I been looking for an ATT Avail root guide since january, I found this page today and I am wondering if anyone has done this successfully?
if you google "root att avail" it is the top search result link right now and it is at a site called android police.
here is a copy/paste of the article:
New root methods show up all the time, so it's not a huge deal that a rather unknown phone on AT&T is now rooted. So why are we posting about it? Because the root method used is, well... interesting.
It was uncovered by our own Justin Case from TeamAndIRC, and while a big part of the process will look very familiar to some of you, there is one step that induces a wait, what? moment.
Before you get started throwing commands at the little guy, though, you need to grab this file. After that, commence command throwing.
adb shell rm -r /data/local/logs (if this command gives you an error, do not worry, it is precautionary)
adb shell mkdir /data/local/logs
adb shell ln -s /data/local.prop /data/local/logs/loglast1.tar.gz
Dial *983*7668# on your phone. This does a few things, it mounts /system as writable on boot, and creates the loglast1.tar.gz.
Wait about 10 seconds, then continue.
adb shell echo 'ro.kernel.qemu=1' > /data/local.prop (Nod to Rosenberg here)
adb reboot
Once the phone reboots, continue
adb push su /system/xbin/su
adb shell chown 0.0 /system/xbin/su
adb shell chmod 06755 /system/xbin/su
adb shell rm -r /data/local/logs
adb shell rm /data/local.prop
adb shell rm /data/property/persist.sys.ztelog.enable
adb shell rm -r /data/local/rwsystag
Head into the Market and grab the Superuser app.
Done.
Catch that bold part? Looks like someone at ZTE dropped the ball and left seventy-nine developer codes in the retail version of the device. Oops.
Of course, their mistake is your gain. Hell, there's even a code to disable Carrier IQ: *983*24737#. Enter the code, ???, profit.
While this is definitely an unusual and unique find, it's also quite dangerous. This means that any app can mount the system as writable and, from there, basically control everything. As a result, JCase contacted ZTE to let them know of their oversight.
Click to expand...
Click to collapse
if someone could let me know if this is legit, that would be a fantasticism.
yes that is legit.
see my thread:
http://forum.xda-developers.com/showthread.php?t=1437032
Jcase broke it, the loon created a batch file to make it easier
http://forum.xda-developers.com/showpost.php?p=21627136&postcount=37
thats the last version of the batch file
Cool, thanks, for some reason I cannot connect to my avail via usb, I have it in developer mode and unknown sources checked, I ran adb devices command and it does not find my phone and when I try to run or debug in eclipse it does not find my phone there either.
I used it, and now have root. I wish all phones were this easy to root.
Related
Okay, this was my first time trying to root my phone and it would figure that non of the automated methods worked for me. Still, I was able to get root on my US Cellular Samsung Galaxy S Mesmerize (SCH-i500 for the kids keeping track at home) and these are the steps that I took. I hope this helps others who may be scratching their head wondering what to do when the developers haven't gotten around to (read: forsaken) us.
The nice thing about this method is that it doesn't require Windows (though you still do download SuperOneClick).
NOTE: This is only for an officially updated Mesmerize. Rooting is unnecessary for the leaked version.
APOLOGY: I can't post any links to anything outside the forum as I am a newer member, so, sorry for not being able to post URLs.
1. Download the Android SDK from the Android developer website and install/unzip it. You may need to add the path to the adb tool (found under platform-tools for me) to your PATH variable.
2. Download the SuperOneClick tool and unzip it
3a. If you are using Windows, then make sure to install the drivers for your phone. I don't have Windows, so don't ask me which file to download. Sorry.
3b. Enable USB Debugging on your phone (Settings->Applications->Development->Check "USB Debugging").
4. Connect your phone to your computer using the USB cable
5. Open a shell (or command prompt on Windows) and change directories to where you unzipped SuperOneClick
6. Run the following commands to copy files to your device
A. adb push psneuter /data/local/tmp/psneuter
B. adb push busybox /sdcard/busybox
C. adb push su-v2 /sdcard/su
NOTE: A quick note of each of these files.
A. psneuter - an exploit to gain root access temporarily on your phone
B. busybox - a compilation of common unix commands to help you along the CLI world
C. su - the super-user command used to gain elevated privileges
7. Run the following command to get a command line interface to your device
adb shell
At this point, you should see a $ prompt indicating that you are on your phone.
From here, you will change directories to where you put the exploit, change the permissions so you can run it, copy over the files that we need to sustain root access, and finally, install the Superuser.apk app so that you can manage root access from the UI.
Execute the following commands:
$ cd /data/local/tmp
$ chmod 777 psneuter
$ ./psneuter
Here, you will be disconnected from your device. This is normal. Just run "adb shell" again to get back in, though now, you will notice that the prompt has changed to a #. The following commands will reflect that.
# mount -t rfs -o remount,rw /dev/block/st19 /system
# cd /system/xbin
# cat /sdcard/busybox > busybox
# cat /sdcard/su > su
# chmod 4755 busybox
# chmod 4755 su
# exit
Now, you will be back on your computer. Type the following to install the Superuser.apk app.
adb install Superuser.apk
That should do it! You now have root access. Go ahead and try to install Titanium Backup (requires root). You can also install a terminal app or anything else.
I hope this helps. Report your successes/failures in the comments.
Has anyone begun working on rooting and customizing roms yet? I know the device isn't out for a week or so but I would figure I would ask. My vibrant I so much better rooted and I wanted the same experience on this sidekick.
Sent from my SGH-T839 using XDA App
Wreximus said:
Has anyone begun working on rooting and customizing roms yet? I know the device isn't out for a week or so but I would figure I would ask. My vibrant I so much better rooted and I wanted the same experience on this sidekick.
Sent from my SGH-T839 using XDA App
Click to expand...
Click to collapse
i wish i knew how to do this, but if i can't figure it out, i'm sure others will soon.
Just got mine last night. The usual Samsung trick with rageagainstthecage-arm5.bin works great.
abliss said:
Just got mine last night. The usual Samsung trick with rageagainstthecage-arm5.bin works great.
Click to expand...
Click to collapse
Oh really? Cool. So far all I've used is one-click root for the Samsung Epic.... is this similar? I'll check it out, thanks!
Has anyone tried using SuperOneClick yet?? I will probably try in a bit and post back with my results..
Ok... well I didn't try SuperOneClick, but I did root it via the rageagainstthecage exploit...
Want to help me do the exploit on my SK4G to root it man ?
Give me instructions ?!
I got it working on mine too. The basic steps were
1) enable debug USB mode on your phone
2) install Samsung drivers for the phone - right now Samsung's site seems to not have a choice for the Sidekick 4G's model (SGH-T839), but I grabbed the drivers for the Vibrant (at www .samsung.com/us/support/downloads/SGH-T959ZKDTMB) and they worked.
3) get adb shell working on your PC (Google it)
4) download the rageagainstthecage-arm5.bin and Superuser packages from the links in this page: wiki.cyanogenmod.com/index.php?title=HTC_Hero_%28CDMA%29:_Full_Update_Guide (be sure to unzip the files into the directory where your adb.exe program is unless you've put it in your path)
5) reboot your phone and plug it in
6) adb push rageagainstthecage-arm5.bin /data/local/tmp
7) adb shell
8) cd /data/local/tmp
9) chmod 755 rageagainstthecage-arm5.bin
10) ./rageagainstthecage-arm5.bin
11) wait until you get booted back out to your DOS command prompt
12) adb kill-server
13) adb start-server
14) adb shell
15) you should now be at a # prompt. The first few times I tried, I wasn't - I was at $. Doing this from a fresh boot seemed to be the trick. Reboot your phone and try again if you're getting a $.
16) mount -o remount,rw /dev/block/stl9 /system
17) exit
18) adb push su /system/xbin
19) adb shell chmod 4755 /system/xbin/su
20) adb push Superuser.apk /system/app
21) adb shell mount -o remount,ro /dev/block/stl9 /system
22) exit
23) reboot the phone then run an app that requests root, such as Root Explorer, to verify
(p.s. sorry for having to mangle the URL's above, XDA won't let me include links since I haven't posted 8 times yet)
josby said:
16) mount -o remount,rw /dev/block/st19 /system
18) adb push su /system/xbin
19) adb shell chmod 4755 /system/xbin/su
20) adb push Superuser.apk /system/app
21) adb shell mount -o remount,ro /dev/block/st19 /system
Click to expand...
Click to collapse
Just to note, on step 16 and 21... it is /dev/block/stl9 rather than st19
Also, after step 20, I had to run the following commands for the superuser application to grant root privledges to applications..
adb shell echo "root::0:0:root:/data/local:/system/bin/sh" > /etc/passwd
adb shell echo "root::0:" > /etc/group
Awesome to see it being rooted so fast.
I'm really interesting in getting this phone but I'm not in the US. Does anyone know if the phone will work outside US?
brenix said:
Just to note, on step 16 and 21... it is /dev/block/stl9 rather than st19
Click to expand...
Click to collapse
Dang, good catch, thanks. That's what I get for not copying and pasting from my terminal window...stupid, since I was just chastising two people at work for making the same mistake yesterday. I've edited the original post to prevent problems for people who might start before reading the entire thread.
Interesting about having to create a passwd and group file...I've only run a few root apps so far, but they've worked without me doing this. I wonder if it's app-specific.
Now to start removing some of the damn bloatware this thing comes with!
19) adb shell chmod 4755 /system/xbin/su
i get stuck on there it says unable to chmod no such file or directory . there's SU in my android-sdk/tools
i'm so glad this thing got rooted. i used to be a scene kid with a kick. i dont have this phone, i doubt i'm going to get this phone considering the sensation is droppin soon.... but for nostalgia purposes, i'm glad it got rooted. now you can really hack it!!!
not like the old ones!!
Good looking out...I rooted mine earlier today. What version of Clockworkmod Recovery are you all using?
fawkReviewz said:
19) adb shell chmod 4755 /system/xbin/su
i get stuck on there it says unable to chmod no such file or directory . there's SU in my android-sdk/tools
Click to expand...
Click to collapse
Double-check your step 18...that's the step that copies the su file from your computer onto the phone. I forget the exact output format, but it shows you a Kb/second number of how fast the file transfer went when it finishes successfully.
droctii said:
Good looking out...I rooted mine earlier today. What version of Clockworkmod Recovery are you all using?
Click to expand...
Click to collapse
I'm not brave enough to try putting the ClockworkMod for one of the Samsung devices on the list onto mine, for fear of bricking it. Don't know enough about that works as far as hardware differences go.
I have removed the APK's listed below from /system/app with no apparent ill-effects. Not that YOU should remove them necessarily - just that they're things I don't have a need for:
AccountAndSync.apk
AmazonMp3.apk
AppPack.apk
DriveSmart.apk
DriveSmartHelper.apk
install_flash_player.apk
LiveWallpapers.apk
LiveWallpapersPicker.apk
Memo.apk
MiniDiary.apk
MobileBackup.apk
MyFiles.apk
PhoneSetupWizard.apk
Twitter-2.0.1-121.apk
vvm-signed.apk
Though there must be something I don't fully understand, because even after a reboot, Amazon MP3 and AppPack are still on my phone, and they still work.
FYI, don't remove Settings.apk - I got stuck in a loop where the launcher kept crashing then reloading itself (thank goodness I was able to put it back in place with adb).
Can anyone tell me if Setcpu works for them?
Ace42 said:
Can anyone tell me if Setcpu works for them?
Click to expand...
Click to collapse
Appears to work fine.. no crashes although the Max Hz is 1000. U can still raise the Min Hz.
Sent from my Nexus S using XDA App
Can someone post a full:
ls of / and /dev/block and /efs
Thanks
Will this phone get a proper sub-forum on xda?
Okay, So I have a Samsung Admire running 2.3.4 and has a kernel of 2.6.35.7. Purchased 3 weeks ago. I rooted the phone and within a day I had lost the ability to make or receive calls. the phone app crashes every time.and I thought that I had deleted some vital file and thus ruined the phone. After a couple days and nights reading and experimenting I believe that that changing the screen density with Rom Toolbox from 160 to 167 is causing the app to fail. Now the problem is my inability to get rooted again, after resetting back to factory. Nothing I have tried will work and what may, seems baffling. I tried multiply times the original method that was successful, Admire_Root_Windows, Super one click, I tried running both from the SD card, I even downloaded a handful of Android Development programs because I read somewhere that I had to, I'm desperate here. I even came across this :
This was successful with: (I bought the phone 3 days ago)
Android: 2.3.4
Kernel: 2.6.35.7
You need a copy of su, and superuser. (If you have superone click, its all there, just run it adb from that directory)
adb shell "rm /data/log/dumpState_app_native.log 2>/dev/null"
adb shell "ln -s /data/local.prop /data/log/dumpState_app_native.log 2>/dev/null"
adb shell "app_process /dev/null"
REM This command may take a while.
adb shell "echo "ro.kernel.qemu=1" > /data/local.prop 2>/dev/null"
adb reboot
REM Device vibrates (kinda pulses) This is good.
adb wait-for-device
adb shell "rm /data/local.prop 2>/dev/null"
adb shell "rm /data/log/dumpState_app_native.log 2>/dev/null"
adb remount
Thats it, your device is rooted. Now to install the goodies...
adb push su /system/xbin/su
adb shell "chmod 4755 /system/xbin/su"
adb shell "ln -s /system/xbin/su /system/bin/su"
adb install Superuser.apk
Now, before anything else happens, I was having issues with full root. (Root checker claimed everything was fine.. titanium backup worked, but could not remove some crapware..) so at this point, you can go into /system/app and remove the Metro apks. I'd recommend clearing Dalvik cache after you're done as well.
adb reboot
That looks great but there are no instructions and in where does that get typed?
I will have to go buy another at some point tomorrow if I dont get this phone fixed. All I need to do is change the screen res back to 160 and I "think" it will be fine. Everything else runs like a champ. BTW, I do have a LG Optimus T / LG P509 running 2.2. maybe I can use it to fix the other. It's inactive and I have no plans to call tmobile and have it turned on. Please make your answers as though you are dealing with someone who's had a lobotomy, seriously.
How can I reroot?
Thanks,
Zeke
Well...Never mind, I managed to get it figured out...
Thanks,
Zeke
i tried a few ways to root my atrix 2 but i cant. I tried super one click, lazy one click (or however its called) and i cant root it i have a mac someone help! is there another way to root the atrix 2?
I heard there was an app that can do it too. Its in this forum somewhere.
I used the manual method on my Mac with no issues, did it twice actually.
What error messages are you getting?
I'll be home in about 15 mins and I can help further
Sent from my MB865 using Tapatalk
If all else fails, you could always reflash the fkz's, than try to root again, but the problem here is that you have a mac. Perhaps borrow a friends pc, or install Windows through bootcamp. (I wouldn't recommend a Virtual Machine though).
OK so if you used a root tool in the first place then I assume that-
-You have adb set up
-You have the necessary files to push (zerg, su, superuser.apk)
If you have no idea of what I'm talking about then just look around the folders of the root tools and you'll find them.
OK, here's what you have to do:
1. Open up a terminal.
2. CD (change directory) to where you have the necessary files located, ex. "cd ~/Desktop/" if they're on the desktop
3. Enter the following commands (one line at a time):
Code:
adb shell
cd /data/local
rm ./temp/*
exit
This removes temporary files created by the root exploit.
4. Now enter these commands (again, one at a time)
Code:
adb push zerg /data/local
adb push su /data/local
adb push Superuser.apk /data/local
adb shell
cd /data/local
chmod 777 zerg
./zerg
adb shell
mount -o rw,remount /dev/null /system
cat /data/local/su > /system/bin/su
cat /data/local/Superuser.apk > /system/app/Superuser.apk
chmod 4755 /system/bin/su
chmod 4755 /system/app/Superuser.apk
reboot
I hope you understand this... good luck getting complete root.
thread moved to general forum
If you find a specific android app that can do this for you and you can post it in the OP, I will gladly move it down to its original location. Until there, it doesnt belong in the app and themes forums.
What's your android version ?
Deliberate said:
I heard there was an app that can do it too. Its in this forum somewhere.
Click to expand...
Click to collapse
Unfortunately that app seems to have only been in the market and was recently removed... I tried looking for it today. Please correct me if I'm wrong!
jpumford said:
Unfortunately that app seems to have only been in the market and was recently removed... I tried looking for it today. Please correct me if I'm wrong!
Click to expand...
Click to collapse
You're correct, the app was written by an author who made it just to make money... he never even tested it. He took it down because it didn't work.
Most important question of all here: What OS are you running on your Mac?
If you're running 2.3.6 you can't root yet. You need to downgrade to 2.3.5
Update: Friday November 2nd 2012
Fixed a bad upload of the su file, must of become corrupt sorry.
Silly permission bug again, but w/e. LG should know better, from what I am told this is a recently released device. This is a long standing known issue. Lg get your sh*t together.
Directions:
unzip su.zip into the current path (directory) you are in.
adb shell
(while in adb shell)
rm /data/local/tmp/profile_calib_m
ln -s /data/local.prop /data/local/tmp/profile_calib_m
exit
adb reboot
adb wait-for-device shell
(once in the adb shell again)
echo 'ro.kernel.qemu=1' > /data/local.prop
rm /data/local/tmp/profile_calib_m
exit
adb reboot
adb wait-for-device remount
adb push su /system/xbin/su
adb shell chown 0.0 /system/xbin/su
adb shell chmod 6755 /system/xbin/su
adb shell rm /data/local.prop
adb reboot
Once rebooted install superuser from the market:
https://play.google.com/store/apps/details?id=com.noshufou.android.su
As usual thanks for all your work for this GREAT community!!! :good:
Thanks for letting me watch you work & getting root for my wife's phone.
Edit: DroidHost of Androidarea51.com has made a OneClick for this phone using Jcase's root. it also installs a recovery & Superuser all at the same time.
androidarea51.com/***-all-things-
root-***-174/
Help Me Please
what do you do when it says permission denied or not permitted when waiting for device, remounting, or pushing su?
lol now all we need is someone to write different roms :>
cyanogen would be nice :> lol
thank you for rooting this phone :>
jcase, i pmd you i need help please
TechManPro said:
what do you do when it says permission denied or not permitted when waiting for device, remounting, or pushing su?
Click to expand...
Click to collapse
run adb shell
make sure your prompt is a # not a $. If it is a $ start over, if it is a # make sure you run adb remount.
jbach44 said:
lol now all we need is someone to write different roms :>
cyanogen would be nice :> lol
thank you for rooting this phone :>
Click to expand...
Click to collapse
No problem.
You actually left out a step. In order to push su to the phone you have to adb remount -o rw. Otherwise it is a read-only filesystem and it cannot be pushed to the phone. Most people would probably get this, but the novices who end up with bricked phones will be angry.
Great work!
iliekandroid said:
You actually left out a step. In order to push su to the phone you have to adb remount -o rw. Otherwise it is a read-only filesystem and it cannot be pushed to the phone. Most people would probably get this, but the novices who end up with bricked phones will be angry.
Great work!
Click to expand...
Click to collapse
Actually no, you are incorrect.
adb remount without the additional parameters is correct, and not possible of bricking a phone with adb remount. No novice would be angry, because there is not possible brick from this guide, as long as it is followed.
I got the LG for my daughter (13 going on 30), and now it works fine. Thanks jcase.
Did not unlock my lgl35g
Yes I am a Noob... nobody likes me
I have exhausted every resource that I could find on this phone. I thought that this post was the answer to my problem, however it did not seem to help at all. Everything seemed as if it was working fine as I went step by step through the process. However, I rebooted my phone and there is no difference then when I started. The "su.zip" file enclosed in this post was not able to extract into the directory of my ADB client. It kept saying root already existed, but I was unable to see it in windows explorer? Is this "su.zip" a modified version of a pre-existing file in the SDK kit? I really need to unlock this phone so that I can clean up the junk. Any help would be greatly appreciated.
jcase said:
Update: Friday November 2nd 2012
Fixed a bad upload of the su file, must of become corrupt sorry.
Silly permission bug again, but w/e. LG should know better, from what I am told this is a recently released device. This is a long standing known issue. Lg get your sh*t together.
Directions:
unzip su.zip into the current path (directory) you are in.
adb shell
(while in adb shell)
rm /data/local/tmp/profile_calib_m
ln -s /data/local.prop /data/local/tmp/profile_calib_m
exit
adb reboot
adb wait-for-device shell
(once in the adb shell again)
echo 'ro.kernel.qemu=1' > /data/local.prop
rm /data/local/tmp/profile_calib_m
exit
adb reboot
adb wait-for-device remount
adb push su /system/xbin/su
adb shell chown 0.0 /system/xbin/su
adb shell chmod 6755 /system/xbin/su
adb shell rm /data/local.prop
adb reboot
Once rebooted install superuser from the market:
Click to expand...
Click to collapse
anyone know of a way to SIM unlock this device? I have AT&T and would like to use it om there, i bought it for $30 on clist thinking net 10 would work with an AT&T SIM but was wrong, any help would be appreciated...
anyone know of a way to SIM unlock this device? I have AT&T and would like to use it om there, i bought it for $30 on clist thinking net 10 would work with an AT&T SIM but was wrong, any help would be appreciated...
Click to expand...
Click to collapse
What is weird about that is i put the sim in a iphone and it worked just fine!!! Best bet would be ebay for unlock...
I have the Net10 one that I put a Straight Talk SIM in with no problems if I can get my hands on a AT&T SIM today I'll check it out.
---------- Post added at 07:39 AM ---------- Previous post was at 07:34 AM ----------
NateDoggTN said:
Yes I am a Noob... nobody likes me
I have exhausted every resource that I could find on this phone. I thought that this post was the answer to my problem, however it did not seem to help at all. Everything seemed as if it was working fine as I went step by step through the process. However, I rebooted my phone and there is no difference then when I started. The "su.zip" file enclosed in this post was not able to extract into the directory of my ADB client. It kept saying root already existed, but I was unable to see it in windows explorer? Is this "su.zip" a modified version of a pre-existing file in the SDK kit? I really need to unlock this phone so that I can clean up the junk. Any help would be greatly appreciated.
:
Click to expand...
Click to collapse
Did you push the su binary file or the whole folder? If you pushed the whole folder you will have to remove the directory & start over.
how to run root
Sorry for sounding like a noob, but I am...when it comes to LG. im trying to root my homies LG optimus logic but im not sure where to run the command from. if some one could help me out on to where the zip should actullay be placed and unziped to that would be a big help, thanks. and if there is a thread already for this please hook up a link.
thanks
thanks mate for this
i appreciate your time.
Anyone know of a rooted ROM
I have looked all over, but it doesn't look like a dev has created a ROM for this device. Has anyone come across one? If I knew programming I would give it a shot, but it's a mystery to me. I know that CyanogenMod 9 for the L3 (e400) works, but there is a problem with the radios, hence no cellular, wifi, or bluetooth.
Source code......
http://www.lg.com/global/support/opensource/opensource-detail.jsp
http://forum.xda-developers.com/showthread.php?p=34104009
This guy had some success with CM9, but no radio. Anyone know how to extract the radio? I've never built a rom, but this is tempting.