I know how to use ssh with keys on my Linux pc. I read http://wiki.cyanogenmod.com/wiki/Howto:_Connect_to_Device_with_SSH and did it similar as mentioned. Similar because I had ssh-access already, I only want to limit access to keys.
Code:
ls -lahR /data/dropbear
/data/dropbear:
drwxr-xr-x 1 root root 2.0K Sep 2 18:43 .
drwxrwx--x 1 system system 2.0K Sep 2 18:29 ..
drwx------ 1 root root 2.0K Sep 2 18:42 .ssh
-rw------- 1 root root 458 Sep 2 18:43 dropbear_dss_host_key
-rw------- 1 root root 426 Sep 2 18:43 dropbear_rsa_host_key
/data/dropbear/.ssh:
drwx------ 1 root root 2.0K Sep 2 18:42 .
drwxr-xr-x 1 root root 2.0K Sep 2 18:43 ..
-rw------- 1 root root 389 Sep 2 18:37 authorized_keys
authorized_keysn contains the public key of my pc.
When I connect, I am asked for the password, which can be seen in the Dropbear settings. Did I fogert something to configure with the Dropbear app?
Hi,
From the dropbear -h:
-s Disable password logins
This means you have to run "dropbear -s" to start the ssh daemon.
If you try to connect without a key (or with an incorrect one) you should get "Permission denied" without asking for a password.
Cheers.
wkwkwk said:
Hi,
From the dropbear -h:
-s Disable password logins
This means you have to run "dropbear -s" to start the ssh daemon.
If you try to connect without a key (or with an incorrect one) you should get "Permission denied" without asking for a password.
Cheers.
Click to expand...
Click to collapse
I get from a shell of my pc:
Welcome to DropBear SSH Server!
Permission denied (publickey).
Click to expand...
Click to collapse
# android-phone
# md5sum /data/dropbear/.ssh/authorized_keys
c17fe7f9029970582104c63a43102ad0 /data/dropbear/.ssh/authorized_keys
#linux pc
$ md5sum id_rsa.pub
c17fe7f9029970582104c63a43102ad0 id_rsa.pub
So the keys should be the same
On your Linux PC you need to use the id_rsa *private* key to authenticate, not the public one.
Do you have a file on your PC: ~/.ssh/id_rsa ?
If so, try it like this:
$ ssh -i ~/.ssh/id_rsa ip_of_android
wkwkwk said:
On your Linux PC you need to use the id_rsa *private* key to authenticate, not the public one.
Do you have a file on your PC: ~/.ssh/id_rsa ?
If so, try it like this:
$ ssh -i ~/.ssh/id_rsa ip_of_android
Click to expand...
Click to collapse
Can anyone confirm this? IMO there is never a reason to give away the _private_ key. I want to connect from the pc to the android-phone and I have put the public key of the pc on the android phone. Similar I did it from pc to pc.
I'm not saying to give away the private key, I'm saying to *use it* to connect to android. You seem to try and use the public key to authenticate when you should be using the private key.
To be more exact:
On the PC you need to have (and use): ~/.ssh/id_rsa (private key)
On Android you need to have just the public key: /data/dropbear/.ssh/authorized_keys (which should be identical to the ~/.ssh/id_rsa.pub on your pc).
Also, check the permissions as that's the most common problem:
On your PC:
$ chmod 600 ~/.ssh/id_rsa
On Android:
chmod 755 /data/dropbear
chmod 700 /data/dropbear/.ssh
chown root: /data/dropbear/.ssh/authorized_keys
chmod 600 /data/dropbear/.ssh/authorized_keys
The easiest way to debug would be to launch dropbear on android with -v -F.
It will stay in foreground and be verbose so you can see the error that prevents you from logging in.
Could you please have a look at the md5sum above? I also quoted the permissions at the beginning. Do you see something wrong? I think I did what you said.
Indeed, the permissions look good and the md5 also confirms you have the correct public key.
Try to launch dropbear with -v -F and see what it says when you try to connect. That should give plenty of valuable information.
PS: you are trying to login as root, right?
from your pc:
$ ssh [email protected]
Related
Hi,
I'm having an issue with all terminal emulators (Android Terminal Emulator, ConnectBot, ...) after upgrading my Nexus 10 from Android 4.2.2 to 4.3.
The terminal is not recognizing the actual size of the screen and it is fixed to 80 columns and 20 rows. I can temporarily fix it typing "stty cols 180 rows 35", but those values depend on the screen rotation, font size, etc.
This is really weird, and I wasn't having this issue before the upgrade.
Anyone else has this problem or know how to solve it?
Thanks!
Ok, i've been doing some tests.
It seems to be a 'su' bug, it is not receiving the SIGWINCH signal.
If I type without su:
trap 'echo sigwinch' SIGWINCH
It is executed every time I rotate the tablet or popup the keyboard.
But, under su, the same command is not working.
It may be a permission issue.
Any ideas?
I can confirm having the same issue with my Nexus 10 and android 4.3. As soon as I run su - from the terminal (Android Terminal Emulator) the lines start wrapping at 80 characters.
Hi,
i've been working on this trying to find a solution.
Here is what I saw:
Every time I enter su or enter chroot (i have a chrooted debian), the tty number is changed to another one. That isn't the usual tty behavior!
So, if the normal user is in /dev/pts/0 , root could be in /dev/pts/1 and chroot in /dev/pts/2.
If I rotate the screen /dev/pts/0 cols and rows are changed even if I am as root, I can verify that by typing:
stty -F /dev/pts/0 -a
But, if I am at /dev/pts/1 i'm not receiving that SIGWINCH signal. In common linux distributions, that is not happening as pts number doesn't change.
Here is my (not so perfect) solution for the chrooted debian:
Write a fix_stty.sh script as root:
#!/bin/bash
sttypath=/bin
tty0=$(ls --sort time /dev/pts/ | head -n 1 | awk '{print $1}')
stty0=$($sttypath/stty -F /dev/pts/$tty0 -a | head -n1)
rows=$(echo $stty0 | sed -e 's:.*rows\ \([0-9]\+\).*:\1:g')
cols=$(echo $stty0 | sed -e 's:.*columns\ \([0-9]\+\).*:\1:g')
$sttypath/stty rows $rows cols $cols
Save it in /usr/local/bin
Make it executable:
chmod +rx /usr/local/bin/fix_stty.sh
Add to ~/.bashrc this line:
trap '/usr/local/bin/fix_stty.sh' DEBUG
Or if you use non-root users:
trap 'sudo /usr/local/bin/fix_stty.sh' DEBUG
And add to sudoers file:
%sudo ALL = (ALL) NOPASSWD: /usr/local/bin/fix_stty.sh
Logout and login again, and it will fix the rows and columns before each command.
----
For su, outside the chrooted linux write a script fix_stty.sh:
sttypath=/system/xbin
tty0=$(/system/xbin/busybox ls -t /dev/pts | head -n1)
stty0=$($sttypath/stty -F /dev/pts/$tty0 -a | head -n1)
rows=$(echo $stty0 | sed -e 's:.*rows\ \([0-9]\+\).*:\1:g')
cols=$(echo $stty0 | sed -e 's:.*columns\ \([0-9]\+\).*:\1:g')
$sttypath/stty rows $rows cols $cols
Save it to /system/xbin
(You should remount /system as rw: mount --remount -orw /system)
Then, make it exec:
chmod 755 /system/xbin/fix_stty.sh
And, finally you should type at each su login:
trap '/system/xbin/fin_stty.sh' SIGINT
(i don't know why DEBUG isn't here)
So you have to press Ctrl+C to fix it.
----
Alternatively, you can write an infinite loop or a simple daemon to fix it, but i don't like daemons on my tablet.
If anyone has a better solutions, please post it.
Hi all. I've been mulling over this problem as well. I believe the issue is because in 4.3, SuperSU now uses a "proxy", where commands are sent form the process which called su to daemonsu, which is launched at system startup. Chainfire explains a bit more in his G+ posts the reasons for doing this, but I think the key here is that root processes are now launched on a different tty, because they are launched by a different process (namely, daemonsu). Starting a root shell (whether system shell or ubuntu/debian chroot) now results in the creation of three pts devices, as opposed to the usual one. However, other shells not launched locally are fine. For example, starting the SSH server in my chroot and logging in via SSH is always fine.
I'm still trying to figure out a permanent solution to this problem. I still don't have a full understanding of the problem as I'm still trying to wrap my head around how Linux handles terminals and TTYs. I do have a few ideas floating around my head, though:
Change daemonsu and su to support full termios/line-discipline/whatever-we-need through the "pts bridge" that he is using
Create TTY(pts) pairs on demand, and have a modified Terminal Emulator connect to those directly when we want a shell
Have a background-ed process in the original terminal catch SIGWINCH and pass it to the root terminal
Still quite a bit a figure out though. I may just go through Terminal Emulator's source code to see how it work to get a better picture too. But that's gonna take time. I've also created a little native utility which creates two pts pseudo-TTYs and shuffles data between them. I'm still experimenting. Will post more as I learn more.
Just to let you all know that I've got a system working for myself: http://blog.tan-ce.com/android-root-shell/
The way I'm doing it uses a daemon, much like the su daemons ChainFire and Koush are using. The benefit of doing it this way is that I'm not confined by the application container, which is good for security when used by applications, but is annoying when you are using the terminal itself. I remember having to do hacks with adb servers to get around those.
But if you don't want a daemon, you can still set one up manually, just look at the last section of the README on how to use pts-wrap and pts-exec.
I gave this a try.
First, I've noticed that pts-wrap and pts-exec symbolic links were missing.
And I don't think the line '/system/etc/install-recovery-2.sh' in pts-daemon-start file is needed at all.
I'm using ChainFire SuperSU and pts-shell is not working as expected or catching SIGWINCH signals. I just don't see any difference with the standard shell. Maybe I misunderstood how it works.
alf_tux said:
I gave this a try.
First, I've noticed that pts-wrap and pts-exec symbolic links were missing.
And I don't think the line '/system/etc/install-recovery-2.sh' in pts-daemon-start file is needed at all.
Click to expand...
Click to collapse
My mistake, I forgot to create the symlinks for those two.
install-recovery-2.sh is an idea I took from CharinFire's SuperSU. Basically, it seems as if people are using install-recovery.sh to install startup scripts, and having the script try to call install-recovery-2.sh allows you to chain recovery scripts. For example, if you install this on a system with SuperSU, it will be installed as install-recovery-2.sh. If the system doesn't already have an install-recovery.sh, it'll install itself as install-recovery.sh.
Anyway, I've fixed and uploaded a new zip.
alf_tux said:
I'm using ChainFire SuperSU and pts-shell is not working as expected or catching SIGWINCH signals. I just don't see any difference with the standard shell. Maybe I misunderstood how it works.
Click to expand...
Click to collapse
Are you running pts-shell from a regular (non-root) shell, or from a root shell? It should be run from a non-root shell. (It will give you a root shell once it runs.) Only pts-passwd and pts-daemon is meant to be run as root.
tan-ce said:
Are you running pts-shell from a regular (non-root) shell, or from a root shell? It should be run from a non-root shell. (It will give you a root shell once it runs.) Only pts-passwd and pts-daemon is meant to be run as root.
Click to expand...
Click to collapse
Yes, here is my the terminal output:
[email protected]:/ $ ps | grep pts
root 136 1 760 180 ffffffff 00000000 S /system/xbin/pts-daemon
[email protected]:/ $ pts-shell /system/bin/sh
(pts-shell) /system/bin/sh
Could not connect to socket: Permission denied
255|[email protected]:/ $ su pts-shell /system/bin/sh
[email protected]:/ #
As you see, I can only run pts-shell as root.
alf_tux said:
Yes, here is my the terminal output:
[email protected]:/ $ ps | grep pts
root 136 1 760 180 ffffffff 00000000 S /system/xbin/pts-daemon
[email protected]:/ $ pts-shell /system/bin/sh
(pts-shell) /system/bin/sh
Could not connect to socket: Permission denied
255|[email protected]:/ $ su pts-shell /system/bin/sh
[email protected]:/ #
As you see, I can only run pts-shell as root.
Click to expand...
Click to collapse
Sorry, I realized that the correct command should be:
[email protected]:/ $ su -c pts-shell /system/bin/sh
(pts-shell) /system/bin/sh
(pts-shell) Enter your password:
[email protected]:/ #
Anyway I can only run this as root.
Oh yeah, I found the bug. Sorry, my bad. I've fixed it and uploaded a new copy of the update ZIP, but you don't have to upgrade if you don't want to. Running
Code:
# chmod 0701 /data/pts
should be sufficient to fix the problem. Then you should be able to run pts-shell from a regular (non-root) shell.
tan-ce said:
Oh yeah, I found the bug. Sorry, my bad. I've fixed it and uploaded a new copy of the update ZIP, but you don't have to upgrade if you don't want to. Running
Code:
# chmod 0701 /data/pts
should be sufficient to fix the problem. Then you should be able to run pts-shell from a regular (non-root) shell.
Click to expand...
Click to collapse
I don't think that was the the bug:
[email protected]:/ $ su
[email protected]:/ # ls -l /data/pts
-rw------- root root 61 2013-08-28 19:09 passwd
srw-rw-rw- root root 2013-08-28 18:59 pts
[email protected]:/ # chmod 0701 /data/pts
[email protected]:/ # ls -l /data/pts
-rw------- root root 61 2013-08-28 19:09 passwd
srw-rw-rw- root root 2013-08-28 18:59 pts
[email protected]:/ # ^D
[email protected]:/ $ pts-shell /system/bin/sh
(pts-shell) /system/bin/sh
Could not connect to socket: Connection refused
255|[email protected]:/ $
I have also tried:
chmod 0701 /data/pts/pts
And
chmod 0701 /data/pts/*
I'm getting the same connection refused. Maybe you can send me a debug version, I can run it just to find what is going on.
alf_tux said:
I'm getting the same connection refused. Maybe you can send me a debug version, I can run it just to find what is going on.
Click to expand...
Click to collapse
That's strange. Could you show me the output of ls -la? (The "a" is needed to see the permissions for /data and /data/pts itself)
After that, perhaps you could try "chmod 0711 /data/pts"
There isn't a debug version. The error message comes from the part of the code which tries to open a unix socket located at /data/pts/pts. For this to work, /data and /data/pts must have the execute bit set, and /data/pts/pts needs to have the readable and writable bit set for you. Otherwise you'll get a "permission denied".
Perhaps it might be easier for me to just move the socket to /dev like what koush does for Superuser... it's possible the permissions on my /data is non-standard.
On a side note, I'm also currently trying to contribute to koush's Superuser project to fix terminal handling. With any luck, I (or someone else?) will succeed and we won't really need my pts-multi tools anymore.
tan-ce said:
That's strange. Could you show me the output of ls -la? (The "a" is needed to see the permissions for /data and /data/pts itself)
After that, perhaps you could try "chmod 0711 /data/pts"
There isn't a debug version. The error message comes from the part of the code which tries to open a unix socket located at /data/pts/pts. For this to work, /data and /data/pts must have the execute bit set, and /data/pts/pts needs to have the readable and writable bit set for you. Otherwise you'll get a "permission denied".
Perhaps it might be easier for me to just move the socket to /dev like what koush does for Superuser... it's possible the permissions on my /data is non-standard.
On a side note, I'm also currently trying to contribute to koush's Superuser project to fix terminal handling. With any luck, I (or someone else?) will succeed and we won't really need my pts-multi tools anymore.
Click to expand...
Click to collapse
Yes, I agree that fixing su would be better.
I don't have my tablet right know, i don't remember well /data /data/pts and /data/pts/pts read and exec bits. I will see better whan I have my tablet with me.
Here is the output:
/data:
drwxrwx--x system system 2013-08-28 18:59 data
/data/pts:
drwxr-xr-x root root 2013-08-28 19:06 pts
[email protected]:/ $ ls -la /data/pts
-rwxrwxrwx root root 61 2013-08-28 19:09 passwd
srwxrwxrwx root root 2013-08-28 18:59 pts
[email protected]:/ $ pts-shell /system/bin/sh
(pts-shell) /system/bin/sh
Could not connect to socket: Connection refused
255|[email protected]:/ $
I suppose it isn't a permission problem.
alf_tux said:
I suppose it isn't a permission problem.
Click to expand...
Click to collapse
You're probably right, my Nexus 10 could be a bit different because of the semi-botched update I went through. Well, good news on two fronts: First, I updated pts-multi (latest update zip here) to use /dev/pts-daemon as the socket instead of /data... It works on mine, and I think it should work on yours, because Superuser puts its socket there too.
Second, I finished some modifications to the su binary in Superuser (source code here), and I've submitted a pull request to Koush. He says he'll do a code review of my changes, and we'll see how it goes.
tan-ce said:
You're probably right, my Nexus 10 could be a bit different because of the semi-botched update I went through. Well, good news on two fronts: First, I updated pts-multi (latest update zip here) to use /dev/pts-daemon as the socket instead of /data... It works on mine, and I think it should work on yours, because Superuser puts its socket there too.
Second, I finished some modifications to the su binary in Superuser (source code here), and I've submitted a pull request to Koush. He says he'll do a code review of my changes, and we'll see how it goes.
Click to expand...
Click to collapse
T/hanks! I tried your new update and I think it's working!
Can you add a passwordless option? Or if password is blank just don't ask for it
alf_tux said:
T/hanks! I tried your new update and I think it's working!
Can you add a passwordless option? Or if password is blank just don't ask for it
Click to expand...
Click to collapse
Ok, but I took the easiest way out... If you set the environment variable PTS_AUTH, pts-shell will read the password from there instead of prompting you for it. So, if you're writing a script to spawn a root shell, do:
Code:
#!/system/bin/sh
export PTS_AUTH="your password here"
pts-shell /system/bin/sh
The latest update zip is here.
Thanks a lot tan-ce!!
It's working just as I expected!
Glad to hear it.
Hi All
two days ago I rooted my LAB Onepluse 7 pro , after that we succeed to connect trough ADB shell .
to connected as like as root (sudo ) we re edited the build.prop (ro.secure=0 and ro.debuggable=1 ) but after changing the ro.secure to 0 we failed to connect at all via adb ( adb devices not showing the phone ) and if we are setting only the
ro.debuggable=1 we are able to do adb shell but if we are trying to do adb root we are losing the adb connectivity .
First i suggest u to install TWRP through fastboot. And interact with it. Also check Magisk utility for better ROOT contol.
Before the build.prop was modified
jimmy123322 said:
First i suggest u to install TWRP through fastboot. And interact with it. Also check Magisk utility for better ROOT contol.
Click to expand...
Click to collapse
First the mobile was rooted with
twrp - 3.4.0.0 img , twrp-3.4.0.0 installer and Magisk-v20.4
After that i used prop editor to allowing the su root access
but unfortunately I able to access only to the shell with no option to access like adb root
and when the ro.secure is modified to 0 there is no option to access via ADB at all .
can you please be more accurate what to do.
Someone can answer
I'm quite new and have to know what to do
[email protected] said:
I'm quite new and have to know what to do
Click to expand...
Click to collapse
Try an earlier version of twrp
how to executing files via shell
last week i've asked about adb root but i didn't succeed to solve it .
means ro.secure=0 is still blocking my adb shell or adb root.
my question now is that we are trying to running iperf via the shell and not via the vysor.
but we are rejecting because permission deny.
drwxr-xr-x 3 root root 60 1970-04-21 23:37 vendor
1|OnePlus7Pro:/mnt $ ./ipef
/system/bin/sh: ./ipef: inaccessible or not found
127|OnePlus7Pro:/mnt $ ./iperf
/system/bin/sh: ./iperf: can't execute: Permission denied
126|OnePlus7Pro:/mnt $ ./iperf
/system/bin/sh: ./iperf: can't execute: Permission denied
126|OnePlus7Pro:/mnt $ ls -lrt
ls: ./media_rw: Permission denied
ls: ./asec: Permission denied
ls: ./product: Permission denied
total 168
drwxr-xr-x 3 root root 60 1970-04-21 23:37 user
drwx------ 3 root root 60 1970-04-21 23:37 secure
drwxr-xr-x 2 root system 40 1970-04-21 23:37 obb
drwxrwx--x 2 system system 40 1970-04-21 23:37 expand
lrwxrwxrwx 1 root root 21 1970-04-21 23:37 sdcard -> /storage/self/primary
drwx------ 6 root root 120 1970-04-21 23:37 runtime
drwx--x--x 2 root root 40 1970-04-21 23:37 appfuse
drwxr-xr-x 3 root root 60 1970-04-21 23:37 vendor
-rwxr-xr-x 1 root root 170480 2020-07-14 11:06 iperf
1|OnePlus7Pro:/mnt $ cd user
OnePlus7Pro:/mnt/user $ ls
0
OnePlus7Pro:/mnt/user $ cd ..
OnePlus7Pro:/mnt $ cp iperf /mnt/user/
cp: /mnt/user//iperf: Permission denied
1|OnePlus7Pro:/mnt $ cp iperf /mnt/user/
cp: /mnt/user//iperf: Permission denied
1|OnePlus7Pro:/mnt $
1|OnePlus7Pro:/mnt $
1|OnePlus7Pro:/mnt $
1|OnePlus7Pro:/mnt $
1|OnePlus7Pro:/mnt $
1|OnePlus7Pro:/mnt $
1|OnePlus7Pro:/mnt $
1|OnePlus7Pro:/mnt $
1|OnePlus7Pro:/mnt $ exit
MacBook-Pro-de-Victor-2latform-tools root#
MacBook-Pro-de-Victor-2latform-tools root#
MacBook-Pro-de-Victor-2latform-tools root# ./adb shell /data/iperf -h
/system/bin/sh: /data/iperf: can't execute: Permission denied
MacBook-Pro-de-Victor-2latform-tools root#
replaying to my self
Have use x-plore app to changing /data/app permission then iperf file was copied to this folder
1|OnePlus7Pro:/bin $
1|OnePlus7Pro:/bin $ cd /data/app
OnePlus7Pro:/data/app $ ./iperf -h
Usage: iperf [-s|-c host] [options]
iperf [-h|--help] [-v|--version]
Client/Server:
-f, --format [kmKM] format to report: Kbits, Mbits, KBytes, MBytes
-i, --interval # seconds between periodic bandwidth reports
-l, --len #[KM] length of buffer to read or write (default 8 KB)
-m, --print_mss print TCP maximum segment size (MTU - TCP/IP header)
-o, --output <filename> output the report or error message to this specified file
-p, --port # server port to listen on/connect to
-u, --udp use UDP rather than TCP
-w, --window #[KM] TCP window size (socket buffer size)
-B, --bind <host> bind to <host>, an interface or multicast address
-C, --compatibility for use with older versions does not sent extra msgs
-M, --mss # set TCP maximum segment size (MTU - 40 bytes)
-N, --nodelay set TCP no delay, disabling Nagle's Algorithm
-V, --IPv6Version Set the domain to IPv6
Server specific:
-s, --server run in server mode
-U, --single_udp run in single threaded UDP mode
-D, --daemon run the server as a daemon
Client specific:
-b, --bandwidth #[KM] for UDP, bandwidth to send at in bits/sec
(default 1 Mbit/sec, implies -u)
-c, --client <host> run in client mode, connecting to <host>
-d, --dualtest Do a bidirectional test simultaneously
-n, --num #[KM] number of bytes to transmit (instead of -t)
-r, --tradeoff Do a bidirectional test individually
-t, --time # time in seconds to transmit for (default 10 secs)
-F, --fileinput <name> input the data to be transmitted from a file
-I, --stdin input the data to be transmitted from stdin
-L, --listenport # port to receive bidirectional tests back on
-P, --parallel # number of parallel client threads to run
-T, --ttl # time-to-live, for multicast (default 1)
-Z, --linux-congestion <algo> set TCP congestion control algorithm (Linux only)
Miscellaneous:
-x, --reportexclude [CDMSV] exclude C(connection) D(data) M(multicast) S(settings) V(server) reports
-y, --reportstyle C report as a Comma-Separated Values
-h, --help print this message and quit
-v, --version print version information and quit
[KM] Indicates options that support a K or M suffix for kilo- or mega-
The TCP window size option can be set by the environment variable
TCP_WINDOW_SIZE. Most other options can be set by an environment variable
IPERF_<long option name>, such as IPERF_BANDWIDTH.
Report bugs to <[email protected]>
1|OnePlus7Pro:/data/app $
last week i've asked about adb root but i didn't succeed to solve it .
means ro.secure=0 is still blocking my adb shell or adb root.
my question now is that we are trying to running iperf via the shell and not via the vysor.
but we are rejecting because permission deny.
drwxr-xr-x 3 root root 60 1970-04-21 23:37 vendor
1|OnePlus7Pro:/mnt $ ./ipef
/system/bin/sh: ./ipef: inaccessible or not found
127|OnePlus7Pro:/mnt $ ./iperf
/system/bin/sh: ./iperf: can't execute: Permission denied
126|OnePlus7Pro:/mnt $ ./iperf
/system/bin/sh: ./iperf: can't execute: Permission denied
126|OnePlus7Pro:/mnt $ ls -lrt
ls: ./media_rw: Permission denied
ls: ./asec: Permission denied
ls: ./product: Permission denied
total 168
drwxr-xr-x 3 root root 60 1970-04-21 23:37 user
drwx------ 3 root root 60 1970-04-21 23:37 secure
drwxr-xr-x 2 root system 40 1970-04-21 23:37 obb
drwxrwx--x 2 system system 40 1970-04-21 23:37 expand
lrwxrwxrwx 1 root root 21 1970-04-21 23:37 sdcard -> /storage/self/primary
drwx------ 6 root root 120 1970-04-21 23:37 runtime
drwx--x--x 2 root root 40 1970-04-21 23:37 appfuse
drwxr-xr-x 3 root root 60 1970-04-21 23:37 vendor
-rwxr-xr-x 1 root root 170480 2020-07-14 11:06 iperf
1|OnePlus7Pro:/mnt $ cd user
OnePlus7Pro:/mnt/user $ ls
0
OnePlus7Pro:/mnt/user $ cd ..
OnePlus7Pro:/mnt $ cp iperf /mnt/user/
cp: /mnt/user//iperf: Permission denied
1|OnePlus7Pro:/mnt $ cp iperf /mnt/user/
cp: /mnt/user//iperf: Permission denied
1|OnePlus7Pro:/mnt $
1|OnePlus7Pro:/mnt $
1|OnePlus7Pro:/mnt $
1|OnePlus7Pro:/mnt $
1|OnePlus7Pro:/mnt $
1|OnePlus7Pro:/mnt $
1|OnePlus7Pro:/mnt $
1|OnePlus7Pro:/mnt $
1|OnePlus7Pro:/mnt $ exit
MacBook-Pro-de-Victor-2latform-tools root#
MacBook-Pro-de-Victor-2latform-tools root#
MacBook-Pro-de-Victor-2latform-tools root# ./adb shell /data/iperf -h
/system/bin/sh: /data/iperf: can't execute: Permission denied
MacBook-Pro-de-Victor-2latform-tools root#
replaying to my self
Have use x-plore app to changing /data/app permission then iperf file was copied to this folder
1|OnePlus7Pro:/bin $
1|OnePlus7Pro:/bin $ cd /data/app
OnePlus7Pro:/data/app $ ./iperf -h
Usage: iperf [-s|-c host] [options]
iperf [-h|--help] [-v|--version]
Client/Server:
-f, --format [kmKM] format to report: Kbits, Mbits, KBytes, MBytes
-i, --interval # seconds between periodic bandwidth reports
-l, --len #[KM] length of buffer to read or write (default 8 KB)
-m, --print_mss print TCP maximum segment size (MTU - TCP/IP header)
-o, --output <filename> output the report or error message to this specified file
-p, --port # server port to listen on/connect to
-u, --udp use UDP rather than TCP
-w, --window #[KM] TCP window size (socket buffer size)
-B, --bind <host> bind to <host>, an interface or multicast address
-C, --compatibility for use with older versions does not sent extra msgs
-M, --mss # set TCP maximum segment size (MTU - 40 bytes)
-N, --nodelay set TCP no delay, disabling Nagle's Algorithm
-V, --IPv6Version Set the domain to IPv6
Server specific:
-s, --server run in server mode
-U, --single_udp run in single threaded UDP mode
-D, --daemon run the server as a daemon
Client specific:
-b, --bandwidth #[KM] for UDP, bandwidth to send at in bits/sec
(default 1 Mbit/sec, implies -u)
-c, --client <host> run in client mode, connecting to <host>
-d, --dualtest Do a bidirectional test simultaneously
-n, --num #[KM] number of bytes to transmit (instead of -t)
-r, --tradeoff Do a bidirectional test individually
-t, --time # time in seconds to transmit for (default 10 secs)
-F, --fileinput <name> input the data to be transmitted from a file
-I, --stdin input the data to be transmitted from stdin
-L, --listenport # port to receive bidirectional tests back on
-P, --parallel # number of parallel client threads to run
-T, --ttl # time-to-live, for multicast (default 1)
-Z, --linux-congestion <algo> set TCP congestion control algorithm (Linux only)
Miscellaneous:
-x, --reportexclude [CDMSV] exclude C(connection) D(data) M(multicast) S(settings) V(server) reports
-y, --reportstyle C report as a Comma-Separated Values
-h, --help print this message and quit
-v, --version print version information and quit
[KM] Indicates options that support a K or M suffix for kilo- or mega-
The TCP window size option can be set by the environment variable
TCP_WINDOW_SIZE. Most other options can be set by an environment variable
IPERF_<long option name>, such as IPERF_BANDWIDTH.
Report bugs to <[email protected]rceforge.net>
1|OnePlus7Pro:/data/app $
[email protected] said:
last week i've asked about adb root but i didn't succeed to solve it .
means ro.secure=0 is still blocking my adb shell or adb root.
...
Click to expand...
Click to collapse
@[email protected] THREAD CLOSED as you've created already another thread with this topic, and to which your above posts have been copied: https://forum.xda-developers.com/oneplus-7-pro/help/oneplus7-pro-ro-secure0-t4127227
XDA Forum Rules (excerpt):
...
5. Create a thread topic or post a message only once, this includes external links & streaming media.
As a large forum, we don't need unnecessary clutter. You're free to edit your message as you like, so if you do not receive an answer, revisit your message and see if you can describe your problem better. Not everyone is online at the same time so it might take a while before you receive an answer.
You can bump your unanswered question once every 24 hours
Duplicate threads and posts will be removed
Always post in an existing thread if a topic already exists, before creating a new thread.
Use our search function to find the best forum for your device.
Links to an external source are only allowed if relevant to the topic in hand. A description must be included, no copy & pasting from the original source.
Self-promotion is forbidden, this includes blogs, social media and video channels etc. Random links will be removed.
...
Click to expand...
Click to collapse
Please note above that I've highlighted in red, and please refrain from creating a new thread everytime!
ON further discussion with other users, this may only work from a remnant from the GetMeIn exploit, which I had attempted to use but it was unsuccessfully not able to map memory. Perhaps this in combination with GetMeIn may be of use to others.
- - - - - - - -
While awaiting the exciting new from retr0id RootMY.TV , I came across a very straightforward way to achieve root and escape chroot on a OLED55E6P with WebOS release 3.3.4 and firmware version 05.30.60.
I am still fiddling to find preferred method of establishing a permanent root remote shell, and will update later with that.
Curious if this works on your WebOS + Firmware versions?
This procedure opens a root shell over telnet outside of the chroot jail, that is connected to a TTY. Bash history is available across sessions, arrow keys and home/end keys function!
Code:
## Do normal procedure to install developer app, register at LG, enable keyserver, get key, save key, etc.
##Then:
ssh -i ~/.ssh/tv_webos -p 9922 [email protected]_IP "/bin/bash -i"
#Enter passphrase for key '~/.ssh/tv_webos':
#/bin/bash: can't access tty; job control turned off
#/media/developer $
su
#su: must be run from a terminal
#sad, but
/bin/busybox.suid su
Password: alpine
id
#uid=0(root) gid=0(root) groups=0(root),10(wheel),506(pulse-access),509(se),777(crashd)
/bin/busybox.nosuid chroot /proc/1/root
#/ # /bin/sh: can't access tty; job control turned off
##1st Time prepare directory, set root password###
mkdir -p /home/overlay/etc
mkdir -p /home/overlay/work
mount -t overlay overlay -o lowerdir=/etc:/media/cryptofs/apps/usr/palm/services/com.palmdts.devmode.service//binaries-armv71/opt/openssh/etc,upperdir=/home/overlay/etc,workdir=/home/overlay/work /etc
passwd
####
nohup telnetd -l /sbin/sulogin &
#### then from another terminal, run
telnet TV_IP
## dont break anything
Why didn't it work on my webOS 3.0 TV? It replyed 'incorrect password'.
i can't root Samsung galaxy a02 -- SM-A022F/DS Build No: A022FXXU2BUI3 , android 11 , i dont know what to do for rooting and i dont have firmware file (bootloader unlocked)
To get the superuser access ( AKA root ) to be able to control various aspects of Android OS means you need to perform a certain modification that will root your phone's Android. An unlocked bootloader isn't needed to root Android.
Here is what you have to do to root your device's Android:
Replace Android's Toybox binary - what is a restricted version by default - by unrestricted Toybox v0.8.5.
This e.g. can get achieved by means of a Windows command script making use of ADB coomands.
jwoegerbauer said:
To get the superuser access ( AKA root ) to be able to control various aspects of Android OS means you need to perform a certain modification that will root your phone's Android. An unlocked bootloader isn't needed to root Android.
Here is what you have to do to root your device's Android:
Replace Android's Toybox binary - what is a restricted version by default - by unrestricted Toybox v0.8.5.
This e.g. can get achieved by means of a Windows command script making use of ADB coomands.
Click to expand...
Click to collapse
hi , i dont know what is toybox or i dont know really what to do can you tell me step by step please? i have ADB already
dleaderp said:
hi , i dont know what is toybox or i dont know really what to do
Click to expand...
Click to collapse
Typically people do a Google search like "Android Toybox" ...
To save you this search: Toybox is a suite of Linux commands ported to Android.
The commands supported are
Code:
acpi arch ascii base64 basename blkid blockdev bunzip2 bzcat cal cat
catv chattr chgrp chmod chown chroot chrt chvt cksum clear cmp comm
count cp cpio crc32 cut date devmem df dirname dmesg dnsdomainname
dos2unix du echo egrep eject env expand factor fallocate false fgrep
file find flock fmt free freeramdisk fsfreeze fstype fsync ftpget
ftpput getconf grep groups gunzip halt head help hexedit hostname
hwclock i2cdetect i2cdump i2cget i2cset iconv id ifconfig inotifyd
insmod install ionice iorenice iotop kill killall killall5 link ln
logger login logname losetup ls lsattr lsmod lspci lsusb makedevs
mcookie md5sum microcom mix mkdir mkfifo mknod mkpasswd mkswap mktemp
modinfo mount mountpoint mv nbd-client nc netcat netstat nice nl nohup
nproc nsenter od oneit partprobe passwd paste patch pgrep pidof ping
ping6 pivot_root pkill pmap poweroff printenv printf prlimit ps pwd
pwdx readahead readlink realpath reboot renice reset rev rfkill rm
rmdir rmmod sed seq setfattr setsid sha1sum shred sleep sntp sort
split stat strings su swapoff swapon switch_root sync sysctl tac tail
tar taskset tee test time timeout top touch true truncate tty tunctl
ulimit umount uname uniq unix2dos unlink unshare uptime usleep uudecode
uuencode uuidgen vconfig vmstat w watch wc which who whoami xargs
xxd yes zcat
As you might see su is the ROOT functionality.
dleaderp said:
can you tell me step by step please? i have ADB already
Click to expand...
Click to collapse
Actually I'm working on a Windows command script that makes use of ADB what does the job. I'll publish it here when finished:
[TOOL][ADB]][Windows] A 100% Safe Non-systemless Root Tool - No Soft-bricked Adroid Guaranteed
Grant Root Privileges to Regular Users Using Devices With Android 6 and up by Simply Upgrading Android's Multi-command Applet Toybox.
forum.xda-developers.com
jwoegerbauer said:
Actually I'm working on a Windows command script that makes use of ADB what does the job. I'll publish it here when finished:
Click to expand...
Click to collapse
happy to hear that xd
i got a last question, i think my phone's storage is shrunked after i used firmware is it possible ? if yes how can i fix it. it was 32 gb now its 8gb
i fixed i used another firmware i'll be wait for your ADB