better performance, by using Microsoft's hypervisor that's built into windows (win8+). You can work with it with Visual Studio and with Android Studio, but I don't use either much, so I can't help you with that. You can download it from Visual Studio if you want to (VS 2015 is free), or you can download a standalone version. I don't know if there's a difference between the two.
* I'm not sure if it installs the HyperV GUI as well, as I already use HyperV for other things and had it already installed. If you need to do so, you can install the GUI by going to add-remove windows features in the control panel ('appwiz.cpl' from the control panel).
----------------------------------------
Modifying the properties of the emulated system.
Configuration file location: After you create a device, the .cfg file for it will be located in %localappdata%\Microsoft\VisualStudioEmulator\Android\Containers\Local\Devices
To change the resolution: So far, I haven't identified any supported resolutions other than those listed in the device profiles list. So far, supported resolutions that I've used successfully are 480x800, 720x1080. You can edit the .cfg file for the specific device that you want to change the resolution of, and change the `device.screen.resolution=` line to any supported (see previous) resolution.
To change the size of the internal storage, follow the instructions here. You'll need an ubuntu cd; minimal install cd is fine if you have slow internet/computer or low ram.
To change the amount of ram or processors allocated to the virtual machine: Open Hyper-V manager, right-click the appropriate VM and click settings.
- Change the ram allocation by clicking Memory in the list at left. I do not know what happens if you try using Dynamic Memory; if it works, it should be more memory-efficient, but I left that alone. Now update the `device.vm.ram.size=` line in the .cfg file.
- Change the cpu allocation by clicking the Processor field. Please note that if you have hyper-threading, you should only use half your logical processors as cpus; the hyperthreaded 'cores' won't work as well (according to information online; you can check number of logical processors in windows task manager's performance tab). Now update the 'device.vm.cpu.count=' line in the .cfg file
----------------------------------------
Info on "recovery" and "flashing" - Installing google play
So far, I have only managed to get Google Play Services working on KitKat. I can't get it to work on Lollipop or Marshmallow (and haven't tried earlier versions at all); the virtual machine does *not* have a recovery or fastboot because of the way it works, and I haven't figured out any way of installing such. Instead, there's a simple shell file called install_zip.sh. It does not work with modern flashable zips that require TWRP/CWM; it only works with the old style zip designed for a specific architecture. As such, opengapps flashable zips will not work.
To install Google Play Services on KitKat (4.4.4)
1. Inside the emulator, open the browser and go to http://www.teamandroid.com/gapps/ and download the file linked under Gapps CyanogenMod 11.
2. Open the window the the android VM from the Hyper-V Manager to get console access. If you have ADB installed locally, you can use that in the future, but getting the VM's shared IP requires terminal access anyways (run `ip addr` as root inside the emulator to get the list of IPs).
3. Run `adb shell` to get access to the root shell (yes, it's that easy).
4. Run `install_zip.sh /sdcard/Downloads/gapps-kk-20140105-signed.zip` (or whatever the name/path for the downloaded gapps file is).
5. It should complete successfully. Now type exit to exit the adb shell, and close the hyper-v console window (the android emulator will continue running).
6. Click the 'X' at the top right of the Emulator to shut down/close the VM
7. Start the emulator back up. You should now have access to Google Play Services.
----------------------------------------
Busybox
The emulator does not come with a preinstalled copy of busybox. It does come with the android toolbox, but this has only a very minimal amount of commands in it. The instructions below are for installing stericson's busybox.
1. Get a copy of stericson's busybox from somewhere--your personal device, etc, it doesn't matter. The easiest way is to either install it on a real android device and grab it with airdroid (or other), or to use a play store scanner to get it. The file name will probably be something like stericson.busybox.apk.
2. Rename it to .zip so you can access the contents.
3. Extract the busybox-x86.png file from the 'assets' folder inside the zip, and rename it to `busybox`.
4. In the Android Emulator, click the >> button for tools, and click the sdcard header. Choose a folder (a new one on your dekstop will do) and tell it to pull the contents of the sdcard to the folder.
5. Move the busybox file into the Download folder that you just pulled from the sdcard. If you created a folder for this, you can delete it now.
6. Back in the android emulator, push the folder structure back into the sdcard; this will move the busybox onto the emulator.
7. Open the HyperV console for the emulator or open a terminal app in the android emulator (installing it is up to you)
8. Run `adb shell` to get a root prompt.
9. Run `mount -o rw,remount /system` to remount the system partition as writable
10. Run `cp /sdcard/Download/busybox /system/xbin` to copy the busybox binary over
11. Run `chmod 777 /system/xbin/busybox` to make the busybox binary executable.
12. Run `busybox --install /system/xbin` to copy the busybox binary for all the included applets. I think the -s paramter will symlink the applets to the main binary instead, but I'm not sure.
13. Type exit in the adb shell.
14. You can now run busybox commands in the terminal, and use apps that require busybox to be installed.
Now that you have busybox installed, you can use unzip, etc.
----------------------------------------
Hacking the OS itself.
The android emulator uses a VHD file for the disks. I've mounted the vhd file inside an ubuntu server to play with, and discovered several things about the way it works. The first partition is the boot partition, it contains 3 files:
- kernel - the android/linux kernel
- ramdisk - the ramdisk for the root filesystem. gzipped cpio archive.
- cmdline - the kernel parameters(? not sure what to call this)
I've tried modifying the ramdisk to add the init files for the superuser, but this doesn't seem to work properly; when I boot up the vhd file, I can open the console with hyper-v manager (the android emulator machines show up there automatically), and when it gets to the ramdisk, it says so--then the caps/num/scroll lights start flashing and it hangs. I haven't gotten any further than that at this time.