Database Info

Question about rooting and flashing recovery image..

Just curious, what happens if I follow the rooting steps in the other thread but only do this:
adb push /directory_you_placed_asroot2/asroot2 /data/local/
adb shell
chmod 0755 /data/local/asroot2
/data/local/asroot2 /system/bin/sh
mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
cd /system/bin
cat sh > su
chmod 4755 su
At this point, what state is the phone in? Do I have full root access to the file system? What are the issues/concerns if I don't proceed with flashing the recovery image. Just trying to understand the process and what each step is for. I understand the part above but can't understand why you have to flash a recovery image and can't just use the phone after root is achieved.
Thanks in advance. FYI...all I want to do with root access is delete some system files, nothing more.

mobilehavoc said:
Just curious, what happens if I follow the rooting steps in the other thread but only do this:
adb push /directory_you_placed_asroot2/asroot2 /data/local/
adb shell
chmod 0755 /data/local/asroot2
/data/local/asroot2 /system/bin/sh
mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
cd /system/bin
cat sh > su
chmod 4755 su
At this point, what state is the phone in? Do I have full root access to the file system? What are the issues/concerns if I don't proceed with flashing the recovery image. Just trying to understand the process and what each step is for. I understand the part above but can't understand why you have to flash a recovery image and can't just use the phone after root is achieved.
Thanks in advance. FYI...all I want to do with root access is delete some system files, nothing more.
Click to expand...
Click to collapse
You don't have to flash the recovery image. I believe from that code you would have root and can run programs that require root. However, you would be unable to flash a new rom or any other update.zip (which means no auto apps2sd), partition your sd card easily or backup your phone in case something goes wrong. I suppose you are probably just asking for the sake of asking and knowledge but this is why a recovery image is HIGHLY recommended.

chuckhriczko said:
You don't have to flash the recovery image. I believe from that code you would have root and can run programs that require root. However, you would be unable to flash a new rom or any other update.zip (which means no auto apps2sd), partition your sd card easily or backup your phone in case something goes wrong. I suppose you are probably just asking for the sake of asking and knowledge but this is why a recovery image is HIGHLY recommended.
Click to expand...
Click to collapse
thanks. So if I don't flash the recovery image, I can't update to cooked ROMs or do the stuff you suggested but will the phone otherwise function normal? i.e. I can update to a Sprint/HTC update, I can factory reset the phone (assuming that'll kill root), etc.? I may do the whole process with the recovery image later but don't need it right now.
I only need to do this as a stopgap until Sprint/HTC releases an update.

mobilehavoc said:
thanks. So if I don't flash the recovery image, I can't update to cooked ROMs or do the stuff you suggested but will the phone otherwise function normal? i.e. I can update to a Sprint/HTC update, I can factory reset the phone (assuming that'll kill root), etc.? I may do the whole process with the recovery image later but don't need it right now.
I only need to do this as a stopgap until Sprint/HTC releases an update.
Click to expand...
Click to collapse
Well, I wouldnt recommend doing a sprint update either. That will cause you to lose root most likely. The only way then to keep root is wait until we get a dump of the update and then cook a rom that includes root, in which case you would need to flash the recovery image. Updates usually fix the exploits we use to gain root.

chuckhriczko said:
Well, I wouldnt recommend doing a sprint update either. That will cause you to lose root most likely. The only way then to keep root is wait until we get a dump of the update and then cook a rom that includes root, in which case you would need to flash the recovery image. Updates usually fix the exploits we use to gain root.
Click to expand...
Click to collapse
What he said...but yes, at the steps you quoted, mobilehavoc, you are capable of root access (you don't actually have it until you run that "su" command ). That allows you to read and modify otherwise locked away files and tweak to your hearts content!

Ive rooted and played around some but very little and followed everyones instructions very closely ( thank you for teaching a newbie ). Now how do I go back to original state that I backed up ( think I did ).
When I press the power and volume down button I get to the droid on skateboard, then I press the Home for recovery. I get the screen with all the options and I go to nandroid v2.2 restore and press trackball. It says restore latest backup press home to confirm. I do that and get the following error
Error : run 'nandroid-mobile.sh restore' via console.
What does this mean? Do i have to be tethered to PC and run this command from cmd prompt?
I am now lost again, any help is appreciated

Grinder16 said:
Ive rooted and played around some but very little and followed everyones instructions very closely ( thank you for teaching a newbie ). Now how do I go back to original state that I backed up ( think I did ).
When I press the power and volume down button I get to the droid on skateboard, then I press the Home for recovery. I get the screen with all the options and I go to nandroid v2.2 restore and press trackball. It says restore latest backup press home to confirm. I do that and get the following error
Error : run 'nandroid-mobile.sh restore' via console.
What does this mean? Do i have to be tethered to PC and run this command from cmd prompt?
I am now lost again, any help is appreciated
Click to expand...
Click to collapse
Just to confirm since it wasn't mentioned, you did a Nandroid backup earlier right? can you confirm that there's a folder on your sdcard called "nandroid"?

thecodemonk said:
Just to confirm since it wasn't mentioned, you did a Nandroid backup earlier right? can you confirm that there's a folder on your sdcard called "nandroid"?
Click to expand...
Click to collapse
Dont see that folder - I guess that is not good. Any ideas?

Grinder16 said:
Dont see that folder - I guess that is not good. Any ideas?
Click to expand...
Click to collapse
You must do a backup BEFORE you can do a restore..

To clarify for everyone, here's a breakdown of the steps:
adb push /directory_you_placed_asroot2/asroot2 /data/local/
This copies the asroot2 program to the /data/local folder on your phone.
adb shell
This logs you into the phone. From here on out, you are no longer executing Windows commands from a DOS shell - you are actually executing Linux commands on the phone.
chmod 0755 /data/local/asroot2
This changes the permissions on the asroot2 program so that it can be executed.
/data/local/asroot2 /system/bin/sh
This actually runs the root exploit and creates a file called /system/bin/sh that we will later turn into su.
mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
This unmounts the /system partition and remounts it as writeable.
cd /system/bin
This puts you into the /system/bin folder.
cat sh > su
This creates the su program.
chmod 4755 su
This changes the persmissions on the su file to allow it to be executed.

theresthatguy said:
You must do a backup BEFORE you can do a restore..
Click to expand...
Click to collapse
I thought I had. What are the steps? I have a flash recovery image on my SD card. I have followed all instructions that I could find

Grinder16 said:
I thought I had. What are the steps? I have a flash recovery image on my SD card. I have followed all instructions that I could find
Click to expand...
Click to collapse
Boot to the recovery image then select "nandroid backup"

jonnythan said:
Boot to the recovery image then select "nandroid backup"
Click to expand...
Click to collapse
Can you provide those steps? Sorry but complete newbie here

"I get the screen with all the options and I go to nandroid v2.2 restore and press trackball. It says restore latest backup press home to confirm. I do that and get the following error"
Go there but select Backup instead of Restore.
Turn the phone off, hold the Home key, and turn it on. When you get to the screen with the green text select nandroid backup.

[ROOT] Easy Root, works with any Stock ROM (Including 2.31.651.7!)

Disclaimer: This is not one-click. However, it IS relatively short and straightforward, and does not require you to downgrade.
Credits: The 743C exploit, and ChainsDD for Superuser.
You need:
Android SDK installed and working.
The zip attached to this post.
If you're still on Cupcake (Android 1.5) you'll need su and Superuser from http://bit.ly/su2361cd
So, let's get down to business.
Unzip the attached file into your /android-sdk/tools/ directory, it'll make your life (and ours) easier.
Open up your command line, change to the SDK tools directory, and enter these commands:
Code:
adb push rageagainstthecage-arm5.bin /data/local/tmp
adb shell chmod 755 /data/local/tmp/rageagainstthecage-arm5.bin
Now execute the exploit:
Code:
adb shell
/data/local/tmp/rageagainstthecage-arm5.bin
Wait for the exploit to finish.
Code:
exit
If it doesn't exit cleanly, chances are it worked, just close your terminal or command prompt and open a new one.
Test that it worked:
Code:
adb kill-server
adb start-server
adb shell
If you see a $, it DID NOT work, execute the exploit again. (Step 3)
If you see a #, it WORKED, continue:
Code:
mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
exit
adb push su /system/xbin
adb shell chmod 4755 /system/xbin/su
adb install Superuser.apk
You may need to ctrl-c once it says Success!
Next time you 'su' in adb shell, make sure to click Allow in Superuser!
You may instead install Superuser from the Market if you wish.
Clean up the exploit:
Code:
adb shell rm /data/local/tmp/rageagainstthecage-arm5.bin
If you ever do a "Factory Reset", Superuser will go away, but you DO NOT lose root. Just reinstall Superuser.
What next? The choice is yours! Remove stock apps, get some good 'ol WiFi tethering, or flash something different!
*NOTE*
The above steps DO NOT put a recovery on your phone, though it is VERY EASY.
Once you're rooted, install ROM Manager by Koushik Dutta from the Market. Open it up, click "Flash ClockworkMod Recovery".
Select your model (Hero CDMA), and hit Allow when the Superuser Prompt shows up.
*NOTE*
The above steps DO NOT install Busybox on your phone.
Simply install Busybox from Stephen (Stericson), available on the market.
Start the app and click Allow when prompted by Superuser.
How To Uninstall
Code:
adb shell
su
mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
rm /system/xbin/su
rm /etc/passwd
rm /etc/group
Uninstall Superuser.apk then reboot, and you're set!

tehdarkknight said:
Disclaimer: This is not one-click. However, it IS relatively short and straightforward.
Credits: The 743C exploit, and ChainsDD for Superuser.
You need:
Android SDK installed and working.
The zip attached to this post.
So, let's get down to business.
Unzip the attached file into your /android-sdk/tools/ directory, it'll make your life (and ours) easier.
Open up your command line, change to the SDK tools directory, and enter these commands:
Code:
adb push rageagainstthecage-arm5.bin /data/local/tmp
adb shell chmod 755 /data/local/tmp/rageagainstthecage-arm5.bin
Now execute the exploit:
Code:
adb shell
/data/local/tmp/rageagainstthecage-arm5.bin
Wait for the exploit to finish.
Code:
exit
If it doesn't exit cleanly, chances are it worked, just close your terminal or command prompt and open a new one.
Test that it worked:
Code:
adb kill-server
adb start-server
adb shell
If you see a $, it DID NOT work, execute the exploit again. (Step 3)
If you see a #, it WORKED, continue:
Code:
mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
exit
adb push su /system/xbin
adb shell chmod 4755 /system/xbin/su
adb install Superuser.apk
You may need to ctrl-c once it says Success!
Next time you 'su' in adb shell, make sure to click Allow in Superuser!
That's it!
I won't give directions on installing a recovery or flashing another rom, there are plenty of threads detailing how to do so.
Click to expand...
Click to collapse
Pretty straightforward. This will probably help a lot of newer hero owners, because amazingly, people are still buying them every day!
If I get a chance to test it out, I will.

Nice job. Should be stickied so people don't run around searching through all the old rooting threads which aren't as compatible with the newer RUU versions.

Worked nicely on a refurb Hero that Sprint sent due to the dust problem.
Thanks!

Works great for me

Why am I having trouble doing this? I was able to do it on one Hero though not after many retries, but not on another.

tehdarkknight said:
Disclaimer: This is not one-click. However, it IS relatively short and straightforward, and does not require you to downgrade.
Credits: The 743C exploit, and ChainsDD for Superuser.
Click to expand...
Click to collapse
Great! I can't live without WiFi tethering my iPad which is why I haven't done the 2.31.651.7 HTC OTA update at all.
So, I take it that this exploit will root the Official RUU_Hero_C_Sprint_2.31.651.7_signed_release.exe file then too? I ask because I really don't like to do 'update patches'. I prefer to flash and start fresh so I'm planning on flashing the RUU and then doing this root exploit. Yes, No???

DaWeav said:
Great! I can't live without WiFi tethering my iPad which is why I haven't done the 2.31.651.7 HTC OTA update at all.
So, I take it that this exploit will root the Official RUU_Hero_C_Sprint_2.31.651.7_signed_release.exe file then too? I ask because I really don't like to do 'update patches'. I prefer to flash and start fresh so I'm planning on flashing the RUU and then doing this root exploit. Yes, No???
Click to expand...
Click to collapse
I tested it with the very same RUU, it works.

tehdarkknight said:
I tested it with the very same RUU, it works.
Click to expand...
Click to collapse
SUPER!
Because when I saw this post, I tried to download the latest OTA patch, but my phone just responds 'Your phone is up to date. There are no updates available for your phone'. Strange, because I'm on 2.27.651.6 and the OTAcerts.ZIP is in tact.
Oh well, FEAR NOT, because after I get back from the store this morning, then get the TV tuned to the split screen with football on one and the baseball playoffs on the other, and get Leo Laporte's TechGuy radio show screaming...it'll be the perfect time to flash my phone to factory fresh.
Thanks.

Works perfectly on latest and "greatest" stock ROM... excellent

DaWeav said:
SUPER!
Because when I saw this post, I tried to download the latest OTA patch, but my phone just responds 'Your phone is up to date. There are no updates available for your phone'. Strange, because I'm on 2.27.651.6 and the OTAcerts.ZIP is in tact.
Click to expand...
Click to collapse
Same thing happened to me, that's why I tested this method with the RUU

What are the advantages to ruu'ing to. 7 and rooting again? I rooted my .5 hero and have had no problems....is there something significant that makes the extra work worth it?
Sent from my HERO200 using XDA App

tehdarkknight said:
Same thing happened to me, that's why I tested this method with the RUU
Click to expand...
Click to collapse
Well, I just did the RUU, then did this root, then loaded WiFi Tether, and I'm back in business with my iPad tethering.
Vandelay007 said:
What are the advantages to ruu'ing to. 7 and rooting again? I rooted my .5 hero and have had no problems....is there something significant that makes the extra work worth it?
Click to expand...
Click to collapse
One reason is that when I tried to download the latest OTA update today, I could not. And another reason is before I RUU'd, I had less than 50MB of available memory, but now I have 96MB available with all of my programs loaded again. So for me, it just seems more and more that Android (or HTC Sense) is like Windows boxes since it seems I have to reload the Android OS every now and then to clean things out.

Vandelay007 said:
What are the advantages to ruu'ing to. 7 and rooting again? I rooted my .5 hero and have had no problems....is there something significant that makes the extra work worth it?
Sent from my HERO200 using XDA App
Click to expand...
Click to collapse
Well, if you're using Sprint's official stock .5 rom, with no tweaks applied, you gain the advantage of having an up-to-date rom with the latest bugfixes from Sprint, plus I would say my root method is less invasive and more transparent than other root methods. My personal opinion is that it feels like a root method that can't be abused easily.

SuperOneClick

But I don't need storage space with firerats custom mtd partition....I have over 200mb free with over 50 apps and zero of them on m SD card
Sent from my HERO200 using XDA App

this isnt working.... I can't get passed step 3... my phones just restarts, and then i can't get any further than that.

devonkosa said:
this isnt working.... I can't get passed step 3... my phones just restarts, and then i can't get any further than that.
Click to expand...
Click to collapse
Give us some info. What's your ROM version?

aosp said:
SuperOneClick
Click to expand...
Click to collapse
Is SuperOneClick the same method of rooting?

chiill said:
Is SuperOneClick the same method of rooting?
Click to expand...
Click to collapse
Yes it is....
Ok guyz, I'm going to help yall out !!!!
Look at this and this works I just did it.... any questions pm me then I will post up on here....
http://forum.xda-developers.com/showthread.php?t=803682
This is for rooting your hero and other android devices, even at .7 on the Hero.... I just did this and I laughed at out quick and easy this was... Just make sure you are charge only, and you unzip the downloaded file,.. then open up the SuperOneClickv1.3-ShortFuse.zip on your computer somewhere and open up the SuperOneClick program, and bam you are done....
http://forum.xda-developers.com/atta...5&d=1286657043

[Q] Help with S-Off and Rooting my HTC Merge

I understand there are other threads about this however I do feel my situation is either unique or I've missed something in the other threads.
I've got an HTC Merge through US Cellular. I upgraded to Gingerbread 2.3.4 as soon as it was released through USC's website. Now I'd like to root and all that other stuff.
1.: I didn't S-off before the update. Does anyone know how to properly S-off 2.3.4 Gingerbread on a USC HTC Merge?
2.: I've never rooted a phone before, but I'm pretty sure I've read about it plenty and I'm ready to give it a shot. What's the best way to do this on my current phone?
3.: What are some good modded ROMs available for this device, if any exist at all? I've been interesting in Cyanogen Mod but as far as I've seen it's not supported on the Merge yet.
If anyone can assist me I'd appreciate it greatly. Thanks in advance. =)

if you have adb set up and working,and have some knowledge of it,you can use drellisdees directions in this post,along with the new zergRush temp root tool from alpharev/unrevoked. donate to them both if it works for you.
download the zergRush tool from this post:http://forum.xda-developers.com/showthread.php?t=1296916 and place the file thats inside the .zip into the same folder as your other exploits(tools or platform-tools in ost cases)
below is his post,modified slightly,with the zergRush directions(bold) in place of the originaly froyo directions.
i also removed the parts about downloading your carriers RUU,and backing up your system for vzw since you said you were USC.
assuming you want to remain on rooted GB,just use the same RUU that you used to upgrade at the end where it says to run your carriers RUU.
drellisdee said:
Well, ask and you shall receive!!!
I got s-off on vzw merge. However, altell or USC ones it will require supercid or a goldcard to flash ruu from another carrier.
Tested and working CWM recovery I made for merge and latest radio hboot zips after s-off.
You must verify all Md5sums after downloading to computer (don't even think about downloading on phone) before flashing or risk a brick!!!!! Windows users can get one here & linux users can just type md5sum (name of file) into terminal.
Md5's
8cd1ca796e755b6b72f35e5686dc973a PD42IMG_cw_recovery_gnm.zip
97e35ecc802081b67e27d6cc8323cf81 PD42IMG_radio_1.08.00.320.zip
cc2e7c077fddd017d7b0db614661c535 PD42IMG_1.49.605.1_no_system.zip
4fe37c64b21d1d4542a801779fad5c57 misc-downgrade.img
6d37a0f3526295ebb779f4465a328c96 rom.zip (leaked 1.23.605.1)
http://www.mediafire.com/file/6b2jatt0445h41g/PD42IMG_cw_recovery_gnm.zip
http://www.mediafire.com/file/gbayon7dkmaq98i/PD42IMG_radio_1.08.00.320.zip
I am exploring a goldcard method that will allow flashing of the vzw ruu 1.23.605.1 that can be s-off'ed to allow other carriers merge's to be able to downgrade to s-off.
How to on s-off will be coming soon .... stay posted
Ok how to guide for s-off.
Files needed:
MISCIMG Downgrade http://www.mediafire.com/file/f7c3boee7ixa3i9/misc-downgrade.img
VZW leak 1.23.605.1 ruu.zip http://forum.xda-developers.com/showpost.php?p=8237592&postcount=2
Exploits http://www.mediafire.com/file/e9w92clv6l71el3/exp.zip
HEADS UP: This guide will reflash your phone and cause loss of all non-backed up data
Goldcard is required for ALL NON-VZW phones
Read how to make one here : http://www.mikesouthby.co.uk/2010/0...yo-official-ota-for-network-branded-handsets/
I used the app goldcard helper from market and if you use it skip right to the step of "Go to this page and enter this new number into the SD Card Serial (CID) field" and enter the output of the sdcard cid for mmc2 into the goldcard generator site.
After goldcard is made via directions in link above or if on vzw branded device you can skip the goldcard part. Next rename the vzw leak ruu.zip to PD42IMG.zip and place it on root of sdcard.
Next from dir you downloaded stuff to unzip the exp.zip and copy the exp folder to your android sdk platform-tools dir (if using windows) linux users should have adb in path so this shouldn't be needed just open terminal from download dir. Make sure the phone is in usb mode charge-only from this point on with usb-debugging turned on (settings/applications/development).
Code:
[B]adb push zergRush /data/local/
adb shell[/B] [I]this will change your promt to a $[/I]
[B]chmod 755 /data/local/zergRush
/data/local/zergRush[/B]
Next we backup our existing misc partition.
Code:
adb shell
dd if=/dev/block/mmcblk0p17 of=/sdcard/misc-stock.img bs=4096
/data/local/busybox md5sum /sdcard/misc-stock.img
/data/local/busybox md5sum /dev/block/mmcblk0p17
Make sure the md5sum of the misc-stock.img matches the one from /dev/block/mmcblk0p17
Next we use temp root to flash a misc.img that I hex edited to allow downgrading FW. misc-downgrade.img needs to be in platform-tools dir for windows users.
Code:
adb push misc-downgrade.img /sdcard/
adb shell
dd if=/sdcard/misc-downgrade.img of=/dev/block/mmcblk0p17
sync
Next power off your phone and boot it holding vol_dn + power.
Let the PD42IMG.zip complete ( will do hboot + radio then self reboot and restart to finish the rest)
Once rebooted into the 1.23.605.1 firmware
Code:
adb push exp /data/local
adb shell
chmod 0755 /data/local/psneuter
chmod 0755 /data/local/wpthis
chmod 0755 /data/local/gfree
/data/local/psneuter (to get temp root again)
adb shell
/data/local/wpthis (to disable emmc write protect)
/data/local/gfree -f (this will supercid, simunlock, and s-off phone)
rm /sdcard/PD42IMG.zip (remove/delete the leaked FW so hboot wont load it again)
Reboot into bootloader and verify you have s-off
If so reboot into android and use your carrier's RUU to replace your FW. You will not lose s-off. If on vzw unzip the PD42IMG_1.49.605.1_no_system.zip and add your system.img from your memory card we dumped earlier to the zip. Rezip and rename to PD42IMG.zip and place on root of sdcard and reboot into hboot to flash it just like we did earlier. This will restore the shipped 1.49.605.1 hboot, radio, boot.img, stock recovery.img, and system.img.
After you have upgraded backup you can use the clockwork recovery.img I made and rename it to PD42IMG.zip (make sure to delete the old PD42IMG.zip on your sdcard) and place it on root of sdcard and flash via hboot just like the other PD42IMG.zip's. Then you will have s-off and a custom recovery. Remember to remove/rename/move the PD42IMG.zips when done as they will flash if you enter hboot. Recovery can be entered via bootloader by picking recovery or via "adb reboot recovery".
Flashing this zip via clockwork recovery will install root (su & superuser.apk), busybox & symlink applets, flash & dump image. signed_merge_su_eng_toolkit.zip
After you have root on your release firmware:
The following commands will restore your stock misc.img
from a root # shell: (will need to type su after adb shell and accept superuser pop-up)
Code:
adb shell
dd if=/sdcard/misc-stock.img of=/dev/block/mmcblk0p17
sync
Special thanks to Scotty2 & Tmzt who wrote and developed the wpthis & gfree exploits for the G2 without these s-off for lexikon wouldn't have been possible for me.
My donation link is below if anyone wants to toss me a donation. Took me about a week to port RA recovery to merge only to fail as it had issues then to setup the board files for lexikon for cm7 to do a clockwork recovery and not to mention dumping partitons and working on the s-off stuff and goldcard.
Click to expand...
Click to collapse

I got as far as the /data/local/zergRush and got this error:
[-] Cannot copy boomsh. : Permission denied.
adb push zergRush /data/local/
adb shell this will change your promt to a $
chmod 755 /data/local/zergRush
/data/local/zergRush
Any ideas?
Thanks

kclive said:
I got as far as the /data/local/zergRush and got this error:
[-] Cannot copy boomsh. : Permission denied.
adb push zergRush /data/local/
adb shell this will change your promt to a $
chmod 755 /data/local/zergRush
/data/local/zergRush
Any ideas?
Thanks
Click to expand...
Click to collapse
that error comes from running zergrush twice. http://androidforums.com/merge-all-...simunlock-supercid-htc-merge.html#post3522248

pls how can i run this commands with miniadb, i dont hav access to the whole android sdk tool...and besides, the zergrush binary link above aint workin..any other alternative dload link pls??

akins47 said:
pls how can i run this commands with miniadb, i dont hav access to the whole android sdk tool...and besides, the zergrush binary link above aint workin..any other alternative dload link pls??
Click to expand...
Click to collapse
zergrush is broken with newer builds. fre3vo worked for some. i would recomend you htcdev unlock in order to gain root access for downgrade.
follow directions here to htcdev unlock:
http://androidforums.com/merge-all-things-root/635459-unlock-htcdev.html
then follow directions here:
http://androidforums.com/merge-all-things-root/434029-root-s-off-simunlock-supercid-htc-merge.html
using the "htcdev" step 5 in post#2

Rooting MyTouch 4G Slide HBOOT 1.44.0006

So I know this is a stupid question, but I just go my MT4GS and lets just say it's not the run in the mill got it from the store. An HTC rep swapped my G2 for this phone since my G2 was dying on me. With that said, the MT4GS is running HBOOT 1.44.0006 which I realize isn't the standard .0007 HBOOT.
The thing is, the phone is already S-OFF'd however I can't flash clockwork onto it, even through the Fastboot method. So any help?

Appogee said:
So I know this is a stupid question, but I just go my MT4GS and lets just say it's not the run in the mill got it from the store. An HTC rep swapped my G2 for this phone since my G2 was dying on me. With that said, the MT4GS is running HBOOT 1.44.0006 which I realize isn't the standard .0007 HBOOT.
The thing is, the phone is already S-OFF'd however I can't flash clockwork onto it, even through the Fastboot method. So any help?
Click to expand...
Click to collapse
http://revolutionary.io
Sent from my Senseless Doubleshot using xda premium

Revolutionary only allows for 1.44.0007 HBOOT, which isn't 1.44.0006. Any other ways?

Not that i know of.
Sent from my MyTouch_4G_Slide using xda premium

Hi. I had the same problem...
Usb debugging must be checked and adb working.
To flash the recovery
1) use fre3vo for temp root
adb push fre3vo /local/data/
adb shell fre3vo
(wait)
2) copy the recovery to the device
adb push recovery.img /local/data
3) obtain privileges and copy the recovery to the right partition
adb shell
su
dd if=/data/local/recovery.img of=/dev/block/mmcblk0p21
It worked for me.

imateriali said:
Hi. I had the same problem...
Usb debugging must be checked and adb working.
To flash the recovery
1) use fre3vo for temp root
adb push fre3vo /local/data/
adb shell fre3vo
(wait)
2) copy the recovery to the device
adb push recovery.img /local/data
3) obtain privileges and copy the recovery to the right partition
adb shell
su
dd if=/data/local/recovery.img of=/dev/block/mmcblk0p21
It worked for me.
Click to expand...
Click to collapse
I learned something new today
Sent from my MyTouch_4G_Slide using xda premium

imateriali said:
Hi. I had the same problem...
Usb debugging must be checked and adb working.
To flash the recovery
1) use fre3vo for temp root
adb push fre3vo /local/data/
adb shell fre3vo
(wait)
2) copy the recovery to the device
adb push recovery.img /local/data
3) obtain privileges and copy the recovery to the right partition
adb shell
su
dd if=/data/local/recovery.img of=/dev/block/mmcblk0p21
It worked for me.
Click to expand...
Click to collapse
Well I get through the steps, it hasn't exactly been rooted yet. What do you mean obtain privs and copy the recovery to right partition?

Appogee said:
Well I get through the steps, it hasn't exactly been rooted yet. What do you mean obtain privs and copy the recovery to right partition?
Click to expand...
Click to collapse
OK.
First of all I downloaded the correct recovery image from the clockworkmod site. Then renamed it "recovery.img" and moved to the same folder of ADB.
In the step 3 when you type "su" from the adb shell you elevate privileges to root;
when you "dd if=/data/local/recovery.img of=/dev/block/mmcblk0p21" you copy the recovery image from /data/local to "mmcblk0p21" that is the recovery boot partition.
After that, to obtain permanent root, you shold copy the "su" file from http://downloads.androidsu.com/superuser/su-2.3.6.3-efgh-signed.zip to the doubleshot sd card and install from recovery (this is better explained in the s-off /root thread you can find in the developer section http://forum.xda-developers.com/showthread.php?t=1286324).
This is not a fail proof procedure but it worked for me use at your own risk.
By the way, sorry about my english.

imateriali said:
OK.
First of all I downloaded the correct recovery image from the clockworkmod site. Then renamed it "recovery.img" and moved to the same folder of ADB.
In the step 3 when you type "su" from the adb shell you elevate privileges to root;
when you "dd if=/data/local/recovery.img of=/dev/block/mmcblk0p21" you copy the recovery image from /data/local to "mmcblk0p21" that is the recovery boot partition.
After that, to obtain permanent root, you shold copy the "su" file from http://downloads.androidsu.com/superuser/su-2.3.6.3-efgh-signed.zip to the doubleshot sd card and install from recovery (this is better explained in the s-off /root thread you can find in the developer section http://forum.xda-developers.com/showthread.php?t=1286324).
This is not a fail proof procedure but it worked for me use at your own risk.
By the way, sorry about my english.
Click to expand...
Click to collapse
NEVERMIND! I Just finished rooting, THANK YOU SO MUCH!

downgrade HBOOT 2.00.0002 to 0.98.00000 without using HTCDEV unlock

SEEMS TO WORK ONLY WITH VERSIONS THAT GOT THEIR UPDATE BEFORE NOVEMBER (EUROPE SHOULD WORK, ASIA/INDIA I DO NOT KNOW!!!)
IF THERE IS A NEW TEMPROOT EXPLOIT AVAILABLE IT SHOULD WORK FOR NEWER VERSIONS ALSO
okay now more in detail
first you have to know that you will loose all data on your system, please backup bevor doing anything!!
what you will need:
- misc_version http://www.thinkthinkdo.com/trac/project1/wiki/misc_version
this will change your version information on your desire s later
- zergRush https://github.com/revolutionary/zergRush/downloads
this will give you temporary root privilieges (so that you can change the version number)
- phone
- chargecable
- adb-shell (see this guide http://forum.xda-developers.com/showthread.php?t=1272595)
- windows os on your pc
- RUU http://forum.xda-developers.com/showthread.php?t=1002506
--> please notice: if you have a branded device, use a branded RUU to downgrade!!
1. Connect your phone to your PC in debug mode (Set option in settings (application --> developer)
2. unzip the downloaded files in a folder (e.g. c:/Users/yourName/Downloads)
3. run the Terminal (Windowsbutton + R --> cmd) and change into the folder where the files are (change folder with 'cd')
4. now type to the terminal (every line is one command!)
adb push zergRush /data/local/tmp
adb push misc_version /data/local/tmp
adb shell chmod 777 /data/local/tmp/zergRush
adb shell chmod 777 /data/local/tmp/misc_version
now type
adb shell
cd /data/local/tmp/
./zergRush
--> now adb shell closes and restarts, instead of having a $ you have a # which means root
5. now type
adb shell /data/local/tmp/misc_version -s 1.27.405.6
--> this will change your version information
6. now you can doubleclick on the privous downloaded RUU and follow the steps. it may tell you from going down from version 2.xx to 1.xx but it is possible.
7. phone reboots and when it is up again you should have android 2.3.3 hboot 0.98.0000 S-ON
8. now just download revolutionary from http://revolutionary.io and create a beta key and start programm
Click to expand...
Click to collapse
if it was helpful, please use the thanks button!!

(i'm newbie) i don't understand step 3..

This Howto describes how to get down from hboot 2.00.0002 to 0.98.0000
without using htcdev unlock
Requirements:
- misc_version
- zergRush from xda)
- Desire S
- adb-shell (HTC Sync contains it i think)
- RUU from earlier Version 1.28.401.1 RUU_Saga_HTC_Europe_1.28.401.1_Radio_20.28b.30.080 5U_38.03.02.11_M_release_177977_signed.exe - download now for free. File sharing. Software file sharing. Free file hosting. File upload. FileFactory.com
1. connect phone with chargecable, debug mode on, only charge
2. start terminal (Windows+R --> cmd)
cd .. (so on)
go in to the folder where zergRush and misc_version are
3.
type following
adb push zergRush /data/local/tmp
adb push misc_version /data/local/tmp
adb shell chmod 777 /data/local/tmp/zergRush
adb shell chmod 777 /data/local/tmp/misc_version
adb shell /data/local/tmp/zergRush
4. when u got from $ to # (which means root) type the following
adb shell /data/local/tmp/misc_version -s 1.27.405.6
5. your desire s thinks its a version earlier
6. dobleclick the RUU und follow the steps
--ATTENTION YOU LOOSE YOUR DATA -- PLEASE BACKUP!!!
7.phone reboots with hboot 0.98.0000 S-On
8. follow the other steps from revolutionary to get s-off
PS: i tried the other way around and i am successful s-on again! (so no loss of warranty)

Is there anyone else who tried this method?

3 people in german android-hilfe.de forum.
but some seem to have problems when their desire is branded (dont know if the use branded ruu or not)

Hi,
Im reall sorry if im being stupid but what is misc_version?

It is a script that lets u change the Version on your phone. I will look for one
Edit: http://www.thinkthinkdo.com/trac/project1/wiki/misc_version
here it is...
Sent from my HTC Desire S using XDA App

Cool thanks,
How do i get adb?
EDIT: GOT IT

With got it you mean adb or the downgrade?
Sent from my HTC Desire S using XDA App

Adb.......
Gonna try this give me an hour and i will report back...
Is this safe?

for me it worked on first try. But be sure that you backuped everything! The downgrade will erase everything! ! !
Sent from my HTC Desire S using XDA App

What's the difference between using the misc_version here to "change" your version compared to getting your phones misc version .img from "dd if=/dev/block/mmcblk0p17 of=/mnt/sdcard/mmcblk0p17.img" and then altering it and re uploading it?
To my understanding the one uploaded just patches your misc version where the other one you do it manually.
Or am I so lost I should go home?

should work either. but with the script it is easier, isnt it?

Because its easier for newbies to understand and your way uses more adb
Not that many people understand adb

Thanks, was just wondering.

Hello, nice would be a link from the Ruu.

See the development forum sticky
Sent from my HTC Desire S using XDA App

Troja said:
Hello, nice would be a link from the Ruu.
Click to expand...
Click to collapse
It is not wise to link a specific RUU, since there are already new versions for all regions (Europe, Asia, etc.) and soon the branded will join also.
However a link to the sticky Stock ROMs thread should be handy

I can not find them
Do I need to flash the downgrade.zip?

Troja said:
I can not find them
Do I need to flash the downgrade.zip?
Click to expand...
Click to collapse
This is the same one that mtothearkus posted in is second guide:
http://ff06d05.filefactory.com/dl/f...0805U_38.03.02.11_M_release_177977_signed.exe
I will add to my dropbox for faster download
EDIT:
Dropbox dload isnt working