One click root - T-Mobile LG V10 General

One click root is showing h901 now available.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Sent from my LG-H901 using XDA-Developers mobile app

sabresfan said:
One click root is showing h901 now available.
Sent from my LG-H901 using XDA-Developers mobile app
Click to expand...
Click to collapse
@sabresfan Have you tried it?

No you gotta pay for it.
Sent from my LG-H901 using XDA-Developers mobile app

Really?
That's really ****ty. Charge for a root? I'm sure they would still make plenty by doing donations like all developers do. Take care of the community, community takes care of you. What crooks.

Why anyone would pay for root when they can find it on XDA for free is beyond me. One Click Root takes methods that the community has developed and given away, then sells them. That almost meets the definition of crook if you ask me (unless they publicly give credit). OCR mostly is for bootloader locked devices that can't get root any other way.
I tried installing KingRoot/KingoRoot on my v10 recently, just to see if it would work. Nope. It used to work on Lollipop but not on Marshmallow. Now I'm using systemless Magisk and systemless phh Superuser (Magisk version). Works really well for the most part.

We are all wrong.
The root statement on all kind of androed devices, needs to be IMPOSED BY LAW SUIT to Gogle Inc.
Creating os like a REAL OS IS (with adm and password and root)
And something more:
IMPOSE TOO, each device, HAVES OBLIGATION TO COME WITH ORIGINAL ROM OF THE DEVICE RECORDED ON A CD ROM FOR REINSTALL AGAIN.
We are all wrong PAYING BUMS AND DUMB DEVICES LIJE TODAY THESE SUPERPRICED CHITS ARE.
Sent from Somefon

It's not illegal to root, but I doubt any court would ever order Google to preroot Android devices. Google would claim it's a security risk, and quite frankly, they would be right. This would open up the masses to all kinds of vulnerabilities. Most people can't handle a rooted device, not because they're dumb, but because they don't understand what root is, the responsibilities it entails, etc. But I personally still prefer to root. I'm willing to take a little less security in exchange for the power to do things I couldn't do otherwise.

Ha, security risk?
Windows have root, and is a security risk?
Linux and Unix-like haves root, and are security risk?
These mobiles are LINUX AND MICRO PC.
If this haves not root, is not mine!
The goglepleyservices is malware that "administry" remotely.
I hate apple untill DEATH!
HATE!
PROBABLY I WIL REPUDIE GOGLE SOON LIKE I DO WITH THIS DEVIL'S COMPANY APPLE INC.
Sent from Somefon
---------- Post added at 10:41 PM ---------- Previous post was at 10:37 PM ----------
Doing any kind of operational computer system where, these OS haves not root, it sounds like a Bum amateur pig (that uses JAVA AND LINUX) AND CREATE THEIR OWN DUMB OS WITH THINGS THAT ARE PROPERTY FROM OTHERS, AND WORST MORE: FURTHED BY THE PROPIETARY.
THIS IS ANDROID.
Sent from Somefon

Will this work on the 6.0.1 update?

@linsalata28: Most likely, no, since the One Click Root people usually root the device with KingRoot/KingoRoot. Last time I tried those on the v10 running MM 6.0.1, they failed. I tried with theirs apps as well as connecting my phone to PC. Your best best is to unlock your bootloader, install TWRP, then flash either systemless SuperSU, Magisk, phh's Superuser, any of those will work and are far superior to OCR. Why pay for OCR when you can get a superior root solution for free? They take methods developed by the Android community (oftentimes here at XDA), then charge money for this "service" that you can easily do yourself. Screw that crap.

AnonVendetta said:
@linsalata28: Most likely, no, since the One Click Root people usually root the device with KingRoot/KingoRoot. Last time I tried those on the v10 running MM 6.0.1, they failed. I tried with theirs apps as well as connecting my phone to PC. Your best best is to unlock your bootloader, install TWRP, then flash either systemless SuperSU, Magisk, phh's Superuser, any of those will work and are far superior to OCR. Why pay for OCR when you can get a superior root solution for free? They take methods developed by the Android community (oftentimes here at XDA), then charge money for this "service" that you can easily do yourself. Screw that crap.
Click to expand...
Click to collapse
Thanks I didn't even think of doing it that way. I was only asking because a few people had asked me. I rooted mine before the update. I tried the 20L but went back to 20J. I was having issues with the update.

Please help?!
I am new to this whole rooting thing, and I was wondering if I could get your expert advice on how exactly to root my LG v10, vs990, running 6.0 marshmallow. What are the first....to.....last steps I should take. There are a lot of pay-sites out there, like OCR, but I was hoping somebody here could walk me through how to do it myself. You seem to be extremely knowledgeable on the topic, so I thought I would reach out for your expertise. This will be my first phone that I root, and I don't want to brick it. Would you please advise and help teach a new student?
AnonVendetta said:
@linsalata28: Most likely, no, since the One Click Root people usually root the device with KingRoot/KingoRoot. Last time I tried those on the v10 running MM 6.0.1, they failed. I tried with theirs apps as well as connecting my phone to PC. Your best best is to unlock your bootloader, install TWRP, then flash either systemless SuperSU, Magisk, phh's Superuser, any of those will work and are far superior to OCR. Why pay for OCR when you can get a superior root solution for free? They take methods developed by the Android community (oftentimes here at XDA), then charge money for this "service" that you can easily do yourself. Screw that crap.
Click to expand...
Click to collapse

AnonVendetta said:
@linsalata28: Most likely, no, since the One Click Root people usually root the device with KingRoot/KingoRoot. Last time I tried those on the v10 running MM 6.0.1, they failed. I tried with theirs apps as well as connecting my phone to PC. Your best best is to unlock your bootloader, install TWRP, then flash either systemless SuperSU, Magisk, phh's Superuser, any of those will work and are far superior to OCR. Why pay for OCR when you can get a superior root solution for free? They take methods developed by the Android community (oftentimes here at XDA), then charge money for this "service" that you can easily do yourself. Screw that crap.
Click to expand...
Click to collapse
I'm coming from a Nexus 5X which suddenly died on me so I had to use this V10 I had as a replacement. I am a long time Nexus user so I am familiar with TWRP and rooting and all that. But this is the first phone I have used in a while that isn't as straight forward as the Nexus phones when it came to rooting. So I just have a couple questions about the V10. Is it as easy as you mention? Unlock bootloader, flash TWRP, then flash root. That's it? And I assume so but I'll ask anyway to make sure, doing this wipes the phone?
I may not even root this thing but just in case I get curious enough to do it, I'd like to know if that's all it takes.
EDIT: I see there is no official TWRP for the V10 though.

I no longer own a v10, but I'll still try to help.
First, flash a stock Marshmallow KDZ via PC. v20L was the last KDZ I had used. Maybe Nougat is available for the v10 now? Either way, go with 20L, or else my steps might not work.
Next, Google for something called Dirty Cow exploit
Instructions here: https://github.com/jcadduono/android_external_dirtycow
Download all 4 files from here: https://build.nethunter.com/android-tools/dirtycow/arm64/
Install the latest LG United Mobile Driver
Install ADB drivers (Google for "15 seconds ADB")
Connect phone to PC, open CMD prompt as admin, then type "adb devices" (no quotes). USB debugging needs to be enabled for this to work. Check your phone, something should pop up about accepting an RSA fingerprint, say yes. Then type "adb devices" again, see if your phone is in the list, then make sure it doesn't say unauthorized.
Run through the steps for the DC exploit, I advise using Linux for this, but Windows should work (no luck for me, I booted into a live Fedora Linux distro on a USB stick, then installed android-tools via the commands "su" and then "dnf install android-tools" packages to get ADB and fastboot). If you did everything correctly you should have a modded boot image with SELinux set to permissive by default, as well as temp root. From here you can use the dd command in a terminal emulator (on the phone) to flash a TWRP img into the recovery partition. I forgot the exact command to type for that but it's not a long one. It should be on the Dirty Cow GitHub page.
Once done you can just reboot into recovery via the button combo, from there you can flash a systemless SuperSU zip for permanent root. Magisk will also work. I know most people use SuperSU or Magisk these days. But honestly, I don't use either anymore, SuperSU is still closed-source and is now owned by some shady Asian company. And Magisk, I had too many issues with it. So I'm going to take the time out to give a recommendation for my current fave root solution, called Phh's Superuser. It's very simple and elegant, you can find the download link for it in a thread here on XDA. And it's 100% open source and just works, and well at that. I had no issues with it on the v10. Grab the zip from the Phh thread, then boot to TWRP and flash it, simple as that. It will patch your boot image. Then wipe cache and dalvik cache, reboot back into Android, download the Phh's Superuser app from Play Store. You need this or it won't work. Once done just open the app, you'll see it's very simple as I've said. Nice and clean and uses next to no resources. Test some root apps with it, I think you'll like what you see. From here you can remove bloatware or mess with kernel settings, whatever you want, pretty much anything that needs root should work.
Hope this helped someone!

Related

[APP][4.0+] Root Transmission - Root other devices using your phone!

Root Transmission
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Root Transmission: the ONLY app that allows you to root other phones straight from your own device!
Inspired by Kos's p2p-adb hacking toolkit (http://hak5.org/episodes/hak5-1205), this app is a pleasant, easy way to root other phones while away from your computer! Just two buttons, Root and Unroot! Connect the cable and root away! It couldn't be simpler!
Even has its own terminal window so you can see exactly what's going on while your phone does its thing!
You will need a ROOTED device capable of USB hosting (USB On The Go), a USB OTG cable and one-click root scripts for the devices you wish to root.
Scripts and their associated files should be placed in /sdcard/RootTransmission/*devicename*/*version*/, otherwise it will not be available for use. *devicename* and *version* can be whatever you want.
Note that this is an UNSTABLE version, and you use this app at your own risk. Occasional force closes are to be expected (though they will most likely not break the phone you are trying to root). Incorrectly written scripts can permanently damage or brick both devices involved, so only use trusted 3rd party root scripts and at your own risk.
Click to expand...
Click to collapse
Screenshots
Changelog
1.01unstable
fixed bug that sometimes caused crashing when user closed app
fixed bug that caused app to crash if scripts directory did not exist
Much smaller size (166k)
made it for Android 4.0 and up (accidentally had it for 3.1 and up in Play Store, will re-add Honeycomb support if I find that it works reliably with it)
1.0unstable
initial public release
Click to expand...
Click to collapse
Planned features
Downloading scripts within the app
Nicer GUI
In-app help text
??? Suggest some!
Click to expand...
Click to collapse
(Removed from Play Store because Google said it was "dangerous")
Please do not mirror this apk, it is to be downloaded exclusively from XDA-Developers. Failure to comply will result in the removal of this app from XDA.
I've attached a zip with the files needed to root a Verizon Galaxy S3 (SCH-I535), extract it to /sdcard/RootTransmission/ to use.
Note that since I only have one USB host-capable device (my own S3), no warranty is provided over the functionality of this zip since I am unable to fully test it. (It is a repackaged version of the DebugFS one-click root found at http://forum.xda-developers.com/showthread.php?t=1883984 and thus will only work if the device to be rooted is running ICS, which shouldn't be a problem as of yet.)
Again, this is an unstable test version. It should mostly work, but no guarantees on its functionality.​
Reserved for future use
Reserved for future use.
what device is supported? what device supported that can be rooted?
chev said:
what device is supported? what device supported that can be rooted?
Click to expand...
Click to collapse
In order to run the app, your device (the device that is already rooted) must support USB hosting/USB OTG. Most newer devices have this.
This app uses adb and scripts (which you must provide) to root devices. If there is a root method for the device that uses adb, then it will work.
In the case of the Verizon Galaxy S3 (my primary device), the root method for a stock ROM is to use adb to push an exploit that will allow us to install Superuser and the su binary. I believe the Asus Transformer Prime uses a similar method.
If the only root method available involves using a program such as Odin/Heimdall or a manufacturer's phone flashing utility, or a zip must be flashed in recovery in order to gain root, it will definitely not work. In the case of the HTC Sensation, you must flash a recovery and boot into it, then flash a zip containing the su binary as well as a controller app such as Superuser in order to gain root. So the HTC Sensation could NOT be rooted with this.
In the future I plan on building a compatibility chart within the app to determine which phones can run this app and which phones can be rooted with it, as well as downloads for the rooting process. In the meantime, if there is a phone you are looking to root with this, let me know and if possible, I'll craft a zip to use with this.
Updated Root Transmission to 1.01unstable.
Following changes were made:
-bugfix: app occasionally FC'd when closing app
-bugfix: app crashed if scripts directory did not exist
-smaller size (166k, old version was 1.62mb)
-made it available only for 4.0 and up (had it set to 3.1 and up by accident)
Available in first post or in the Play Store.
Keep sending in those bug reports, it really helps!
Also, if you have any new features you want to suggest, let me know.
I'm considering the following so far:
-Downloading scripts in-app
-Nicer GUI
-Help text
Added script for the Asus Transformer tablets (TF101/TF201/TF300T/TF700T) to the first post. It will only root tablets on 4.0 or below.
This app looks promising, keep it up this great work, :fingers-crossed:
Theoretically could this run any script over adb on another device. not just a root one?
one x
Hey does this work with the one x international version?
I believe that in order for the app to work properly, adb must be running as root, so no. It's not possible to use this with a non rooted phone.
HTC One X should be able to be rooted (as well as other devices relying on fastboot), but I haven't added support for it yet. A fastboot binary for ARM is available, so I'll package that into the app for next release. Stay tuned. However, I don't know about unlocked bootloaders and all that on HTC devices, so beware.
I'm also going to take a look at the Heimdall source code later so that you can perform Odin flashes over USB. This means that basically any Samsung phone should be able to be rooted, even without a one click root script.
All this stuff will take time though, and with school still going on it might take some time. But I'm definitely working on it!
Sent from my SCH-I535 using Tapatalk 2
Would it be possible to use this app to flash unsecured boot.img and then recoveries? Basically have it set up to download the recoveries and boot.img from a ftp or something? Can we basically just use the host phone as a standard ADB and Fastboot commander? Using regular commands?
root tranmission
i download the file, and recive the next error while unstalling:
parse error
there is a problem parsing the package
there´s any fix?
thanks in advance
Draciel882 said:
Would it be possible to use this app to flash unsecured boot.img and then recoveries? Basically have it set up to download the recoveries and boot.img from a ftp or something? Can we basically just use the host phone as a standard ADB and Fastboot commander? Using regular commands?
Click to expand...
Click to collapse
This is on my to-do list. I might also include a terminal emulator with access to the app's adb/fastboot binaries.
teran220 said:
i download the file, and recive the next error while unstalling:
parse error
there is a problem parsing the package
there´s any fix?
thanks in advance
Click to expand...
Click to collapse
Try installing from Play Store.
wchill said:
This is on my to-do list. I might also include a terminal emulator with access to the app's adb/fastboot binaries.
Click to expand...
Click to collapse
That would be awesome, let me know if you need some help testing. I've been wanting to be able to do this for awhile. It would pretty much eliminate the need for a computer when flashing roms on devices that have their bootloader already unlocked.
how to check my device is usb otg/host capable ?
anazhd said:
how to check my device is usb otg/host capable ?
Click to expand...
Click to collapse
Use this app by Chainfire
https://play.google.com/store/apps/details?id=eu.chainfire.usbhostdiagnostics
Sent from my SCH-I535 using Tapatalk 2
Wow, the idea behind your software is brillant!
I yet see a future world in which handset liberation is achieved and spread among users in dark corners of the streets! :silly: :laugh:
Hey there wchill , seems like you are an app dev rookie as I seen some stuff , well you aren't so different from me , PM me , I will help you in your project , btw I have seen a small thing , that the Settings button does nothing , to remove it remove in your mainActivity the lines that say onCreateOptionsMenu , as long as you don't need an options menu !
EDIT : No offence for calling you a rookie , I may have underestimated you , because your work is amazing , but I was talking the Java side of your knowledge , sorry if I offended you !
seaskyways said:
Hey there wchill , seems like you are an app dev rookie as I seen some stuff , well you aren't so different from me , PM me , I will help you in your project , btw I have seen a small thing , that the Settings button does nothing , to remove it remove in your mainActivity the lines that say onCreateOptionsMenu , as long as you don't need an options menu !
Click to expand...
Click to collapse
I know that the options menu is there, but I'm planning on adding to its functionality so there's no point in removing it yet. Don't worry, I didn't forget about it
Also, I only have one year of experience in Java, so my skills definitely are not the most top notch out there. I'd say not bad for being self taught though.
Anyway, in app downloads should be working by this weekend, depending on how much homework I get this week. Did a lot of it today, just need to make the frontend for it. After that I'll work on improving the GUI, because I really couldn't be bothered to spend more than 5 minutes making it what it looks like right now.
Expect an update in the next few days
Sent from my SCH-I535 using Tapatalk 2

[MASTER THREAD] Fire HD 8 (2017) (7th Generation)

Hi,
This is a list (incomplete) of all the ROMs, mods, hacks, guides, etc. available for the Fire HD 8 (2017).
This was a root progress discussion thread, and I think there's too much valuable information here to just let it get buried. So, following @Rortiz2's suggestion this thread was transformed to a master thread with the aim of providing a complete guide for anyone wanting to mod their tablet.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Device Codename: douglas
Specifications:
SoC: Mediatek MT8163
CPU: Cortex-A53 (Quad Core 4x1.3Ghz)
GPU: Mali 720
RAM: 1.5GB
Android: 5.1 (FireOS 5.x.x.x)
Storage: 16/32GB
Includes a MicroSD slot
Battery: 3210mAh
Display: 8"
Front Camera: 2MP
Rear Camera: 2MP
The italicized text below are my comments/clarifications.
The root method was patched in 5.6.4.0 (some versions of 5.6.4.0 still work so you could try) It is advisable to disable OTA updates or unlock the bootloader immediately. It is still possible to unlock by a different method, check the bootloader unlocking thread.
Bootloader Unlock and TWRP:
[UNLOCK][ROOT][TWRP][UNBRICK] Fire HD 8 2017 (douglas)
This is an excellent and complete guide which has everything you need for this. Requires Linux, so you'll have to either install it as dual-boot or use a live system if you are not using it already. You don't need to downgrade if you are on 5.6.4.0.
Rooting:
You can flash Magisk using TWRP after bootloader unlock. Using Magisk is recommended because SuperSU is no longer supported, and Magisk has modules, Magisk Hide, and the root prompt is working (In SuperSU it's not working so you have to always grant root permissions which is a major security loophole)
Rapid Temporary Root for HD 8 & HD 10
This is the first software root method discovered for this tablet and is a really easy and quick method of getting a root shell, and the link has a complete guide on it. Refer here for installing SuperSU for permanent root, and here for an automated script for Windows.
[ROOT] Hardmod Root Your Amazon Fire HD 8 (7th Gen)
This is first root method ever discovered for this tablet and is a hardware root. This link has a complete step-by-step guide, assuming you have some soldering experience.
ROMs:
[ROM][unlocked]Lineage-12.1 for Amazon Fire HD8 2017 (douglas)
The first (and currently only) ROM for this device and it works great!
Miscellaneous:
Amazon Fire Toolbox, I have never tried this but it looks awesome!
Without root:
Removing accounts and viewing Usage Access settings which are hidden.
Debloating guide without root
With root:
A debloating guide made for HD 10, but works fine on the HD 8.
You can install apps as system apps just as on any other device, and you can use the app Link2SD for converting user apps to system apps. Refer to this StackExchange post for a guide on how to install apps as system.
Flashing GApps works well with TWRP, but the 16GB version doesn't have enough space in the system for even the pico version. Probably using pm uninstall on some system apps would work.
General Tips:
To return to stock or recover from a soft brick:
(Don't use this if you have already unlocked your bootloader: if you want just stock FireOS flash it through TWRP, and if complete stock follow the guide in the unlock thread)
(This assumes that you have ADB installed, I would not advise you on how here, there are numerous guides waiting for a Google search. This will erase your data.)
Download your current FireOS or a later firmware version. You can find the latest over at Amazon's website.
Boot to the recovery mode of your tablet, and use the volume and power buttons to select "Apply Update via ADB".
Now connect the tablet to a PC with a USB cabke, open a command prompt or shell on the directory where you downloaded the firmware BIN, enter the command adb sideload X.bin (replace X with the name of the BIN) and wait until finished (DON'T disconnect your device from the PC)
Now select "Wipe Data/Factory Reset" and "Yes" to wipe data (you can skip doing this if you want your data, but note that the tablet may bootloop or complain about corrupted data)
Select "Reboot system now"
The firmware BINs are just renamed ZIP files: you can rename it from .bin to .zip and treat it as such.
Amazon employs an anti-rollback mechanism which could permanently brick your device if you flash an older version through adb sideload. If you really want an older FireOS, you can rename .bin to .zip and flash them through TWRP after unlocking.
The stock launcher AppID is com.amazon.firelauncher, the stock keyboard is com.amazon.redstone, and the OTA update apps are com.amazon.device.software.ota and com.amazon.kindle.otter.oobe.forced.ota.
Again, this list is incomplete, so please suggest any additions in the comments! (don't hesitate to suggest your own work-the target of this thread to be a comprehensive and complete guide on everything about this tablet)
Good luck modding this tablet!
Thread before changing to a master thread (for historical purposes )
NOW WE HAVE AN UNLOCKING METHOD WITH TWRP! THE CONTENT BELOW IS OUTDATED.
Hi,
Now, I'm sick of Amazon's bloat slowing my tablet, and the frustration of not being able to use root apps. Fire HD 10 got rooted, but HD 8 and HD 7 are still in dark. HD 7 users can at least downgrade their devices and hope for a root exploit, but HD 8 users can't. If anyone else wanting to root this tablet and make it super fast, get rid of Fire Launcher, use Xposed, remove bloat, etc., let's collaborate with this!
LATEST RELEASE - Fire OS 5.3.6.4/Fire OS 5.6.3.4
SECURITY PATCH - ???
KERNEL VERSION - 3.18.19
List of possible software root methods:
1.) eMMC overwriting
Thanks to the hardware root method, we have a full eMMC dump so using the loophole in the flash unlock process which causes overwriting partitions next to it, we could overwrite on all the way, flashing original things, to the system partition and then flash a modified system partition.
Additions to the list are welcome!
List of possible exploits
Additions to list are welcome!
1.)CVE-2017-8890
Status: Confirmed possible.
Description: As I think, this is the most exploitable currently. Running the PoC results in 'somewhat unnatural' Use-After-Free s but the PoC fails to orient them to escalate privileges.
Cons: This exploit is based on obsolete IPv4 sockets, unlike it's cousin CVE-2017-9077, which is based on IPv6, but rather the same exploitation as this. That 'may' make this harder to exploit, but of course there's no evidence.
I, really only added this to cons because you should have a con.
2.)CVE-2017-15868
Status: Unsure
Description: NP Hardass said that this vulnerability is present on the source,I haven't explored it yet.
Cons: ¯\_(ツ)_/¯
If you tried these exploits, please notify me in below and I'll update the status. UPDATE: No point on keeping on trying these kernel exploits as no one (please correct me) who knows to write exploits in C comes here anymore. If someone wants to try though I will start maintaining this list again. Come on, let's collaborate on this!!! :laugh:
Thanks!
Download the eMMC dump from here: https://www.androidfilehost.com/?w=files&flid=282721
PS: You can download original kernel sources from Amazon, just search for it.
Original Thread:
Hi,
Now, I'm sick of Amazon's bloat slowing my tablet, and the frustration of not being able to use root apps. Fire HD 10 got rooted, but HD 8 and HD 7 are still in dark. HD 7 users can at least downgrade their devices and hope for a root exploit, but HD 8 users can't. If anyone else wanting to root this tablet and make it super fast, get rid of Fire Launcher, use Xposed, remove bloat, etc., let's collaborate with this!
LATEST RELEASE - Fire OS 5.6.0.1
SECURITY PATCH - 2017/08/01
KERNEL VERSION - 3.18.19*
*a quite old release it is.
List of possible exploits
Additions to list are welcome!
1.)CVE-2017-12762
Status: Unsure
Description: A super likely-to-work great exploit. If you want you can go look at the kernel source (link included below the thread) 3.18.19 for proof, it starts in line 2640. Looks like a stack buffer overflow.
Cons: ASLR may be an absolute game killer in this case. And some skill is required to exploit, very less-known around the internet. And Amazon may have removed the ISDN support up from the roots of kernel, because it's VERY deprecated.
2.)CVE-2017-16939
Status: Unsure
Description: A nice attack vector. A PoC is available in SecuriTeam blogs, which triggers use-after-free. I tried contacting them for some help, but they almost instantly replied that they don't provide support for their reported vulnerabilities. Sad.
Cons: ¯\_(ツ)_/¯
3.)CVE-2017-15868
Status: Unsure
4.)CVE-2017-10661
Status: Unsure
5.)CVE-2017-7541
Status: Unsure
6.)CVE-2017-6074
Status: Unsure
If you tried these exploits, please notify me in below and I'll update the status. Come on, let's collaborate on this!!! :laugh:
Thanks!
I added the link to the vulnerable code, in case anyone was wondering.
I'm glad to see this thread. Since recently rediscovering the potential of an old Fire 6 and rooting it, removing the bloat and Googlizing it, I wanted to get something a little bigger. I just got my 7th gen HD 8 in the mail yesterday and was devastated to see it was 5.4.0.1. I've blocked OTA, deleted the update it had downloaded, installed Google Play et al., and used NoRoot Data Firewall to block all Amazon apps. Unfortunately, I do not have the expertise to contribute much toward an effort to root this device but would like to help in any way. I appreciate seeing others are out there working on it.
if i knew how to develop the exploits i would honestly try these
Thank you so much for making this thread but I hope I never have to come back here and help, but if i get some extra time in the future I do plan on running all my binaries + servers on the tablet as well. Not to mention just looking at that version number made me want to vomit.
[/COLOR]What steps should I take to increase performance on the hd 8 while we wait for root?
rawfullz said:
[/COLOR]What steps should I take to increase performance on the hd 8 while we wait for root?
Click to expand...
Click to collapse
Hello rawfullz!
Try Greenify. You can use a workaround to grant it Usage Access.
1) Download Activity Launcher and Greenify from Play Store.
2) Launch Activity Launcher.
3) Notice the "Recent" text in the task-bar, press it, and select "All" from the drop-down list.
4) Scroll all the way below until you find "Settings", and press it.
5) Again, scroll below until you find "Apps with usage access", and press it.
6) The hidden "Apps with usage access" menu will pop up.
7) Grant Greenify usage access there. (You can turn off usage access for all Amazon apps if you want, to increase performance but it's recommended to leave out "Storage Management" intact, just in case.)
8) Launch Greenify, and continue with the setup.
9) :laugh::laugh::laugh::laugh:
If you ever want to grant any other app Usage Access, do this procedure, but, remember that "Activity Launcher" is kind of dangerous, if you just launch random activities. I learned that the hard way.
REMOVED
Thank you for making this thread, im looking forward to this become real.
What I dont get is you can download the firmware.bin as well as the source code from amazon, Whats the problem devs should be able to root ?
derwoodbones said:
What I dont get is you can download the firmware.bin as well as the source code from amazon, Whats the problem devs should be able to root ?
Click to expand...
Click to collapse
Hello!
Yes, we definitely can get the firmware. But there are some troubles,
1. Amazon devices are not very well known among the community.
2. Devs don't want to spend their time on our devices, even if we root this thing, no custom ROMs because of the locked bootloader.
3. Amazon didn't leave any loopholes on their OS, they are too clever.
And, I don't think that Amazon will open source their firmware until they checked throughly for any exploits.
We'll have to find exploits the rough way. :crying:
Hey, what about the Janus vulnerability? If some dev is reading this, please help us, because it doesn't require the device.
Supersonic27543 said:
Hello!
Yes, we definitely can get the firmware. But there are some troubles,
1. Amazon devices are not very well known among the community.
2. Devs don't want to spend their time on our devices, even if we root this thing, no custom ROMs because of the locked bootloader.
3. Amazon didn't leave any loopholes on their OS, they are too clever.
And, I don't think that Amazon will open source their firmware until they checked throughly for any exploits.
We'll have to find exploits the rough way. :crying:
Click to expand...
Click to collapse
You don't need an unlocked bootloader to flash a ROM.
Take a look at the BT stack with BlueBorne.
Sent from my iPhone using Tapatalk
Supersonic27543 said:
Now, I'm sick of Amazon's bloat slowing my tablet
Click to expand...
Click to collapse
You forgot to add: "and I wanna to fill my tablet by the Google's bloatware (2 times slower than Amazon's), and also add some rootkits and spyware masked as "super-duper tools for young hackars"
Great to see this thread. Hope some devs collaborate and find a way. Can't wait.
Meanwhile, do you guys have any cool mod to try in the tab.
I have installed playstore and adfree iytb YouTube and bunch of usual apps.
Hello!
DragonFire1024 said:
You don't need an unlocked bootloader to flash a ROM.
Click to expand...
Click to collapse
Yes, you don't need an unlocked bootloader to flash a ROM, theoretically, if the ROM is signed by Amazon. But considering custom ROMs, Lineage, Resurrection Remix, Stock Android, is it possible to compile and flash them without an unlocked bootloader? I thought that you need a custom recovery = unlocked bootloader. Thanks!
sensboston said:
You forgot to add: "and I wanna to fill my tablet by the Google's bloatware (2 times slower than Amazon's), and also add some rootkits and spyware masked as "super-duper tools for young hackars"
Click to expand...
Click to collapse
Hah. :laugh::laugh::laugh:
Robius said:
Take a look at the BT stack with BlueBorne.
Sent from my iPhone using Tapatalk
Click to expand...
Click to collapse
Great idea, gotta try this! Thanks!
EDIT: Not very confident though. Anyway, likely to work because the security patch of HD 8 is in August.
http://www.androidpolice.com/2017/0...atch-fixes-blueborne-bluetooth-vulnerability/
Someone got a bluetooth adapter handy?
Supersonic27543 said:
Hello!
Yes, you don't need an unlocked bootloader to flash a ROM, theoretically, if the ROM is signed by Amazon. But considering custom ROMs, Lineage, Resurrection Remix, Stock Android, is it possible to compile and flash them without an unlocked bootloader? I thought that you need a custom recovery = unlocked bootloader. Thanks!
Hah. :laugh::laugh::laugh:
Great idea, gotta try this! Thanks!
EDIT: Not very confident though. Anyway, likely to work because the security patch of HD 8 is in August.
http://www.androidpolice.com/2017/0...atch-fixes-blueborne-bluetooth-vulnerability/
Click to expand...
Click to collapse
Ask @ggow how he does it. But you don't need a unlocked bootloader. With root, FlashFire helps to get by the bootloader.

Twrp 3.3.1. UmiDIGI Power 4G

TWRP 331 Porting Thread for New UMIDIGI Power 4G
New thread for the new model UMIDIGI Power 4G Helio P35 Octa core Mtk 6765
Umidigi Power 4G MT6765 Octa Core 4G 4GB 64GB Android 9 Smartphone 6,3 inches
Everybody are Welcome!:good:
MANY THANKS TO OUR MODERATORS TO OPEN AGAIN THIS THREAD !
More attention to the Xda-developers Rules:
http://forum.xda-developers.com/announcement.php?f=256
Many thanks to "SUPER ADMIN" MR. MIKE​
New twrp 331-test 1 for this device is builded!
Now need period of tests...
http://www.mediafire.com/file/cnqw8d2qkjqtp6k/Twrp_331_test1_Umi_Power.rar/file
reserved 1
Reserved 2
TWRP Not Working for Me
Finally received the phone today. Spent a few hours trying to get your TWRP port installed with no luck unfortunately. After flashing it via SP Flash Tool, I ran into an "Orange State" unlock warning (which I assume is normal). However it's followed by a bootloop. I can only get the phone to boot using the stock recovery.img. Any modifications to the recovery causes a loop.
On the other hand though, I was able to get root through Magisk (I'm using the latest 19.3 version), and patching the stock boot.img through the app, then flashing the patched boot.img to the phone with SP Flash Tool. I have Viper4Android working, which was my main reason for wanting root, so I'm satisfied for the most part. Can't wait to try this phone out as my daily driver!
SeekerofLight.iz said:
Finally received the phone today. Spent a few hours trying to get your TWRP port installed with no luck unfortunately. After flashing it via SP Flash Tool, I ran into an "Orange State" unlock warning (which I assume is normal). However it's followed by a bootloop. I can only get the phone to boot using the stock recovery.img. Any modifications to the recovery causes a loop.
On the other hand though, I was able to get root through Magisk (I'm using the latest 19.3 version), and patching the stock boot.img through the app, then flashing the patched boot.img to the phone with SP Flash Tool. I have Viper4Android working, which was my main reason for wanting root, so I'm satisfied for the most part. Can't wait to try this phone out as my daily driver!
Click to expand...
Click to collapse
I confirm the first part of this, same issue here... i'd like to flash a twrp for gsi purposes, but for now no luck
SeekerofLight.iz said:
On the other hand though, I was able to get root through Magisk (I'm using the latest 19.3 version), and patching the stock boot.img through the app, then flashing the patched boot.img to the phone with SP Flash Tool. I have Viper4Android working, which was my main reason for wanting root, so I'm satisfied for the most part. Can't wait to try this phone out as my daily driver!
Click to expand...
Click to collapse
Can you write how you got the root of the law? Instructions for inexperienced users.
Thank you in advance.
Root UMIDIGI Power with Magisk
mr A V said:
Can you write how you got the root of the law? Instructions for inexperienced users.
Thank you in advance.
Click to expand...
Click to collapse
Sure thing! Here's a Magisk root guide for anyone just getting started that I wrote up just now. (All mentioned files are provided in the zip.)
Step 0 - Download the Attached Zip File Below
Google Drive Mirror
Mediafire Mirror
MEGA Mirror
Step 1 - Drivers
Install the MediaTek drivers by running "DriverInstaller.exe". These are the drivers that worked for me. But if you have issues with them in Step 5, Google "Mediatek MT65xx USB VCOM Drivers" (or some variation of that) and try some others you can find.
-----------------------------------
Step 2 - Install ADB Interface
Install the Android SDK (ADB Interface). To do this drop the platform-tools folder (from the Step 2 folder) into your C:\ directory. Press the windows start button and search for "Environment Variables" and click on "Edit environment variables" from the results. Under SYSTEM VARIABLES on the bottom (not User variables above it) click on the "Path" variable, and click edit. In the new window that appears, hit "Browse..." and click on the "platform-tools" folder that you placed in your C:\ directory.
All this does is allows you to easily input adb commands into command prompt with no issues. This will be used to verify that the device is appearing properly and issue commands in case of emergency.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
-----------------------------------
Step 3 - Install Magisk
Copy the Magisk.apk to your phone and install it.
(This is where you can then copy the boot.img to your device and patch it via the Magisk app to create the "magisk_patched_boot.img" file, however I have included the already patched file in Step 6 for the UMIDIGI Power so you don't need to.)
Also, this is the Magisk v19.3 Beta, but you can install another version.
-----------------------------------
Step 4 - OEM Unlocking/USB Debugging Mode
On your phone, go to Settings >> System >> Developer Options. (If you haven't activated Developer Options yet, do that by going to About Phone >> Build number, and tap it a bunch of times, but I'm sure you already know this lol)
In Developer Options, turn on "OEM Unlocking" to unlock the bootloader, and USB Debugging.
-----------------------------------
Step 5 - Verify That Your Phone is Detected with ADB
Connect your phone to your PC. Make sure you click "Allow USB debugging" on your phone. Then open up Command Prompt. (Protip: Type "color a" and press Enter if you want to feel like a REAL HACKERMAN.) Now, type in "adb devices" and verify that your phone is detected by your computer. If it's detected, then that's perfect you can move on to Step 6. If not, then uh... you may have to try and find some other MediaTek drivers mentioned in Step 1.
-----------------------------------
Step 6 - Set up SP Flash Tool
Open up SP Flash Tool on your computer by running "flash_tool.exe" in the SP Flash Tool Folder. (If at any time it shows a "Processing" window for some reason, just close and reopen the program if it doesn't go away on its own.)
On the first line choose "MTK_AllInOne_DA.bin". And the third line "Authentication File" can be left blank.
On the second line where it shows "Scatter-loading File", hit "choose" and find the "MT6765_Android_scatter.txt" file in the Step 6 folder. It'll load up and show a bunch of green/white rows in the space below.
Now this looked intimidating to me at first, but it's actually quite simple. As far as I understand (and I could be wrong but), the scatter file just tells the program where to place certain files, like a map for the program to follow. The scatter file I provided is for the UMIDIGI Power. The only thing we'll worry about for now is the boot.img file (but in the future, this is where you could also install a TWRP recovery once we get one that is confirmed to work.)
So in the white/green list, scroll down to where it says "boot" in the "Name" column, and click on the blank area in the "Location" column. It will bring up a window where you can browse to the "magisk_patched_boot.img" that I provided.
-----------------------------------
Step 7 - The Big Huzzah (Rooting)
Power off your phone and make sure it's UNPLUGGED. On SP Flash Tool, click "Download". This prepares the program to begin flashing your phone as soon as it is connected. Grab your phone with one hand, and with your other hand plug in the USB cable (if you only have one hand, use your mouth I guess). Your screen should not turn on at all throughout this process, but if it's successful, you should see that the program begins to flash your device after a second or two. Now just wait until it reaches 100% and says "Download Ok" with a green checkmark. And you're pretty much done!
You can then boot up your phone and check the Magisk app, as well as download a root checker from the Play Store to confirm that your phone has root access! Have fun!
Thank you, far-away friend from me, that you are such a sympathetic person! Thank you for writing everything so quickly and in detail. As soon as I receive my phone, I will definitely try to do everything as you wrote.
Tell me, do you plan to install any firmware on this device? For example, Miui. Or are you satisfied with the stock?
mr A V said:
Thank you, far-away friend from me, that you are such a sympathetic person! Thank you for writing everything so quickly and in detail. As soon as I receive my phone, I will definitely try to do everything as you wrote.
Tell me, do you plan to install any firmware on this device? For example, Miui. Or are you satisfied with the stock?
Click to expand...
Click to collapse
No problem! Unfortunately I don't see many custom ROMs coming to this phone, considering it's not a very popular device. I'd guess our best bet is to hope that the UMIDIGI F1 gets some support, and that anything on there can hopefully be ported over to this phone, but even that device isn't very popular either. For me though, that's not a huge issue because I'm actually quite satisfied with the stock firmware it has on board. It's basically stock Android Pie, and I've been able to add all the extra goodies I want into the phone through Magisk Manager and EdXposed with very minor issues. Most notably Viper4Android to fix the slightly tinny speakers and pump up the overall headphone experience too, and Gravity Box for some extra minor software customization.
Overall, I'd say the biggest downside to this device is the limited camera capabilities, and its somewhat limited performance for heavier tasks like 3D games / game streaming. But other than that, this feels like a very premium device. :good:
I thought about the fact that it is you who can transfer other firmware to this device. As a developer, let's say.
On the F1 already installing the firmware AOSP, LOS and other projects. But need to flash these firmware through TVRP recovery. For our device, there is no such recovery yet.
I have little understanding of the intricacies of the android. Sorry if my questions seem silly.
If we take the firmware for F1, for example AOSP, will it have to be somehow changed for our UD Power? Or can just take the archive, as it is, and flash it?
The processor of our smartphone is not very strong, so it is not for games. It is also not clear what RAM is installed. It looks like the manufacturer has installed a cheap part. Put single-channel LDDR 3. So he made a low price. At the expense of device performance.
mr A V said:
I thought about the fact that it is you who can transfer other firmware to this device. As a developer, let's say.
On the F1 already installing the firmware AOSP, LOS and other projects. But need to flash these firmware through TVRP recovery. For our device, there is no such recovery yet.
I have little understanding of the intricacies of the android. Sorry if my questions seem silly.
If we take the firmware for F1, for example AOSP, will it have to be somehow changed for our UD Power? Or can just take the archive, as it is, and flash it?
The processor of our smartphone is not very strong, so it is not for games. It is also not clear what RAM is installed. It looks like the manufacturer has installed a cheap part. Put single-channel LDDR 3. So he made a low price. At the expense of device performance.
Click to expand...
Click to collapse
I definitely consider myself to be a major noob with the more advanced Android development stuff. I only know enough to find my way around the internet and flash compatible software, haha. I've never looked into creating ports myself, but it's certainly something I think might be worth learning, especially with the limited device support on these phones.
And yeah, in terms of performance I don't expect much out of a phone at this price point, but for all the essentials - music, 1080p YouTube, web browsing, and mid to light gaming, it's surprisingly great considering the price. I haven't had any issues with the memory as of yet, so I wouldn't be too concerned, although you're definitely right in that they probably source some pretty cheap parts for these kind of phones.
SeekerofLight.iz said:
Sure thing! Here's a Magisk root guide for anyone just getting started that I wrote up just now. (All mentioned files are provided in the zip.)
"stubbed guide"
Click to expand...
Click to collapse
It works like a charm, thank you! by the way, were you able to boot that twrp or still nothing? and if you made it, were you able to flash a gsi over that too? i'm unable even to boot that twrp
---------- Post added at 09:30 AM ---------- Previous post was at 09:29 AM ----------
ghost45 said:
TWRP 331 Porting Thread for New UMIDIGI Power 4G
New thread for the new model UMIDIGI Power 4G Helio P35 Octa core Mtk 6765
Umidigi Power 4G MT6765 Octa Core 4G 4GB 64GB Android 9 Smartphone 6,3 inches
Everybody are Welcome!:good:
MANY THANKS TO OUR MODERATORS TO OPEN AGAIN THIS THREAD !
More attention to the Xda-developers Rules:
http://forum.xda-developers.com/announcement.php?f=256
Many thanks to "SUPER ADMIN" MR. MIKE​
Click to expand...
Click to collapse
Can i ask you a guide on how were you able to boot it? i'm only getting a bootloop after flashing that from SPFlash
I will build one other version of recovery soon...
mg95tux said:
It works like a charm, thank you! by the way, were you able to boot that twrp or still nothing? and if you made it, were you able to flash a gsi over that too? i'm unable even to boot that twrp
Click to expand...
Click to collapse
Glad to hear it worked for you!
Still nothing. Unfortunately I haven't had any luck with booting into TWRP since I last tried it. Hoping ghost45 will be able to help us out with that when he gets the chance.
Bootloop - Secureboot
Nevermind, bootloader locked.
just type on CMD:
adb reboot bootloader
then
fastboot flashing unlock
Andre_Filho said:
Nevermind, bootloader locked.
just type on CMD:
adb reboot bootloader
then
fastboot flashing unlock
Click to expand...
Click to collapse
remember to allow oem unlock from developer settings in stock rom, otherwise it will fail!
SeekerofLight.iz said:
Finally received the phone today. Spent a few hours trying to get your TWRP port installed with no luck unfortunately. After flashing it via SP Flash Tool, I ran into an "Orange State" unlock warning (which I assume is normal). However it's followed by a bootloop. I can only get the phone to boot using the stock recovery.img. Any modifications to the recovery causes a loop.
On the other hand though, I was able to get root through Magisk (I'm using the latest 19.3 version), and patching the stock boot.img through the app, then flashing the patched boot.img to the phone with SP Flash Tool. I have Viper4Android working, which was my main reason for wanting root, so I'm satisfied for the most part. Can't wait to try this phone out as my daily driver!
Click to expand...
Click to collapse
How do you manage to work Viper.
Cause i'm having some problems, tested all versions and my Driver always stays on "Active: NO Format: Unsuported.... Abnormal"
BusyBox also don't seens to work.
:/
Some help?
Andre_Filho said:
How do you manage to work Viper.
Cause i'm having some problems, tested all versions and my Driver always stays on "Active: NO Format: Unsuported.... Abnormal"
BusyBox also don't seens to work.
:/
Some help?
Click to expand...
Click to collapse
The trick to getting Viper4Android to work is to make sure you have SELinux set to "PERMISSIVE" rather than "ENFORCING" on your phone. Here's a handy little app designed to automatically set it to permissive on boot!
https://forum.xda-developers.com/devdb/project/?id=1561#downloads
And for BusyBox, I was having issues too at first because I think with systemless root, BusyBox can only be installed in /sbin, which gets wiped after each boot. So I searched for "BusyBox" in the Magisk app and found a module called "BusyBox for Android NDK" which has worked perfectly for me.
One thing to note...
Sometimes SELinux doesn't always get changed automatically everytime you boot up. It's pretty consistent, but every once in awhile you may need to manually set it to permissive mode again if things don't seem to be working. But it's literally just pressing a single button, so not a big deal.
The other thing is with Viper itself- At times when I launch the app, the driver status says "abnormal" even after I've toggled SELinux to permissive. If you go into settings and toggle "compatibility mode" or "attach audio effects" on and then off that seems to refresh the driver status. Not sure why, but it works.
Let me know if you have any issues.
TWRP for UMIDIGI POWER
I ask for help in creating TWRP for UMIDIGI POWER firmaware ROM v1.5
Please make for this model TWRP
I am very grateful to you - I unlocked the phone and got the rights Root rights.
It remains only to create a TWRP for UMIDIGI POWER
At this forum, competent specialists and for other models everything is already done.
Maybe there is a website where you can make an order to create a TWRP?
Unfortunately, I do not know English and I do not know how to apply.
I would be very grateful and ready to test your work.

A Temp root solution for Nokia 5.1 Plus

{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
This method is based on Amazing Temp Root for MediaTek ARMv8 by diplomatic
Clever work that give MTK-soc devices a bootless root ( Root remains until reboot ). And lucky enough it works on our Nokia 5.1 Plus
So to begin :
-Grab diplomatic lastest mtk-su.zip in Amazing Temp Root for MediaTek ARMv8
- Follow instructions from Bootless root with Magisk and MTK-SU
#You can install Magisk Manager from the magisk 18.1 package, or any version below 7.1.2. Lastest version of MM doesn't work.
And your device should have root permission.
Hi stizzir,
Great post I've tried it and it works.
The only problem I had is that you can't use the latest version of Magisk Manager you
need to use the 7.0.0 version if not Magisk manager won't open after running the suboot.sh script.
I was wondering if with this we may be able to get full root and also turn the notch on and
off on devices that don't have the Full Bezel option in Display Settings or Developer Options.
Best regards,
voidRunner
I tried it as well and it works. Thanks for letting us know I've been checking these forums every week waiting for something like this. I also used Magisk 7.0.0 inside the 18.1 Magisk zip. Latest version didn't work.
@vddrnnr
The only problem I had is that you can't use the latest version of Magisk Manager you
need to use the 7.0.0 version if not Magisk manager won't open after running the suboot.sh script.
Click to expand...
Click to collapse
Wow good to know, i encountered that problem too, and you figure it out !
I was wondering if with this we may be able to get full root and also turn the notch on and
off on devices that don't have the Full Bezel option in Display Settings or Developer Options.
Click to expand...
Click to collapse
I don't think full root can be acquired since there are still no Bootloader unlock solution yet, really looking for that. N-tool devs are working on it and they said X5 unlock is coming soon. But the bootless root work fine ! couldn't complain anything, it's basically a rooted device.
I tried Adaway it didn't work first time but worked second time, After that it would not work again no matter what I tried, says not enough space on partition. I checked host file when it worked and it had changed. Titanium backup worked, SD maid worked. Looks like I was wrong you can't edit or delete anything in system folder.
@rustdroid
I tried it as well and it works. Thanks for letting us know I've been checking these forums every week waiting for something like this. I also used Magisk 7.0.0 inside the 18.1 Magisk zip. Latest version didn't work.
Click to expand...
Click to collapse
No problems, but again, all the credits go to diplomatic for his work, I'm just lucky enough to come across his thread.
Yes latest Magisk doesn't work, diplomatic had already mentioned it the original thread.
rustdroid said:
I tried Adaway it didn't work first time but worked second time, After that it would not work again no matter what I tried, says not enough space on partition. I checked host file when it worked and it had changed. Titanium backup worked, SD maid worked. Mixplore root worked I deleted Google drive app from system/apps but took a few tries and reboots for it to be uninstalled, the folder always restores after reboot.
Click to expand...
Click to collapse
This is just a temporary solution so don't expect much out of it.
The doors will be open once the Bootloader can be unlock
Yes I know and I'm happy with it until we can unlock bootloader. Hopefully they can find a way soon but this will do until then.
Can someone else with this phone try Adaway to see if it can edit host file or delete a system app like Google drive (move the app file in system/apps replace it after tested) ? Just want to see if I'm only one that can't edit system folder.
Edit: It's okay I just read that you can't modify System/Vendor partition unless boot image modified. Will have to wait until bootloader unlocked.
vddrnnr said:
Hi stizzir,
Great post I've tried it and it works.
The only problem I had is that you can't use the latest version of Magisk Manager you
need to use the 7.0.0 version if not Magisk manager won't open after running the suboot.sh script.
I was wondering if with this we may be able to get full root and also turn the notch on and
off on devices that don't have the Full Bezel option in Display Settings or Developer Options.
Best regards,
voidRunner
Click to expand...
Click to collapse
rustdroid said:
Can someone else with this phone try Adaway to see if it can edit host file or delete a system app like Google drive (move the app file in system/apps replace it after tested) ? Just want to see if I'm only one that can't edit system folder.
Edit: It's okay I just read that you can't modify System/Vendor partition unless boot image modified. Will have to wait until bootloader unlocked.
Click to expand...
Click to collapse
Man i just can't wait for the Bootloader unlock. Nokia obviously doesn't want to offer a official unlock service ( at least for now ) since the android one line-up is meant to be as stock as possible. The company also promised to support new Android One devices in the next 3 years, so allowing Bootloader unlock will work agains their product course i think.
I have seen many attempts from the community however, and i have trust in them, many devices get unlocked by a unofficial method so.... Wait for the good news.
@stizzie I can't wait, hate having a device that I don't have full control. I've asked Nokia on there forums and signed a partition that is closed now, That's all I can do and just wait. I read somewhere that Nokia will allow it soon but who knows how long. Hopefully someone finds another way soon.
Doing this won't kill OTA, right?
Rajeel911 said:
Doing this won't kill OTA, right?
Click to expand...
Click to collapse
Absolutely not
stizzie said:
This method is based on Amazing Temp Root for MediaTek ARMv8 by diplomatic
Clever work that give MTK-soc devices a bootless root ( Root remains until reboot ). And lucky enough it works on our Nokia 5.1 Plus
So to begin :
-Grab diplomatic lastest mtk-su.zip in Amazing Temp Root for MediaTek ARMv8
- Follow instructions from Bootless root with Magisk and MTK-SU
#You can install Magisk Manager from the magisk 18.1 package, or any version below 7.1.2. Lastest version of MM doesn't work.
And your device should have root permission.
Click to expand...
Click to collapse
Can I give permission to es file file explorer if yes than how??
And can I modify this partition Device/data/nvram/APCFG/APRDEB
Ranjhag said:
Can I give permission to es file file explorer if yes than how??
And can I modify this partition Device/data/nvram/APCFG/APRDEB
Click to expand...
Click to collapse
Just follow instructions in the provided links, you should have root permission. Applications working or not really depends on your device so it won't hurt if you try it yourself.
Device is Nokia 5.1 plus?
And sir can u tell me where I have to paste mku-su file? In the pc
I got OTA update today while this thing was running so no OTA issues.
Just 2 warnings:
1) Don't write even a single byte to system partition or boot partition.
2) Don't expect Netflix etc to work since it breaks CTS profile and basic integrity. Banking apps etc will whine for rightful reasons too.
Ilgazc said:
I got OTA update today while this thing was running so no OTA issues.
Just 2 warnings:
1) Don't write even a single byte to system partition or boot partition.
2) Don't expect Netflix etc to work since it breaks CTS profile and basic integrity. Banking apps etc will whine for rightful reasons too.
Click to expand...
Click to collapse
It doesn't let you do anything to system or boot partition. I tried editing and deleting and doesn't work. Have to wait until bootloader unlocked.
Rajeel911 said:
Doing this won't kill OTA, right?
Click to expand...
Click to collapse
rustdroid said:
It doesn't let you do anything to system or boot partition. I tried editing and deleting and doesn't work. Have to wait until bootloader unlocked.
Click to expand...
Click to collapse
If you (by chance) are able to write a single byte to system or boot partition on this dm-Verity enabled device, it won't boot and will need service center.
That changes if bootloader can be unlocked of course.
Ilgazc said:
If you (by chance) are able to write a single byte to system or boot partition on this dm-Verity enabled device, it won't boot and will need service center.
That changes if bootloader can be unlocked of course.
Click to expand...
Click to collapse
Okay thanks for the info. Guess I was lucky that you can't do anything. I tired to delete a few pre installed apps and edit the host file. Looks like this is as good as it gets until we can unlock bootloader.

[UMX U696CL- RELEASE THREAD]

{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Proudly Presents
Another Exclusive Release
Supported Model
UMX U696CL
Recoveries
TWRP_11 Recovery
Roms
GSI Roms - Arm32 Binder64 Required
AssuranceRom Custom Stock * WIP *
-AIO ToolKit Prerequisites-
1- Linux: Linux Mint Cinnamon Suggested
2- Python 3
Rom Notes/Disclaimer/Warning
* WIP *
Contributors
@gregeerg / BVK - for using his device as a ginuea pig to make this happen
@AndyYan - for his GSI knowledge and wisdom
@deadman96385 - for uploading dumped files to github
@Jet! - for flashing twrp and dumping stock super image
Big Thanks To The Folks In My A-Team Telegram Group
Big Thanks To The Folks Who Have Come To The A-Team Telegram Group To Help Test
Device Downloads
UMX U696CL Downloads
Recovery Device Trees
Device Source
A-Team Website
A-Team Supported Devices
TeleGram Live Support
A-Team Digital Solutions​
-Updates-
5-18-2022- Initial AIO ToolKit v0.01 Release
I don't have telegram, is there anywhere else I can download some of this stuff from?
Thanks..
karl615 said:
I don't have telegram, is there anywhere else I can download some of this stuff from?
Thanks..
Click to expand...
Click to collapse
No sir, I don't put out untested stuff. I've gotten 0 feedback on the toolkit
How do we get feedback if no one can download here? we are not forcing anyone to install tiktok whatsapp instagram facebook telegram or any other crappy pipapo, keep development on xda-developers. Think about it
aIecxs said:
How do we get feedback if no one can download here? we are not forcing anyone to install tiktok whatsapp instagram facebook telegram or any other crappy pipapo, keep development on xda-developers. Think about it
Click to expand...
Click to collapse
I left a download link, unsure what you mean. If XDA would allow me to upload a 1.7gb 7zip file I would but that's not reality. I need stuff tested and chat to be fluid and prompt. That's not possible on a forum. In reality, If I had the device, I could test in 1 day what it would take a week to do on Telegram or 3 months to do on XDA forum. So for getting things done in a timely fashion, Telegram is my go to. I've been a member of XDA since 2012, I've done my time. If people don't want the toolkit or if joining telegram is too much, that's fine, not the people I want to help me test my software then anyways. The people who just want to grab a download and go can wait for the rest of the backend process. Again, I don't even have this device. So why am I even doing this is what i'm now wondering. I guess next time someone comes to me with a untouched device I won't help and use my resources to get something going....
it's alright though, you can consider this project shelved as I have a different hands on device I've already moved on to. Enjoy the twrp I built for you guys!.....
PizzaG said:
I left a download link, unsure what you mean. If XDA would allow me to upload a 1.7gb 7zip file I would but that's not reality. I need stuff tested and chat to be fluid and prompt. That's not possible on a forum. In reality, If I had the device, I could test in 1 day what it would take a week to do on Telegram or 3 months to do on XDA forum. So for getting things done in a timely fashion, Telegram is my go to. I've been a member of XDA since 2012, I've done my time. If people don't want the toolkit or if joining telegram is too much, that's fine, not the people I want to help me test my software then anyways. The people who just want to grab a download and go can wait for the rest of the backend process. Again, I don't even have this device. So why am I even doing this is what i'm now wondering. I guess next time someone comes to me with a untouched device I won't help and use my resources to get something going....
it's alright though, you can consider this project shelved as I have a different hands on device I've already moved on to. Enjoy the twrp I built for you guys!.....
Click to expand...
Click to collapse
Appreciated..
Update: flashed the recovery using 'fastboot flash recovery /path-to-.img' and the recovery works fine as far as I can tell, but the system is gone. Or something is up anyway, I can't get it to boot normally.. only to recovery. What did I do wrong?
Sorry Pizza i havent had the time to give feedback on it but i have the same issues booting. please dont let one person ruin it for everyone. i will hyu on telegram later today
PsYk0n4uT said:
Sorry Pizza i havent had the time to give feedback on it but i have the same issues booting. please dont let one person ruin it for everyone. i will hyu on telegram later today
Click to expand...
Click to collapse
Actually i havent had the time to get my linux machine setup correctly because of a memory leak issue that kept crashing my system but i finally got it running stable. i tried using relive on virtualbox but couldnt get it working properly due to driver issues in the host OS on this windows machine and for some reason i had more than one python version installed causing me conflicts. i ended up just using adb to flash the images and the phone no longer boots. i want to test it on a native linux os first
Well, folks...I'm about to give this a go....I still have a BLU View 3 to root today. Much gracias for all the effort
Cinephile 74 said:
Well, folks...I'm about to give this a go....I still have a BLU View 3 to root today. Much gracias for all the effort
Click to expand...
Click to collapse
Well I seem to have faux pas along the way.... bootloader unlocked easy-peasey. But I can't get fastboot to flash TWRP no matter what directory I use....RELP!
Is this the ROM or the bootable zip?
I'm back and about to try this again with an actual thumb drive with the ReLiveDVD on a thumb drive now that I have one
I downloaded A-Team-UMX_U696CL_AIO_ToolKit-v0.01.7z from the tg group and here's my feedback. I don't mean to sound ungrateful but:
Root does not work. I opened Main_Menu.sh and the root option literally does nothing. The lines are commented out and the image it was supposed to flash doesn't exist. Bootloader unlocking works (seems to literally be a single fastboot command i.e. "fastboot flashing unlock", seems like the new "oem unlock") and TWRP does work, but only once. If I flash it in fastboot and immediately reboot to recovery from there, I can get in. If I try to go to recovery after restarting, I get the dead android with the red ! triangle saying "no command". TWRP won't mount data (I think it said it couldn't decrypt, but I don't even have a lock code on it) so you need a micro sd to store the boot.img in order to patch it in Magisk. It would've been nice if you included it, though it seems you intended to but haven't gotten around to it since it's only v0.01. Still, it's not much of an all-in-one if it can't do the primary thing most people will want from it. I do fortunately have micro sd cards so I was able to save (manually in TWRP terminal using dd, annoying as hell on a touchscreen, can't even type "=" without going through 2 keyboard menus) and patch it in Magisk and now do have root working.
I don't understand why this requires Linux. The AIO doesn't do anything you can't do in Windows. The Python file is just an ASCII logo that makes you wait 10 seconds for no reason. It would have more user friendly as just a bunch of separate partition IMG uploads and instructions. I wish I had actually looked at the shell scripts beforehand instead of downloading a Linux distro and booting it as a live cd. If you make a new version, consider just including a portable adb/fastboot with it and skipping Linux/Python since it's not necessary.
After googling the "no command" screen, I held down power and pressed volume up and got into the regular Android recovery. So despite the bootloader being unlocked, it appears TWRP got overwritten by the default recovery. I flashed TWRP at least 3 times, immediately entering TWRP each time afterward, but it never stuck.
I'm attaching my Magisk'd boot.img in case anyone else gets stuck at that part. If anyone chooses to use it, MAKE YOUR OWN BACKUP FIRST, obviously. I'm not responsible for anything that happens using that file.
Eric janaika said:
TWRP does work, but only once.
Click to expand...
Click to collapse
proof that TWRP works for you, anything beyond is usage problem.
aIecxs said:
proof that TWRP works for you, anything beyond is usage problem.
Click to expand...
Click to collapse
I got twrp to stick but could not do anything with it since I didn't have an SD card before I misplaced the phone. Yes the scripts unfinished but as stated above somewhere, the dev did not have a device to test on.
If you wanna help, and it's probably the only way anyone else who isnt so knowledgable as many visiting xda seeking a way to root their device is gonna get this finished as well, please consider joining the telegram chat and contribute to this forum whatever you learn. Maybe Pizza will still be interested in helping. I tried but somehow misplaced the phone in the middle of filling in my huge gaps of knowledge on the subject.
I could not mount or wipe /data in twrp and even flashing the super.imgwould not allow me to boot because I was unable to do anything with the data partition. Had to flash the stock recovery to get it to boot period.
Maybe twrp will get you root if you patch your boot image with Magisk and flash it in twrp.
I'm not sure what else could be done. And not even sure that would work without being able to mount /data.
It's really hard for anyone working on a device they don't have to finish the work without some feedback from people who have enough knowledge to give them useful feedback.
The unlock bootloader option and the flash twrp recovery options work.
Script could be finished but I doubt there's much motivation for them since th3y don't own the device.
But the script is there. Most of the work on that part is done.
would only take some contributions by interested people.
PsYk0n4uT said:
I got twrp to stick but could not do anything with it since I didn't have an SD card before I misplaced the phone. Yes the scripts unfinished but as stated above somewhere, the dev did not have a device to test on.
If you wanna help, and it's probably the only way anyone else who isnt so knowledgable as many visiting xda seeking a way to root their device is gonna get this finished as well, please consider joining the telegram chat and contribute to this forum whatever you learn. Maybe Pizza will still be interested in helping. I tried but somehow misplaced the phone in the middle of filling in my huge gaps of knowledge on the subject.
I could not mount or wipe /data in twrp and even flashing the super.imgwould not allow me to boot because I was unable to do anything with the data partition. Had to flash the stock recovery to get it to boot period.
Maybe twrp will get you root if you patch your boot image with Magisk and flash it in twrp.
I'm not sure what else could be done. And not even sure that would work without being able to mount /data.
It's really hard for anyone working on a device they don't have to finish the work without some feedback from people who have enough knowledge to give them useful feedback.
Click to expand...
Click to collapse
what do you need a script for? read any random TWRP install guide steps are more or less same
- unlock bootloader
- patch avb/dm-verity/vbmeta
- install TWRP
- makesysrw super.img (optional)
- disable encryption (optional)
PsYk0n4uT said:
The unlock bootloader option and the flash twrp recovery options work.
Script could be finished but I doubt there's much motivation for them since th3y don't own the device.
But the script is there. Most of the work on that part is done.
would only take some contributions by interested people.
Click to expand...
Click to collapse
Agreed. PizzaG has done a bang up job with his UMX U696CL offerings, and his knowledge is extensive regarding custom ROMs and recoveries.
Eric janaika said:
I downloaded A-Team-UMX_U696CL_AIO_ToolKit-v0.01.7z from the tg group and here's my feedback. I don't mean to sound ungrateful but:
Root does not work. I opened Main_Menu.sh and the root option literally does nothing. The lines are commented out and the image it was supposed to flash doesn't exist. Bootloader unlocking works (seems to literally be a single fastboot command i.e. "fastboot flashing unlock", seems like the new "oem unlock") and TWRP does work, but only once. If I flash it in fastboot and immediately reboot to recovery from there, I can get in. If I try to go to recovery after restarting, I get the dead android with the red ! triangle saying "no command". TWRP won't mount data (I think it said it couldn't decrypt, but I don't even have a lock code on it) so you need a micro sd to store the boot.img in order to patch it in Magisk. It would've been nice if you included it, though it seems you intended to but haven't gotten around to it since it's only v0.01. Still, it's not much of an all-in-one if it can't do the primary thing most people will want from it. I do fortunately have micro sd cards so I was able to save (manually in TWRP terminal using dd, annoying as hell on a touchscreen, can't even type "=" without going through 2 keyboard menus) and patch it in Magisk and now do have root working.
I don't understand why this requires Linux. The AIO doesn't do anything you can't do in Windows. The Python file is just an ASCII logo that makes you wait 10 seconds for no reason. It would have more user friendly as just a bunch of separate partition IMG uploads and instructions. I wish I had actually looked at the shell scripts beforehand instead of downloading a Linux distro and booting it as a live cd. If you make a new version, consider just including a portable adb/fastboot with it and skipping Linux/Python since it's not necessary.
After googling the "no command" screen, I held down power and pressed volume up and got into the regular Android recovery. So despite the bootloader being unlocked, it appears TWRP got overwritten by the default recovery. I flashed TWRP at least 3 times, immediately entering TWRP each time afterward, but it never stuck.
I'm attaching my Magisk'd boot.img in case anyone else gets stuck at that part. If anyone chooses to use it, MAKE YOUR OWN BACKUP FIRST, obviously. I'm not responsible for anything that happens using that file.
Click to expand...
Click to collapse
Did you flash this from fastboot or from twrp?

Categories

Resources