I'm actually waiting for my new HTC One X and I want to root it without going over htcdev and unlocking the bootloader. So I found this:
modaco.com/topic/353986-testing-rooting-your-one-x-without-unlocking-the-bootloader-windows-mac-linux/
In the comments you can see that it's not working with S-On
So rewrote it:
Download the files from: modaco.com/topic/353986-testing-rooting-your-one-x-without-unlocking-the-bootloader-windows-mac-linux/
And for Mac you need 2 Scripts.
Replace "root-mac.sh" with this
echo "HTC One X Tegra 3 Root Script"
echo "Don't touch the device or unplug while rooting!"
echo "Push files"
chmod +x ./adb-mac
./adb-mac kill-server
./adb-mac wait-for-device
./adb-mac push busybox /data/local/busybox
./adb-mac push su /data/local/su
./adb-mac push Superuser.apk /data/local/Superuser.apk
./adb-mac shell "chmod 777 /data/local/busybox"
./adb-mac shell "chmod 755 /data/local/su"
./adb-mac shell "chmod 755 /data/local/Superuser.apk"
./adb-mac shell "mv /data/tigps/aiding /data/tigps/aiding.old"
./adb-mac shell "ln -s /data /data/tigps/aiding"
./adb-mac shell "cat /etc/vold.fstab > /etc/vold.fstab.old"
./adb-mac shell "echo ro.kernel.qemu=1 > /etc/vold.fstab"
echo "Rebooting..."
./adb-mac reboot
echo "Wait until your device has booted up! Then run root-mac2.sh"
and create a new file called "root-mac2.sh" with the following code
echo "HTC One X Tegra 3 Root Script2"
echo "Don't touch the device or unplug while rooting!"
echo "Remounting..."
chmod +x ./adb-mac
./adb-mac kill-server
./adb-mac wait-for-device
./adb-mac shell "mount -wo remount rootfs /"
./adb-mac shell "mount -o remount,rw -t ext4 /dev/block/mmcblk0p12 /system"
echo "Getting files ready..."
./adb-mac shell "cat /data/local/busybox > /system/xbin/busybox"
./adb-mac shell "chmod 777 /system/xbin/busybox"
./adb-mac shell "/system/xbin/busybox --install -s /system/xbin"
./adb-mac shell "busybox cp /data/local/Superuser.apk /system/app/Superuser.apk"
./adb-mac shell "busybox cp /data/local/su /system/xbin/su"
./adb-mac shell "chown 0.0 /system/xbin/su"
./adb-mac shell "chmod 06755 /system/xbin/su"
./adb-mac shell "chmod 644 /system/app/Superuser.apk"
./adb-mac shell "rm /etc/vold.fstab"
./adb-mac shell "mv /etc/vold.fstab.old /etc/vold.fstab"
./adb-mac shell "rm /data/tigps/aiding"
./adb-mac shell "mv /data/tigps/aiding.old /data/tigps/aiding"
echo "Done! Rebooting..."
./adb-mac reboot
I'm not responsible for any damage. But it should work!
Can someone test it? The problem is I don't have a HTC One X yet
If you actually read the thread you linked, you would know already that this doesn't work.
Related
hi guys,i'm working for make a rom kitchen for our sg3 those days
it's 40% done,but i have some troubles
i can't root via this script,can you help me?
this is my code:
Code:
adb push .\root\rageagainstthecage /data/local/tmp/rageagainstthecage
adb push .\root\Superuser.apk /data/local/tmp/Superuser.apk
adb push .\root\su /data/local/tmp/su
adb push .\root\busybox /data/local/tmp/busybox
adb shell chmod 755 /data/local/tmp/busybox
adb shell chmod 755 /data/local/tmp/rageagainstthecage
adb shell "/data/local/tmp/rageagainstthecage"
adb kill-server
adb start-server
adb -d shell "mount -o remount,rw /dev/block/stl9 /system"
adb push .\root\su /system/bin/su
adb push .\root\busybox /system/bin/busybox
adb push .\root\sqlite3 /system/bin/sqlite3
adb push .\root\Superuser.apk /system/app/
adb shell "/system/bin"
adb -d shell "chmod 4755 su"
adb -d shell "chmod 4755 busybox"
adb -d shell "chmod 4755 sqlite3"
maybe it's complicate, i tried many times to mod it,but no result.
i run it ,it goes to
adb -d shell "mount -o remount,rw /dev/block/stl9 /system"
this line ,says ‘mount :operation not permitted ’
and it still $ instead of #
i do not know where the problem is ...
plz help me
hi pls their are two tutorials on this subject pls ask ur question in one of the threads
CLOSED
and my base version is ZHJPF
i think u need to su to remount system as rw.
Hi,
I found a nice exploit for Xperia which works fine for Nexus one too ( the DooMLoRD exploit ).
I modified the script to flash the recovery without unlocking the bootloader, so you can flash the rom you like
The exploit works fine on Nexus one 2.3.4 GRJ22 with stock rom and locked bootloader, if you don't have a nexus one:
- remplace files/recovery.img with the right one!
- modify the line in script with the right system partition path.
here's the linux script to do the trick :
2shared.com/file/4uu5h2NH/zergRush_automated_Linux_roott.html
i'm sure someone will port it to windows
NB : backup data, and apps, when you flash a new rom, all data are deleted ( except SD Card).
Automatic installation using the script :
tar -xjvf zergRush_automated_Linux_root.tar.bz2
cd zergRush_automated_Linux_root/
chmod a+x runme-linux
sudo ./runme-linux
Manual installation :
tar -xjvf zergRush_automated_Linux_root.tar.bz2
cd zergRush_automated_Linux_root/
./files/adb kill-server
./files/adb wait-for-device
./files/adb shell rm -r /data/local/tmp
./files/adb shell mkdir /data/local/tmp
./files/adb push ./files/zergRush /data/local/tmp/
./files/adb shell chmod 755 /data/local/tmp/zergRush
./files/adb shell /data/local/tmp/zergRush
./files/adb wait-for-device
./files/adb push ./files/busybox /data/local/tmp
./files/adb shell chmod 755 /data/local/tmp/busybox
./files/adb shell /data/local/tmp/busybox mount -o remount,rw /system
./files/adb push files/busybox /system/xbin
./files/adb shell chown root.shell /system/xbin/busybox
./files/adb shell chmod 04755 /system/xbin/busybox
./files/adb shell /system/xbin/busybox --install -s /system/xbin
./files/adb shell rm -r /data/local/tmp/busybox
./files/adb push ./files/su /system/bin/su
./files/adb shell chown root.shell /system/bin/su
./files/adb shell chmod 06755 /system/bin/su
./files/adb shell rm /system/xbin/su
./files/adb shell ln -s /system/bin/su /system/bin/su
./files/adb push files/Superuser.apk /system/app/
./files/adb shell rm -r /data/local/tmp
./files/adb push files/flash_image /data/flash_image
./files/adb shell chmod 755 /data/flash_image
./files/adb push files/recovery.img /data/recovery.img
./files/adb shell /data/flash_image recovery /data/recovery.img
./files/adb shell rm /data/flash_image
./files/adb reboot recovery
In less than a minute, your phone will reboot to amonRA recovery, flash the rom you want, and Enjoy!
This was missing in all batch files I stumbled on. As I have not posted 10 times I thought to place it here to increase awareness.
http://forum.xda-developers.com/showpost.php?p=21308895&postcount=53
So correct batch file is:
Code:
@echo ---------------------------------------------------------------
@echo Easy rooting toolkit for Transformer Prime!
@echo Script by Max Lee from TransformerPrimeRoot.com
@echo Credits go to XDA users sparkym3 and Dan Rosenburg for exploit.
@echo ---------------------------------------------------------------
@echo [*] This script will:
@echo (1) root your Transformer Prime on ICS
@echo (2) install Busybox
@echo (3) install SU files
@echo [*] Before u begin:
@echo (4) Make sure to read full instructions at TransformerPrimeRoot.com!
@echo ---------------------------------------------------------------
@echo CONFIRM ALL THE ABOVE THEN
@echo Please hit Enter when ready.
@pause
@echo Rooting...
@adb wait-for-device
@echo Start Rooting...
@adb shell mv /data/local/tmp /data/local/tmp.bak
@adb shell ln -s /data /data/local/tmp
@adb reboot
@echo reboot #1 - DO NOT DISCONNECT YOUR DEVICE!
@PING 1.1.1.1 -n 1 -w 5000 >NUL
@adb wait-for-device
@adb shell rm /data/local.prop
@adb shell "echo \"ro.kernel.qemu=1\" > /data/local.prop"
@adb reboot
@echo reboot #2 - DO NOT DISCONNECT YOUR DEVICE!
@PING 1.1.1.1 -n 1 -w 5000 >NUL
@adb wait-for-device
@adb remount
@PING 1.1.1.1 -n 1 -w 1000 >NUL
@adb push su /system/bin/su
@adb shell "chown root.shell /system/bin/su"
@adb shell "chmod 06755 /system/bin/su"
@adb shell "rm /system/xbin/su"
@adb shell "ln -s /system/bin/su /system/xbin/su"
@adb push Superuser.apk /system/app/.
@adb shell rm /data/local.prop
@adb shell rm /data/local/tmp
@adb shell mv /data/local/tmp.bak /data/local/tmp
@adb push busybox /data/local/tmp/.
@adb shell "chmod 755 /data/local/tmp/busybox"
@adb shell "/data/local/tmp/busybox mount -o remount,rw /system"
@adb shell "dd if=/data/local/tmp/busybox of=/system/xbin/busybox"
@adb shell "chown root.shell /system/xbin/busybox"
@adb shell "chmod 04755 /system/xbin/busybox"
@adb shell "/system/xbin/busybox --install -s /system/xbin"
@adb shell "rm -r /data/local/tmp/busybox"
@echo rebooting
@adb reboot
@echo All Done rooting Transformer Prime, check out TransformerPrimeRoot.com for more cool stuff!
@pause
Hi sparkym3,
I'm not able to reply your post "[ROOT] TPSparkyRoot - ICS' so I created a new post here.
I had successfully rooted my Star N8000 phone using the below script with busybox, Superuser and RootExplorer installed.
Root
====
echo off
cls
adb shell mv /data/local/tmp /data/local/tmp.bak
adb shell ln -s /data /data/local/tmp
adb reboot
echo Rebooting (1/3) - Continue once device finishes rebooting
pause
adb shell rm /data/local.prop > nul
adb shell "echo \"ro.kernel.qemu=1\" > /data/local.prop"
adb reboot
echo Rebooting (2/3) - Continue once device finishes rebooting
pause
adb shell id
echo If the id is 0 / root then continue, otherwise ctrl+c to cancel and start over
pause
adb remount
adb push su /system/bin/su
adb shell chown 0.0 /system/bin/su
adb shell chmod 06755 /system/bin/su
adb push busybox /system/bin/busybox
adb shell chown 0.0 /system/bin/busybox
adb shell chmod 0755 /system/bin/busybox
adb push Superuser.apk /system/app/Superuser.apk
adb shell chown 0.0 /system/app/Superuser.apk
adb shell chmod 0644 /system/app/Superuser.apk
adb push RootExplorer.apk /system/app/RootExplorer.apk
adb shell chown 0.0 /system/app/RootExplorer.apk
adb shell chmod 0644 /system/app/RootExplorer.apk
echo Removing changes except ROOT
adb shell rm /data/local.prop
adb shell rm /data/local/tmp
adb shell mv /data/local/tmp.bak /data/local/tmp
adb reboot
echo Rebooting (3/3) - You should now be Rooted
pause
echo on
***My question is if I want to unroot my Star N8000 phone, I will need to remove the su, busybox, Superuser and RootExplorer from my phone system.
So, the new script should as below. Please help to verify and let me know whether this is correct.
Thanks in advance.
UNRoot
======
echo off
cls
adb shell mv /data/local/tmp /data/local/tmp.bak
adb shell ln -s /data /data/local/tmp
adb reboot
echo Rebooting (1/3) - Continue once device finishes rebooting
pause
adb shell rm /data/local.prop > nul
adb shell "echo \"ro.kernel.qemu=1\" > /data/local.prop"
adb reboot
echo Rebooting (2/3) - Continue once device finishes rebooting
pause
adb shell id
echo If the id is 0 / root then continue, otherwise ctrl+c to cancel and start over
pause
adb remount
adb shell rm /system/xbin/su
adb shell rm /system/xbin/busybox
adb shell rm /system/xbin/Superuser.apk
adb shell rm /system/xbin/RootExplorer.apk
echo Removing changes except ROOT
adb shell rm /data/local.prop
adb shell rm /data/local/tmp
adb shell mv /data/local/tmp.bak /data/local/tmp
adb reboot
echo Rebooting (3/3) - You should now be UNRooted
pause
echo on
rayxware said:
Hi sparkym3,
I'm not able to reply your post "[ROOT] TPSparkyRoot - ICS' so I created a new post here.
I had successfully rooted my Star N8000 phone using the below script with busybox, Superuser and RootExplorer installed.
Root
====
echo off
cls
adb shell mv /data/local/tmp /data/local/tmp.bak
adb shell ln -s /data /data/local/tmp
adb reboot
echo Rebooting (1/3) - Continue once device finishes rebooting
pause
adb shell rm /data/local.prop > nul
adb shell "echo \"ro.kernel.qemu=1\" > /data/local.prop"
adb reboot
echo Rebooting (2/3) - Continue once device finishes rebooting
pause
adb shell id
echo If the id is 0 / root then continue, otherwise ctrl+c to cancel and start over
pause
adb remount
adb push su /system/bin/su
adb shell chown 0.0 /system/bin/su
adb shell chmod 06755 /system/bin/su
adb push busybox /system/bin/busybox
adb shell chown 0.0 /system/bin/busybox
adb shell chmod 0755 /system/bin/busybox
adb push Superuser.apk /system/app/Superuser.apk
adb shell chown 0.0 /system/app/Superuser.apk
adb shell chmod 0644 /system/app/Superuser.apk
adb push RootExplorer.apk /system/app/RootExplorer.apk
adb shell chown 0.0 /system/app/RootExplorer.apk
adb shell chmod 0644 /system/app/RootExplorer.apk
echo Removing changes except ROOT
adb shell rm /data/local.prop
adb shell rm /data/local/tmp
adb shell mv /data/local/tmp.bak /data/local/tmp
adb reboot
echo Rebooting (3/3) - You should now be Rooted
pause
echo on
***My question is if I want to unroot my Star N8000 phone, I will need to remove the su, busybox, Superuser and RootExplorer from my phone system.
So, the new script should as below. Please help to verify and let me know whether this is correct.
Thanks in advance.
UNRoot
======
echo off
cls
adb shell mv /data/local/tmp /data/local/tmp.bak
adb shell ln -s /data /data/local/tmp
adb reboot
echo Rebooting (1/3) - Continue once device finishes rebooting
pause
adb shell rm /data/local.prop > nul
adb shell "echo \"ro.kernel.qemu=1\" > /data/local.prop"
adb reboot
echo Rebooting (2/3) - Continue once device finishes rebooting
pause
adb shell id
echo If the id is 0 / root then continue, otherwise ctrl+c to cancel and start over
pause
adb remount
adb shell rm /system/xbin/su
adb shell rm /system/xbin/busybox
adb shell rm /system/xbin/Superuser.apk
adb shell rm /system/xbin/RootExplorer.apk
echo Removing changes except ROOT
adb shell rm /data/local.prop
adb shell rm /data/local/tmp
adb shell mv /data/local/tmp.bak /data/local/tmp
adb reboot
echo Rebooting (3/3) - You should now be UNRooted
pause
echo on
Click to expand...
Click to collapse
This is doing way to much extra while unrooting. Since you would already have root by this point, you can just call su to do all the removes and then remove su last. This can be done from adb or any root file explorer like es file explorer (which will also allow you to mount the file system).
Sent from my ASUS Transformer Pad TF700T using Tapatalk 2
Can someone convert this adb shell code in an updater-script code?
Code:
@files\adb shell "su -c 'busybox mount -o remount,rw /system'"
@files\adb shell "su -c 'busybox mount | grep system'"
@files\adb shell "su -c 'chmod 0777 /system/etc/install-recovery.sh'"
@files\adb shell "su -c 'chown root.shell /system/etc/install-recovery.sh'"
@files\adb shell "su -c 'chmod 0755 /system/bin/sysinit'"
@files\adb shell "su -c 'chown root.shell /system/bin/sysinit'"
@files\adb shell "su -c 'chmod 0777 /system/xbin/run-parts'"
@files\adb shell "su -c 'chown root.shell /system/xbin/run-parts'"
@files\adb shell "su -c 'chmod 0777 /system/etc/init.d/'"
@files\adb shell "su -c 'chmod 0777 /system/etc/init.d/*'"
@files\adb shell "su -c 'chown root.root /system/etc/init.d/'"
mount("(the file system for /system. ie: ext3, ext4, fat)", "(Probably EMMC)", "/dev/block/(the block name for your partition)", "/system");
/system/etc/install-recovery.sh
set_perm(0, 2000, 06777, "/system/etc/install-recovery.sh");
Yada, yada, yada.
The main reason I'm not doing this for you is because it seems specific to a certian issue and I think you should do the research to get it right. Either that of risk screwing something up bad.
About making an edify script. What you are trying to do/
A nice read on linux permissions Check the lower half about setting UID and GID. Nicely done.