[Root] Please test new rooting idea - Nexus 7 Android Development

Hi all,
well i made a small script to root Xperia devices, as it turns out more devices are affected to this.
Paul O'Brien over at Modaco tested it on his Nexus 7 [UK] and it worked, well some users in my thread over @ Xperia S section report it not working and some report it working.
I am opening this thread to get the idea why it is working for some users and why not for others.
So, as i don't have this device i cannot test it myself, so if you are a interested user or maybe a dev feel free to test it. Maybe you even get the idea why it is working on some and not on others. (BTW, are there any diffs between UK and other devices? How many firmwares are out for the device? Can i download somewhere firmware dumps?)
Paul's test: http://www.modaco.com/page/news/_/android/a-new-and-effective-root-method-for-ics-jb-r715
Best Regards

I will try it now with my UK device.
The device is STOCK, Bootloader locked and updated to the latest JB Build via OTA.
Will report back after my try.
EDIT:
It doesn't work for me:
======================================================================
= This script will root your Android phone with adb restore function =
= Script by Bin4ry (thanks to Goroh_kun and tkymgr for the idea) =
= (13.09.2012) =
======================================================================
Device type:
1) Xperia T
2) LT26,LT22 etc.
3) Other
Make a choice: 3
Normal Mode enabled!
Please connect device with ADB-Debugging enabled now....
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
1252 KB/s (1085140 bytes in 0.846s)
1039 KB/s (22364 bytes in 0.021s)
1305 KB/s (843503 bytes in 0.631s)
Please look at your device and click RESTORE!
If all is successful i will tell you, if not this shell will run forever.
Successful, going to reboot your device!
Waiting for device to show up again....
mount: permission denied (are you root?)
/system/xbin/su: cannot open for write: Read-only file system
Unable to chmod /system/xbin/su: No such file or directory
/system/app/Superuser.apk: cannot open for write: Read-only file system
Unable to chmod /system/app/Superuser.apk: No such file or directory
rm failed for /data/local.prop, No such file or directory
You can close all open command-prompts now!
After reboot all is done! Have fun with Root!
Bin4ry
Drücken Sie eine beliebige Taste . . .
Click to expand...
Click to collapse
With Version 2 I get the following output:
======================================================================
= This script will root your Android phone with adb restore function =
= Script by Bin4ry (thanks to Goroh_kun and tkymgr for the idea) =
= version 2 (14.09.2012) =
======================================================================
Device type:
1) Xperia T
2) LT26,LT22 etc.
3) Other
Make a choice: 3
Normal Mode enabled!
Please connect device with ADB-Debugging enabled now....
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
1290 KB/s (1085140 bytes in 0.821s)
992 KB/s (22364 bytes in 0.022s)
1285 KB/s (843503 bytes in 0.641s)
Please look at your device and click RESTORE!
If all is successful i will tell you, if not this shell will run forever.
rm failed for /data/data/com.android.settings/a, Permission denied
Please look at your device and click RESTORE (once again)!
If all is successful i will tell you, if not this shell will run forever.
Successful, going to reboot your device!
Waiting for device to show up again....
mount: permission denied (are you root?)
remount failed: Operation not permitted
/system/xbin/su: cannot open for write: Read-only file system
Unable to chmod /system/xbin/su: No such file or directory
/system/app/Superuser.apk: cannot open for write: Read-only file system
Unable to chmod /system/app/Superuser.apk: No such file or directory
rm failed for /data/local.prop, No such file or directory
You can close all open command-prompts now!
After reboot all is done! Have fun with Root!
Bin4ry
Drücken Sie eine beliebige Taste . . .
Click to expand...
Click to collapse
Ad Version 2: It doesn't ask me to restore 2 times. Only the first time it asks me and then the Nexus 7 reboots.

Ok thanks for this test.
Can you tell me if there is a /data/local.prop already present in you firmware version? If yes we need to alter the script a little, hopefully it can work then.
I am not sure which firmware version Paul tested, but i have a few feedbacks telling it works, so i suggest it is a firmware version "problem".
Regards

Bin4ry said:
Ok thanks for this test.
Can you tell me if there is a /data/local.prop already present in you firmware version? If yes we need to alter the script a little, hopefully it can work then.
I am not sure which firmware version Paul tested, but i have a few feedbacks telling it works, so i suggest it is a firmware version "problem".
Regards
Click to expand...
Click to collapse
Thanks for your answer.
Since I don't have root I can't answer you this question because /data is inaccessible.
The rooting success of Paul is the same as with the HTC One X. He could achieve root trough such a script with his One X, all the others couldn't.
Sent from my Nexus 7 using xda premium

Strange thing.
Can you try something for me ?
Do this manually:
adb restore stuff/fakebackup.ab
Do not click restore YET!
next command:
adb shell "while ! ln -s /data /data/data/com.android.settings/a/file99; do :; done" > NUL
this command will automatically stop when it "worked". Once this command runs please click restore on device!
Now please give me a:
adb shell "ls -ld /data"
I want to know if it changes the permissions of data folder, if all is fine it should be permissions of 777. Maybe then you can check for local.prop and if present rename or remove it
Regards

Bin4ry said:
Strange thing.
Can you try something for me ?
Do this manually:
adb restore stuff/fakebackup.ab
Do not click restore YET!
next command:
adb shell "while ! ln -s /data /data/data/com.android.settings/a/file99; do :; done" > NUL
this command will automatically stop when it "worked". Once this command runs please click restore on device!
Now please give me a:
adb shell "ls -ld /data"
I want to know if it changes the permissions of data folder, if all is fine it should be permissions of 777. Maybe then you can check for local.prop and if present rename or remove it
Regards
Click to expand...
Click to collapse
My output:
C:\Users\user\Desktop\stuff>adb devices
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
List of devices attached
xxxxxxxxxxx (censored) device
C:\Users\user\Desktop\stuff>adb restore fakebackup.ab
C:\Users\user\Desktop\stuff>adb shell "while ! ln -s /data /data/data/com.and
roid.settings/a/file99; do :; done" > NUL
C:\Users\user\Desktop\stuff>adb shell "ls -ld /data"
drwxrwx--x system system 2012-09-15 20:55 data
C:\Users\user\Desktop\stuff>
Click to expand...
Click to collapse
It seems it didn't get chmod 777

Ok thanks for the test. Too bad, it does not change the permissions, maybe there is something preventing it. For now i have no idea, but any dev can freely adapt the intial idea of the script. If someone owns this device i think it the basic idea maybe useful. As for now it seems all devices are initially vulnerable to the "problem", only a way to use it have to be found.
Regards

FYI here also, doesn't work on my fully stock 3568A-ME370T JRO03D Nexus 7

Bin4ry said:
adb shell "while ! ln -s /data /data/data/com.android.settings/a/file99; do :; done" > NUL
Click to expand...
Click to collapse
I think this, and things similar to this, are your problem as you already need root to access those folders.
Without root any running app/process is only allowed to access it's own subfolder in /data/data, nothing else.

This kind of works for me, clockwork mod says I'm rooted but titanium backup says I'm not.
I can't install clockwork mod recovery from the app. Something about assigning permissions.
My boot loader is unlocked. Dunno if that helps.
Sent from my Nexus 7 using xda app-developers app

Have you got Superuser or SuperSU installed?
Sent from my Nexus 7 using my toiletpaper

Yes SuperUser only because the script bin4ry posted contains the superuser.apk and installs it.

HellcatDroid said:
I think this, and things similar to this, are your problem as you already need root to access those folders.
Without root any running app/process is only allowed to access it's own subfolder in /data/data, nothing else.
Click to expand...
Click to collapse
This is not true, it is exactly the trick my scipt uses, in the moment you press restore in the Android Restore Service you will gain access to the partition
@Spazz Monk3y: I added v9 maybe it works now properly, in some old versions i had a nasty bug for giving permissions to su binary. Introduced because i wanted to make a singleline command and forgot atleast 1 command inside my line :crying:
Regards

Code:
mount: permission denied (are you root?)
With v9 and German Nexus 7

Nex 7 is really crazy, you some working some dont. i have no idea -.-

Welcome bin4ry! I remember you from my x10 days! Glad to see you doing well.
Sent from my Nexus 7 using XDA Premium HD app

Related

[Huawei IDEOS U8150] How to gain root access

I hold no responsibility to how you use or not use this info and if you brick phone - you do this at your own risk
There is a couple away you can go about gaining root access with this phone I have tested all 3 ways but only had success with 2 of them.
a) You can download 'z4root' from the Android Market (If is still available) or search XDA forums for it.
b) Search the XDA forums for 'SuperOneClick' which requires mono to work on Linux. I have read people that have had success with 'SuperOneClick' but that was not the case for me.
c) My preferred method:
Prerequisite:
knowledge of Linux and Terminal
knowledge of ADB (guide available in forums)
I did all this using Debian (testing) 64bit, Android SDK.
Creating correct permissions to access the phone via USB:
i) create
Code:
/etc/udev/rules.d/51-android.rules
ii) in the file put
Code:
SUBSYSTEM=="usb", ATTR{idVendor}=="12d1", MODE="0666"
iii) then
Code:
chmod a+r /etc/udev/rules.d/51-android.rules
iv) restart udev or reboot
Downloading and/or Installing required software:
1) Downloading and installing the android-sdk from: developer.android.com/sdk/index.html
2) Downloading and extracting 'SuperOneClick' (you will only need these 5 files: rageagainstthecage, sqlite3, su, busybox and superuser.apk)
3) Copy rageagainstthecage, sqlite3, su, busybox and superuser.apk into the platform-tools directory of android-sdk. Put phone in debug mode.
4) From a terminal (command line) change to the android/platform-tools directory and carefully do these steps.
Check to see if adb can see your phone properly:
Code:
./adb devices
You should see the serial number of you device, if you see bunch of '?' you have done something wrong.
Now for the fun part rooting the phone: <= no phun intended hehe
Code:
./adb push rageagainstthecage /data/local/tmp/rageagainstthecage
Code:
./adb shell
Code:
cd /data/local/tmp
Code:
chmod 0755 rageagainstthecage
Code:
./rageagainstthecage
5) Now wait until you get kicked out from adb before you do the following:
Code:
./adb shell
If everything worked now you should see a "#" instead of the "$" you saw previously in the adb shell which means you shouldn't get "permission denied" in the following steps:
Code:
mount -o rw,remount /dev/block/mdtblock4 /system
Code:
exit
Code:
./adb push su /system/bin/su
Code:
./adb push busybox /system/bin/busybox
Code:
./adb push sqlite3 /system/bin/sqlite3
Code:
./adb push Superuser.apk /system/app/Superuser.apk
Code:
./adb shell
Code:
cd /system/bin
Code:
chmod 4755 su
Code:
chmod 4755 busybox
Code:
chmod 4755 sqlite3
Code:
./adb reboot
Now you should be able to use apps like 'Cache Cleaner NG', 'Root Explorer', 'SetCPU' etc that require root access to work correctly.
Enjoy
Guide reflash FW for those who did some damage:
* Download from here that you want to install the FW
* Copy the folder in the microSD DLOAD (with the file inside UPADATE.APP)
* From phone off, Volume + Hold down RED BUTTON UP and power button.
* start the firmware upgrade, take a few minutes and then restart the phone . is a bit slow, do not be afraid, let him work and then back on (like the first time)
Help to get into recovery mode:
* down the 'volume up 'and 'green button'and then switch the device
Guide to bootloader mode:
* switch off, press and hold power button + volume down + red key
Overclock
Can this fone be oveclocked
SethIsHere said:
Can this fone be oveclocked
Click to expand...
Click to collapse
yes it can be OCed, I recommend using setCPU from the market
SethIsHere said:
Can this fone be oveclocked
Click to expand...
Click to collapse
Yes it can, to a Maximum of 600mhz (0.6 ghz) on the stock kernel
setCPU is no longer available on the market for free afaik.
Also can someone better translate the instructions to get into recovery mode? i can barely make sense of the above instructions ^^^
.produkt-R said:
Also can someone better translate the instructions to get into recovery mode? i can barely make sense of the above instructions ^^^
Click to expand...
Click to collapse
does this help:
http://forum.xda-developers.com/showpost.php?p=10371747&postcount=5
quail said:
does this help:
http://forum.xda-developers.com/showpost.php?p=10371747&postcount=5
Click to expand...
Click to collapse
Helped, Thanks.
Although after reading the entire page, i wonder if i should have a Recovery ROM installed. But i wonder if the phone will be left in it's current working state after installing it ?
i used z4root, worked fine for me
quail said:
Code:
chmod 4755 su
Code:
chmod 4755 busybox
Code:
chmod 4755 sqlite3
Click to expand...
Click to collapse
I think only "su" should be 4755 (setuid root), busybox and sqlite3 should just be 0755? Thanks for the instructions.
pb05life said:
i used z4root, worked fine for me
Click to expand...
Click to collapse
Ok I figured it ill shut up you have to use crappy dos command prompt and type everything in manually install proggies lol Google must die!
quail said:
Creating correct permissions to access the phone via USB:
i) create
Code:
/etc/udev/rules.d/51-android.rules
ii) in the file put
Code:
SUBSYSTEM=="usb", ATTR{idVendor}=="12d1", MODE="0666"
iii) then
Code:
chmod a+r /etc/udev/rules.d/51-android.rules
iv) restart udev or reboot
Click to expand...
Click to collapse
Anyone know this part for windows XP?Not linux?
I got to rageagainstthecage and it says permission denied.
fvckyougooglescammer said:
So would you tell us, exactly how you did it?
Without using the market place?
Because I have tried 100 things downloaded all that junk wasted 5 hours.
And I do not know how to run the z4root on my phone.
I do not want to install another ROM.
I do not know why you can not run z4root and a file manager from the SD card I have tried methods with the SDK they are total rubbish.
Once again *without* using the market place.
Thanks
Click to expand...
Click to collapse
Download it mediafire.com/u8150
Sent from my Ideos using XDA App
could you explain why you prefer this way instead using z4root?
nitro-ale said:
could you explain why you prefer this way instead using z4root?
Click to expand...
Click to collapse
I have Z4root on the phone and its supposedly rooted.
Yet, I can install apps from PC onto phone, but can not uninstall them.
Adb always gives me failure.
And if I try from shell it always says permission denied.
tilal6991 said:
Download it
Sent from my Ideos using XDA App
Click to expand...
Click to collapse
Hi thanks downloaded it fine its on the phone but this doesn't tell me how to remove apps.
I have been able to install but not remove adb always says failure.
Thanks man,
Just worked perfectly on my IDEOS brought from 2degrees in NZ.
The copy of SuperOneClick that I downloaded contained a file called su-v2 instead of su. In order to get the hack to work I had to rename su-v2 to su before running ./rageagainstthecage . Pretty obvious, but it might help someone out.
Thanks
fvckyougooglescammer said:
I have Z4root on the phone and its supposedly rooted.
Yet, I can install apps from PC onto phone, but can not uninstall them.
Adb always gives me failure.
And if I try from shell it always says permission denied.
Click to expand...
Click to collapse
I followed your instructions and installed SetCPU to test my phone was rooted. It worked great! Thanks.
I still have a problem. When I try adb root it still says "adbd cannot run as root in production builds". I'm trying this to be able to control my phone with pc mouse/keyboard with androidscreencast.
Any suggestions will be much appreciated.
Answering to myself: I updated my phone with FUSIONideos 1.5 and now adb runs as root without problems.
Z4root
http://forum.xda-developers.com/showthread.php?t=833953
Worked for me
Does it removes simlock I have Huawei U8150 IDEOS Android phone with career lock ( Simlock ), so will this remove it
can there be a batch file / command / app for all this, too techy out there
also how to setup the environment to run these commands, i m windows user can i do it ?

[Q] Restoring stock recovery

Anyone know how I can restore to stock recovery? I rooted and flashed CWM recovery, but I need to restore to stock because I am having so many problems with random reboots that I see lots of people are also having problems with. I have downloaded the dump. If someone could tell what I need to do on would be extremely grateful.
Even on stock this thing has issues... Im gonna try and return it for a mytouch 4g instead....
Sent from my SGH-T839 using Tapatalk
Ace42 said:
Even on stock this thing has issues... Im gonna try and return it for a mytouch 4g instead....
Sent from my SGH-T839 using Tapatalk
Click to expand...
Click to collapse
That's my problem too, but I can't send it back until I get the stock recovery back. I installed CWM after I rooted.
see my next post for the 1 click
ehall2k7 said:
That's my problem too, but I can't send it back until I get the stock recovery back. I installed CWM after I rooted.
Click to expand...
Click to collapse
Me too, which is why I regret it now....I want a phone hat I less buggy, this thing crashes all the time which sucks. Also the phone won't get much faster since it doesn't have enough space for the galaxy s lagfix, which applies to this since it has rfs and not ext4 like it needs..
@person above, if we brick it then they would replace it, right? You would just need to do some "acting" in the store and play dumb with the rep, if you know what a mean.
Sent from my SGH-T839 using Tapatalk
I edited noobnl's one click uninstaller for epic4g with what i posted above.
Extreme warning: Untested! I do not know if it will work, use at your own risk. Possibility of bricking you!
This one click SHOULD
1. remove root and replace with original files
2. reflash stock bml8 over modified? one (I think CWM is bml8)
Theoretically it shouldnt brick you, but no guarantees.....
If anybody has the guts to test this let me know
updated to Here
http://forum.xda-developers.com/showthread.php?t=803682
that is the link to SuperOneClick its a Root app that you can also use to unroot the device.. i Haven't Received my other SK4G yet to test but it should work its universal and works on multiple phones.
hopefully those that have root can use this method to unroot
blu9987 said:
I edited noobnl's one click uninstaller for epic4g with what i posted above.
Extreme warning: Untested! I do not know if it will work, use at your own risk. Possibility of bricking you!
This one click SHOULD
1. remove root and replace with original files
2. reflash stock bml8 over modified? one (I think CWM is bml8)
Theoretically it shouldnt brick you, but no guarantees.....
If anybody has the guts to test this let me know and i'll post a thread in the dev forum
edit: updated the zip due to a silly error
edit2: in the off chance that you get "mount: operation not premitted" that means it failed to mount /system as rw and wont remove superuser. If you let it continue it will still flash over bml8 though. You can manually remove superuser another way. My phone was only permitting me to mount by
Code:
adb shell
su
(look on phone press allow for superuser popup)
remount rw
then removing all the files using these commands
Code:
adb shell rm /system/bin/joeykrim-root.sh (most likely not there this is old)
adb shell rm /system/bin/jk-su (same as above)
adb shell rm /etc/passwd (pretty sure this isnt here either)
adb shell rm /etc/group (same)
adb shell rm /system/bin/su
adb shell rm /system/xbin/su
adb shell rm /system/app/Superuser.apk
adb push playlogo /system/bin/playlogo
adb shell chmod 755 /system/bin/playlogo
adb shell rm /etc/resolv.conf
adb shell rm /system/bin/remount
adb shell rm /system/bin/busybox
Not saying that you'll have to do that could just be my phone since im on ext4 and such.
Click to expand...
Click to collapse
I'll try it out in the next few hours and let you know. I'm not worried if it bricks cuz I'm still in the 14 days to return it and have had nothing but problems with it random rebooting. I'll let you know. Thanks again.
ehall2k7 said:
I'll try it out in the next few hours and let you know. I'm not worried if it bricks cuz I'm still in the 14 days to return it and have had nothing but problems with it random rebooting. I'll let you know. Thanks again.
Click to expand...
Click to collapse
Just to give a heads up a bricked device will stay at the splash screen or may not even turn on, so it will be hard for them to know.I wish this phone was better, since I wanted I ever since I heard it was being remade by sammy.
Sent from my SGH-T839 using Tapatalk
blu9987 said:
I edited noobnl's one click uninstaller for epic4g with what i posted above.
Extreme warning: Untested! I do not know if it will work, use at your own risk. Possibility of bricking you!
This one click SHOULD
1. remove root and replace with original files
2. reflash stock bml8 over modified? one (I think CWM is bml8)
Theoretically it shouldnt brick you, but no guarantees.....
If anybody has the guts to test this let me know and i'll post a thread in the dev forum
edit: updated the zip due to a silly error
edit2: in the off chance that you get "mount: operation not premitted" that means it failed to mount /system as rw and wont remove superuser. If you let it continue it will still flash over bml8 though. You can manually remove superuser another way. My phone was only permitting me to mount by
Code:
adb shell
su
(look on phone press allow for superuser popup)
remount rw
then removing all the files using these commands
Code:
adb shell rm /system/bin/joeykrim-root.sh (most likely not there this is old)
adb shell rm /system/bin/jk-su (same as above)
adb shell rm /etc/passwd (pretty sure this isnt here either)
adb shell rm /etc/group (same)
adb shell rm /system/bin/su
adb shell rm /system/xbin/su
adb shell rm /system/app/Superuser.apk
adb push playlogo /system/bin/playlogo
adb shell chmod 755 /system/bin/playlogo
adb shell rm /etc/resolv.conf
adb shell rm /system/bin/remount
adb shell rm /system/bin/busybox
Not saying that you'll have to do that could just be my phone since im on ext4 and such.
Click to expand...
Click to collapse
I tried it and still no luck. Here is what I am seeing:
one click uninstaller based off of noobnl's
Press any key to continue . . .
copy and run the exploit (may take 2 minutes)
84 KB/s (0 bytes in 5392.000s)
2 KB/s (0 bytes in 88.000s)
[*] CVE-2010-EASY Android local root exploit (C) 2010 by 743C
[*] checking NPROC limit ...
[+] RLIMIT_NPROC={2650, 2650}
[*] Searching for adb ...
[+] Found adb as PID 2390
[*] Spawning children. Dont type anything and wait for reset!
[*]
[*] If you like what we are doing you can send us PayPal money to
[*] [email protected] so we can compensate time, effort and HW costs.
[*] If you are a company and feel like you profit from our work,
[*] we also accept donations > 1000 USD!
[*]
[*] adb connection will be reset. restart adb server on desktop and re-login.
remove joeykrim root method
mount: Operation not permitted
rm failed for /system/bin/joeykrim-root.sh, Read-only file system
rm failed for /system/bin/jk-su, Read-only file system
rm failed for /etc/passwd, Read-only file system
rm failed for /etc/group, Read-only file system
rm failed for /system/bin/su, Read-only file system
rm failed for /system/xbin/su, Read-only file system
rm failed for /system/app/Superuser.apk, Read-only file system
failed to copy 'playlogo' to '/system/bin/playlogo': Read-only file system
Unable to chmod /system/bin/playlogo: Read-only file system
rm failed for /etc/resolv.conf, Read-only file system
rm failed for /system/bin/remount, Read-only file system
rm failed for /system/bin/busybox, Read-only file system
copy recovery and flasher
384 KB/s (0 bytes in 313888.000s)
495 KB/s (0 bytes in 7864320.015s)
flashing recovery
RedBend Update Agent 6,1,14,1
FOTA : Make Block Device Nodes
lcd_init(498): start!
lcd_init(507): fb0 open success
lcd_init(514): width = 480, height = 800
open device file: Permission denied
bmldevice_get_size: bmldevice_open failed!src: /sdcard/bml8.bin
dst: /dev/block/bml8 partition size: 0x0
part_size: 0x0
reboot: Operation not permitted
wait 60 second
cleanup
done
Press any key to continue . . .
Do you think it would be possible to flash the bml8.bin with ODIN? I haven't tried to go into download mode but it should be possible seeing how its almost identical to the vibrant and it's made by samsung.
I wonder if this has a bootloader like htc devices where you can flash system images which have the stock recovery, or if the system dump has it, then we can do.. flash recovery /sdcard/xxx.img from term or adb or fastboot, which ever one.
Sent from my SGH-T839 using Tapatalk
you can try making your filesystem r/w before running it.. I dunno why its not mounting properly with adb...
you all have usb debugging enabled right?
Open up command prompt,
cd C:\path\to\uninstaller
adb shell
su
(check prompt on screen superuser)
mount -o remount,rw /dev/block/stl9 /system
then just click the run.bat while the first window is still open
Also before trying this try clearing data on superuser.apk on your phone
You can also try remounting to RW on your phone with like root explorer or terminal emulator... I honestly have no idea why adb keeps getting permission denied
blu9987 said:
you can try making your filesystem r/w before running it.. I dunno why its not mounting properly with adb...
you all have usb debugging enabled right?
Open up command prompt,
cd C:\path\to\uninstaller
adb shell
su
(check prompt on screen superuser)
remount rw
then just click the run.bat while the first window is still open
Also before trying this try clearing data on superuser.apk on your phone
You can also try remounting to RW on your phone with like root explorer or terminal emulator... I honestly have no idea why adb keeps getting permission denied
Click to expand...
Click to collapse
Okay so the original recovery is located on a different part, which CWM doesnt write to, allowing the old one to be used again using this method, correct?Just want to better understand how it works.
Ace42 said:
Okay so the original recovery is located on a different part, which CWM doesnt write to, allowing the old one to be used again using this method, correct?Just want to better understand how it works.
Click to expand...
Click to collapse
I'm pretty sure clockworkmod one click you guys used flashed CWM recovery to /dev/block/bml8 so this restores the original bml8 image
and heres a copy paste from the dump thread
Code:
bml4 1280 KB contains Sbl.bin (1310720 bytes) Secondary Boot Loader (loads the Linux kernel and passes the necessary arguments)
bml5 1280 KB contains Secondary Boot Loader (for recovery, ect)
bml8 7680 KB empty - on Epic 4G and Fascinate, contains recovery.bin
And since you all used the epic recovery flasher, i concluded that it probably flashed bml8 and that you just replace it with the stock bml8 ya?
Also the epic recovery flasher pushes recovery files into /system/bin which need to be removed and I realised that I didnt include that in the one click uninstaller *facepalm*
blu9987 said:
I'm pretty sure clockworkmod one click you guys used flashed CWM recovery to /dev/block/bml8 so this restores the original bml8 image
and heres a copy paste from the dump thread
Code:
bml4 1280 KB contains Sbl.bin (1310720 bytes) Secondary Boot Loader (loads the Linux kernel and passes the necessary arguments)
bml5 1280 KB contains Secondary Boot Loader (for recovery, ect)
bml8 7680 KB empty - on Epic 4G and Fascinate, contains recovery.bin
And since you all used the epic recovery flasher, i concluded that it probably flashed bml8 and that you just replace it with the stock bml8 ya?
Also the epic recovery flasher pushes recovery files into /system/bin which need to be removed and I realised that I didnt include that in the one click uninstaller *facepalm*
Click to expand...
Click to collapse
Oh I see, well I'll let you know how it turns out then.
Edit: In system /bin I have
-recovery(ukn file type)
-recoveryfiles(folder)
-recoveryres(folder)
Also these "bml" files are in /SYS/BLOCK <--according to root explorer
While /DEV/Block only shows "vold" folder, nvm term shows that bml is there
Ace42 said:
Oh I see, well I'll let you know how it turns out then.
Edit: In system /bin I have
-recovery(ukn file type)
-recoveryfiles(folder)
-recoveryres(folder)
Also these "bml" files are in /SYS/BLOCK <--according to root explorer
While /DEV/Block only shows "vold" folder, nvm term shows that bml is there
Click to expand...
Click to collapse
-recovery(ukn file type) comes with the stock system but the one click installer pushed over a modified one. Youd need to replace with the original...I'll add that into the uninstaller
-recoveryfiles(folder) is from the one click installer
-recoveryres(folder) is also from the one click installer
There is also
/system/xbin/remount
and
/system/xbin/busybox
and /system/bin/playlogo (which I already have in the uninstaller..the playlogo they use is what gives permanent root if i remember correctly)
It would be so much easier if somebody on 100% stock would gain temporary root using rageagainstthecage and root.sh and pull the images for a tar then we can put together a stock flash with factoryfs.rfs cache.fs intram.lfs recovery.bin boot.bin sbl.bin and modem.bin
If anyone is interested pm me and i'll give you the info you need on how to do it
blu9987 said:
-recovery(ukn file type) comes with the stock system but the one click installer pushed over a modified one. Youd need to replace with the original...I'll add that into the uninstaller
-recoveryfiles(folder) is from the one click installer
-recoveryres(folder) is also from the one click installer
There is also
/system/xbin/remount
and
/system/xbin/busybox
and /system/bin/playlogo (which I already have in the uninstaller..the playlogo they use is what gives permanent root if i remember correctly)
It would be so much easier if somebody on 100% stock would gain temporary root using rageagainstthecage and root.sh and pull the images for a tar then we can put together a stock flash with factoryfs.rfs cache.fs intram.lfs recovery.bin boot.bin sbl.bin and modem.bin
If anyone is interested pm me and i'll give you the info you need on how to do it
Click to expand...
Click to collapse
Thr thing is..I'm exchanging mines today so I will try what you said and then do a factory erase afterwards. If it leaves some files there's not much I can do, can you fix he uninstaller to add the other files today, ill really appreciate it.
Sent from my SGH-T839 using Tapatalk
Disregard this post i'll make something and put it up after portfolio is done in a few hours
I have attached a one click uninstaller for root, revised and will work. Just extract and run the run.bat
It should remove all root and reflash stock over clockworkmod!
If this works let me know and i'll post it in its own thread
Shameless triple post:
Anyone end up testing this? It would be highly beneficial if somebody could remove CWM and root, restore to stock, and follow some instructions to pull the necessary images to make an odin tar. I would do this myself but I don't have a sidekick. Or maybe once we get a working CWM make a pre-rooted odin flash

[GUIDE] getting titaniumbackup (and other root apps) temporarly working

first off, big thanks @teamwin for fre3vo!
this guide is for advanced users only, so I will not explain the adb stuff etc.
you will need to do this stuff FAST, as temp root only works for a short amount of time, but it was enough for me to restore some apps and settings
* install titaniumbackup & busybox installer from market (do not start them)
* reboot the phone and DO NOT start any application
* do the fre3vo stuff:
Code:
adb push fre3vo /data/local/tmp
adb shell chmod 777 /data/local/tmp/fre3vo
adb shell /data/local/tmp/fre3vo
* install superuser, su and set permissions
Code:
adb shell mount -oremount /dev/block/mmcblk0p22 /system
adb install Superuser.apk
adb push su /system/xbin/su
adb shell chmod 06755 /system/xbin/su
adb shell ln -s /system/xbin/su /system/bin/su
* start busybox installer and install busybox
* start titaniumbackup and do your stuff
again, this has to be done fault free and FAST, like within 2-3 minutes
attached are su & superuser used
Nothing attached
Thank you for this tuto, i try other from 3D Evo and don't work for me, now im not at home, but will try this one once at home.
Thank a lot!!!
Sent from my HTC Sensation Z710e using Tapatalk
<delete please>
Great man!! Thanks
I am guessing that all these files fre3vo, SU, Su.apk should be in the platform-tools folder? where adb is?
We can delete some apks,right?
jerrylzy said:
We can delete some apks,right?
Click to expand...
Click to collapse
No, but you can disable them
prateekgujral said:
I am guessing that all these files fre3vo, SU, Su.apk should be in the platform-tools folder? where adb is?
Click to expand...
Click to collapse
the 3 files have to be in your current working directory (which should not be the platform dir), and adb should be in your ${PATH}
but yes, you can also put the files where adb is located
blubbers said:
the 3 files have to be in your current working directory (which should not be the platform dir), and adb should be in your ${PATH}
but yes, you can also put the files where adb is located
Click to expand...
Click to collapse
I will have to put them where the adb is located as I havent changed the environment variables for accessing adb from anywhere.. i think it should be ok.. as I have been flashing radios and other apps like that only!! (previous Androids!)
I would usually just copy the file on to the platrform directory.. ADBed the thing and deleted the file oonce the job is done!
prateekgujral said:
I will put them where the adb is located as I havent changed the environment variables for accessing adb from anywhere.. i think it should be ok.. as I have been flashing radios and other apps like that only!! (previous Androids!)
I would usually just copy the file on to the platrform directory.. ADBed the thing and deleted the file oonce the job is done!
Click to expand...
Click to collapse
of course it will work, but it's not the proprer way to do things
blubbers said:
of course it will work, but it's not the proprer way to do things
Click to expand...
Click to collapse
Oh well!! as long as it works!!!
Anyway... thanks man!!
Found this!!
Excellent video tut
http://www.youtube.com/watch?v=1t9AXZWcFQU
prateekgujral said:
Found this!!
Excellent video tut
http://www.youtube.com/watch?v=1t9AXZWcFQU
Click to expand...
Click to collapse
might want to put this in the fre3vo thread, as this is thread goes beyond that
Followed your procedure above but just before I installed busybox - I pushed a new hosts file over which was taken from an adblocker program.
adb push hosts /etc/hosts
Edit: - hosts gets overwritten after few minutes
Pity - thought it might have been useful
Awesome worked great!
EddyOS said:
No, but you can disable them
Click to expand...
Click to collapse
I have uninstalled anything related to "stocks"
The widget , the app and one other have been uninstalled and are no longer present on my phone
Sent from my Nokia 3310 using Tapatalk, 2 carrier pigeons on crack and a cab
j2kquest said:
I have uninstalled anything related to "stocks"
The widget , the app and one other have been uninstalled and are no longer present on my phone
Sent from my Nokia 3310 using Tapatalk, 2 carrier pigeons on crack and a cab
Click to expand...
Click to collapse
Reboot and they'll probably come back
I get this
failed to copy 'su' to '/system/xbin/su': Read-only file system
Click to expand...
Click to collapse
I get all the way to Titanium backup saying its restoring an app and it hangs there. It gets superuser and everything it just doesnt seem to want to actually restore anything.
I get this problem
C:\android\tools>adb shell mount -oremount /dev/block/mmcblk0p22 /system
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
error: device not found
C:\android\tools>adb shell mount -oremount /dev/block/mmcblk0p22 /system
adb server is out of date. killing...
* daemon started successfully *
mount: Operation not permitted
C:\android\tools>adb shell mount -oremount /dev/block/mmcblk0p22/system
adb server is out of date. killing...
* daemon started successfully *
Usage: mount [-r] [-w] [-o options] [-t type] device directory
C:\android\tools>adb install Superuser.apk
adb server is out of date. killing...
* daemon started successfully *
2180 KB/s (196521 bytes in 0.088s)
adb server is out of date. killing...
* daemon started successfully *
pkg: /data/local/tmp/Superuser.apk
Success
adb server is out of date. killing...
* daemon started successfully *
C:\android\tools>adb push su /system/xbin/su
adb server is out of date. killing...
* daemon started successfully *
failed to copy 'su' to '/system/xbin/su': Read-only file system
Click to expand...
Click to collapse

su not updated

I have my Polaris NAND flashed with 2.6.25 kernel + casacristo's RLS18 ROM.
I have updated from the market the Superuser but now I get the pessage that SU is not updated and to download the new one (3.0.3.2).
I download the new one , the Root access is granted but at the end more or less I receive this message translated from italian:
...
...
md5sum ... OK
Mod file su 06755... OK
Moving su to its final position ... failed...
TRY Again
I tryed several times but ... no chance to update it... how can I manage ?
miazza
Here is latest su binaries v3.0.3.2. Download and unzip file. Push this to /system/bin and /system/xbin and then change rights with chmod to 6755. Reboot phone. Done.
Thanks, I will try.
Shall I do via ADB or can I try with RootExplorer for example ?
miazza
ADB, unless your root explorer can set 6755 rights
whitealien said:
ADB, unless your root explorer can set 6755 rights
Click to expand...
Click to collapse
It worked great. I managed with RootExplorer but it can be done also via FTP with Filezilla.
Thanks
miazza
file permissions doesn't work
Hi,
I use a HTC wildfire S, who have been rooted, but still in original ROM.
My SU doesn't want to be updated, as described in the first post.
So I downloaded the ZIP, and put SU on the sdcard. With ROOT BROWSER I copy it on /system/bin (SU have been copied automaticaly in /system/xbin).
I tried to change the permissions files, but after reboot, permissions are ---rwxr-x.
I tried with ADB. My phone is well recognised :
C:\Program Files\Android\android-sdk\platform-tools>adb devices
adb server is out of date. killing...
* daemon started successfully *
List of devices attached
SH191TR05136 device
When I tried to change permissions file SU :
C:\Program Files\Android\android-sdk\platform-tools>adb shell
adb server is out of date. killing...
* daemon started successfully *
$ chmod 6755 /system/bin/su
chmod 6755 /system/bin/su
Unable to chmod /system/bin/su: Read-only file system
$ chmod 6755 /mnt/sdcard/temp/su
chmod 6755 /mnt/sdcard/temp/su
Unable to chmod /mnt/sdcard/temp/su: Operation not permitted
$ chmod 755 /mnt/sdcard/temp/su
chmod 755 /mnt/sdcard/temp/su
Unable to chmod /mnt/sdcard/temp/su: Operation not permitted
$
Do you have an idea ? Thanks by advance, because right now, my phone is not still root...
I have no idea about how ROOT BROWSER works.
With RootExplorer you can tap the su file and keep it untill the permission window appear. At that point you can change all the file rights.
Another way for doing it is via FTP by using SwiFTP.
ciao
miazza
miazza said:
I have no idea about how ROOT BROWSER works.
With RootExplorer you can tap the su file and keep it untill the permission window appear. At that point you can change all the file rights.
Another way for doing it is via FTP by using SwiFTP.
ciao
miazza
Click to expand...
Click to collapse
Root browser seems to work the same way.
How can you use FTP with a phone ? It's suppose to use an IP adress. But by USB, there is not... But I will,l try asap.
However, my apps couldn't take root permissions, so I feel bad...
Use SwiFTP (it should be free from the market).
It works over Wireless connection to your internal WLAN and provide you with an FTP address like 192.160.0.x.
While you are connected through FTP client (like Filezilla), you can see your mobile File System as well as your SD.
with a right click on the su file you can change your rights.
But I do not know if it works even if you are not rooted...
miazza
I solved my problem my re-rooting my phone, using http://forum.xda-developers.com/attachment.php?attachmentid=672519&d=1312136127.
My phone says that the binary SU was obsolete, but when I tried "AGAIN" to update it, it was successful that time.
Strange, I don't understand why now the update was ok. But all is right.
Thanks everyone for the help.

Root Script for phones running ICS (or greater)

Please come here and test it on your device:
http://forum.xda-developers.com/showthread.php?p=31545627
Some devices are already confirmed as working!
No tests for other devices ???
Regards
i posted this on sony Tablet S forum too... tonight when i'm home i'll try... it use the same adb restore bug found on jap forum... thx i'll report on your treadh
I have tested it on a Samsung Galaxy S2 and it seems to work. But I had to port your script to Linux first. I have attached it to this post. Maybe you can verify if the other devices are still working.
regards
danroob
i have a galaxy s2 skyrocket and need help rooting the phone please help!!!!
Sent from my SAMSUNG-SGH-I727 using xda app-developers app
danroob said:
I have tested it on a Samsung Galaxy S2 and it seems to work. But I had to port your script to Linux first. I have attached it to this post. Maybe you can verify if the other devices are still working.
regards
danroob
Click to expand...
Click to collapse
Thanks for your script I will add the expansion for Tablet S to it and then append it to my v3 script which i posted in the other thread.
jrod2315 said:
i have a galaxy s2 skyrocket and need help rooting the phone please help!!!!
Sent from my SAMSUNG-SGH-I727 using xda app-developers app
Click to expand...
Click to collapse
Have you tried the script I need more input for helping
Regards
Feedback Samsung Galaxy SII
Hi,
this tool looks great. Many thanks!
I tried all versions (1-10) several times zu root my Samsung Galaxy SII (Android 4.0.3) without success.
Bin4ry_root_Linux
Code:
======================================================================
= This script will root your Android phone with adb restore function =
= Script by Bin4ry (thanks to Goroh_kun and tkymgr for the idea) =
= (13.09.2012) =
======================================================================
Device type:
1) Xperia T
2) LT26,LT22 etc.
3) Other
Make a choice: 3
Normal Mode enabled!
Please connect device with ADB-Debugging enabled now....
3087 KB/s (1085140 bytes in 0.343s)
1399 KB/s (22364 bytes in 0.015s)
3106 KB/s (843503 bytes in 0.265s)
Please look at your device and click RESTORE!
If all is successful i will tell you, if not this shell will run forever.
Successful, going to reboot your device!
Waiting for device to show up again....
mount: permission denied (are you root?)
/system/xbin/su: cannot open for write: Read-only file system
Unable to chmod /system/xbin/su: No such file or directory
/system/app/Superuser.apk: cannot open for write: Read-only file system
Unable to chmod /system/app/Superuser.apk: No such file or directory
rm failed for /data/local.prop, Permission denied
You can close all open command-prompts now!
After reboot all is done! Have fun with Root!
Bin4ry
Drücken Sie eine beliebige Taste . . .
Version 10
Code:
======================================================================
= This script will root your Android phone with adb restore function =
= Script by Bin4ry (thanks to Goroh_kun and tkymgr for the idea) =
= Idea for Tablet S from Fi01_IS01 =
= (20.09.2012) v10 =
======================================================================
Device type:
1) Normal
2) Special (for example: Sony Tablet S, Medion Lifetab)
x) Unroot
Make a choice: 1
Checking if i should run in Normal Mode or special Sony Mode
Please connect your device with USB-Debugging enabled now
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
remote object '/system/app/Backup-Restore.apk' does not exist
Normal Mode enabled!
Pushing busybox....
2953 KB/s (1085140 bytes in 0.358s)
Pushing su binary ....
5757 KB/s (91980 bytes in 0.015s)
Pushing Superuser app
2971 KB/s (996704 bytes in 0.327s)
Making busybox runable ...
Please look at your device and click RESTORE!
If all is successful i will tell you, if not this shell will run forever.
Running ...
Successful, going to reboot your device!
Waiting for device to show up again....
Going to copy files to it's place
mount: permission denied (are you root?)
You can close all open command-prompts now!
After reboot all is done! Have fun!
Bin4ry
Drücken Sie eine beliebige Taste . . .
What can I do?
Galaxy S2 running 4.03, not working using the latest version posted (11)
Runs through the process of pushing busybox, su etc, says it is done after the reboot but I don't have root access per terminal.
Ditto... Samsung AT&T i727 S2 Skyrocket running 4.0.4 UCLF6 - bin4ry v15 says it succeeded, but Root Check'd, no joy...
I know this is an older post, but
danroob said:
I have tested it on a Samsung Galaxy S2 and it seems to work. But I had to port your script to Linux first. I have attached it to this post. Maybe you can verify if the other devices are still working.
regards
danroob
Click to expand...
Click to collapse
I was wondering if this would work on the offshoots of the GS2? I have an Epic 4g Touch.
Bin4ry. Sir, I need your help please. I tried to root my phone, a local brand, running on ICS 4.0.4 and every time I try to root it using your program, it keeps telling me "mount: permission denied (are you root?)".. What does this mean? How can I fix this so that I can successfully root my phone? thanks! I tried several times and used different computers but it just keeps giving me the same error message.
I really need help coz' I want to root my phone and install Link2sd so that I can no longer have low internal memory problems.
Cheers!
Problem with MTK6577 phone
I am having the same problem with my S3 clone.. Ordered the phone from Amazon and it does not have any manufacturer name. It was advertised as Phecda i9300.. It runs with mtk6577 processor..
The problem is exactly the same.. I get the option to Restore data and then phone reboots.. After that the mount permission denied error appears.. There is no change on the phone.. Confirmed that root is not there in the phone through Root Checker app.. Any help?
Jan.u said:
Hi,
this tool looks great. Many thanks!
I tried all versions (1-10) several times zu root my Samsung Galaxy SII (Android 4.0.3) without success.
Bin4ry_root_Linux
Code:
======================================================================
= This script will root your Android phone with adb restore function =
= Script by Bin4ry (thanks to Goroh_kun and tkymgr for the idea) =
= (13.09.2012) =
======================================================================
Device type:
1) Xperia T
2) LT26,LT22 etc.
3) Other
Make a choice: 3
Normal Mode enabled!
Please connect device with ADB-Debugging enabled now....
3087 KB/s (1085140 bytes in 0.343s)
1399 KB/s (22364 bytes in 0.015s)
3106 KB/s (843503 bytes in 0.265s)
Please look at your device and click RESTORE!
If all is successful i will tell you, if not this shell will run forever.
Successful, going to reboot your device!
Waiting for device to show up again....
mount: permission denied (are you root?)
/system/xbin/su: cannot open for write: Read-only file system
Unable to chmod /system/xbin/su: No such file or directory
/system/app/Superuser.apk: cannot open for write: Read-only file system
Unable to chmod /system/app/Superuser.apk: No such file or directory
rm failed for /data/local.prop, Permission denied
You can close all open command-prompts now!
After reboot all is done! Have fun with Root!
Bin4ry
Drücken Sie eine beliebige Taste . . .
Version 10
Code:
======================================================================
= This script will root your Android phone with adb restore function =
= Script by Bin4ry (thanks to Goroh_kun and tkymgr for the idea) =
= Idea for Tablet S from Fi01_IS01 =
= (20.09.2012) v10 =
======================================================================
Device type:
1) Normal
2) Special (for example: Sony Tablet S, Medion Lifetab)
x) Unroot
Make a choice: 1
Checking if i should run in Normal Mode or special Sony Mode
Please connect your device with USB-Debugging enabled now
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
remote object '/system/app/Backup-Restore.apk' does not exist
Normal Mode enabled!
Pushing busybox....
2953 KB/s (1085140 bytes in 0.358s)
Pushing su binary ....
5757 KB/s (91980 bytes in 0.015s)
Pushing Superuser app
2971 KB/s (996704 bytes in 0.327s)
Making busybox runable ...
Please look at your device and click RESTORE!
If all is successful i will tell you, if not this shell will run forever.
Running ...
Successful, going to reboot your device!
Waiting for device to show up again....
Going to copy files to it's place
mount: permission denied (are you root?)
You can close all open command-prompts now!
After reboot all is done! Have fun!
Bin4ry
Drücken Sie eine beliebige Taste . . .
What can I do?
Click to expand...
Click to collapse
ronbot said:
Ditto... Samsung AT&T i727 S2 Skyrocket running 4.0.4 UCLF6 - bin4ry v15 says it succeeded, but Root Check'd, no joy...
Click to expand...
Click to collapse
hopefully you can help i am SOOO lost i can jailbreak a iphone no problem but i am having a heck of a time trying to Root this skyrocket it aso has 4.0.4 have you got it rooted yet and what all did you use??? can you please help me??
ravindran_eee said:
I am having the same problem with my S3 clone.. Ordered the phone from Amazon and it does not have any manufacturer name. It was advertised as Phecda i9300.. It runs with mtk6577 processor..
The problem is exactly the same.. I get the option to Restore data and then phone reboots.. After that the mount permission denied error appears.. There is no change on the phone.. Confirmed that root is not there in the phone through Root Checker app.. Any help?
Click to expand...
Click to collapse
Same here, I'm using china made "Nova Note Diamond (Note II clone)", comes with JB 4.1.1. mtk6577 1Ghz DualCore, DualSim with 1GB RAM. I've tried few tools with different method including the latest tool by Binary, also failed ... same message "mount: permission denied (are you root?)" ...
permission denied (are you root?
Same problem with my Galaxy SII I910XXLPS ICS 4.0.3
Waiting for device to show up again....
Going to copy files to it's place
mount: permission denied (are you root?
You can close all open command-prompts
After reboot all is done! Have fun!
Bin4ry
Press any key to continue . . .
Anyone got any idea?
Hi sir, do you have the latest version Root_with_Restore_by_Bin4ry_v18 coz, i cant download it in his main thread...and another question, can i root xperia sola 6.1.1.b.1.54 with this,
thanks

Categories

Resources