Hi,
I'm having an issue with all terminal emulators (Android Terminal Emulator, ConnectBot, ...) after upgrading my Nexus 10 from Android 4.2.2 to 4.3.
The terminal is not recognizing the actual size of the screen and it is fixed to 80 columns and 20 rows. I can temporarily fix it typing "stty cols 180 rows 35", but those values depend on the screen rotation, font size, etc.
This is really weird, and I wasn't having this issue before the upgrade.
Anyone else has this problem or know how to solve it?
Thanks!
Ok, i've been doing some tests.
It seems to be a 'su' bug, it is not receiving the SIGWINCH signal.
If I type without su:
trap 'echo sigwinch' SIGWINCH
It is executed every time I rotate the tablet or popup the keyboard.
But, under su, the same command is not working.
It may be a permission issue.
Any ideas?
I can confirm having the same issue with my Nexus 10 and android 4.3. As soon as I run su - from the terminal (Android Terminal Emulator) the lines start wrapping at 80 characters.
Hi,
i've been working on this trying to find a solution.
Here is what I saw:
Every time I enter su or enter chroot (i have a chrooted debian), the tty number is changed to another one. That isn't the usual tty behavior!
So, if the normal user is in /dev/pts/0 , root could be in /dev/pts/1 and chroot in /dev/pts/2.
If I rotate the screen /dev/pts/0 cols and rows are changed even if I am as root, I can verify that by typing:
stty -F /dev/pts/0 -a
But, if I am at /dev/pts/1 i'm not receiving that SIGWINCH signal. In common linux distributions, that is not happening as pts number doesn't change.
Here is my (not so perfect) solution for the chrooted debian:
Write a fix_stty.sh script as root:
#!/bin/bash
sttypath=/bin
tty0=$(ls --sort time /dev/pts/ | head -n 1 | awk '{print $1}')
stty0=$($sttypath/stty -F /dev/pts/$tty0 -a | head -n1)
rows=$(echo $stty0 | sed -e 's:.*rows\ \([0-9]\+\).*:\1:g')
cols=$(echo $stty0 | sed -e 's:.*columns\ \([0-9]\+\).*:\1:g')
$sttypath/stty rows $rows cols $cols
Save it in /usr/local/bin
Make it executable:
chmod +rx /usr/local/bin/fix_stty.sh
Add to ~/.bashrc this line:
trap '/usr/local/bin/fix_stty.sh' DEBUG
Or if you use non-root users:
trap 'sudo /usr/local/bin/fix_stty.sh' DEBUG
And add to sudoers file:
%sudo ALL = (ALL) NOPASSWD: /usr/local/bin/fix_stty.sh
Logout and login again, and it will fix the rows and columns before each command.
----
For su, outside the chrooted linux write a script fix_stty.sh:
sttypath=/system/xbin
tty0=$(/system/xbin/busybox ls -t /dev/pts | head -n1)
stty0=$($sttypath/stty -F /dev/pts/$tty0 -a | head -n1)
rows=$(echo $stty0 | sed -e 's:.*rows\ \([0-9]\+\).*:\1:g')
cols=$(echo $stty0 | sed -e 's:.*columns\ \([0-9]\+\).*:\1:g')
$sttypath/stty rows $rows cols $cols
Save it to /system/xbin
(You should remount /system as rw: mount --remount -orw /system)
Then, make it exec:
chmod 755 /system/xbin/fix_stty.sh
And, finally you should type at each su login:
trap '/system/xbin/fin_stty.sh' SIGINT
(i don't know why DEBUG isn't here)
So you have to press Ctrl+C to fix it.
----
Alternatively, you can write an infinite loop or a simple daemon to fix it, but i don't like daemons on my tablet.
If anyone has a better solutions, please post it.
Hi all. I've been mulling over this problem as well. I believe the issue is because in 4.3, SuperSU now uses a "proxy", where commands are sent form the process which called su to daemonsu, which is launched at system startup. Chainfire explains a bit more in his G+ posts the reasons for doing this, but I think the key here is that root processes are now launched on a different tty, because they are launched by a different process (namely, daemonsu). Starting a root shell (whether system shell or ubuntu/debian chroot) now results in the creation of three pts devices, as opposed to the usual one. However, other shells not launched locally are fine. For example, starting the SSH server in my chroot and logging in via SSH is always fine.
I'm still trying to figure out a permanent solution to this problem. I still don't have a full understanding of the problem as I'm still trying to wrap my head around how Linux handles terminals and TTYs. I do have a few ideas floating around my head, though:
Change daemonsu and su to support full termios/line-discipline/whatever-we-need through the "pts bridge" that he is using
Create TTY(pts) pairs on demand, and have a modified Terminal Emulator connect to those directly when we want a shell
Have a background-ed process in the original terminal catch SIGWINCH and pass it to the root terminal
Still quite a bit a figure out though. I may just go through Terminal Emulator's source code to see how it work to get a better picture too. But that's gonna take time. I've also created a little native utility which creates two pts pseudo-TTYs and shuffles data between them. I'm still experimenting. Will post more as I learn more.
Just to let you all know that I've got a system working for myself: http://blog.tan-ce.com/android-root-shell/
The way I'm doing it uses a daemon, much like the su daemons ChainFire and Koush are using. The benefit of doing it this way is that I'm not confined by the application container, which is good for security when used by applications, but is annoying when you are using the terminal itself. I remember having to do hacks with adb servers to get around those.
But if you don't want a daemon, you can still set one up manually, just look at the last section of the README on how to use pts-wrap and pts-exec.
I gave this a try.
First, I've noticed that pts-wrap and pts-exec symbolic links were missing.
And I don't think the line '/system/etc/install-recovery-2.sh' in pts-daemon-start file is needed at all.
I'm using ChainFire SuperSU and pts-shell is not working as expected or catching SIGWINCH signals. I just don't see any difference with the standard shell. Maybe I misunderstood how it works.
alf_tux said:
I gave this a try.
First, I've noticed that pts-wrap and pts-exec symbolic links were missing.
And I don't think the line '/system/etc/install-recovery-2.sh' in pts-daemon-start file is needed at all.
Click to expand...
Click to collapse
My mistake, I forgot to create the symlinks for those two.
install-recovery-2.sh is an idea I took from CharinFire's SuperSU. Basically, it seems as if people are using install-recovery.sh to install startup scripts, and having the script try to call install-recovery-2.sh allows you to chain recovery scripts. For example, if you install this on a system with SuperSU, it will be installed as install-recovery-2.sh. If the system doesn't already have an install-recovery.sh, it'll install itself as install-recovery.sh.
Anyway, I've fixed and uploaded a new zip.
alf_tux said:
I'm using ChainFire SuperSU and pts-shell is not working as expected or catching SIGWINCH signals. I just don't see any difference with the standard shell. Maybe I misunderstood how it works.
Click to expand...
Click to collapse
Are you running pts-shell from a regular (non-root) shell, or from a root shell? It should be run from a non-root shell. (It will give you a root shell once it runs.) Only pts-passwd and pts-daemon is meant to be run as root.
tan-ce said:
Are you running pts-shell from a regular (non-root) shell, or from a root shell? It should be run from a non-root shell. (It will give you a root shell once it runs.) Only pts-passwd and pts-daemon is meant to be run as root.
Click to expand...
Click to collapse
Yes, here is my the terminal output:
[email protected]:/ $ ps | grep pts
root 136 1 760 180 ffffffff 00000000 S /system/xbin/pts-daemon
[email protected]:/ $ pts-shell /system/bin/sh
(pts-shell) /system/bin/sh
Could not connect to socket: Permission denied
255|[email protected]:/ $ su pts-shell /system/bin/sh
[email protected]:/ #
As you see, I can only run pts-shell as root.
alf_tux said:
Yes, here is my the terminal output:
[email protected]:/ $ ps | grep pts
root 136 1 760 180 ffffffff 00000000 S /system/xbin/pts-daemon
[email protected]:/ $ pts-shell /system/bin/sh
(pts-shell) /system/bin/sh
Could not connect to socket: Permission denied
255|[email protected]:/ $ su pts-shell /system/bin/sh
[email protected]:/ #
As you see, I can only run pts-shell as root.
Click to expand...
Click to collapse
Sorry, I realized that the correct command should be:
[email protected]:/ $ su -c pts-shell /system/bin/sh
(pts-shell) /system/bin/sh
(pts-shell) Enter your password:
[email protected]:/ #
Anyway I can only run this as root.
Oh yeah, I found the bug. Sorry, my bad. I've fixed it and uploaded a new copy of the update ZIP, but you don't have to upgrade if you don't want to. Running
Code:
# chmod 0701 /data/pts
should be sufficient to fix the problem. Then you should be able to run pts-shell from a regular (non-root) shell.
tan-ce said:
Oh yeah, I found the bug. Sorry, my bad. I've fixed it and uploaded a new copy of the update ZIP, but you don't have to upgrade if you don't want to. Running
Code:
# chmod 0701 /data/pts
should be sufficient to fix the problem. Then you should be able to run pts-shell from a regular (non-root) shell.
Click to expand...
Click to collapse
I don't think that was the the bug:
[email protected]:/ $ su
[email protected]:/ # ls -l /data/pts
-rw------- root root 61 2013-08-28 19:09 passwd
srw-rw-rw- root root 2013-08-28 18:59 pts
[email protected]:/ # chmod 0701 /data/pts
[email protected]:/ # ls -l /data/pts
-rw------- root root 61 2013-08-28 19:09 passwd
srw-rw-rw- root root 2013-08-28 18:59 pts
[email protected]:/ # ^D
[email protected]:/ $ pts-shell /system/bin/sh
(pts-shell) /system/bin/sh
Could not connect to socket: Connection refused
255|[email protected]:/ $
I have also tried:
chmod 0701 /data/pts/pts
And
chmod 0701 /data/pts/*
I'm getting the same connection refused. Maybe you can send me a debug version, I can run it just to find what is going on.
alf_tux said:
I'm getting the same connection refused. Maybe you can send me a debug version, I can run it just to find what is going on.
Click to expand...
Click to collapse
That's strange. Could you show me the output of ls -la? (The "a" is needed to see the permissions for /data and /data/pts itself)
After that, perhaps you could try "chmod 0711 /data/pts"
There isn't a debug version. The error message comes from the part of the code which tries to open a unix socket located at /data/pts/pts. For this to work, /data and /data/pts must have the execute bit set, and /data/pts/pts needs to have the readable and writable bit set for you. Otherwise you'll get a "permission denied".
Perhaps it might be easier for me to just move the socket to /dev like what koush does for Superuser... it's possible the permissions on my /data is non-standard.
On a side note, I'm also currently trying to contribute to koush's Superuser project to fix terminal handling. With any luck, I (or someone else?) will succeed and we won't really need my pts-multi tools anymore.
tan-ce said:
That's strange. Could you show me the output of ls -la? (The "a" is needed to see the permissions for /data and /data/pts itself)
After that, perhaps you could try "chmod 0711 /data/pts"
There isn't a debug version. The error message comes from the part of the code which tries to open a unix socket located at /data/pts/pts. For this to work, /data and /data/pts must have the execute bit set, and /data/pts/pts needs to have the readable and writable bit set for you. Otherwise you'll get a "permission denied".
Perhaps it might be easier for me to just move the socket to /dev like what koush does for Superuser... it's possible the permissions on my /data is non-standard.
On a side note, I'm also currently trying to contribute to koush's Superuser project to fix terminal handling. With any luck, I (or someone else?) will succeed and we won't really need my pts-multi tools anymore.
Click to expand...
Click to collapse
Yes, I agree that fixing su would be better.
I don't have my tablet right know, i don't remember well /data /data/pts and /data/pts/pts read and exec bits. I will see better whan I have my tablet with me.
Here is the output:
/data:
drwxrwx--x system system 2013-08-28 18:59 data
/data/pts:
drwxr-xr-x root root 2013-08-28 19:06 pts
[email protected]:/ $ ls -la /data/pts
-rwxrwxrwx root root 61 2013-08-28 19:09 passwd
srwxrwxrwx root root 2013-08-28 18:59 pts
[email protected]:/ $ pts-shell /system/bin/sh
(pts-shell) /system/bin/sh
Could not connect to socket: Connection refused
255|[email protected]:/ $
I suppose it isn't a permission problem.
alf_tux said:
I suppose it isn't a permission problem.
Click to expand...
Click to collapse
You're probably right, my Nexus 10 could be a bit different because of the semi-botched update I went through. Well, good news on two fronts: First, I updated pts-multi (latest update zip here) to use /dev/pts-daemon as the socket instead of /data... It works on mine, and I think it should work on yours, because Superuser puts its socket there too.
Second, I finished some modifications to the su binary in Superuser (source code here), and I've submitted a pull request to Koush. He says he'll do a code review of my changes, and we'll see how it goes.
tan-ce said:
You're probably right, my Nexus 10 could be a bit different because of the semi-botched update I went through. Well, good news on two fronts: First, I updated pts-multi (latest update zip here) to use /dev/pts-daemon as the socket instead of /data... It works on mine, and I think it should work on yours, because Superuser puts its socket there too.
Second, I finished some modifications to the su binary in Superuser (source code here), and I've submitted a pull request to Koush. He says he'll do a code review of my changes, and we'll see how it goes.
Click to expand...
Click to collapse
T/hanks! I tried your new update and I think it's working!
Can you add a passwordless option? Or if password is blank just don't ask for it
alf_tux said:
T/hanks! I tried your new update and I think it's working!
Can you add a passwordless option? Or if password is blank just don't ask for it
Click to expand...
Click to collapse
Ok, but I took the easiest way out... If you set the environment variable PTS_AUTH, pts-shell will read the password from there instead of prompting you for it. So, if you're writing a script to spawn a root shell, do:
Code:
#!/system/bin/sh
export PTS_AUTH="your password here"
pts-shell /system/bin/sh
The latest update zip is here.
Thanks a lot tan-ce!!
It's working just as I expected!
Glad to hear it.
Related
Hello,
So I did something stupid. Not sure what, but I managed to get my phone into a state where NO shell commands work other than cd and su.
./adb shell
$ su
# ls
# top
# free
free: not found
# cat
# df
# more
more: not found
# less
less: not found
# busybox
busybox: not found
# sh
# ssh
ssh: not found
# vi
vi: not found
#
The phone is a Motorola MB502 (Charm), rooted using Universal Androot 1.63.
Currently running the stock Telus ROM (don't really have a choice there...)
Any way I can get this working ?
There is a market app that will attempt to install busybox, if you want to try that.
Do you mean
stericson.busybox ?
because I can't seem to find it on the market, and can't use MarketEnabler since my shell is broken.
With a bit of searching I noticed that all the files in /system/bin seem to be 0-byte files. Perhaps someone who has a Charm could post these files?
$adb pull /system/bin/top
$ls -l
total 0
-rw-r--r-- 1 root root 0 2011-01-18 17:25 top
$
I have a rooted ASUS Transformer running Revolver 2.1.1 (Android 3.2).
I am a programmer and want a simple programming environment for my Transformer. I purchased an app called c4droid the other day and have had issues compiling c++ code using the g++ compiler.
When I try to compile/run code, I get the messages below:
C4droid has been granted superuser permissions
Click to expand...
Click to collapse
Then....
sh: /sdcard/Android/data/com.n0n3m4.droidc/files/gcc/compile-g++.sh: Permission Denied
Click to expand...
Click to collapse
How can I get this to work? Did I root wrong?
If you face these issues, click on the link below -
http://forum.xda-developers.com/showpost.php?p=16604606&postcount=6
What about trying this:
$su
#chmod 755 /sdcard/Android/data/com.n0n3m4.droidc/files/gcc/compile-g++.sh
I'm not sure what type of FS /sdcard is on the TF, so I don't know if those permissions will a) be allowed to be set, and b) work, but I doubt if any shell script will give anything but a permissions error without having +x permissions.
By the way:: If you can't do a chmod and that is due also to a permissions error, then I'm guessing you're not really rooted or not correctly rooted.
Good luck.
hachamacha said:
What about trying this:
$su
#chmod 755 /sdcard/Android/data/com.n0n3m4.droidc/files/gcc/compile-g++.sh
I'm not sure what type of FS /sdcard is on the TF, so I don't know if those permissions will a) be allowed to be set, and b) work, but I doubt if any shell script will give anything but a permissions error without having +x permissions.
By the way:: If you can't do a chmod and that is due also to a permissions error, then I'm guessing you're not really rooted or not correctly rooted.
Good luck.
Click to expand...
Click to collapse
did.......
su then chmod 755 /sdcard/Android/data/com.n0n3m4.droidc/files/gcc/compile-g++.sh and it had no such error but if I ran both on the same line I got a "Permission Denied" error. Either way, it still provided me with the permission denied error through c4droid.
Also, I've used root checker to verify that it's rooted.
So is it a sure thing that the .sh file you're getting the error on is actually the problem or could it be something inside it that is also having a permissions error?
I guess you could easily test that by writing a single line test.sh script that does an ls or a ps command.
Code:
example:
--start of test.sh--
#!/system/bin/sh #or whatever the path is for your case
ls > /sdcard/ls.txt
-- end of file ---
# cd {pathoftestfile}
# chmod 755 test.sh
# ./test.sh
# more ls.txt # or cat ls.txt, etc.
If that doesn't give an error then something in your 'real' shell script is.
One other thing worth a shot, which I "think" I've noticed on droids in the past is to just test the script inside the /system FS and see if it does any better there. At least we know that scripts have no problems in for example, /system/xbin or /system/bin, so mount /system rw (mount -o remount,rw /system) and move the test.sh over there , fix permissions, (mount -o remount,ro /system) and cd to /system/*bin/ and ./test.sh.
You've probably tried all this already, but if not.
NOTE: Never mind: I just tested my stuff ^^ myself, and it just doesn't work in the /sdcard tree. I moved it to /system/xbin after mounting rw and it works fine without any change.
There might be some way past this, but I can't recall ever getting a shell script working while on the /sdcard share.
I tried making the shell script but I had no luck actually running it. I chmodded it without error and ran it without error but it didn't produce a .txt file so I guess it failed to run or didn't have permissions to create a file.
The app developer/creator specifies that the compiler I'm using should work fine on rooted phones. I don't have an android phone to test it. I've tried working out problems with the developer but he couldn't figure it out either.
Okay, the creator helped me out and we resolved it. Here are the steps I took to do it, for other users.-
Pre-requisites: You must have BusyBox, SuperUser, C4droid, GCC for C4droid, and a Terminal Emulator installed. You also need a rooted device.
1. Open Terminal emulator and type "su" and press enter. A superuser screen will pop up and you need to click allow.
2. Type the following lines into the terminal (one by one):
cd /Removable/MicroSD/
mkdir Android
mkdir Android/data
cp -r /sdcard/Android/data/com.n0n3m4.droidc/ /Removable/MicroSD/Android/data/
su
mount -o remount,rw,exec -t vfat /dev/block/vold/179:9 /Removable/MicroSD
/system/xbin/mount -o bind /Removable/MicroSD/Android/data/com.n0n3m4.droidc/ /sdcard/Android/data/com.n0n3m4.droidc/
3. Change the default compiler in C4droid to G++ + bionic (Root required)
4. Done
Congratulations!
I guess it was mainly the 'noexec' switch of the mount -o {} that kept things from being executable.
I didn't notice that and am glad you posted the solution and I also wasn't really aware of the use of the "mount -o bind" for dual-pathing as well.
-- Thanks.
This might work on other devices.
WARNING: this might brick your phone use it at your own risk.
Warning you have to have some knowlage of linux to do this kind of stuff.
WARNING: actually you have to have _good_ knowlage of linux/gnu stuff to do it.
The idea is this is to make the /system/bin/toolbox from the stock rom suid (permision 6755, it originaly has 0755)
This is how I did it. It might be simpler.
get a stock rom that you want. for me it was B5330XWALH3
it is now available at samsung-updates.
You need odin (heimdal will not work with my phone) (my was 3.07)
unpack the zip.
you get a .tar.md5 file (the tar file has broken headers so tar from ubuntu 12.04 will not unpackit).
the tar file works in sectors of 512 bytes.
take out the md5sum at the end of file. (some thing like: head -c (the size up to the last md5sum) original.tar.md5 > file1)
split the file so you will have the system.img.md5 separated (some thing like: head -c (the size upto "system.img.md5") file1 > file2;
head -c (the size upto "dt-blob.md5") file1 | tail -c +(the size upto "system.img.md5" + 1) > file3;
tail -c +(the size upto "dt-blob.md5" + 1) file1 > file4
file3 now has the system.img.md5, trim the md5sum from the tail and the tar headr from head (ex.:
head -c (upto the md5sum output from the rear of the file) file3 | tail -c +513 > file5)
file5 is a sparce image file of an ext4 filesystem. run simg2img (from ext4fs_utils (search on xda)) (ex.:
simg2img file5 file6)
sudo mount -o loop,ro file6 /mnt
look for the file /mnt/bin/toolbox (ex.: ls -l /mnt/bin/toolbox) it will give you an output like this:
-rwxr-xr-x 1 root 2000 99068 Aug 9 07:59 /mnt/bin/toolbox
sudo umount /mnt
the permisions and the size of the file yield the following hex sequence that you get in the file (we will hexedit the ext4 fs): ED 81 00 00 FC 82 01 00
in file3 edit the sequence (it should be only one in the file) from ED 81 00 00 FC 82 01 00 to ED 8D 00 00 FC 82 01 00 (practically adding the suid guid bits to the inode of the toolbox)
we are almost done, now to pack our bags and go.
verify that you have indeed put suid guid to toolbox:
head -c (upto the md5sum output from the rear of the file) file3 | tail -c +513 > file5;
simg2img file5 file6;
sudo mount -o loop,ro file6 /mnt;
ls -l /mnt/bin/toolbox
It should give an output:
-rwsr-sr-x 1 root 2000 99068 Aug 9 07:59 /mnt/bin/toolbox
sudo umount /mnt
recalculate the md5sum to the _expanded_ image: md5sum file6 > file7
overide the md5sum at the end of file3 with the one from file7
now pack the pieces in one tar: cat file2 file3 file4 > myfirmware.tar
add the md5sum to it: md5sum myfirmware.tar >> myfirmware.tar
change the name to .tar.md5: mv myfirmware.tar myfirmware.tar.md5
copy the file on a windowze machine (that has odin and the samsung drivers intalled).
update with odin the new firmware (which you should put in the PDA section) (don't forget to un check the repartitioning).
you should have now a practivally rooted device.
in order to have su and Superuser.apk on it you have to do the following steps:
push with adb su, busybox and Superuser.apk into /data/local/tmp on device (you get the files from other forums here at xda)
the next steps are on device (use adb shell)
verify that indeed we have a suid toolbox: ls -l /system/bin/toolbox should give that wanderfull -rwsr-sr-x permission.
find a rw mount that has suid (in my case a tmpfs is mounted /mnt/obb)
copy su to /mnt/obb (remember that we have suid toolbox this means that toolbox now gives you root on any command):
dd if=/data/local/tmp/su of=/mnt/obb/su
give su suid and make it owned by root: chmod 6755 /mnt/obb/su; chown 0.0 /mnt/obb/su
run su now and enjoy the #: /mnt/obb/su -
Click to expand...
Click to collapse
Ofcorse after you get # you should remount /system as rw, copy su in /system/xbin, copy Superuser.apk in /system/app, copy busybox in /system/xbin, make symlinks to busybox for all the comands in /system/xbin.
You should also upon success remove suid from toolbox so as to not mistakely do damage to the system (for instance "rm /")
And here you have it.
If you do not understand what I have done, you should read more linux / tar / ext4 / md5sum.
This method should work for any phone provided that it has odin as bootloader and there is the stock rom available.
hello
I don't have knowledge about how you have rooted the firmware for b5330, the steps you made are waaaay to dificult for me . Could you provide here an already rooted firmware, to download and install. thanks in advance
ETTT said:
This might work on other devices.
WARNING: this might brick your phone use it at your own risk.
Warning you have to have some knowlage of linux to do this kind of stuff.
WARNING: actually you have to have _good_ knowlage of linux/gnu stuff to do it.
The idea is this is to make the /system/bin/toolbox from the stock rom suid (permision 6755, it originaly has 0755)
This is how I did it. It might be simpler.
Ofcorse after you get # you should remount /system as rw, copy su in /system/xbin, copy Superuser.apk in /system/app, copy busybox in /system/xbin, make symlinks to busybox for all the comands in /system/xbin.
You should also upon success remove suid from toolbox so as to not mistakely do damage to the system (for instance "rm /")
And here you have it.
If you do not understand what I have done, you should read more linux / tar / ext4 / md5sum.
This method should work for any phone provided that it has odin as bootloader and there is the stock rom available.
Click to expand...
Click to collapse
bogdan_rize said:
I don't have knowledge about how you have rooted the firmware for b5330, the steps you made are waaaay to dificult for me . Could you provide here an already rooted firmware, to download and install. thanks in advance
Click to expand...
Click to collapse
no need to upload 400M for this little modification.
I'm unable to post links, goto samsung-updates
go and download B5330XWALI2_B5330OXXALI2_B5330XWLH1_HOME stock firmware.
and apply this xdelta patch over it.
xdelta patch sGTB5330.patch B5330XWALI2_B5330OXXALI2_B5330XWLH1_HOME.tar.md5 myfrm.tar.md5
Click to expand...
Click to collapse
after that you have the firmware that I use to root my phone.
Still... this firmware will not have "su" install, it will just be a rootable firware because it has a suid'ed toolbox.
a suid'ed toolbox in android means that you can exec chown and chmod as a root.
So. After the patching of the stock rom and flashing it. you have to have this md5sum output:
032b4344ab503c8413db9127efaa3d83 myfrm.tar.md5
Click to expand...
Click to collapse
odin will accept it (I've used Oding 3.07).
after that you push the files from the attached tar.gz to /data/local/tmp
tar -xzf superuser_stuff.tar.gz
adb push su /data/local/tmp
adb push Superuser.apk /data/local/tmp
adb push busybox /data/local/tmp
Click to expand...
Click to collapse
after that you bassically have to run this commands in an android shell in order to get to a stardard rooted android:
adb shell # enter the in the phone
dd if=/data/local/tmp/su of=/mnt/obb/su # copy the su binary to a place that can be sudoed
chown 0.0 /mnt/obb/su # modify the owner
chmod 6755 /mnt/obb/su # set SUID flag.
/mnt/obb/su # becomes root !!
mount -o remount,rw /system # remount the system partition as readwrite.
dd if=/data/local/tmp/su of=/system/xbin/su #copy su in path
chown 0.0 /system/xbin/su
chmod 6755 /system/xbin/su
chmod 755 /system/bin/toolbox # close the security hole (toolbox is nologer with SUID)
dd if=/data/local/tmp/Superuser.apk of=/system/app/Superuser.apk # copy the superuser application
chown 0.0 /system/app/Superuser.apk
chmod 666 /system/app/Superuser.apk
#now this is done for busybox
dd if=/data/local/tmp/busybox of=/system/xbin/busybox
chown 0.0 /system/xbin/busybox
chmod 755 /system/xbin/busybox
Click to expand...
Click to collapse
have fun.
I downloaded this firmware: Samsung-Updates.com-GT-B5330_COA_1_20120913171601_pducfx5hbw.zip. Where, how, what???...i unzipped it and now how to apply the patch? The rest of the stept i think i get it....i think For you it's easy to say, for me it's hard to do. I've had sgs1, sgs2 and sgs3, and the root of those was sooooooo easy... but this piece of crap b5330 drives me crazy )
ETTT said:
no need to upload 400M for this little modification.
I'm unable to post links, goto samsung-updates
go and download B5330XWALI2_B5330OXXALI2_B5330XWLH1_HOME stock firmware.
and apply this xdelta patch over it.
after that you have the firmware that I use to root my phone.
Still... this firmware will not have "su" install, it will just be a rootable firware because it has a suid'ed toolbox.
a suid'ed toolbox in android means that you can exec chown and chmod as a root.
So. After the patching of the stock rom and flashing it. you have to have this md5sum output:
odin will accept it (I've used Oding 3.07).
after that you push the files from the attached tar.gz to /data/local/tmp
after that you bassically have to run this commands in an android shell in order to get to a stardard rooted android:
have fun.
Click to expand...
Click to collapse
bogdan_rize said:
I downloaded this firmware: Samsung-Updates.com-GT-B5330_COA_1_20120913171601_pducfx5hbw.zip. Where, how, what???...i unzipped it and now how to apply the patch? The rest of the stept i think i get it....i think For you it's easy to say, for me it's hard to do. I've had sgs1, sgs2 and sgs3, and the root of those was sooooooo easy... but this piece of crap b5330 drives me crazy )
Click to expand...
Click to collapse
I've used xdelta package.
if you are on win then you're on your own.
there is xdelta.org and it seems to have pachage for windows.
for sgs[123] was easy because are main streams. may hackers were working on it.
this device is very new/obscure.
I whould have made a script, but alas, "heimdal" firmware loader whould not work with this device.
I've used linux to patch the firmware and windowze to upload it.
So a script whould be imposible, but after you pach .tar.md5 file and load it on your phone is just about cut and paste form my previous post.
My hope is that a more android savy guy will take this concept and make it a script.
I am just happy that I can now have debian on my phone.
yes, i am on win....there is no way to patch that COA firmware (i am from romania) and upload somewhere to download???i know i am probably asking to much from you, but i dont't think i will manage by my own...this rooting busines is driving me crazyyyyy :crying::crying::crying: thank you so much for your answer!!!
ETTT said:
I've used xdelta package.
if you are on win then you're on your own.
there is xdelta.org and it seems to have pachage for windows.
for sgs[123] was easy because are main streams. may hackers were working on it.
this device is very new/obscure.
I whould have made a script, but alas, "heimdal" firmware loader whould not work with this device.
I've used linux to patch the firmware and windowze to upload it.
So a script whould be imposible, but after you pach .tar.md5 file and load it on your phone is just about cut and paste form my previous post.
My hope is that a more android savy guy will take this concept and make it a script.
I am just happy that I can now have debian on my phone.
Click to expand...
Click to collapse
bogdan_rize said:
yes, i am on win....there is no way to patch that COA firmware (i am from romania) and upload somewhere to download???i know i am probably asking to much from you, but i dont't think i will manage by my own...this rooting busines is driving me crazyyyyy :crying::crying::crying: thank you so much for your answer!!!
Click to expand...
Click to collapse
ok here it is the modified firmware.
http://dl.transfer.ro/myfrm-transfer_ro-29oct-8a4089.zip
Interesting, reading carefully
Sent from my GT-B5330 using xda app-developers app
Thank you so much, tomorow morning i know how i'll spend my time...installing and rooting my b5330, unfortunately this evening i don't have my laptop on me forgoted at work ), but i've downloaded the firmware from phone and now waiting to have it done...finally!!! I'll let you know what have i done. Have a nice day and once again thanks!!!
ETTT said:
ok here it is the modified firmware.
http://dl.transfer.ro/myfrm-transfer_ro-29oct-8a4089.zip
Click to expand...
Click to collapse
it's not working, when i'm trying to adb remont it says: remount failed: Opertaion not permited. After i flashed with odin the firmware you gave to me, i think i do not have permission to make any changes, and i don't know why
ETTT said:
ok here it is the modified firmware.
http://dl.transfer.ro/myfrm-transfer_ro-29oct-8a4089.zip
Click to expand...
Click to collapse
Can you make patch for dxlh3..? Thanks
Sent from my GT-B5330 using xda app-developers app
bogdan_rize said:
it's not working, when i'm trying to adb remont it says: remount failed: Opertaion not permited. After i flashed with odin the firmware you gave to me, i think i do not have permission to make any changes, and i don't know why
Click to expand...
Click to collapse
There commands are supposed to be given in a command line box (cmd on win).
where does it gives you error?
adb shell # enter the in the phone
dd if=/data/local/tmp/su of=/mnt/obb/su # copy the su binary to a place that can be sudoed
chown 0.0 /mnt/obb/su # modify the owner
chmod 6755 /mnt/obb/su # set SUID flag.
/mnt/obb/su # becomes root !!
mount -o remount,rw /system # remount the system partition as readwrite.
dd if=/data/local/tmp/su of=/system/xbin/su #copy su in path
chown 0.0 /system/xbin/su
chmod 6755 /system/xbin/su
chmod 755 /system/bin/toolbox # close the security hole (toolbox is nologer with SUID)
dd if=/data/local/tmp/Superuser.apk of=/system/app/Superuser.apk # copy the superuser application
chown 0.0 /system/app/Superuser.apk
chmod 666 /system/app/Superuser.apk
#now this is done for busybox
dd if=/data/local/tmp/busybox of=/system/xbin/busybox
chown 0.0 /system/xbin/busybox
chmod 755 /system/xbin/busybox
finally it worked
yeeeees, damn you're good!!!! i have managed to root my b5330, root checher tell me that i am rooted and busybox is instaled...the only problem is that it shows me that i do not have installed superuser and supersu. Is there a problem if i just copy paste the apk file (supersu.apk and superuser.apk -> i've downloaded the pro version of bouth of them ) straight into the directory /data/local/tmp where it should be? or to copy-paste in another directory. Thanks in advance, CMD(and adb shell) gave me headache, but i finally got it an succedeed )) :victory::good:
ETTT said:
There commands are supposed to be given in a command line box (cmd on win).
where does it gives you error?
adb shell # enter the in the phone
dd if=/data/local/tmp/su of=/mnt/obb/su # copy the su binary to a place that can be sudoed
chown 0.0 /mnt/obb/su # modify the owner
chmod 6755 /mnt/obb/su # set SUID flag.
/mnt/obb/su # becomes root !!
mount -o remount,rw /system # remount the system partition as readwrite.
dd if=/data/local/tmp/su of=/system/xbin/su #copy su in path
chown 0.0 /system/xbin/su
chmod 6755 /system/xbin/su
chmod 755 /system/bin/toolbox # close the security hole (toolbox is nologer with SUID)
dd if=/data/local/tmp/Superuser.apk of=/system/app/Superuser.apk # copy the superuser application
chown 0.0 /system/app/Superuser.apk
chmod 666 /system/app/Superuser.apk
#now this is done for busybox
dd if=/data/local/tmp/busybox of=/system/xbin/busybox
chown 0.0 /system/xbin/busybox
chmod 755 /system/xbin/busybox
Click to expand...
Click to collapse
bogdan_rize said:
yeeeees, damn you're good!!!! i have managed to root my b5330, root checher tell me that i am rooted and busybox is instaled...the only problem is that it shows me that i do not have installed superuser and supersu. Is there a problem if i just copy paste the apk file (supersu.apk and superuser.apk -> i've downloaded the pro version of bouth of them ) straight into the directory /data/local/tmp where it should be? or to copy-paste in another directory. Thanks in advance, CMD(and adb shell) gave me headache, but i finally got it an succedeed )) :victory::good:
Click to expand...
Click to collapse
1. I'm glad you got it.
2. You should give thanks (that button) if I helped you.
3. I'm you dont read instructions. Maybe it's a problem with us romanian engineers, or maybe engineers in general
look at item 11. from my previous post. maybe I just c&p here.
dd if=/data/local/tmp/Superuser.apk of=/system/app/Superuser.apk
So, when you are in adb shell and you go root (su command, you get the promt with #) and you have the /system mounted rw.
Then any apk that you copy to /system/app folder will get intalled and when you list your application (the button with 16 squares) you should see it.
Have fun.
i was having trouble understanding adb shell and cmd from the begining. I never used this command tool...ever ) and i think from yesterday to this day i managed really ok . Anyway i think i will just copy-paste the superuser.apk in "app" folder directly in the system (it's the same thing, isn't it??). I have done that in item 11., and after a restart supersu was instaled, only superuser.apk didn't, i think i wrote something wrong in adb shell
ETTT said:
1. I'm glad you got it.
2. You should give thanks (that button) if I helped you.
3. I'm you dont read instructions. Maybe it's a problem with us romanian engineers, or maybe engineers in general
look at item 11. from my previous post. maybe I just c&p here.
dd if=/data/local/tmp/Superuser.apk of=/system/app/Superuser.apk
So, when you are in adb shell and you go root (su command, you get the promt with #) and you have the /system mounted rw.
Then any apk that you copy to /system/app folder will get intalled and when you list your application (the button with 16 squares) you should see it.
Have fun.
Click to expand...
Click to collapse
hihihi
neeeah, my bad, i thought that in "superuser_stuff" is superuser and supersu files, it was just su->for superuser.apk, easy peasy, it worked and installed from the first time...it was just me verry verry dizzy and confused. Your guide is 100% OK, my phone is rooted and now i can enjoy !!!
ETTT said:
1. I'm glad you got it.
2. You should give thanks (that button) if I helped you.
3. I'm you dont read instructions. Maybe it's a problem with us romanian engineers, or maybe engineers in general
look at item 11. from my previous post. maybe I just c&p here.
dd if=/data/local/tmp/Superuser.apk of=/system/app/Superuser.apk
So, when you are in adb shell and you go root (su command, you get the promt with #) and you have the /system mounted rw.
Then any apk that you copy to /system/app folder will get intalled and when you list your application (the button with 16 squares) you should see it.
Have fun.
Click to expand...
Click to collapse
can you release xdelta patch for your XWALH3 because we have the same device..
phyxar said:
can you release xdelta patch for your XWALH3 because we have the same device..
Click to expand...
Click to collapse
I've started a new more universal thread:
http://forum.xda-developers.com/showthread.php?t=1965600
There you have the shell-script that will patch the firmware for you.
If you still want an xdelta patch I'll make one for you but:
Give a man a fish and it will be full for the day, teach him how to fish and it will never go hungry again.
Have fun.
ETTT said:
ok here it is the modified firmware.
dl.transfer.ro/myfrm-transfer_ro-29oct-8a4089.zip
Click to expand...
Click to collapse
Hello, i'm new here and i don't know about scripting, so need your help..
i downloaded your firmware and install it to my b5330 and did the cmd command, and it worked, thanks..:good:
but now i've a new problem that my b5330 can't type a question mark ('?').. can you help me please..
whenever i want to type a question mark it always typed a comma (',') in the screen..:crying:
it also it change the symbol and language key to emoticon and symbol, but that's not a problem for me..
andhikarogue said:
Hello, i'm new here and i don't know about scripting, so need your help..
i downloaded your firmware and install it to my b5330 and did the cmd command, and it worked, thanks..:good:
but now i've a new problem that my b5330 can't type a question mark ('?').. can you help me please..
whenever i want to type a question mark it always typed a comma (',') in the screen..:crying:
it also it change the symbol and language key to emoticon and symbol, but that's not a problem for me..
Click to expand...
Click to collapse
That's because you have use the romanian firmware. whitch has a qwerty layout keyboard.
you have to do it the right way:
first. find the firmaware for your region:
http://samsung-updates.com/device/?id=GT-B5330
second. find a linux machine and run the script from the thread.
It is unrealistic for me to just upload all the 40 version of the firmware patched.
That is why I've made the script.
If you don't have a linux machine then look for a virtual box ubuntu and run on it.
Cheers.
I'm trying to understand why I still get such "Permission denied" errors though I'm UID root.
I will describe my setup and particular error, but I think a proper explanation of what's happening may interest others.
I just need occasional root shell for reverse engineering sessions, and from what I know, a simple way to achieve this is to boot a modified initial ramdisk that contains a properly modified /default.prop, and/or a setuid shell, and/or some kind of su command.
I managed to successfully boot the device (Moto G) with my custom modified image using "fastboot boot custom_boot.img".
First I can verify it's actually "my initrd.img" that's in use:
Code:
[email protected]_umts:/ $ cat /default.prop
#
# ADDITIONAL_DEFAULT_PROPERTIES
#
[I]ro.secure=0[/I]
ro.allow.mock.location=0
[I]ro.debuggable=1[/I]
This does _not_ allow me to get root shell (with "adb shell"):
Code:
[email protected]_umts:/ $ id
[I]uid=2000(shell)[/I] gid=2000(shell) groups=1003(graphics),1004(input),1007(log),1009(mount),1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),3002(net_bt),3003(inet),3006(net_bw_stats) context=u:r:shell:s0
So, I added a setuid copy of /system/bin/sh to the initial ramdisk, at "/sbin/shell0".
Code:
[email protected]_umts:/ $ ls /sbin/shell0 -l
[I]-rwsr-xr-- root shell[/I] 157424 2014-07-14 16:08 shell0
[email protected]_umts:/ $ /sbin/shell0
# id
[I]uid=2000(shell)[/I] gid=2000(shell) groups=1003(graphics),1004(input),1007(log),1009(mount),1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),3002(net_bt),3003(inet),3006(net_bw_stats) context=u:r:shell:s0
# exit
[email protected]_umts:/ $ /sbin/shell0 +p
[email protected]_umts:/ # id
[I]uid=0(root)[/I] gid=2000(shell) groups=2000(shell) context=u:r:shell:s0
[email protected]_umts:/ # ls /data/
[I]opendir failed, Permission denied[/I]
Here, it appears that I have to use the "+p" flag to prevent the shell to immediately get back to the real user id (2000), despite the suid bit is set on /sbin/shell0.
But I don't understand I don't have the permission neither to open simple directories as /data, nor to read the interesting stuff in the /proc subsystem, though I'm uid=0 (root).
I've also tried adding to the initial ramdisk a simple su command, at /sbin/test_su, that does the setuid(0)/setgid(0)/execve(...) thing (snippets available at android.googlesource.com).
But though this properly keep the supplementary groups I had lost within the previous try above, I still can't read into /data:
Code:
[email protected]_umts:/ $ ls -l /sbin/test_su
[I]-rwsr-xr-- root shell[/I] 6316 2014-07-14 17:12 test_su
[email protected]_umts:/ $ test_su
[email protected]_umts:/ # id
[I]uid=0(root) gid=0(root)[/I] groups=1003(graphics),1004(input),1007(log),1009(mount),1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),3002(net_bt),3003(inet),3006(net_bw_stats) context=u:r:shell:s0
[email protected]_umts:/ # ls /data/
[I]opendir failed, Permission denied[/I]
From a un*x point of view, it seems weird to me that the shell still answers "opendir failed, Permission denied" while I'm uid/gid 0 (root).
I will continue to investigate, notably regarding SELinux which may enforce rules I'm not aware of, but would also greatly appreciate anyone who could put some light on this issue. At least for me it's an issue, as I don't understand what's happening.
Thanks.
t0kt0ckus said:
So, I added a setuid copy of /system/bin/sh to the initial ramdisk, at "/sbin/shell0".
Click to expand...
Click to collapse
Note that making a setuid shell executable might not be 100% reliable. When I've tried this with bash, it quickly realizes that getuid() != geteuid(), and drops the root permission.
I don't see this happening in your logs, but it's something to watch out for. Typically I've just used simple wrapper programs like the attached file to guarantee that the real/effective/saved UIDs are 0/0/0.
From a un*x point of view, it seems weird to me that the shell still answers "opendir failed, Permission denied" while I'm uid/gid 0 (root).
I will continue to investigate, notably regarding SELinux which may enforce rules I'm not aware of, but would also greatly appreciate anyone who could put some light on this issue. At least for me it's an issue, as I don't understand what's happening.
Click to expand...
Click to collapse
Chainfire is probably the best person to comment on Android SELinux matters. If you look through his old G+ posts you may be able to determine which restrictions apply to your security context.
Do you see any denials logged in dmesg? (Or is that inaccessible too?)
If there is a /selinux/enforce file, does it read back '0' or '1'?
Thank you for your answer.
cernekee said:
Note that making a setuid shell executable might not be 100% reliable. When I've tried this with bash, it quickly realizes that getuid() != geteuid(), and drops the root permission.
I don't see this happening in your logs, but it's something to watch out for. Typically I've just used simple wrapper programs like the attached file to guarantee that the real/effective/saved UIDs are 0/0/0.
Click to expand...
Click to collapse
I've looked at your attached source, the main difference with my own wrapper is that you fork the process, I've tried also, behavior is the same. But, after reading your comment, I've modified my setuid/execve code, to make it more verbose about the real/effective/saved UIDs (using getresuid()).
Code:
[email protected]_umts:/ $ test_su
Initial UIDs
ruid: 2000
[B]euid: 0[/B]
suid: 0
Setting UIDs ...
New UIDs
[B]ruid: 0
[/B]euid: 0
suid: 0
[email protected]_umts:/ # ls /data/
[I]opendir failed, Permission denied[/I]
1|[email protected]_umts:/ #
It clearly appears that, POSIX speaking, all go fine until the "Permission denied" error:
the effective uid is already 0 (just after the "adb shell" command), which is expected and documented, as the content of my /default.prop prevents the shell to revert its effective uid to its real one, which would then be 2000 (shell)
after the setuid(0) call, the real uid is successfully set to 0, as expected, because the suid bit is set AND we were already privileged (if not privileged, setuid() should only change the effective uid, as for "man 2 setuid")
after execve(..), the whole prompt, "[email protected]_umts:/ #", again confirms the real uid is 0 (root)
Chainfire is probably the best person to comment on Android SELinux matters. If you look through his old G+ posts you may be able to determine which restrictions apply to your security context.
Click to expand...
Click to collapse
Yes, I definitely need to dig into the SELinux/Android stuff (see bellow), and will try to find the Chainfire posts you propose.
Do you see any denials logged in dmesg? (Or is that inaccessible too?)
If there is a /selinux/enforce file, does it read back '0' or '1'?
Click to expand...
Click to collapse
Neither dmseg (which is accessible) nor logcat shows any related error or warning.
I haven't any /selinux/enforce file, but it clearly appears from information bellow that SELinux is activated and enforced:
Code:
[email protected]_umts:/ $ getenforce
[B]Enforcing[/B]
[email protected]_umts:/ # setenforce 0
setenforce: Could not set enforcing status: Permission denied
[email protected]_umts:/ $ cat seapp_contexts
isSystemServer=true domain=system
user=system domain=system_app type=system_data_file
user=bluetooth domain=bluetooth type=bluetooth_data_file
user=nfc domain=nfc type=nfc_data_file
user=radio domain=radio type=radio_data_file
user=_app domain=untrusted_app type=app_data_file levelFrom=none
user=_app seinfo=platform domain=platform_app type=platform_app_data_file
user=_app seinfo=shared domain=shared_app type=platform_app_data_file
user=_app seinfo=media domain=media_app type=platform_app_data_file
user=_app seinfo=release domain=release_app type=platform_app_data_file
user=_isolated domain=isolated_app
user=shell domain=shell type=shell_data_file
user=log domain=log_app type=system_data_file
user=sprint_extension domain=carrier_ext type=platform_app_data_file
user=smartcard domain=smartcard type=smartcard_data_file
I'm a noob at SELinux, and I may be wrong, but I think a rule policy could prevent a user, being it root, to achieve certain actions. I need to read stuff about this.
The initial boot image that I modify (just add my suid shell /sbin/test_su) is the 4.4.2 one from sbf, and I expand/repack it using standard un*x tools (gunzip,cpio,...) and abootimg. Anything wrong with that ?
I build the C files using:
Code:
$ echo $CC
<android-ndk>/toolchains/arm-linux-androideabi-4.8/prebuilt/linux-x86_64/bin/arm-linux-androideabi-gcc --sysroot=<android-ndk>/platforms/android-19/arch-arm
$ $CC -o test_su test_su.c
Should I use particular flags for gcc, to make it produce SELinux aware object files ?
[EDIT: stupid question, answer is no]
Again, thanks for your help and ideas.
Just for information (for thus who are as dumb as I am): acquiring uid=(euid=suid=)0 is of little or no help within a user application, you're (obviously) still constrained by capabilities you can't acquire unless involving some kind of exploit.
To get a shell that's not restricted by the SE policies (on the 4.4 branch), the main way seems to have somewhat a system daemon capable to spawn /system/bin/sh with appropriate privileges/capabilities upon su client requests: so you again need an exploit.
So, for my understanding, starting with KitKat you can't anymore get a useful adb root shell through the uid=0 thing (traditional su), you have either to flash a custom rom or involve an exploit.
i can't root Samsung galaxy a02 -- SM-A022F/DS Build No: A022FXXU2BUI3 , android 11 , i dont know what to do for rooting and i dont have firmware file (bootloader unlocked)
To get the superuser access ( AKA root ) to be able to control various aspects of Android OS means you need to perform a certain modification that will root your phone's Android. An unlocked bootloader isn't needed to root Android.
Here is what you have to do to root your device's Android:
Replace Android's Toybox binary - what is a restricted version by default - by unrestricted Toybox v0.8.5.
This e.g. can get achieved by means of a Windows command script making use of ADB coomands.
jwoegerbauer said:
To get the superuser access ( AKA root ) to be able to control various aspects of Android OS means you need to perform a certain modification that will root your phone's Android. An unlocked bootloader isn't needed to root Android.
Here is what you have to do to root your device's Android:
Replace Android's Toybox binary - what is a restricted version by default - by unrestricted Toybox v0.8.5.
This e.g. can get achieved by means of a Windows command script making use of ADB coomands.
Click to expand...
Click to collapse
hi , i dont know what is toybox or i dont know really what to do can you tell me step by step please? i have ADB already
dleaderp said:
hi , i dont know what is toybox or i dont know really what to do
Click to expand...
Click to collapse
Typically people do a Google search like "Android Toybox" ...
To save you this search: Toybox is a suite of Linux commands ported to Android.
The commands supported are
Code:
acpi arch ascii base64 basename blkid blockdev bunzip2 bzcat cal cat
catv chattr chgrp chmod chown chroot chrt chvt cksum clear cmp comm
count cp cpio crc32 cut date devmem df dirname dmesg dnsdomainname
dos2unix du echo egrep eject env expand factor fallocate false fgrep
file find flock fmt free freeramdisk fsfreeze fstype fsync ftpget
ftpput getconf grep groups gunzip halt head help hexedit hostname
hwclock i2cdetect i2cdump i2cget i2cset iconv id ifconfig inotifyd
insmod install ionice iorenice iotop kill killall killall5 link ln
logger login logname losetup ls lsattr lsmod lspci lsusb makedevs
mcookie md5sum microcom mix mkdir mkfifo mknod mkpasswd mkswap mktemp
modinfo mount mountpoint mv nbd-client nc netcat netstat nice nl nohup
nproc nsenter od oneit partprobe passwd paste patch pgrep pidof ping
ping6 pivot_root pkill pmap poweroff printenv printf prlimit ps pwd
pwdx readahead readlink realpath reboot renice reset rev rfkill rm
rmdir rmmod sed seq setfattr setsid sha1sum shred sleep sntp sort
split stat strings su swapoff swapon switch_root sync sysctl tac tail
tar taskset tee test time timeout top touch true truncate tty tunctl
ulimit umount uname uniq unix2dos unlink unshare uptime usleep uudecode
uuencode uuidgen vconfig vmstat w watch wc which who whoami xargs
xxd yes zcat
As you might see su is the ROOT functionality.
dleaderp said:
can you tell me step by step please? i have ADB already
Click to expand...
Click to collapse
Actually I'm working on a Windows command script that makes use of ADB what does the job. I'll publish it here when finished:
[TOOL][ADB]][Windows] A 100% Safe Non-systemless Root Tool - No Soft-bricked Adroid Guaranteed
Grant Root Privileges to Regular Users Using Devices With Android 6 and up by Simply Upgrading Android's Multi-command Applet Toybox.
forum.xda-developers.com
jwoegerbauer said:
Actually I'm working on a Windows command script that makes use of ADB what does the job. I'll publish it here when finished:
Click to expand...
Click to collapse
happy to hear that xd
i got a last question, i think my phone's storage is shrunked after i used firmware is it possible ? if yes how can i fix it. it was 32 gb now its 8gb
i fixed i used another firmware i'll be wait for your ADB