We need to get developers onto the ZMax 2 root because we all know how long the original ZMax root took. We have already figured out that all one click roots do not work with this phone, so like how the original team did, I believe we need to find a way to temp root put a custom recovery on and flash SU. Now I'm not a developer but we need to start somewhere.
Task List:
Temp Root
Recovery (For Root)
Root
Rom (Long Term Goal)
So if you are a developer, please help the ZMax 2 is a great phone.:fingers-crossed:
we do so bad! I've tried every one click app
jgrosstephanjr said:
We need to get developers onto the ZMax 2 root because we all know how long the original ZMax root took. We have already figured out that all one click roots do not work with this phone, so like how the original team did, I believe we need to find a way to temp root put a custom recovery on and flash SU. Now I'm not a developer but we need to start somewhere.
Task List:
Temp Root
Recovery (For Root)
Root
Rom (Long Term Goal)
So if you are a developer, please help the ZMax 2 is a great phone.:fingers-crossed:
Click to expand...
Click to collapse
Yes yes yes. We need root access on this device
---------- Post added at 04:25 AM ---------- Previous post was at 04:08 AM ----------
Someone help us please. This device it's great for the price. It has many users. Devs needed bad! I
It's a kick a$$ little phone. It has and the biggest bang for the buck all day long: It has a 720 X 1080 HD5.5" screen, 2GB of RAM, 3000 mah "removable" battery, SD 410 (as opposed 200, 210 or 400 in that price range) and expandable micro SD for $79? Works as good on T-Mobile if you unlock it as any other T-Mobile phone would, and with LTE band 12. And the unlock is free too, just cant beat it.
Aside from not having a Super AMOLED quad HD screen and the camera not being the highest quality, it's as good as my Note 4 (for my usage). I would think there'd be tons of these floating around for some dev's to try and get root, but maybe it's just that tough a nut to crack...
Price is perfect to test now!
mewcatchew said:
It's a kick a$$ little phone. It has and the biggest bang for the buck all day long: It has a 720 X 1080 HD5.5" screen, 2GB of RAM, 3000 mah "removable" battery, SD 410 (as opposed 200, 210 or 400 in that price range) and expandable micro SD for $79? Works as good on T-Mobile if you unlock it as any other T-Mobile phone would, and with LTE band 12. And the unlock is free too, just cant beat it.
Aside from not having a Super AMOLED quad HD screen and the camera not being the highest quality, it's as good as my Note 4 (for my usage). I would think there'd be tons of these floating around for some dev's to try and get root, but maybe it's just that tough a nut to crack...
Click to expand...
Click to collapse
And its $50 All over the place too. Check SlickDeals for info. I just bought two and I would love to see it rooted soon!
Upvote this to start a ZTE ZMax 2 forum: http://forum.xda-developers.com/showpost.php?p=67089358&postcount=20523
Can somebody confirm that Kingo works?
See: http://forum.xda-developers.com/android/development/potential-breakthough-rooting-zmax-2-t3391261
zte for developers only
jgrosstephanjr said:
We need to get developers onto the ZMax 2 root because we all know how long the original ZMax root took. We have already figured out that all one click roots do not work with this phone, so like how the original team did, I believe we need to find a way to temp root put a custom recovery on and flash SU. Now I'm not a developer but we need to start somewhere.
Task List:
Temp Root
Recovery (For Root)
Root
Rom (Long Term Goal)
So if you are a developer, please help the ZMax 2 is a great phone.:fingers-crossed:
Click to expand...
Click to collapse
I purchased one a year ago and Ive become so frustrated by not finding a root Im prepared to offer it to someone else that can invest the time to find a root.The phone is in pristine condition,never even activated... email me for details,[email protected]
elimoviebuff said:
I purchased one a year ago and Ive become so frustrated by not finding a root Im prepared to offer it to someone else that can invest the time to find a root.The phone is in pristine condition,never even activated... email me for details,[email protected]
Click to expand...
Click to collapse
There is a root method for LG devices that involves getting the phone into download mode and then using a script to root it from there. Based on my admittedly limited experience with this phone, I think a similar approach should work.
That process is detailed on this thread, and I was able to duplicate it on my ZMax 2 almost all the way.
Step one involved pushing some files via ADB - Check!
Step two was to get into download mode. - Check! (vol + & vol - and then insert USB cable)
Step three was to figure out the port being used. Mine was COM 3 - Check!
Step four was to use the "Send_Command.exe" file to initiate the process. Check!
I got as far as getting the "#" prompt but then... Well, the script is written for LG devices with their specific partitions and directory structures. My guess/hope is that modifying this process slightly by changing the *.sh file would be enough, but I'll leave that to greater minds than mine.
Ok..for the record..an older version of kingo root DOES successfully give you root...the problem is having root does NOT give you write access to /system. The emmc is still write protected. The method used to unlock many other ZTE models ( http://androidforums.com/threads/zte-write-protection-for-zmax-and-other-zte-phones.1040331/ ) does NOT work on the Z958 which is the "Zmax2" for AT&T (LOL) <-- I'm not laughing..that's the model. The z955a which is the "Zmax2 unlocked version" DOES work with the method found. Lucky us I guess..then again you can't get the unlocked zmax2 for $60 at bestbuy which seems to happen fairly regularly for the z958. It's also currently fairly easy to get the z958 unlocked.
ZTE's response when contacted regarding the locked bootloader is:
Dear Valued ZTE Customer
Thanks for contacting ZTE.
We are sorry to inform you that we do not support unlocking the bootloader and rooting the device.
We apologize for the inconvenience
Should there be further assistance, please do not hesitate to contact us.
Best Regards!
-----
Yeah thanks bunches ZTE. That email convinced me not to look at the Pro or the Axon 7 until they HAVE a working root/twrp. The reason I want the bootloader unlocked is I want to be able to install twrp and backup my phone to prevent bricking issues.
We really need a zmax2 forum so this information can be shared better.
Once you have it rooted with kingo root it will stay rooted till you reboot...take the opportunity to give yourself a semi permanent adb root shell [ http://androidforums.com/threads/semi-permanant-root-shell.1039076/ ] (not the same as gaining root but will allow you to do things like "wm density #" to see what the current dpi density is (both real dpi and "override" dpi)....I've found "wm density 260" works quite well. The default is 320.
I've also fought with ZTE on phone and through I'm session and they kept telling me same thing they do not assist in unlocking bootloader or root because it voids warranty once they told me that and the axon 7 was said to have unlockable bootloader I took the chance to use that as my advantage on the warranty issue and told me that it would not be bout warranty void anymore and they kept trying to beat round the bush and just kept saying we can not assist you on unlocking bootloader or gaining root do to warranty void
ive temp rooted with kingo pc and gained semi permanent adb root shell but still no full root but my question is has anyone experienced KINGroot causing a block on boot with triangle and ! symbol in the triangle to go to a black screen with led ring blinking white and having to factory reset the whole phone
One of the problems is that there are 2 zte zmax 2 variants
Z955a root
Didn't find anythong for the ATT Z958 variant tho
Hey Guys,
I managed to get root, then tried to dd twrp to the recovery partition, no go, shes now a brick, I was able to grab a few things from the kernel image however:
default.prop
#
# ADDITIONAL_DEFAULT_PROPERTIES
#
ro.secure=1
ro.allow.mock.location=0
ro.debuggable=0
ro.zygote=zygote32
ro.build.version.security.patch=2016-05-01
camera2.portability.force_api=1
dalvik.vm.dex2oat-Xms=64m
dalvik.vm.dex2oat-Xmx=512m
dalvik.vm.image-dex2oat-Xms=64m
dalvik.vm.image-dex2oat-Xmx=64m
ro.dalvik.vm.native.bridge=0
persist.sys.usb.config=none
Click to expand...
Click to collapse
fstab:
# Android fstab file.
# The filesystem that contains the filesystem checker binary (typically /system) cannot
# specify MF_CHECK, and must come before any filesystems that do specify MF_CHECK
#TODO: Add 'check' as fs_mgr_flags with data partition.
# Currently we dont have e2fsck compiled. So fs check would failed.
#<src> <mnt_point> <type> <mnt_flags and options> <fs_mgr_flags>
/dev/block/bootdevice/by-name/system /system ext4 ro,barrier=1,discard wait
/dev/block/bootdevice/by-name/userdata /data ext4 nosuid,nodev,barrier=1,noauto_da_alloc,discard wait,check,encryptable=footer
/devices/soc.0/7864900.sdhci/mmc_host /storage/sdcard1 vfat nosuid,nodev wait,voldmanaged=sdcard1:auto,noemulatedsd
/dev/block/zram0 none swap defaults zramsize=536870912
/dev/block/bootdevice/by-name/oem /persistent emmc defaults defaults
Click to expand...
Click to collapse
Zmax 2 unlocked rooting questions
Hello everybody, I have the unlocked variant of the zmax 2 , how easy is it to root this phone, is it possible? I only need temporary root anyway for a one time use, if full root is possible then touché, and also do I need a computer to do this, mines in need of a new SSD to run the OS so until I get that I have no computer access
Not sure where to put this
So, let me say that I have fully rooted the phone. I was able to figure out the partitions to the phone and extract all of them, including the boot.img and recovery.img. The bootloader is still locked as far as I know. Even though ZTE won't release the unlock code for the phone, is it possible to unlock it anyways? If so, then how. I really would like to participate in this endeavor for the community. Any feedback or help would be appreciated. I have spent almost two weeks on this phone, not bad for the money, but would love to design a custom rom for it. Thanks.
Enable USB debugging
Get adb (most know how)
Type in this command through adb:
adb reboot disemmcwp
Now use the PC version of Kingo Root
After that there are methods out there for replacing kinguser with supersu (if you choose to do this be careful it may brick your phone) otherwise keep kinguser.
Here is the current update: Android 6.0.1 Marshmallow
Why not use the official released today. Won t let me post the link but it is on ATT today.
I have bought the AT&T version and unlocked it now and using with a different sim, could anyone let me know how to get the Marshmallow update.
I used Debloater to remove the bloatware.
I also have the z958 (ATT Go Phone ZMax 2) that I've unlocked and using with T-Mobile.
While Root and customer ROM are unlikely, I hope we can update to recently released Marshmallow update from ATT.
From what I gathered, you can only update to Marshmallow with active ATT service through phone.
Is it possible for someone to extract the update and upload it so others can update it via SD card or something?
Hopefully phone would remain unlocked.
It should be possible. I did this for an update to the original Zmax on T Mobile.
Related
Temp Root on LG G Stylo LS770 M 6.0 ( Boost / Sprint )
Attention if you decide to try this and end up with a BRICK / Expensive paperweight or your device decides to transform and destroys your home town that's on you. You have been warned . So just read all of this instructions (and read the O.P more then once)
I can confirm temp root on the LG G Stylo LS770 M 6.0 ( Boost / Sprint ) . Perm root will work with Android OS 2.1 - 5.1 & TEMP Root for Android OS 6.0 - ?
Downloads
Download King root ( Suggest from their website and not the Play store ) http://www.kingroot.net/
Download BusyBox from the Play store ( I suggest BusyBox from Jrummy ) https://play.google.com/store/apps/details?id=com.jrummy.busybox.installer&hl=en
Download a Root Cheaker to verify root , I suggest https://play.google.com/store/apps/details?id=com.joeykrim.rootcheck&hl=en
Instructions
Download all the necessary APP's and Files .
Run KingRoot and just follow the in app instructions ( Normally you will get to around 23% and the app will say failed to root device but it hasn't yet for me )
Run whatever Root checker you decided to download and verify root ( if you didn't obtain root just run KingRoot again )
Run and install BusyBox
PROFIT
Now you are able to use Apps and Mods until you re-boot your phone.
-Permanent root is reversible, open the app and there will be a button to unroot
-Temporary root will be removed after a reboot
Temporary root
These are usually one-step apps that you install on your phone, and they give you root access until the next time your phone is restarted. They are a great way to get your feet wet,and you can do a lot with them -- both good and bad. The ease of use makes temporary rooting pretty popular, and it's a fine choice if your reasons for rooting are to use root-enabled apps from the Market.
That being said, some apps just aren't going to work unless you go all out and permanently root your phone. This depends a lot on which phone you're using, as manufacturers have an endless supply of dirty tricks to keep the hardware you paid for under lock and key. You'll either have to ask users with the same model as you're using, or use trial and error. The good news is that the popular root-enabled apps, and the ones you're most likely to want to use should work without a problem. Titanium Backup, Wireless Tether, Root Explorer and the like should do just fine.
The last thing to keep in mind, is that not all changes will be permanent. For example -- using a utility to "freeze" bloatware (applications from your carrier that you don't want or need) may not keep them frozen and hidden after a reboot. Also some of the newer HTC phones have an evil little bug a feature that reverts any changes you have made to the system, bringing it back to the way it was before you started hacking away at it. In those cases, the only fix is to perma-root your phone.
Permanent root
This is where things get a bit hairy. Some phones, like the Nexus One, don't need to be rooted -- they can be unlocked via the Android SDK and modified at will. Other phones, like the OG Droid, are really easy to root, and will only take a few minutes. Finally, some phones, like the T-Mobile MyTouch 4G force you to jump through flaming hoops and follow often cryptic instructions, laden with warnings about bricking your phone. That's a whole 'nother rant for a different venue, but it does need said so that you know what you may be getting yourself into. You'll need to do your homework, ask any questions you feel are unanswered or are unsure of, and weigh all this into your decision. Everyone who says "It's easy!" (including me) really means they found it easy -- that doesn't necessarily mean you will.
Now that I've sufficiently scared you, it's time to talk about why anyone in their right mind would go through this. Besides the advantages of keeping changes persistent between reboots, and those few Market apps that won't work with a temp-rooted phone, you have what many consider the best part of owning an Android phone -- custom ROMs.
To flash any custom recovery, kernel, or ROM, you're going to need to have permanent root access to your phone. Flashing new firmware is very low level stuff, and you need read and write access to everything. The good news is that usually the rooting is the most difficult part, and a custom recovery gives you access to a tool that can take a snapshot of your system, and save it as a restore point. That's a good thing, because once you start flashing, you're hooked -- and a single command restore is priceless.
Hopefully I've helped a little in your decision making, and remember -- there is always help in the XDA forums. Find the specific area for your model of Android phone, and look for the link at the top to the hacking section. Those guys live for this stuff, and will steer you in the right direction.
LG G Stylo LS770 MM Restore Files
Due to the overwhelming private messages about kingroot and other rooting apps softbricking phones i have posted a fix for the Boost Mobile LG G Stylo LS770 on MM (6.0) . Here are all the files needed to restore a bricked LS770 on MM .
Needed Files:
https://mega.nz/#F!SM9iQILQ!vr9cFE8wxGnqUxvJ0Pr-Og
instructions:
http://forum.xda-developers.com/showpost.php?p=64624324&postcount=2
(Most users can skip step 8)
Somehow after freezing few apps most Google one, rebooted and got code: 1003 system been modified and stuck in boot loop at initial boot, just reboots after LG logo. Tried to factory reset and LG tool, already running 6.0 latest OS. Had root, busy box easy install and rebooted it, stuck. Soft brick?
I'm sorry to hear that , I've personally never had a problem uninstalling apps on the LG G Stylo but i only really uninstall the bloat from my carrier . There is a Safe To Debloat Guide for our phone but I haven't personally tried it out yet .
Sadly we don't have the KDZ file for our phone so you cant just simply re-flash your phone . But hopefully that doesn't mean we cant get your phone back up and running . There are a few different things we can try .
Can you give me all the information about your phone as you can like carrier, model number , software version and so on .
Linux215 said:
I'm sorry to hear that , I've personally never had a problem uninstalling apps on the LG G Stylo but i only really uninstall the bloat from my carrier . There is a Safe To Debloat Guide for our phone but I haven't personally tried it out yet .
Sadly we don't have the KDZ file for our phone so you cant just simply re-flash your phone . But hopefully that doesn't mean we cant get your phone back up and running . There are a few different things we can try .
Can you give me all the information about your phone as you can like carrier, model number , software version and so on .
Click to expand...
Click to collapse
Boost Mobile
LG LS770 / ZNFLS770
6.0 ROM
KingRoot
Rom Toolbox Pro
Busybox
Froze All google bloatware and bloatware and backed it up before freezing and re-booting
and
[650] or [640] 7 lines straight down
----------------------------------------------
Secure booting Error!
Error Code : 1003
MODIFIED !!
----------------------------------------------
Thank you for the information.
Lets start by seeing if just flashing the latest Update zip for M 6.0 will get your phone back up and running. It should take you back to stock and update the system file . it's a untouched update zip .
You can find all the necessary files, downloads and instructions here.
https://mega.nz/#F!PksQAaoA!tgopiux4KU849_yta4zHlg
Thank you for the file
What extSD partition should be in and what size should it be? It's in FAT32 64GB right now
Re-sizing it into 8GB FAT32 then will try exFAT and then NTFS still in 8GB
Recovery displaying failed to mount extSD, failed update from External SD
Will update after changes for the next 30-60 minutes
=========================================================
[LGE][RECOVERY] first_status is 6
Supported API: 3
E:failed to mount /sdcard (Unknown error 150)
-- Couldn't mount /sdcard.
Installation aborted.
==========================================================
Got into ADB bootloader and after # I get
Hello, I am LAF, Nice to meet you. #
---------
I can list folder contents in device #ls
as soon as I try to open any folder I get Hello, I am LAF, Nice to meet you. #
You got LAF ..... Ive only ran into her a couple times and i still dont understand if she's mocking us .
But don't partition anything quit yet , we might be able to just flash the system img with a command line . Do you have adb and everything set up ?
I'll be able to help more when i get home from work .
Here's a helpful video from YouTube that might help https://youtu.be/Za9H7TgeZ50
, i will be leaving all the LG files in my cloud just in case you need the original zip
I just went out and got me another one. I tried ADB and it was all LAF constantly.
Will wait till stable root available and possibly unlocked bootloader, 6.0 got it locked pretty complicated.
Ya they did a number on locking this device . How were you able to get a replacement so fast ?
I'm just hoping we can get fastboot working so we don't have these types of problems.
Linux215 said:
Ya they did a number on locking this device . How were you able to get a replacement so fast ?
I'm just hoping we can get fastboot working so we don't have these types of problems.
Click to expand...
Click to collapse
PM'd you
Any way to root boost mobile only to edit hosts file and then un-root to prevent LAF lock-down?
I'll actually test if editing the build prop with temp root will allow the change to stick after a reboot .
Ive been spending all my free time trying to get fastboot running to tinker with temp root to much .
STAY AWAY FROM KING ROOT! I used King Root last night to obtain root on Marshmallow for my LGMS631 running the official T-Mobile update. Root was successful however the system became very unstable to the point which I decided to unroot and uninstall King Root completely. After restarting my phone I was prompted with Secure Boot Error and MODIFIED. If I didn't have access to a stock KDZ my phone would have been a complete paperweight with no other choice but to send it in to LG for repair. My suggestion to all LG G Stylo users that are not with T-Mobile or MetroPCS will be that you avoid King Root at all costs. Without a KDZ and the LG Flash Tool you will nit be able to recover from a soft brick.
No KDZ available for Boost/Sprint
Anyone got a way to edit hosts file?
Do not root 6.0 boost until bootloader has been unlocked.
it will need to be rooted
it will need to be rooted
as stock marshmallow 6.0 uses too much memory upto 886 mb
only 65 mb free
As of right now we haven't been able to pull the system.img
Sent from my LG-ls990 using XDA-Developers mobile app
Doesnt look like any root for us virgin, boost or sprint stylo owners, shame. Glad its just my sons phone.
HD-man said:
Any way to root boost mobile only to edit hosts file and then un-root to prevent LAF lock-down?
Click to expand...
Click to collapse
Yes. I did replace the hosts file with using kingroot. I rebooted and was fine. I later bricked it doing something else and sent it to LG for free repair. I haven't rooted since. Isn't there the tot files posted to recover from a brick on Boost?
Now I'm using NetGuard (here on XDA) that uses a VPN instead of root to implement a hosts list. I also have my DPI set to 270 but that can be done via ADB without root. :]
So, as some here probably know, there was a huge linux kernel vulnerability that was discovered recently, that i *believe* gives every android device root access, called the Dirty COW exploit. I am just wondering if anyone has actually tried applying this to the G5, as imagine it should work with no issues. If not, maybe i will have to look into it a little deeper to see if i can get it working this weekend.
It does work on the VZW G5, but the issue we all need to consider before applying it is how to undo it. Root access alone isn't all that significant if we can't flash an original image (which requires an unlocked bootloader, unless I'm mistaken).
If you modify /system, OTAs won't apply, meaning you're stuck on whatever version you decided to root. This could be pretty terrible, especially for most of us XDA users, who enjoy being on the cutting edge!
phishfi said:
It does work on the VZW G5, but the issue we all need to consider before applying it is how to undo it. Root access alone isn't all that significant if we can't flash an original image (which requires an unlocked bootloader, unless I'm mistaken).
If you modify /system, OTAs won't apply, meaning you're stuck on whatever version you decided to root. This could be pretty terrible, especially for most of us XDA users, who enjoy being on the cutting edge!
Click to expand...
Click to collapse
I don't think an unlocked bootloader is necessary. The G2 and G3 were never unlocked, but all the roms were bumped.
I wonder if the 15A update from today will patch this loophole?
:crying:I would think some type of memory management or memory encryption patch to greatly reduce the chances of successful bit flips!! Verizon kinda sketchy on details, pushed this out rather quick, sure signs of "hmm, maybe I'll wait on this update!!":good:
Is it works on VZW LG G5 ? I need root access, temporary is ok.
I don't feel like messing up my phone until we have a guarantee root and recovery like the g2
Edit heres a video someone made using this to root an HTC since it's kernel based I'm guessing that it should work
https://youtu.be/4xdMteqm994
Sent from darkharbinger81's Verizon lg g5 non rooted yet
I have installed debian on my laptop to try running this method hopefully soon I just hope the laptop I'm using can install the Android sdk or ndk plus my laptop is a 32 bit operating system so we'll see
Sent from darkharbinger81's Verizon lg g5 non rooted yet
Can we use CVE-2019-2215 exploit to gain root?
Here is a list of Phones affected by the hack.
A “non-exhaustive list” of vulnerable phones include:
Pixel 1
Pixel 1 XL
Pixel 2
Pixel 2 XL
Huawei P20
Xiaomi Redmi 5A
Xiaomi Redmi Note 5
Xiaomi A1
Oppo A3
Moto Z3
Oreo LG phones
Samsung S7
Samsung S8
Samsung S9
See the ars article for more details. I wonder if we have a dev willing to turn this into a root app? And what's the eta for that!
https://arstechnica.com/information...ty-that-gives-full-control-of-android-phones/
looks promising from what im reading about it, i have yet to find an application using it to look at though, also, i hardly know how to make a root so dont expect anything from me
There's a POC on the google thread...just need someone to provide the means to root...and/or just write a bit to the correct partition or whatever to enable OEM unlocking:
https://bugs.chromium.org/p/project-zero/issues/detail?id=1942
POC: https://bugs.chromium.org/p/project-zero/issues/attachmentText?aid=414885
Looks promising, sounds like we still need a dev to pick this up. It's all there just needs a properly setup root app and we can gain root.
Here is the poc compiled:
https://drive.google.com/file/d/10kJ9LvWq1AH1wdourLszXDMPSPbMMNXp/view?usp=drivesdk
You have to use an untrusted app i.e android terminal, termux, connectbot etc.. from the app copy it over to the apps home directory.. chmod +x poc3... then ./poc3.. itll tell you kernel was exploited if ur device is vulnerable..
i can confirm p2xl isvulnerable on latest firmware (will be patched in october updates on the pixels)
Dont know if it's possible or not, but I find kinda nonsense to root a device without unlocking bootloader. If you modify something inside the /system partition you need to disable dm-verity as well, for which you also need to flash non-samsung-signed kernel (thats the reason to unlock the bootloader), otherwise the device wont boot.
Also, forget about flashing twrp without UB
bamsbamx said:
Dont know if it's possible or not, but I find kinda nonsense to root a device without unlocking bootloader. If you modify something inside the /system partition you need to disable dm-verity as well, for which you also need to flash non-samsung-signed kernel (thats the reason to unlock the bootloader), otherwise the device wont boot.
Also, forget about flashing twrp without UB
Click to expand...
Click to collapse
I hear you, but if I can just get apps like adaway, titanium backup, etc I'll be happy. There are a lot of apps that need root that I don't also need a custom kernel and don't as far as I know alter the system partition. This limited root was available for many generations of galaxy and note phones.
Front page xda now...
https://www.xda-developers.com/zero...it-google-pixel-huawei-xiaomi-samsung-others/
Confirmed. My kernel is clear and root is planted. I am Verizon Pixel 2 android 10, different device but same. will post the process when i have a moment.
can't wait bought pixel 2 just because posted this
i think the POC is specific to Pixel 2. I tried it on a Pixel and Samsung S8 Active and no go. That said, this looks promising. I'm working on a version that will work with Samsung S8 Active. Wrt to root being useless without an unlocked bootloader - not so. There are ways to persist as root without an unlocked bootloader and writing to /system. Will post more if I get anywhere.
Does anyone know or can help with step by step process of using poc zip.I have pixel 2 and don't know how about using poc zip or process of flashing it,thank you Sean.
petiolarissean said:
Does anyone know or can help with step by step process of using poc zip.I have pixel 2 and don't know how about using poc zip or process of flashing it,thank you Sean.
Click to expand...
Click to collapse
push it to your phone using adb and run it in the shell. if you're vulnerable you should see "Exploited" if you run uname. this is an exploit that can be used to develop a root, but it needs development.
Yup, I was thinking of the same to use this as a root vulnerability..
I tried to use Qu1ckr00t to root the 955u on pie and it didn't work. The POC needs to be modified to support the s8 and its samsung kernel.
The PoC of Hernandez manipulates kernel data structures, the user process credentials, that are protected by Samsung real time kernel protection (RKP). Normally, the PoC should therefore not work on Samsung devices, or am I wrong with that?
The original PoC was reported to work on S8 and S9. But i fear this was only due to the PoC did not trigger RKP. Will have a look at the original PoC, to assess that ...
So mine ends on writev() returns 0x1000 which means I'm not vulnerable correct? Is that just because the poc isn't made to work with my device or am I not vulnerable in general.
We have https://github.com/grant-h/qu1ckr00t
AFAIK It needs to be modified for S8, currently only working for Pixel 2.
@elliwigy can you help here..
updesh94 said:
We have https://github.com/grant-h/qu1ckr00t
AFAIK It needs to be modified for S8, currently only working for Pixel 2.
@elliwigy can you help here..
Click to expand...
Click to collapse
many ppl have already made and posted the poc used there.. u just gotta look around.. but chances r it wont work unless ur device is vulnerable and the poc is tailored to ur kernel/device
i dont own any vulnerable devices so im not working on it personally..
This seems to only be exploitable on Oreo bootloaders.
"ANDROID: binder: remove waitqueue when thread exits." patched the exploit and was added to the G950U kernel when Pie was released.
Therefore, Pie is not exploitable and it seems that anyone running a V6 bootloader will not be able to use this exploit either.
The good news is, if you're running a V5 bootloader, it is theoretically possible to use this exploit. The bad news is I'm using a V6 bootloader. :/
pixlone said:
This seems to only be exploitable on Oreo bootloaders.
"ANDROID: binder: remove waitqueue when thread exits." patched the exploit and was added to the G950U kernel when Pie was released.
Therefore, Pie is not exploitable and it seems that anyone running a V6 bootloader will not be able to use this exploit either.
The good news is, if you're running a V5 bootloader, it is theoretically possible to use this exploit. The bad news is I'm using a V6 bootloader. :/
Click to expand...
Click to collapse
Wow, Thanks for clearing this up, I am on Pie but not sure If I am on the new bootloader or older one as I Never updated when the update mentioned you wont be able to downgrade. ?
so if anything I've been trying to root this s7 for some time now and have only achieved (stated by a root checker) a "broken shell" or "incomplete binary's" also that incomplete root by a 1 click auto root application still lingers on my phone. so I'm kind of looking for insight on ideas any ideas really, do I first need to remove this improper root before using the now apparently updated now capable one click root applications that are still failing but now initiating. (would that fix them and how do I do that?). I'm also open to flashing with Odin given correct Apk link to the correct Apk file for my phone, or any other method you think I could do... my phone and computer are ready to go usb debugging set up on both and oem unlocked.
My phone is Model: SM-G930U
Kernal: 3.18.71-14970140
Build number: R16NW.G930UUESACSI1
I believe a v8 bootlocker on phone along with the Qualcomm SnapDragon 820 processor.
ill be around for the next while and probably drop in periodically till my phone is rooted, thank you very much and please reply: Dylan
Hiee Guys ! I have used lots of android phones since 10 years and also familiar with them . I always try to root every phone but a problem is that every android phone cannot be rooted . So, please anyone tell me that how i can make root for any device and how i can make twrp for any device .
Thank You in Advance......
As far as compiling TWRP, you can start with this thread. Any device such as pixels upgraded to A10 don't have TWRP so because recovery has changed drastically and development of TWRP had not yet caught up.
Root is available for any device that is rootable. Magisk does a pretty good job of covering the bases and is under active development so properly reported issues are generally addressed.
Finding an exploit to be able to root a device is a different matter. Some, like pixels, are straightforward to root since if bought from Google (not a carrier directly) they have unlockable bootloaders allowing the installation of non-stock images. On a device that does not allow the bootloader to be unlocked, an exploit to achieve root must be found. That is often the issue combined with many of these devices do not attract developers to purchase them and thus no attempts are made.
Animesh._.Mamgain said:
Hiee Guys ! I have used lots of android phones since 10 years and also familiar with them . I always try to root every phone but a problem is that every android phone cannot be rooted . So, please anyone tell me that how i can make root for any device and how i can make twrp for any device .
Thank You in Advance......
Click to expand...
Click to collapse
If the device is a device that has a locked bootloader that can not be unlocked, you will not be able to use TWRP. These devices can only be rooted if there is a rooting app or rooting program available for PC or android that has an exploit that works on the device.
If the bootloader is locked, you won't be able to install TWRP or use TWRP to root the device and you will not be able to flash a Magisk patched boot.img to achieve root.
If there are no exploits available that are proven to work on the device, you won't be able to root the device.
Sent from my SM-S767VL using Tapatalk