Root Transmission
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Root Transmission: the ONLY app that allows you to root other phones straight from your own device!
Inspired by Kos's p2p-adb hacking toolkit (http://hak5.org/episodes/hak5-1205), this app is a pleasant, easy way to root other phones while away from your computer! Just two buttons, Root and Unroot! Connect the cable and root away! It couldn't be simpler!
Even has its own terminal window so you can see exactly what's going on while your phone does its thing!
You will need a ROOTED device capable of USB hosting (USB On The Go), a USB OTG cable and one-click root scripts for the devices you wish to root.
Scripts and their associated files should be placed in /sdcard/RootTransmission/*devicename*/*version*/, otherwise it will not be available for use. *devicename* and *version* can be whatever you want.
Note that this is an UNSTABLE version, and you use this app at your own risk. Occasional force closes are to be expected (though they will most likely not break the phone you are trying to root). Incorrectly written scripts can permanently damage or brick both devices involved, so only use trusted 3rd party root scripts and at your own risk.
Click to expand...
Click to collapse
Screenshots
Changelog
1.01unstable
fixed bug that sometimes caused crashing when user closed app
fixed bug that caused app to crash if scripts directory did not exist
Much smaller size (166k)
made it for Android 4.0 and up (accidentally had it for 3.1 and up in Play Store, will re-add Honeycomb support if I find that it works reliably with it)
1.0unstable
initial public release
Click to expand...
Click to collapse
Planned features
Downloading scripts within the app
Nicer GUI
In-app help text
??? Suggest some!
Click to expand...
Click to collapse
(Removed from Play Store because Google said it was "dangerous")
Please do not mirror this apk, it is to be downloaded exclusively from XDA-Developers. Failure to comply will result in the removal of this app from XDA.
I've attached a zip with the files needed to root a Verizon Galaxy S3 (SCH-I535), extract it to /sdcard/RootTransmission/ to use.
Note that since I only have one USB host-capable device (my own S3), no warranty is provided over the functionality of this zip since I am unable to fully test it. (It is a repackaged version of the DebugFS one-click root found at http://forum.xda-developers.com/showthread.php?t=1883984 and thus will only work if the device to be rooted is running ICS, which shouldn't be a problem as of yet.)
Again, this is an unstable test version. It should mostly work, but no guarantees on its functionality.
Reserved for future use
Reserved for future use.
what device is supported? what device supported that can be rooted?
chev said:
what device is supported? what device supported that can be rooted?
Click to expand...
Click to collapse
In order to run the app, your device (the device that is already rooted) must support USB hosting/USB OTG. Most newer devices have this.
This app uses adb and scripts (which you must provide) to root devices. If there is a root method for the device that uses adb, then it will work.
In the case of the Verizon Galaxy S3 (my primary device), the root method for a stock ROM is to use adb to push an exploit that will allow us to install Superuser and the su binary. I believe the Asus Transformer Prime uses a similar method.
If the only root method available involves using a program such as Odin/Heimdall or a manufacturer's phone flashing utility, or a zip must be flashed in recovery in order to gain root, it will definitely not work. In the case of the HTC Sensation, you must flash a recovery and boot into it, then flash a zip containing the su binary as well as a controller app such as Superuser in order to gain root. So the HTC Sensation could NOT be rooted with this.
In the future I plan on building a compatibility chart within the app to determine which phones can run this app and which phones can be rooted with it, as well as downloads for the rooting process. In the meantime, if there is a phone you are looking to root with this, let me know and if possible, I'll craft a zip to use with this.
Updated Root Transmission to 1.01unstable.
Following changes were made:
-bugfix: app occasionally FC'd when closing app
-bugfix: app crashed if scripts directory did not exist
-smaller size (166k, old version was 1.62mb)
-made it available only for 4.0 and up (had it set to 3.1 and up by accident)
Available in first post or in the Play Store.
Keep sending in those bug reports, it really helps!
Also, if you have any new features you want to suggest, let me know.
I'm considering the following so far:
-Downloading scripts in-app
-Nicer GUI
-Help text
Added script for the Asus Transformer tablets (TF101/TF201/TF300T/TF700T) to the first post. It will only root tablets on 4.0 or below.
This app looks promising, keep it up this great work, :fingers-crossed:
Theoretically could this run any script over adb on another device. not just a root one?
one x
Hey does this work with the one x international version?
I believe that in order for the app to work properly, adb must be running as root, so no. It's not possible to use this with a non rooted phone.
HTC One X should be able to be rooted (as well as other devices relying on fastboot), but I haven't added support for it yet. A fastboot binary for ARM is available, so I'll package that into the app for next release. Stay tuned. However, I don't know about unlocked bootloaders and all that on HTC devices, so beware.
I'm also going to take a look at the Heimdall source code later so that you can perform Odin flashes over USB. This means that basically any Samsung phone should be able to be rooted, even without a one click root script.
All this stuff will take time though, and with school still going on it might take some time. But I'm definitely working on it!
Sent from my SCH-I535 using Tapatalk 2
Would it be possible to use this app to flash unsecured boot.img and then recoveries? Basically have it set up to download the recoveries and boot.img from a ftp or something? Can we basically just use the host phone as a standard ADB and Fastboot commander? Using regular commands?
root tranmission
i download the file, and recive the next error while unstalling:
parse error
there is a problem parsing the package
there´s any fix?
thanks in advance
Draciel882 said:
Would it be possible to use this app to flash unsecured boot.img and then recoveries? Basically have it set up to download the recoveries and boot.img from a ftp or something? Can we basically just use the host phone as a standard ADB and Fastboot commander? Using regular commands?
Click to expand...
Click to collapse
This is on my to-do list. I might also include a terminal emulator with access to the app's adb/fastboot binaries.
teran220 said:
i download the file, and recive the next error while unstalling:
parse error
there is a problem parsing the package
there´s any fix?
thanks in advance
Click to expand...
Click to collapse
Try installing from Play Store.
wchill said:
This is on my to-do list. I might also include a terminal emulator with access to the app's adb/fastboot binaries.
Click to expand...
Click to collapse
That would be awesome, let me know if you need some help testing. I've been wanting to be able to do this for awhile. It would pretty much eliminate the need for a computer when flashing roms on devices that have their bootloader already unlocked.
how to check my device is usb otg/host capable ?
anazhd said:
how to check my device is usb otg/host capable ?
Click to expand...
Click to collapse
Use this app by Chainfire
https://play.google.com/store/apps/details?id=eu.chainfire.usbhostdiagnostics
Sent from my SCH-I535 using Tapatalk 2
Wow, the idea behind your software is brillant!
I yet see a future world in which handset liberation is achieved and spread among users in dark corners of the streets! :silly: :laugh:
Hey there wchill , seems like you are an app dev rookie as I seen some stuff , well you aren't so different from me , PM me , I will help you in your project , btw I have seen a small thing , that the Settings button does nothing , to remove it remove in your mainActivity the lines that say onCreateOptionsMenu , as long as you don't need an options menu !
EDIT : No offence for calling you a rookie , I may have underestimated you , because your work is amazing , but I was talking the Java side of your knowledge , sorry if I offended you !
seaskyways said:
Hey there wchill , seems like you are an app dev rookie as I seen some stuff , well you aren't so different from me , PM me , I will help you in your project , btw I have seen a small thing , that the Settings button does nothing , to remove it remove in your mainActivity the lines that say onCreateOptionsMenu , as long as you don't need an options menu !
Click to expand...
Click to collapse
I know that the options menu is there, but I'm planning on adding to its functionality so there's no point in removing it yet. Don't worry, I didn't forget about it
Also, I only have one year of experience in Java, so my skills definitely are not the most top notch out there. I'd say not bad for being self taught though.
Anyway, in app downloads should be working by this weekend, depending on how much homework I get this week. Did a lot of it today, just need to make the frontend for it. After that I'll work on improving the GUI, because I really couldn't be bothered to spend more than 5 minutes making it what it looks like right now.
Expect an update in the next few days
Sent from my SCH-I535 using Tapatalk 2
Related
Credits:
birbeck for the usual random java guidance, slushpupie for his previous java guidance, dodgejcr for extreme amounts of testing, and one_love_420 and shift for some great graphics!
testers: JT-, couga6442, happytweak and many others I might have forgot in the last three days of late nights and no sleep plus full day of work!
Thanks to SDX !!
Requires:
Unlocked bootloader and root access!
Background:
flash_image (bmlwrite) is an extremely useful utility for flashing custom kernels, boot logos and recoveries. This binary has made it possible to easily flash all these items and is used almost everywhere behind the scenes (i.e. in custom recoveries, packaged into kernel /sbin, etc).
Description:
This android application, FlashImageGUI, is basically a GUI interface for the linux binary, flash_image provided by google in AOSP for loading custom kernels and recovery images onto the phone. No recovery or adb needed! Flash a custom kernel, boot logo (some devices) and custom recovery all from android w/o rebooting into recovery mode!
The application displays current kernel version information!
Current Device Support:
Full Kernel (Anykernel and boot.img) Flashing and Recovery (zip file or image) flashing: Sprint Galaxy S4, International HTC One, T-Mobile HTC One, Sprint HTC One, HTC EVO 4G LTE, HTC One S, HTC EVO 3D CDMA and GSM, HTC One XL, HTC Droid DNA, HTC Amaze, HTC Vivid/Holiday, HTC EVO 4G, HTC EVO Shift, Google Nexus 4, Google Nexus 10, Google Nexus 7, Samsung Google Galaxy Nexus, Nexus S/Nexus S 4G & LG Optimus
Full Kernel, Logo and Recovery flashing: Samsung Moment, Transform, Intercept and Acclaim - the s3c6410 series of devices
Full Kernel (zImage) Flashing: Samsung Epic
Check application version for updates
Future Support:
The current phone support limitation is due to hardware manufacturer differences and their software implementations. This process can be very dangerous and I'm being very caution by thoroughly testing before releasing. I've started with the phones I am most familiar and hope to cover all those who request it!
I have a personal list of features I am going to be adding over the coming days and weeks in addition to support for other phones. Please feel free to leave feedback here and requests for phone support. If you have any information on flash_image or bmlwrite for your phone, that'll help get me started researching on your phone support request. Thanks!
Install Directions:
Install process is the same as any other .apk. Download to computer and adb push or mount sdcard on computer and copy over. Use any file manager, adb, connectbot/terminal emulator to install.
My preferred method, maybe a bit technical: adb install c:\downloads\FlashImageGUI.apk
Download Locations
Market (99 cents!): Flash Image GUI
Release versions (free from my personal hosting): Flash Image GUI
Contact:
Any questions, comments, concerns, or issues, please post in this thread or send me an email! Thanks for all the help and support!
http://twitter.com/joeykrim
http://joeykrim.com
Screenshots:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Feedback:
Please post any helpful feedback. I'm always looking to improve the application!
Users Guide for flashing ONLY a Kernel (zip file):
1) Ensure the bootloader is unlocked and root access is properly setup
2) Make sure the selected Kernel is compatible with the currently loaded ROM. If not, this will result in a lot of frustration!!! See troubleshooting steps below.
3) Download kernel zip file to /sdcard.
4) Open Flash Image GUI, browse and select kernel zip file, downloaded/loaded to sdcard in previous step.
5) Flash Image GUI will validate the kernel zip file is contains the minimum required files
6) Select the Flash Image button and Flash Image GUI will load the kernel and the kernel modules from the source kernel zip file.
7) Reboot
Troubleshooting after Rebooting:
First step, when experiencing issues flashing is to RE FLASH the files again. Many times, re flashing again will clear up any issues. If not, see the issues/solutions below.
Issue #1: If the device hangs or reboots while on the splash screen, the kernel itself or the ramdisk packaged in the kernel is NOT compatible with your device!!!
Solution for #1: Have to boot into fastboot (or directly into the custom recovery) and load the custom recovery to flash a known good kernel or restore a previously known good nandroid backup. Command: fastboot boot c:\downloads\cwm-recovery.img
Issue #2: If the device hangs or reboots while on the boot animation, the ROM is likely NOT compatible with the kernel!!!
Solution for #2: Have to boot into fastboot and load the custom recovery to flash a known good ROM/kernel combination either from a zip file or restore from a nandroid backup.
Im curious, why does this only work on certain phones? I need a way to flash a recovery to my Tmobile Comet (Huawei Ideos U8150). Thanks
jdyates said:
Im curious, why does this only work on certain phones? I need a way to flash a recovery to my Tmobile Comet (Huawei Ideos U8150). Thanks
Click to expand...
Click to collapse
great question. I've updated the OP to answer this better.
essentially each hardware manufacturer is able to use their own type of drivers in dealing with the phones internal memory and in formatting the phones internal file system.
this allows for many different variations. the specific phones I support are the ones I was able to obtain a flash_image binary for (hence the name flash_image) and was able to extensively test.
if you any information to the flash_image binary for your phone, i'd be more than happy to research it and adding support to the app!
i've worked day/night the last three days to put this app together and had a ton of testing. i do hope to continue to add support for more phones! thanks for the feedback and phone support suggestion! i will definitely look into it and any help you can provide would be great!
Here is the flash_image binary for Tattoo,
please add it to supported devices, thanks.
How soon before the Epic 4G gets some love?
Samsung galaxy spica gt-i5700 also use same s3c6410 chip. Will this work on it??
Sent from my GT-I5700 using Tapatalk
I have a viewsonic gtab and I HATE the splash screen - would love to see it supported. My 2c... great tool! Thanks!
joeykrim said:
great question. I've updated the OP to answer this better.
essentially each hardware manufacturer is able to use their own type of drivers in dealing with the phones internal memory and in formatting the phones internal file system.
this allows for many different variations. the specific phones I support are the ones I was able to obtain a flash_image binary for (hence the name flash_image) and was able to extensively test.
if you any information to the flash_image binary for your phone, i'd be more than happy to research it and adding support to the app!
i've worked day/night the last three days to put this app together and had a ton of testing. i do hope to continue to add support for more phones! thanks for the feedback and phone support suggestion! i will definitely look into it and any help you can provide would be great!
Click to expand...
Click to collapse
Thanks for the detailed reply, you dont see that alot from app devs these days.
Unfortunately, i have no idea what a flash binary is for my phone or how to get it. Oh well. Thanks again
dancer_69 said:
Here is the flash_image binary for Tattoo,
please add it to supported devices, thanks.
Click to expand...
Click to collapse
perfect! recovery image support should be simple.
kernel flashing methods seem to vary quite a bit between devices. could you post links up to two/three popular kernels so i can see the format they're using?
mattallica76 said:
How soon before the Epic 4G gets some love?
Click to expand...
Click to collapse
great question! i hope to get this supported within the next week as ill be on my honeymoon the next 5 days w/o internet...i know, tough but worth it
if you have the information handy, could you post links to two/three top kernels so I can examine their format?
lovleshgarg said:
Samsung galaxy spica gt-i5700 also use same s3c6410 chip. Will this work on it??
Sent from my GT-I5700 using Tapatalk
Click to expand...
Click to collapse
yes, i had thought about this but didn't know anybody with the phone. supporting this phone should be very simple as it uses that same chip set. could you post a link to a pastebin of this command:
adb shell ls -l /
to double check, flash_image on the spica also does zImage (kernel), logo.png (boot logo) and recovery.rfs (recovery) right?
thanks!
austontatious said:
I have a viewsonic gtab and I HATE the splash screen - would love to see it supported. My 2c... great tool! Thanks!
Click to expand...
Click to collapse
great, this seems to be popular. i have been looking into this and will keep you updated! i hope to get support added for this soon!
for you
hi joeykrim. you do good work man.
attatched is 3 things.
1.flash_image binary for the Epic 4g SPH-D700
2.redband_ua, the method we use to flash kernels
3.zImage, i compiled from source and use
we run on EXT4 mostly these days
I and a few other developers use a scripting process to flash kernels without recovery. if want these pm me.
joeykrim said:
perfect! recovery image support should be simple.
kernel flashing methods seem to vary quite a bit between devices. could you post links up to two/three popular kernels so i can see the format they're using?
great question! i hope to get this supported within the next week as ill be on my honeymoon the next 5 days w/o internet...i know, tough but worth it
if you have the information handy, could you post links to two/three top kernels so I can examine their format?
Click to expand...
Click to collapse
Here are some links to some popular kernels on the Epic-
http://forum.xda-developers.com/showthread.php?t=961614
http://forum.xda-developers.com/showthread.php?t=976197
Congrats and have fun on your Honeymoon.
can i use this with my samsung galaxy apollo????
yea joeykrim!!! i just saw the release! \o/
congrats, buddy!!
Looks like an awesome utility
Support for HTC Desire would be perfect, as i can't seem to get fastboot working, so i'm stuck with Clockworkmod 2.5.1.8 at the moment..
I'm not sure how to get the flash_image file, is it the one contained in /system/bin?
Kernel links:
AOSP - http://forum.xda-developers.com/showthread.php?t=782875&highlight=vork
AOSP - http://forum.xda-developers.com/showthread.php?t=1031909
Sense - http://forum.xda-developers.com/showthread.php?t=849002
Sense - http://forum.xda-developers.com/showthread.php?t=801915&highlight=vork
Stock ROM support
Will this work on galaxy S stock ROM...or do I need to have a third party ROM installed. Most of the other flashing softwares do not support the stock ROM and I hope this is not amongst them.
mattallica76 said:
Here are some links to some popular kernels on the Epic-
http://forum.xda-developers.com/showthread.php?t=961614
http://forum.xda-developers.com/showthread.php?t=976197
Congrats and have fun on your Honeymoon.
Click to expand...
Click to collapse
released an update - version 1.0.3 - supports kernel flashing on Samsung Epic!
tested recovery flashing on the Samsung Epic but it seems too unstable to support
thanks to DRockstar, skeeterslint and MeatMcBadass for testing and feedback!
links in OP updated with new version!
Released version 1.0.5 - Fixing a few minor bugs
** Updated boot logo flashing support on S3C6410 series devices (moment, transform, intercept and acclaim)
** Cleaned up code on the back end for efficiency
** Clarified wording in the prompts
Links in OP have updated versions! Thanks for all the support!
SU Access
Hey I could really use some help, I rooted my Samsung Moment yesterday using the Z4Root program yesterday, but when I try to use Flash Image_GUI I get the following error:
"Root Access Denied
This device has not granted root access to this application. Please root this device to allow this application root access. This application can not run without root access. Sorry!"
Can anyone please help me? I did root the phone accurately, I have the SU icon, but this app (flash image) won't open for me...
WDeamz said:
Hey I could really use some help, I rooted my Samsung Moment yesterday using the Z4Root program yesterday, but when I try to use Flash Image_GUI I get the following error:
"Root Access Denied
This device has not granted root access to this application. Please root this device to allow this application root access. This application can not run without root access. Sorry!"
Can anyone please help me? I did root the phone accurately, I have the SU icon, but this app (flash image) won't open for me...
Click to expand...
Click to collapse
After reading through the z4root thread,
http://forum.xda-developers.com/showthread.php?t=833953 , it appears they install the superuser.apk after rooting.
After you run z4root, and it is a permanent root, I would reboot the device to make sure the SuperUser apk appears in the app draw/tray.
After you can confirm z4root gave you permanent root and installed the superuser apk, then install my app. When you first open my app, the SuperUser app should ask whether or not you want to grant my app root access.
If you've already said no, you can open the SuperUser app from the app draw/tray and change your preference. My application will require root access to run properly.
If you don't see the superuser app in your app draw/tray it would seem z4root did not work properly.
Hope this helps!
Thanks for getting back to me
Hey I appreciate the fast reply, I uninstalled your app and re-installed it, but unfortunately I am still getting the same error. SU is on the tray, but I get no option to allow root for your app...any help you could give me is really, really, appreciated.
Hi,
Here an one-click application to install Superuser and su binary on phone. Look at the compatibility list here to see if this application can be useful for you.
Feedbacks on supported devices will be greatly appreciated in order to update the compatibility list. Post your feedback here
Superuser and su binary include in application work from android 2 to 4.
!! Important !!
Success with this application void warranty on your device.
If you need help, read the FAQ first before posting your question in the help thread
If you like my work, you can buy Framaroot donation app
Many many thanks to all donors
Installation
Download it on your device (links are available at the end of this post)
Install it with a file explorer or directly from your internet browser, if android warn you about security risk, say OK and check Unknown sources to allow install of applications outside of Play Store.
Usage
Open Framaroot and select one of the following action: Install SuperSU, Unroot or Execute script (for advanced users)
Possible case once application is launched
A popup saying "Your device seems not vulnerable to exploit included in Framaroot", in this case you can uninstall app
You seeing one or more exploit name, also click on one after you have selected an action and you will see one of the above messages
Possible case once exploit is selected
"Success ... Superuser and su binary installed. You have to reboot your device"
"Failed ... Exploit work but installation of Superuser and su binary have failed"
"Half-Success :-/ ... system partition is read-only, use local.prop trick. Reboot your device and use adb to see if it run as root", happen when the filesystem in use on system partition is a read only filesystem (ex: squashfs)
"Failed ... Try another exploit if available"
Framaroot crash or freeze, in this case relaunch Framaroot a second time and select the same action and exploit
Advanced usage
Click here
Release:
Version 1.9.3: Update SuperSU to 1.99r4. Add Czech translation thanks to efIT^cz™.
Version 1.9.2: Update SuperSU to 1.94. Fix error #15.
Version 1.9.1: New action (Execute script) added which will allow you to execute a custom script. Ukrainian language added thanks to Bogdan.
Version 1.9.0: Add Barahir exploit (potentially affect Mediatek based devices).
Version 1.8.1: Another attempt to fix crashes.
Version 1.8.0: Add Faramir exploit, little brother of Boromir (potentially affect Mediatek based devices).
Version 1.7.1: Link to Framaroot donation added (it does nothing as this kind of application are forbidden on play store ... but it could do something someday)
Version 1.7.0: Due to a mistake, Pippin exploit didn't appear in exploit list, its fixed now (Huawei device owners welcome). Add Gollum exploit for AMLogic based devices.
Version 1.6.1: Remove Superuser as it fail to install. Add execution support from adb command line.
Version 1.6.0: Add Pippin exploit (potentially affect Huawei K3V2 based devices)
Version 1.5.3: An attempt to fix Gandalf error#10
Version 1.5.2: Revert to exploitation fix included in 1.4.1. Add Slovakian and Italian languages. Error # added in toast message when exploit failed (report the error number in this thread so I could give you the reason of failure). Previously fix for Framaroot crash was a dirty hack, with this version you shouldn't encounter crash.
Version 1.5.1: Should fix Framaroot crashes.
Version 1.5.0: Add Boromir exploit (potentially affect many Mediatek based devices).
Version 1.4.3: Update SuperSU to 1.34. Rewrote the fix include in 1.4.1 for better but slower exploitation.
Version 1.4.2: Add Russian and French languages. Add scrollbar for exploit list. Update SuperSU to 1.30
Version 1.4.1: Fix a bug in exploitation due to the different kernel data alignement between version and devices, so if exploits didn't work before it "may" work with this version if your device is vulnerable
Version 1.4: Add Gandalf exploit (potentially affect Qualcomm based devices, tested on Nexus 4, as always feedbacks are welcome)
Version 1.3: Add Aragorn and Legolas exploits (could affect wide range of samsung devices including non exynos devices, please give feedbacks for your devices. Thanks)
Version 1.2.1: Fix unroot bug. Improvements for exploitation. Embed SuperSU 1.25
Version 1.2: Add possibility to Install Superuser, Install SuperSU and Unroot
Version 1.1: Frodo exploit added
Version 1.0: Initial release
Supported devices:
Click here
FAQ
Is framaroot work on my device ?
If your device is in the compatibility list above, the short answer is : yes but it depends of your firmware version, latest firmware have less chance to be rooted.
If your device is not in the compatibility list and it embed one of the processor mentionned above, the answer is : try it and see.
Why framaroot doesn't root anymore after I update my device ?
Because framaroot exploit security holes present in several devices which has been patched with update you have done, so exploits can't root your device anymore. Framaroot's exploits have a very short life to keep your device "less exposed" to others malicious application. Keep in mind that framaroot is not a permanent rooting application.
I loose root after update, what I can do to root my device now ?
An advice : if you want to have a chance to keep root after update, don't update with Kies or ODIN for samsung devices or don't flash system partition, prefer OTA update and use OTA survival feature in Superuser or SuperSU.
And if you have no choice, you can use the traditional method : flash tools specific to your device
Will framaroot include more exploits ?
Yes, but don't ask when since I don't know myself, it depend of the vendors fix response.
Framaroot crash when I select Gandalf exploit ?
Often the first time you launch Framaroot by selecting Gandalf as exploit, it crash Framaroot. Don't worry, in this case you have to re-launch Framaroot and select Gandalf again, the second time it should work.
What means error# on result ?
All errors less or equal to 9 mean your device is not vulnerable.
If you get error#10, give a try with Framaroot 1.5.3.
All other errors need some investigation about your kernel image.
Framaroot say Success but SuperSU is not installed after reboot ?
Maybe there is some additional protection on your device or something goes wrong with SuperSU version embedded in Framaroot.
In this case, I recommend to use "Execute script" action and put your own shell script commands in /sdcard/custom (use at your own risk, all commands are executed with root privileges). Look at this post to know how to use custom script.
What can I do when the result is Half-success ?
You see this message when the /system partition on your device is a read-only filesystem (eg: SquashFS). To handle this case Framaroot try to use a trick by adding "ro.kernel.qemu=1" in file /data/local.prop. To test if this trick work you have to reboot your device and connect to it with adb shell. Once connected type the "id" command to see if you are root.
If you are not root, your last chance is to select "Execute script" action and put your own shell script commands in /sdcard/custom (use at your own risk, all commands are executed with root privileges). Look at this post to know how to use custom script.
Re: [ROOT] Framaroot, a one-click application to root some devices
Samsung Galaxy S II Epic 4G Touch - SPH-D710
Android 4.1.2
Build GA10
Exynos4 processors
Results: Exploit failed
Possible Reason: Samsung has patched the kernel in this build.
I post these results to avoid future questions and comments. I suspect this will be successful on prior builds where the exploit is left unpatched.
EDIT: and BTW, FIRST!!!! LOL!
Bugging up my phone, so you don't have to!
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
TrayLunch said:
Samsung Galaxy S II Epic 4G Touch - SPH-D710
Android 4.1.2
Build GA10
Exynos4 processors
Results: Exploit failed
Possible Reason: Samsung has patched the kernel in this build.
I post these results to avoid future questions and comments. I suspect this will be successful on prior builds where the exploit is left unpatched.
EDIT: and BTW, FIRST!!!! LOL!
Bugging up my phone, so you don't have to!
Click to expand...
Click to collapse
Framaroot 1.1 released, Frodo exploit has been added. Give it a try
Re: [ROOT] Framaroot, a one-click application to root some devices
alephzain said:
Framaroot 1.1 released, Frodo exploit has been added. Give it a try
Click to expand...
Click to collapse
Success!
Bugging up my phone, so you don't have to!
Re: [ROOT] Framaroot, a one-click application to root some devices
Confirmation.
It worked on JB 4.1.2 GA10 SGSII E4GT. :beer:
Sent from my SPH-D710 using Tapatalk 2
Is there an app similar to how easy this app is to root if we want to unroot? Besides flashing an unrooted one click of course. I have insurance on my E4GT and just want to know if I can reverse this if I need to bring in phone for repair or replacement.
I think in the exploit repair/root app that you or chainfire made had the ability to remove the repair but not sure about unrooting, think that would be a great app feature to unroot.
Thanks
Raistlin1 said:
Is there an app similar to how easy this app is to root if we want to unroot? Besides flashing an unrooted one click of course. I have insurance on my E4GT and just want to know if I can reverse this if I need to bring in phone for repair or replacement.
I think in the exploit repair/root app that you or chainfire made had the ability to remove the repair but not sure about unrooting, think that would be a great app feature to unroot.
Thanks
Click to expand...
Click to collapse
Superuser have a temp unroot feature. It certainly exists many apps which does unroot.
I think I will include an unroot possibility in Framaroot.
Now, I have an s3 SGH-1747m.
Not sure if its and exynos device or not, but would love to know if this would word on my device
Re: [ROOT] Framaroot, a one-click application to root some devices
cheesynacho said:
Now, I have an s3 SGH-1747m.
Not sure if its and exynos device or not, but would love to know if this would word on my device
Click to expand...
Click to collapse
You can look here, or here to help answer your question. Hope that helps! :thumbup:
Bugging up my phone, so you don't have to!
TrayLunch said:
You can look here, or here to help answer your question. Hope that helps! :thumbup:
Bugging up my phone, so you don't have to!
Click to expand...
Click to collapse
I take it it wont work for my phone :silly:
Thanks for the help!
Re: [ROOT] Framaroot, a one-click application to root some devices
cheesynacho said:
I take it it wont work for my phone :silly:
Thanks for the help!
Click to expand...
Click to collapse
If you're still unsure, you can try it and post your results. Worst case scenario, the app will tell you that root failed and you can uninstall it.
Bugging up my phone, so you don't have to!
Does it work for the Verizon galaxy nexus?
fyi,
got A popup saying "Your device seems not vulnerable to exploit included in Framaroot", now i will uninstall app
this is on LG P769 tmobile us.
Doesn't work for the Verizon galaxy nexus.
No go for the Rogers Note SGH-I717R. Bummer, but awesome work here. People who will be able to use it should thank the eff out of yer help!
Any software glitches
I will be getting a Verizon version, and I was wondering if there is any ill effects from this method. Such as camera malfunction or a similar issue. I have heard of root solutions that break certain functionality of certain parts of the software. Anyone having any of these issues?
I've used it on my Samsung Note 2 NT7100 4.1.2 stock
It worked fine for a while but after some hours i tried to chat in whatsapp (as i did before) and it froze and kept spamming a popup with "radio has been granted superuser permissions" after a while it completely froze trying to reboot it got it stuck in the "Samsung" boot log.
I had to take out the battery to get it running again, lets see for how long it will stay like that.
shadoom23 said:
I've used it on my Samsung Note 2 NT7100 4.1.2 stock
It worked fine for a while but after some hours i tried to chat in whatsapp (as i did before) and it froze and kept spamming a popup with "radio has been granted superuser permissions" after a while it completely froze trying to reboot it got it stuck in the "Samsung" boot log.
I had to take out the battery to get it running again, lets see for how long it will stay like that.
Click to expand...
Click to collapse
Hmm, your chat app require root permission ? Its a strange behaviour. Did you already root your device before using your chat app ?
Seeing "radio has been granted superuser permissions" if your application doesn't mention it require root is not normal.
Works on EU Samsung Galaxy Note 2 GT-N7100, Android 4.1.1, Build JRO03C.N7100XXALJ3.
Installed APK, selected SAM then rebooted.
no joy
did not work with ATT Galaxy Note SGH-I717
One click root is showing h901 now available.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Sent from my LG-H901 using XDA-Developers mobile app
sabresfan said:
One click root is showing h901 now available.
Sent from my LG-H901 using XDA-Developers mobile app
Click to expand...
Click to collapse
@sabresfan Have you tried it?
No you gotta pay for it.
Sent from my LG-H901 using XDA-Developers mobile app
Really?
That's really ****ty. Charge for a root? I'm sure they would still make plenty by doing donations like all developers do. Take care of the community, community takes care of you. What crooks.
Why anyone would pay for root when they can find it on XDA for free is beyond me. One Click Root takes methods that the community has developed and given away, then sells them. That almost meets the definition of crook if you ask me (unless they publicly give credit). OCR mostly is for bootloader locked devices that can't get root any other way.
I tried installing KingRoot/KingoRoot on my v10 recently, just to see if it would work. Nope. It used to work on Lollipop but not on Marshmallow. Now I'm using systemless Magisk and systemless phh Superuser (Magisk version). Works really well for the most part.
We are all wrong.
The root statement on all kind of androed devices, needs to be IMPOSED BY LAW SUIT to Gogle Inc.
Creating os like a REAL OS IS (with adm and password and root)
And something more:
IMPOSE TOO, each device, HAVES OBLIGATION TO COME WITH ORIGINAL ROM OF THE DEVICE RECORDED ON A CD ROM FOR REINSTALL AGAIN.
We are all wrong PAYING BUMS AND DUMB DEVICES LIJE TODAY THESE SUPERPRICED CHITS ARE.
Sent from Somefon
It's not illegal to root, but I doubt any court would ever order Google to preroot Android devices. Google would claim it's a security risk, and quite frankly, they would be right. This would open up the masses to all kinds of vulnerabilities. Most people can't handle a rooted device, not because they're dumb, but because they don't understand what root is, the responsibilities it entails, etc. But I personally still prefer to root. I'm willing to take a little less security in exchange for the power to do things I couldn't do otherwise.
Ha, security risk?
Windows have root, and is a security risk?
Linux and Unix-like haves root, and are security risk?
These mobiles are LINUX AND MICRO PC.
If this haves not root, is not mine!
The goglepleyservices is malware that "administry" remotely.
I hate apple untill DEATH!
HATE!
PROBABLY I WIL REPUDIE GOGLE SOON LIKE I DO WITH THIS DEVIL'S COMPANY APPLE INC.
Sent from Somefon
---------- Post added at 10:41 PM ---------- Previous post was at 10:37 PM ----------
Doing any kind of operational computer system where, these OS haves not root, it sounds like a Bum amateur pig (that uses JAVA AND LINUX) AND CREATE THEIR OWN DUMB OS WITH THINGS THAT ARE PROPERTY FROM OTHERS, AND WORST MORE: FURTHED BY THE PROPIETARY.
THIS IS ANDROID.
Sent from Somefon
Will this work on the 6.0.1 update?
@linsalata28: Most likely, no, since the One Click Root people usually root the device with KingRoot/KingoRoot. Last time I tried those on the v10 running MM 6.0.1, they failed. I tried with theirs apps as well as connecting my phone to PC. Your best best is to unlock your bootloader, install TWRP, then flash either systemless SuperSU, Magisk, phh's Superuser, any of those will work and are far superior to OCR. Why pay for OCR when you can get a superior root solution for free? They take methods developed by the Android community (oftentimes here at XDA), then charge money for this "service" that you can easily do yourself. Screw that crap.
AnonVendetta said:
@linsalata28: Most likely, no, since the One Click Root people usually root the device with KingRoot/KingoRoot. Last time I tried those on the v10 running MM 6.0.1, they failed. I tried with theirs apps as well as connecting my phone to PC. Your best best is to unlock your bootloader, install TWRP, then flash either systemless SuperSU, Magisk, phh's Superuser, any of those will work and are far superior to OCR. Why pay for OCR when you can get a superior root solution for free? They take methods developed by the Android community (oftentimes here at XDA), then charge money for this "service" that you can easily do yourself. Screw that crap.
Click to expand...
Click to collapse
Thanks I didn't even think of doing it that way. I was only asking because a few people had asked me. I rooted mine before the update. I tried the 20L but went back to 20J. I was having issues with the update.
Please help?!
I am new to this whole rooting thing, and I was wondering if I could get your expert advice on how exactly to root my LG v10, vs990, running 6.0 marshmallow. What are the first....to.....last steps I should take. There are a lot of pay-sites out there, like OCR, but I was hoping somebody here could walk me through how to do it myself. You seem to be extremely knowledgeable on the topic, so I thought I would reach out for your expertise. This will be my first phone that I root, and I don't want to brick it. Would you please advise and help teach a new student?
AnonVendetta said:
@linsalata28: Most likely, no, since the One Click Root people usually root the device with KingRoot/KingoRoot. Last time I tried those on the v10 running MM 6.0.1, they failed. I tried with theirs apps as well as connecting my phone to PC. Your best best is to unlock your bootloader, install TWRP, then flash either systemless SuperSU, Magisk, phh's Superuser, any of those will work and are far superior to OCR. Why pay for OCR when you can get a superior root solution for free? They take methods developed by the Android community (oftentimes here at XDA), then charge money for this "service" that you can easily do yourself. Screw that crap.
Click to expand...
Click to collapse
AnonVendetta said:
@linsalata28: Most likely, no, since the One Click Root people usually root the device with KingRoot/KingoRoot. Last time I tried those on the v10 running MM 6.0.1, they failed. I tried with theirs apps as well as connecting my phone to PC. Your best best is to unlock your bootloader, install TWRP, then flash either systemless SuperSU, Magisk, phh's Superuser, any of those will work and are far superior to OCR. Why pay for OCR when you can get a superior root solution for free? They take methods developed by the Android community (oftentimes here at XDA), then charge money for this "service" that you can easily do yourself. Screw that crap.
Click to expand...
Click to collapse
I'm coming from a Nexus 5X which suddenly died on me so I had to use this V10 I had as a replacement. I am a long time Nexus user so I am familiar with TWRP and rooting and all that. But this is the first phone I have used in a while that isn't as straight forward as the Nexus phones when it came to rooting. So I just have a couple questions about the V10. Is it as easy as you mention? Unlock bootloader, flash TWRP, then flash root. That's it? And I assume so but I'll ask anyway to make sure, doing this wipes the phone?
I may not even root this thing but just in case I get curious enough to do it, I'd like to know if that's all it takes.
EDIT: I see there is no official TWRP for the V10 though.
I no longer own a v10, but I'll still try to help.
First, flash a stock Marshmallow KDZ via PC. v20L was the last KDZ I had used. Maybe Nougat is available for the v10 now? Either way, go with 20L, or else my steps might not work.
Next, Google for something called Dirty Cow exploit
Instructions here: https://github.com/jcadduono/android_external_dirtycow
Download all 4 files from here: https://build.nethunter.com/android-tools/dirtycow/arm64/
Install the latest LG United Mobile Driver
Install ADB drivers (Google for "15 seconds ADB")
Connect phone to PC, open CMD prompt as admin, then type "adb devices" (no quotes). USB debugging needs to be enabled for this to work. Check your phone, something should pop up about accepting an RSA fingerprint, say yes. Then type "adb devices" again, see if your phone is in the list, then make sure it doesn't say unauthorized.
Run through the steps for the DC exploit, I advise using Linux for this, but Windows should work (no luck for me, I booted into a live Fedora Linux distro on a USB stick, then installed android-tools via the commands "su" and then "dnf install android-tools" packages to get ADB and fastboot). If you did everything correctly you should have a modded boot image with SELinux set to permissive by default, as well as temp root. From here you can use the dd command in a terminal emulator (on the phone) to flash a TWRP img into the recovery partition. I forgot the exact command to type for that but it's not a long one. It should be on the Dirty Cow GitHub page.
Once done you can just reboot into recovery via the button combo, from there you can flash a systemless SuperSU zip for permanent root. Magisk will also work. I know most people use SuperSU or Magisk these days. But honestly, I don't use either anymore, SuperSU is still closed-source and is now owned by some shady Asian company. And Magisk, I had too many issues with it. So I'm going to take the time out to give a recommendation for my current fave root solution, called Phh's Superuser. It's very simple and elegant, you can find the download link for it in a thread here on XDA. And it's 100% open source and just works, and well at that. I had no issues with it on the v10. Grab the zip from the Phh thread, then boot to TWRP and flash it, simple as that. It will patch your boot image. Then wipe cache and dalvik cache, reboot back into Android, download the Phh's Superuser app from Play Store. You need this or it won't work. Once done just open the app, you'll see it's very simple as I've said. Nice and clean and uses next to no resources. Test some root apps with it, I think you'll like what you see. From here you can remove bloatware or mess with kernel settings, whatever you want, pretty much anything that needs root should work.
Hope this helped someone!
Hi,
This is a list (incomplete) of all the ROMs, mods, hacks, guides, etc. available for the Fire HD 8 (2017).
This was a root progress discussion thread, and I think there's too much valuable information here to just let it get buried. So, following @Rortiz2's suggestion this thread was transformed to a master thread with the aim of providing a complete guide for anyone wanting to mod their tablet.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Device Codename: douglas
Specifications:
SoC: Mediatek MT8163
CPU: Cortex-A53 (Quad Core 4x1.3Ghz)
GPU: Mali 720
RAM: 1.5GB
Android: 5.1 (FireOS 5.x.x.x)
Storage: 16/32GB
Includes a MicroSD slot
Battery: 3210mAh
Display: 8"
Front Camera: 2MP
Rear Camera: 2MP
The italicized text below are my comments/clarifications.
The root method was patched in 5.6.4.0 (some versions of 5.6.4.0 still work so you could try) It is advisable to disable OTA updates or unlock the bootloader immediately. It is still possible to unlock by a different method, check the bootloader unlocking thread.
Bootloader Unlock and TWRP:
[UNLOCK][ROOT][TWRP][UNBRICK] Fire HD 8 2017 (douglas)
This is an excellent and complete guide which has everything you need for this. Requires Linux, so you'll have to either install it as dual-boot or use a live system if you are not using it already. You don't need to downgrade if you are on 5.6.4.0.
Rooting:
You can flash Magisk using TWRP after bootloader unlock. Using Magisk is recommended because SuperSU is no longer supported, and Magisk has modules, Magisk Hide, and the root prompt is working (In SuperSU it's not working so you have to always grant root permissions which is a major security loophole)
Rapid Temporary Root for HD 8 & HD 10
This is the first software root method discovered for this tablet and is a really easy and quick method of getting a root shell, and the link has a complete guide on it. Refer here for installing SuperSU for permanent root, and here for an automated script for Windows.
[ROOT] Hardmod Root Your Amazon Fire HD 8 (7th Gen)
This is first root method ever discovered for this tablet and is a hardware root. This link has a complete step-by-step guide, assuming you have some soldering experience.
ROMs:
[ROM][unlocked]Lineage-12.1 for Amazon Fire HD8 2017 (douglas)
The first (and currently only) ROM for this device and it works great!
Miscellaneous:
Amazon Fire Toolbox, I have never tried this but it looks awesome!
Without root:
Removing accounts and viewing Usage Access settings which are hidden.
Debloating guide without root
With root:
A debloating guide made for HD 10, but works fine on the HD 8.
You can install apps as system apps just as on any other device, and you can use the app Link2SD for converting user apps to system apps. Refer to this StackExchange post for a guide on how to install apps as system.
Flashing GApps works well with TWRP, but the 16GB version doesn't have enough space in the system for even the pico version. Probably using pm uninstall on some system apps would work.
General Tips:
To return to stock or recover from a soft brick:
(Don't use this if you have already unlocked your bootloader: if you want just stock FireOS flash it through TWRP, and if complete stock follow the guide in the unlock thread)
(This assumes that you have ADB installed, I would not advise you on how here, there are numerous guides waiting for a Google search. This will erase your data.)
Download your current FireOS or a later firmware version. You can find the latest over at Amazon's website.
Boot to the recovery mode of your tablet, and use the volume and power buttons to select "Apply Update via ADB".
Now connect the tablet to a PC with a USB cabke, open a command prompt or shell on the directory where you downloaded the firmware BIN, enter the command adb sideload X.bin (replace X with the name of the BIN) and wait until finished (DON'T disconnect your device from the PC)
Now select "Wipe Data/Factory Reset" and "Yes" to wipe data (you can skip doing this if you want your data, but note that the tablet may bootloop or complain about corrupted data)
Select "Reboot system now"
The firmware BINs are just renamed ZIP files: you can rename it from .bin to .zip and treat it as such.
Amazon employs an anti-rollback mechanism which could permanently brick your device if you flash an older version through adb sideload. If you really want an older FireOS, you can rename .bin to .zip and flash them through TWRP after unlocking.
The stock launcher AppID is com.amazon.firelauncher, the stock keyboard is com.amazon.redstone, and the OTA update apps are com.amazon.device.software.ota and com.amazon.kindle.otter.oobe.forced.ota.
Again, this list is incomplete, so please suggest any additions in the comments! (don't hesitate to suggest your own work-the target of this thread to be a comprehensive and complete guide on everything about this tablet)
Good luck modding this tablet!
Thread before changing to a master thread (for historical purposes )
NOW WE HAVE AN UNLOCKING METHOD WITH TWRP! THE CONTENT BELOW IS OUTDATED.
Hi,
Now, I'm sick of Amazon's bloat slowing my tablet, and the frustration of not being able to use root apps. Fire HD 10 got rooted, but HD 8 and HD 7 are still in dark. HD 7 users can at least downgrade their devices and hope for a root exploit, but HD 8 users can't. If anyone else wanting to root this tablet and make it super fast, get rid of Fire Launcher, use Xposed, remove bloat, etc., let's collaborate with this!
LATEST RELEASE - Fire OS 5.3.6.4/Fire OS 5.6.3.4
SECURITY PATCH - ???
KERNEL VERSION - 3.18.19
List of possible software root methods:
1.) eMMC overwriting
Thanks to the hardware root method, we have a full eMMC dump so using the loophole in the flash unlock process which causes overwriting partitions next to it, we could overwrite on all the way, flashing original things, to the system partition and then flash a modified system partition.
Additions to the list are welcome!
List of possible exploits
Additions to list are welcome!
1.)CVE-2017-8890
Status: Confirmed possible.
Description: As I think, this is the most exploitable currently. Running the PoC results in 'somewhat unnatural' Use-After-Free s but the PoC fails to orient them to escalate privileges.
Cons: This exploit is based on obsolete IPv4 sockets, unlike it's cousin CVE-2017-9077, which is based on IPv6, but rather the same exploitation as this. That 'may' make this harder to exploit, but of course there's no evidence.
I, really only added this to cons because you should have a con.
2.)CVE-2017-15868
Status: Unsure
Description: NP Hardass said that this vulnerability is present on the source,I haven't explored it yet.
Cons: ¯\_(ツ)_/¯
If you tried these exploits, please notify me in below and I'll update the status. UPDATE: No point on keeping on trying these kernel exploits as no one (please correct me) who knows to write exploits in C comes here anymore. If someone wants to try though I will start maintaining this list again. Come on, let's collaborate on this!!! :laugh:
Thanks!
Download the eMMC dump from here: https://www.androidfilehost.com/?w=files&flid=282721
PS: You can download original kernel sources from Amazon, just search for it.
Original Thread:
Hi,
Now, I'm sick of Amazon's bloat slowing my tablet, and the frustration of not being able to use root apps. Fire HD 10 got rooted, but HD 8 and HD 7 are still in dark. HD 7 users can at least downgrade their devices and hope for a root exploit, but HD 8 users can't. If anyone else wanting to root this tablet and make it super fast, get rid of Fire Launcher, use Xposed, remove bloat, etc., let's collaborate with this!
LATEST RELEASE - Fire OS 5.6.0.1
SECURITY PATCH - 2017/08/01
KERNEL VERSION - 3.18.19*
*a quite old release it is.
List of possible exploits
Additions to list are welcome!
1.)CVE-2017-12762
Status: Unsure
Description: A super likely-to-work great exploit. If you want you can go look at the kernel source (link included below the thread) 3.18.19 for proof, it starts in line 2640. Looks like a stack buffer overflow.
Cons: ASLR may be an absolute game killer in this case. And some skill is required to exploit, very less-known around the internet. And Amazon may have removed the ISDN support up from the roots of kernel, because it's VERY deprecated.
2.)CVE-2017-16939
Status: Unsure
Description: A nice attack vector. A PoC is available in SecuriTeam blogs, which triggers use-after-free. I tried contacting them for some help, but they almost instantly replied that they don't provide support for their reported vulnerabilities. Sad.
Cons: ¯\_(ツ)_/¯
3.)CVE-2017-15868
Status: Unsure
4.)CVE-2017-10661
Status: Unsure
5.)CVE-2017-7541
Status: Unsure
6.)CVE-2017-6074
Status: Unsure
If you tried these exploits, please notify me in below and I'll update the status. Come on, let's collaborate on this!!! :laugh:
Thanks!
I added the link to the vulnerable code, in case anyone was wondering.
I'm glad to see this thread. Since recently rediscovering the potential of an old Fire 6 and rooting it, removing the bloat and Googlizing it, I wanted to get something a little bigger. I just got my 7th gen HD 8 in the mail yesterday and was devastated to see it was 5.4.0.1. I've blocked OTA, deleted the update it had downloaded, installed Google Play et al., and used NoRoot Data Firewall to block all Amazon apps. Unfortunately, I do not have the expertise to contribute much toward an effort to root this device but would like to help in any way. I appreciate seeing others are out there working on it.
if i knew how to develop the exploits i would honestly try these
Thank you so much for making this thread but I hope I never have to come back here and help, but if i get some extra time in the future I do plan on running all my binaries + servers on the tablet as well. Not to mention just looking at that version number made me want to vomit.
[/COLOR]What steps should I take to increase performance on the hd 8 while we wait for root?
rawfullz said:
[/COLOR]What steps should I take to increase performance on the hd 8 while we wait for root?
Click to expand...
Click to collapse
Hello rawfullz!
Try Greenify. You can use a workaround to grant it Usage Access.
1) Download Activity Launcher and Greenify from Play Store.
2) Launch Activity Launcher.
3) Notice the "Recent" text in the task-bar, press it, and select "All" from the drop-down list.
4) Scroll all the way below until you find "Settings", and press it.
5) Again, scroll below until you find "Apps with usage access", and press it.
6) The hidden "Apps with usage access" menu will pop up.
7) Grant Greenify usage access there. (You can turn off usage access for all Amazon apps if you want, to increase performance but it's recommended to leave out "Storage Management" intact, just in case.)
8) Launch Greenify, and continue with the setup.
9) :laugh::laugh::laugh::laugh:
If you ever want to grant any other app Usage Access, do this procedure, but, remember that "Activity Launcher" is kind of dangerous, if you just launch random activities. I learned that the hard way.
REMOVED
Thank you for making this thread, im looking forward to this become real.
What I dont get is you can download the firmware.bin as well as the source code from amazon, Whats the problem devs should be able to root ?
derwoodbones said:
What I dont get is you can download the firmware.bin as well as the source code from amazon, Whats the problem devs should be able to root ?
Click to expand...
Click to collapse
Hello!
Yes, we definitely can get the firmware. But there are some troubles,
1. Amazon devices are not very well known among the community.
2. Devs don't want to spend their time on our devices, even if we root this thing, no custom ROMs because of the locked bootloader.
3. Amazon didn't leave any loopholes on their OS, they are too clever.
And, I don't think that Amazon will open source their firmware until they checked throughly for any exploits.
We'll have to find exploits the rough way. :crying:
Hey, what about the Janus vulnerability? If some dev is reading this, please help us, because it doesn't require the device.
Supersonic27543 said:
Hello!
Yes, we definitely can get the firmware. But there are some troubles,
1. Amazon devices are not very well known among the community.
2. Devs don't want to spend their time on our devices, even if we root this thing, no custom ROMs because of the locked bootloader.
3. Amazon didn't leave any loopholes on their OS, they are too clever.
And, I don't think that Amazon will open source their firmware until they checked throughly for any exploits.
We'll have to find exploits the rough way. :crying:
Click to expand...
Click to collapse
You don't need an unlocked bootloader to flash a ROM.
Take a look at the BT stack with BlueBorne.
Sent from my iPhone using Tapatalk
Supersonic27543 said:
Now, I'm sick of Amazon's bloat slowing my tablet
Click to expand...
Click to collapse
You forgot to add: "and I wanna to fill my tablet by the Google's bloatware (2 times slower than Amazon's), and also add some rootkits and spyware masked as "super-duper tools for young hackars"
Great to see this thread. Hope some devs collaborate and find a way. Can't wait.
Meanwhile, do you guys have any cool mod to try in the tab.
I have installed playstore and adfree iytb YouTube and bunch of usual apps.
Hello!
DragonFire1024 said:
You don't need an unlocked bootloader to flash a ROM.
Click to expand...
Click to collapse
Yes, you don't need an unlocked bootloader to flash a ROM, theoretically, if the ROM is signed by Amazon. But considering custom ROMs, Lineage, Resurrection Remix, Stock Android, is it possible to compile and flash them without an unlocked bootloader? I thought that you need a custom recovery = unlocked bootloader. Thanks!
sensboston said:
You forgot to add: "and I wanna to fill my tablet by the Google's bloatware (2 times slower than Amazon's), and also add some rootkits and spyware masked as "super-duper tools for young hackars"
Click to expand...
Click to collapse
Hah. :laugh::laugh::laugh:
Robius said:
Take a look at the BT stack with BlueBorne.
Sent from my iPhone using Tapatalk
Click to expand...
Click to collapse
Great idea, gotta try this! Thanks!
EDIT: Not very confident though. Anyway, likely to work because the security patch of HD 8 is in August.
http://www.androidpolice.com/2017/0...atch-fixes-blueborne-bluetooth-vulnerability/
Someone got a bluetooth adapter handy?
Supersonic27543 said:
Hello!
Yes, you don't need an unlocked bootloader to flash a ROM, theoretically, if the ROM is signed by Amazon. But considering custom ROMs, Lineage, Resurrection Remix, Stock Android, is it possible to compile and flash them without an unlocked bootloader? I thought that you need a custom recovery = unlocked bootloader. Thanks!
Hah. :laugh::laugh::laugh:
Great idea, gotta try this! Thanks!
EDIT: Not very confident though. Anyway, likely to work because the security patch of HD 8 is in August.
http://www.androidpolice.com/2017/0...atch-fixes-blueborne-bluetooth-vulnerability/
Click to expand...
Click to collapse
Ask @ggow how he does it. But you don't need a unlocked bootloader. With root, FlashFire helps to get by the bootloader.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
This method is based on Amazing Temp Root for MediaTek ARMv8 by diplomatic
Clever work that give MTK-soc devices a bootless root ( Root remains until reboot ). And lucky enough it works on our Nokia 5.1 Plus
So to begin :
-Grab diplomatic lastest mtk-su.zip in Amazing Temp Root for MediaTek ARMv8
- Follow instructions from Bootless root with Magisk and MTK-SU
#You can install Magisk Manager from the magisk 18.1 package, or any version below 7.1.2. Lastest version of MM doesn't work.
And your device should have root permission.
Hi stizzir,
Great post I've tried it and it works.
The only problem I had is that you can't use the latest version of Magisk Manager you
need to use the 7.0.0 version if not Magisk manager won't open after running the suboot.sh script.
I was wondering if with this we may be able to get full root and also turn the notch on and
off on devices that don't have the Full Bezel option in Display Settings or Developer Options.
Best regards,
voidRunner
I tried it as well and it works. Thanks for letting us know I've been checking these forums every week waiting for something like this. I also used Magisk 7.0.0 inside the 18.1 Magisk zip. Latest version didn't work.
@vddrnnr
The only problem I had is that you can't use the latest version of Magisk Manager you
need to use the 7.0.0 version if not Magisk manager won't open after running the suboot.sh script.
Click to expand...
Click to collapse
Wow good to know, i encountered that problem too, and you figure it out !
I was wondering if with this we may be able to get full root and also turn the notch on and
off on devices that don't have the Full Bezel option in Display Settings or Developer Options.
Click to expand...
Click to collapse
I don't think full root can be acquired since there are still no Bootloader unlock solution yet, really looking for that. N-tool devs are working on it and they said X5 unlock is coming soon. But the bootless root work fine ! couldn't complain anything, it's basically a rooted device.
I tried Adaway it didn't work first time but worked second time, After that it would not work again no matter what I tried, says not enough space on partition. I checked host file when it worked and it had changed. Titanium backup worked, SD maid worked. Looks like I was wrong you can't edit or delete anything in system folder.
@rustdroid
I tried it as well and it works. Thanks for letting us know I've been checking these forums every week waiting for something like this. I also used Magisk 7.0.0 inside the 18.1 Magisk zip. Latest version didn't work.
Click to expand...
Click to collapse
No problems, but again, all the credits go to diplomatic for his work, I'm just lucky enough to come across his thread.
Yes latest Magisk doesn't work, diplomatic had already mentioned it the original thread.
rustdroid said:
I tried Adaway it didn't work first time but worked second time, After that it would not work again no matter what I tried, says not enough space on partition. I checked host file when it worked and it had changed. Titanium backup worked, SD maid worked. Mixplore root worked I deleted Google drive app from system/apps but took a few tries and reboots for it to be uninstalled, the folder always restores after reboot.
Click to expand...
Click to collapse
This is just a temporary solution so don't expect much out of it.
The doors will be open once the Bootloader can be unlock
Yes I know and I'm happy with it until we can unlock bootloader. Hopefully they can find a way soon but this will do until then.
Can someone else with this phone try Adaway to see if it can edit host file or delete a system app like Google drive (move the app file in system/apps replace it after tested) ? Just want to see if I'm only one that can't edit system folder.
Edit: It's okay I just read that you can't modify System/Vendor partition unless boot image modified. Will have to wait until bootloader unlocked.
vddrnnr said:
Hi stizzir,
Great post I've tried it and it works.
The only problem I had is that you can't use the latest version of Magisk Manager you
need to use the 7.0.0 version if not Magisk manager won't open after running the suboot.sh script.
I was wondering if with this we may be able to get full root and also turn the notch on and
off on devices that don't have the Full Bezel option in Display Settings or Developer Options.
Best regards,
voidRunner
Click to expand...
Click to collapse
rustdroid said:
Can someone else with this phone try Adaway to see if it can edit host file or delete a system app like Google drive (move the app file in system/apps replace it after tested) ? Just want to see if I'm only one that can't edit system folder.
Edit: It's okay I just read that you can't modify System/Vendor partition unless boot image modified. Will have to wait until bootloader unlocked.
Click to expand...
Click to collapse
Man i just can't wait for the Bootloader unlock. Nokia obviously doesn't want to offer a official unlock service ( at least for now ) since the android one line-up is meant to be as stock as possible. The company also promised to support new Android One devices in the next 3 years, so allowing Bootloader unlock will work agains their product course i think.
I have seen many attempts from the community however, and i have trust in them, many devices get unlocked by a unofficial method so.... Wait for the good news.
@stizzie I can't wait, hate having a device that I don't have full control. I've asked Nokia on there forums and signed a partition that is closed now, That's all I can do and just wait. I read somewhere that Nokia will allow it soon but who knows how long. Hopefully someone finds another way soon.
Doing this won't kill OTA, right?
Rajeel911 said:
Doing this won't kill OTA, right?
Click to expand...
Click to collapse
Absolutely not
stizzie said:
This method is based on Amazing Temp Root for MediaTek ARMv8 by diplomatic
Clever work that give MTK-soc devices a bootless root ( Root remains until reboot ). And lucky enough it works on our Nokia 5.1 Plus
So to begin :
-Grab diplomatic lastest mtk-su.zip in Amazing Temp Root for MediaTek ARMv8
- Follow instructions from Bootless root with Magisk and MTK-SU
#You can install Magisk Manager from the magisk 18.1 package, or any version below 7.1.2. Lastest version of MM doesn't work.
And your device should have root permission.
Click to expand...
Click to collapse
Can I give permission to es file file explorer if yes than how??
And can I modify this partition Device/data/nvram/APCFG/APRDEB
Ranjhag said:
Can I give permission to es file file explorer if yes than how??
And can I modify this partition Device/data/nvram/APCFG/APRDEB
Click to expand...
Click to collapse
Just follow instructions in the provided links, you should have root permission. Applications working or not really depends on your device so it won't hurt if you try it yourself.
Device is Nokia 5.1 plus?
And sir can u tell me where I have to paste mku-su file? In the pc
I got OTA update today while this thing was running so no OTA issues.
Just 2 warnings:
1) Don't write even a single byte to system partition or boot partition.
2) Don't expect Netflix etc to work since it breaks CTS profile and basic integrity. Banking apps etc will whine for rightful reasons too.
Ilgazc said:
I got OTA update today while this thing was running so no OTA issues.
Just 2 warnings:
1) Don't write even a single byte to system partition or boot partition.
2) Don't expect Netflix etc to work since it breaks CTS profile and basic integrity. Banking apps etc will whine for rightful reasons too.
Click to expand...
Click to collapse
It doesn't let you do anything to system or boot partition. I tried editing and deleting and doesn't work. Have to wait until bootloader unlocked.
Rajeel911 said:
Doing this won't kill OTA, right?
Click to expand...
Click to collapse
rustdroid said:
It doesn't let you do anything to system or boot partition. I tried editing and deleting and doesn't work. Have to wait until bootloader unlocked.
Click to expand...
Click to collapse
If you (by chance) are able to write a single byte to system or boot partition on this dm-Verity enabled device, it won't boot and will need service center.
That changes if bootloader can be unlocked of course.
Ilgazc said:
If you (by chance) are able to write a single byte to system or boot partition on this dm-Verity enabled device, it won't boot and will need service center.
That changes if bootloader can be unlocked of course.
Click to expand...
Click to collapse
Okay thanks for the info. Guess I was lucky that you can't do anything. I tired to delete a few pre installed apps and edit the host file. Looks like this is as good as it gets until we can unlock bootloader.