Database Info

Question: Rooted Concept?

Hey guys,
I tried out the Android Concept MM when it first came out and i was a huge fan and insanely satisfied due to it's stock-like android experience, however the only thing keeping me away from using it is lack of root and xposed, however i was wondering can i just make a pre-rooted ftf with the ftf of the concept with recroot 4? like i would with a normal Marshmallow ftf or am i completely wrong?
I would appreciate the help thanks!

Concept ROM uses dm-verify, so it's unrootable on locked bootloader. However I've managed to root it on unlocked bootloader before somehow. I'll try to explain as best as I can:
1. Download and flash concept FTF http://forum.xda-developers.com/z3/...arshmallow-t3229030/post66825447#post66825447 (this is latest one I could find)
2. OTA update to the latest version if you want
3. Download Systemless SuperSU zip and place it on SD card https://download.chainfire.eu/921/SuperSU/UPDATE-SuperSU-v2.65-20151226141550.zip
4. Flash recovery via fastboot (it needs unlocked bootloader) (for recovery I used this one) : http://forum.xda-developers.com/z3/development/z3-twrp-2-8-7-0-d6603-t3273996
5. Don't leave fastboot mode! Navigate with volume keys to "recovery mode" and click power button to enter it.
6. Flash SuperSu you downloaded earlier and then reboot.
7. Done, enjoy your rooted Concept.

Nojus33 said:
Concept ROM uses dm-verify, so it's unrootable on locked bootloader. However I've managed to root it on unlocked bootloader before somehow. I'll try to explain as best as I can:
1. Download and flash concept FTF http://forum.xda-developers.com/z3/...arshmallow-t3229030/post66825447#post66825447 (this is latest one I could find)
2. OTA update to the latest version if you want
3. Download Systemless SuperSU zip and place it on SD card https://download.chainfire.eu/921/SuperSU/UPDATE-SuperSU-v2.65-20151226141550.zip
4. Flash recovery via fastboot (it needs unlocked bootloader) (for recovery I used this one) : http://forum.xda-developers.com/z3/development/z3-twrp-2-8-7-0-d6603-t3273996
5. Don't leave fastboot mode! Navigate with volume keys to "recovery mode" and click power button to enter it.
6. Flash SuperSu you downloaded earlier and then reboot.
7. Done, enjoy your rooted Concept.
Click to expand...
Click to collapse
Thanks but damn that sucks, i don't really wanna' lose DRM keys plus i still have 1 year of warranty left.
Also, (http://forum.xda-developers.com/z3/development/rom-zyxxos-5-1-1-v1-0-pure-stable-fast-t3229169) ZyxxOS requires a unlocked bootloader, however is there anyway i can replace the boot.img with one that's utilized on a locked bootloader ROM or will that not work

Salaminator said:
Thanks but damn that sucks, i don't really wanna' lose DRM keys plus i still have 1 year of warranty left.
Also, (http://forum.xda-developers.com/z3/development/rom-zyxxos-5-1-1-v1-0-pure-stable-fast-t3229169) ZyxxOS requires a unlocked bootloader, however is there anyway i can replace the boot.img with one that's utilized on a locked bootloader ROM or will that not work
Click to expand...
Click to collapse
Well, ZyxxOS has Sony's Concept based kernel. The developer itself at first thought it will work on locked bootloader, but it didn't. You could try to flash original Concept .2099 kernel, but I don't think it will work.
As for DRM, you can easily backup them before unlocking, but it's up to you.

Nojus33 said:
Well, ZyxxOS has Sony's Concept based kernel. The developer itself at first thought it will work on locked bootloader, but it didn't. You could try to flash original Concept .2099 kernel, but I don't think it will work.
As for DRM, you can easily backup them before unlocking, but it's up to you.
Click to expand...
Click to collapse
I'm confused with the effect DRM has but is there anyway to avoid them? Like if i backup do i just restore them after unlocking my bootloader?
Ideally, i wanted to run a AOSP like ROM and i hoped to remove all Sony stuff etc from Concept, However i'm just reluctant to unlocking my bootloader
This is probably the stupidest idea ever, I have close to no knowledge however what happens if i put Stock Sony 6.0.1 Kernel which has already obtained recovery without unlocking bootloader and flash SuperSU via that?
Alternatively, is there anyway to convert Our current Stock 6.0.1 into True Stock Android

Salaminator said:
I'm confused with the effect DRM has but is there anyway to avoid them? Like if i backup do i just restore them after unlocking my bootloader?
Ideally, i wanted to run a AOSP like ROM and i hoped to remove all Sony stuff etc from Concept, However i'm just reluctant to unlocking my bootloader
This is probably the stupidest idea ever, I have close to no knowledge however what happens if i put Stock Sony 6.0.1 Kernel which has already obtained recovery without unlocking bootloader and flash SuperSU via that?
Alternatively, is there anyway to convert Our current Stock 6.0.1 into True Stock Android
Click to expand...
Click to collapse
Maybe, but this is beyond my knowlege. Sorry.
EDIT: Or just use concept haha

Nojus33 said:
Maybe, but this is beyond my knowlege. Sorry.
EDIT: Or just use concept haha
Click to expand...
Click to collapse
Looking into Android 6.0 Complications from this article (http://www.xda-developers.com/a-look-at-marshmallow-root-verity-complications/)
It states the following:
If you want root today, on Android Marshmallow (6.0), you’re going to need to use a modified boot image. While it remains to be seen if this remains true indefinitely, it looks likely to be the case for some time – SELinux changes make it much harder to get root access without modifying the boot image. And as modifying the boot image requires an unlocked bootloader
Click to expand...
Click to collapse
So i'm assuming Z3 Has SELinux thus preventing us from editting the boot image for Marshmallow Concept hence leaving us with the only option to unlock out bootloader?
Lastly: Is there a potential to convert Stock Sony ROM into an AOSP looking/feeling rom?

Root?

Why it's almost impossible for us to have the root with the locked bootloader.? Since the day the mobile went out till now it wasn't possible ?, so is there a chance?

Zewarxx said:
Why it's almost impossible for us to have the root with the locked bootloader.? Since the day the mobile went out till now it wasn't possible ?, so is there a chance?
Click to expand...
Click to collapse
Nope highly unlikely, since dm-verity security was introduced on the z3+ all xperia devices after this require a unlocked bootloader for root. A modified system just won't boot up.
Sent from my Xperia XA using XDA Labs

aidy.lucas said:
Nope highly unlikely, since dm-verity security was introduced on the z3+ all xperia devices after this require a unlocked bootloader for root. A modified system just won't boot up.
Sent from my Xperia XA using XDA Labs
Click to expand...
Click to collapse
Hollywood!! So I shall wait no more? And unlock the bootloader? Because root with locked bootloader is just a myth now?

Zewarxx said:
Hollywood!! So I shall wait no more? And unlock the bootloader? Because root with locked bootloader is just a myth now?
Click to expand...
Click to collapse
Go ahead, don't forget to backup your TA partition / DRM keys before...
https://forum.xda-developers.com/crossdevice-dev/sony/universal-dirtycow-based-ta-backup-t3514236

sxtester said:
Go ahead, don't forget to backup your TA partition / DRM keys before...
https://forum.xda-developers.com/crossdevice-dev/sony/universal-dirtycow-based-ta-backup-t3514236
Click to expand...
Click to collapse
aidy.lucas said:
Nope highly unlikely, since dm-verity security was introduced on the z3+ all xperia devices after this require a unlocked bootloader for root. A modified system just won't boot up.
Sent from my Xperia XA using XDA Labs
Click to expand...
Click to collapse
so after the searches, I did I found out the following:
1- first, since I'm on android 7.0 I need to downgrade to 6.0 in order to backup my TA ! wich I can do via Flashtool
2- I do the backup
3- I root the phone and restore the backup I did
4- I upgrade to android 7 and then I'm good to go!
my questions:
1-what will I lose after unlocking the bootloader? and if I restored the TA backup will that count as if i didn't unlock the bootloader?
2- how I will root the phone? with a custom kernel or is there any other way? and if with a kernel any advice?
3-shall I do the root before upgrading to android 7? or before? and will I be able to still get updates after the root? or i will have to do it through Flashing Ftf of the new updates?
4-anyone is running Xposed framework?
thanks so much in advance ))

im not sure what we lose after bootloader unlock.. From what i read on the androplus kernel thread, if you use androplus there is some amount of drm functionality restored. there is no clear consensus from what i have read, and being a ex-Z3 user im still paranoid about this as in Z3 without the DRM camera is basically ****.
no xposed for nougat yet - so that's out of question.

Zewarxx said:
so after the searches, I did I found out the following:
1- first, since I'm on android 7.0 I need to downgrade to 6.0 in order to backup my TA ! wich I can do via Flashtool
2- I do the backup
3- I root the phone and restore the backup I did
Click to expand...
Click to collapse
then you are locked again ... Don't do that!
4- I upgrade to android 7 and then I'm good to go!
Click to expand...
Click to collapse
For every upgrade (via SONY's FTFs):
1. Flash FTF via Flashtool
2. flash suitable recovery and AndroPlus kernel (look in this forum and follow the instructions on AndroPlus' website)
3. boot into recovery, flash SuperSU and whatever you need
There should be a possibility to flash the devicekey (not the whole TA-partition!) to another partition to get the whole DRM-enchillada back. That does not work for me since it is not included in the FSC as of today.
my questions:
1-what will I lose after unlocking the bootloader? and if I restored the TA backup will that count as if i didn't unlock the bootloader?
Click to expand...
Click to collapse
What you will loose when unlocking BL:
https://forum.xda-developers.com/z3-compact/general/loss-drm-keys-t2890936
At least the first two AFAIK are taken care of the DRM-Patch in AndroPlus's kernel.
2- how I will root the phone? with a custom kernel or is there any other way? and if with a kernel any advice?
3-shall I do the root before upgrading to android 7? or before? and will I be able to still get updates after the root? or i will have to do it through Flashing Ftf of the new updates?
4-anyone is running Xposed framework?
Click to expand...
Click to collapse
2 see above, rinse and repeat for every new SONY Rom
3 same answer, since the modifications are overflashed by installing/flashing another ROM
4 I used to run XPrivacy, but ATM the granularity of options in MM and Nougat is enough for me -
there is no Xposed for Nougat ATM

DHGE said:
then you are locked again ... Don't do that!
For every upgrade (via SONY's FTFs):
1. Flash FTF via Flashtool
2. flash suitable recovery and AndroPlus kernel (look in this forum and follow the instructions on AndroPlus' website)
3. boot into recovery, flash SuperSU and whatever you need
There should be a possibility to flash the devicekey (not the whole TA-partition!) to another partition to get the whole DRM-enchillada back. That does not work for me since it is not included in the FSC as of today.
What you will loose when unlocking BL:
https://forum.xda-developers.com/z3-compact/general/loss-drm-keys-t2890936
At least the first two AFAIK are taken care of the DRM-Patch in AndroPlus's kernel.
2 see above, rinse and repeat for every new SONY Rom
3 same answer, since the modifications are overflashed by installing/flashing another ROM
4 I used to run XPrivacy, but ATM the granularity of options in MM and Nougat is enough for me -
there is no Xposed for Nougat ATM
Click to expand...
Click to collapse
Thanks for your time and effort, well the reason I wanted the root is for the xposed and for the adblock only and since there's no xposed support yet I think it's not necessary to lose what I may lose just for the adblock ? thanks again

Current status of Locked Bootloader root for E6653

Hi guys,
Just wondering if anyone has an update on the availability or possibility of root for LB Xperia Z5s on Marshmallow?
Also, can I assume that because root is not available on Marshmallow, then it will be equally unavailable on Nougat?
Just a quick thought for the more technically minded - Would it not be possible to deconstruct a valid stock .ftf file and insert a modified kernel, allowing root, before recompiling it and flashing it? I know the locked bootloader stops us from flashing a custom kernel, but is there no way to spoof an .ftf file into using a modified kernel?
Sorry for the n00bish questions, just wondering aloud.
Cheers!

As far as I know you need to disable some security settings in the kernel to have permanent root access. But a locked bootloader won't let the system boot with this modified kernel.
I don't think there will come a method to have root without unlocking the bootloader in the near future.

Nope. No root without unlocked the BL as far as I am informed.

ianrobbie said:
Hi guys,
Just wondering if anyone has an update on the availability or possibility of root for LB Xperia Z5s on Marshmallow?
Also, can I assume that because root is not available on Marshmallow, then it will be equally unavailable on Nougat?
Just a quick thought for the more technically minded - Would it not be possible to deconstruct a valid stock .ftf file and insert a modified kernel, allowing root, before recompiling it and flashing it? I know the locked bootloader stops us from flashing a custom kernel, but is there no way to spoof an .ftf file into using a modified kernel?
Sorry for the n00bish questions, just wondering aloud.
Cheers!
Click to expand...
Click to collapse
Short answer: not possible without unlocking the bootloader.
Long answer:
There are two possible methods for acquiring permanent root on Marshmallow on the Z5:
Conventional root - you provide root by modifying certain /system files on the phone. The problem with this is that you are modifying the system partition on the phone. The stock kernels on the Z5 (and most other phones) have something called dm-verity which basically checks everything on the system partition against what it expects to be there. If the kernel notices that something in the system partition has changed, the phone will fail to boot. You can install a modified kernel that has dm-verity disabled, but then you run into the issue described with systemless root.
Systemless root - you modify the kernel to allow for root either with Systemless SuperSU or through Magisk. This allows for you to have an unmodified system partition and pass any potential system checks, however you have to modify and flash a new kernel. Herein lies the problem with a locked bootloader. A locked bootloader checks the file signature for the file you're trying to flash. These files are typically signed by the phone manufacturer or carrier, so when the bootloader checks the file signature and it matches what it expects, then it allows the flash, if the signature doesn't match, then it aborts the flash. If you modify a stock kernel to disable dm-verity or try to flash a custom kernel, you will be prevented doing so because your signature won't match what the bootloader expects. By unlocking the bootloader you are essentially disabling that signature check process.
So basically permanent root on Marshmallow isn't possible unless somebody can exploit a vulnerability in the boot chain.
As for modifying a stock ftf package. You again run into issues with the bootloader signature checks. The ftf files is basically a special zip container that contains a bunch of files. Most of these files if not all of them are signed by either the manufacturer or carrier so you are able to flash it because all of these files pass the bootloader signature checks. Once you modify one of those files within the ftf, you destroy the signature and flashing of the ftf file will abort.
In summary, you need to unlock the bootloader so that you can flash a modified kernel that has dm-verity disabled.

Thanks very much for all the replies. Looks like I'm stuck with stock for the time being.

Ever since TA backup and bypassing the TA checks was possible since MM or whatever, unlocking the bootloader is not a big deal. Very easy to backup, unlock, root, re-lock, restore.

xasbo said:
Ever since TA backup and bypassing the TA checks was possible since MM or whatever, unlocking the bootloader is not a big deal. Very easy to backup, unlock, root, re-lock, restore.
Click to expand...
Click to collapse
Yeah, but unfortunately I'm not allowed to unlock my bootloader.

ianrobbie said:
Yeah, but unfortunately I'm not allowed to unlock my bootloader.
Click to expand...
Click to collapse
Ahhh, sure, forgot that some carriers lock these phones. I had that same problem on my Z1, but fortunately they found a LB root exploit.
How long have you had your phone? If the upcoming Nokia offering looks good, I'll sell you my mint condition UB Z5

How to root Xperia XZs G8232 Oreo

How to root Xperia XZs G8232 Oreo. Please provide necessary steps for root xperia xzs dual sim oreo.

the only way in unlock bootloader, flash twrp then flash supersu or magisk su, done

squall_20042001 said:
the only way in unlock bootloader, flash twrp then flash supersu or magisk su, done
Click to expand...
Click to collapse
I spent the entire day today trying to get to fastboot but it won't. When I do adb devices, it lists my device. I ran adb reboot bootloader. It would show the blue notification light, but when I do fastboot devices it won't show anything.
I have all the necessary drivers installed. But it just won't go into fastboot mode. Can you please help?

https://forum.xda-developers.com/xzs/how-to/tutorial-step-step-guide-to-gain-root-t3612624

https://forum.xda-developers.com/xzs/development/root-xperia-xzs-t3726911

3mozz said:
both dont work on stock kernal. need a custom kernal which i cannot find
Click to expand...
Click to collapse
Theres no Kernel Posted here for the latest Oreo Build . I suggest You downgrade to 7.1.1 so that you can download Xposed Modules and Also performance in NOugat is better than Oreo and theres alot of rootable kernel here with DRM Fix .

Farsiris said:
Theres no Kernel Posted here for the latest Oreo Build . I suggest You downgrade to 7.1.1 so https://forum.xda-developers.com/xzs/development/root-xperia-xzs-t3726911
Click to expand...
Click to collapse

Yes, Existenz is the best ROM for XZs now. But I prefer to use 7.1.1 because of Xposed Modules compatibility and theres many to install from xposed Forum. As for now Oreo is not yet supported by Xposed.

Rooted yrs ago, but having trbl now
Guys, I've rooted devices, but it's been a few years. I don't remember it being this complicated.
Here's what I think I understand:
Fastboot mode allows me to the ability to flash(overwrite) image files, which are what loads when my device powers up.
ADB is an interface that allows my PC to talk to my Android device at a command level.
My ROM (is that what some are calling Kernal?) is what I see as a user on the device.
>writing a new ROM gives me different Android functionality and user interface experience.
Root is an access level and is what allows me to overwrite the ROM, and uninstall bloatware (my goal)
Bootloader must be unlocked, and USB Debugging enabled
all being true and I don't necessarily dislike the XZs Dual G8232 interface (I just want to remove some garbage):
1. What does the Recovery.img do, and why do I need to overwrite it?
2. What's the best way to go about this?
>> I have watched a few videos and read several step by step guides, none of them seem to work as written/recorded for me.
Am I not getting this concept correct?
1. Must have drivers installed, a new boot.img (the new ROM) and recovery.img, and a means of communicating (adb)
2. Unlock bootloader, enable Debugging
3. get phone into Fastboot Mode (struggling here, key combo into fastboot mode has the phone off; adb into Fastboot reboots the phone , but the LED turns orange and no further commands execute.)
4. Overwrite the Boot.img
5. Overwrite the Recovery.img
6. reboot normally, done
thanks
IT changes so much and so fast, if you're into it now, don't ever get out!!!!

Some Questions about Rooting and TA-Partition

Hi Everybody,
the last days I was reading several threats and posts about backing up TA-Partition (using iovyroot), repacking the Stock Kernel (with RootKernel) and how to root my Z5 Dual (E6633). But I still have some questions.
First of all: I backed up my TA-Partition, my BL is still locked and my phone isn't rooted till now.
Now my questions:
1) What is the difference between including the TA-Partition into my repacked Kernel and flashing it with FlashTool (creating a FTF from my TA-Partition with Top-RootKernel)? And what is the better option?
2) If the TA-Partition is included in the repacked Kernel (created with RootKernel), do I still have to flash the TA-Partition (as a FTF) afterwards? I think “no“ but I'm not sure.
3) Is there any way I can root my Z5 Dual using a repacked Kernel and flashing my TA-Partition back without losing SU-Privileges and/or BL getting relocked? If yes, ... how can I do this?
Would be great if someone can help me

https://forum.xda-developers.com/xp...oot-automatic-repack-stock-kernel-dm-t3301605
Checked this?

What I previously did ...
Let me show you, what I previously did.
I downgraded to Lollipop and backed up my TA-Partition using iovyroot. After backing up my TA-Partition, I upgraded again to Android Nougat 7.1.1 using Flashtool.
Afther this, I made my own Kernel for Android Nougat (32.4.A.1.54_1309-3895) using the latest Version of RootKernel (which I downloaded from here).
Everything worked fine up till now. But when I was reading the following threats, I got confused.
iovyroot - (temp) root tool
[ROOT][Kernel][TWRP] repack of the stock kernel with dm-verity and SONY RIC off
As far as I know, the Bootloader will be relocked and I will loose Root-Privilegs if I flash back the TA-Partition. If I flash back the TA-Partition using Flashtool as described in the RootKernel-Threat, do I still have unlocked Bootloader and Root-Privilegs?
I am also not sure, when I have to flash back the TA-Partition. If I am using this guide to root my phone, do I have to flash back the TA-Partition as the final step (after flashing the kernel, twrp, and rooting my phone)? Or do I have to flash back the TA-Partition after flashing the kernel and twrp but before rooting my device?

https://twigstechtips.blogspot.com/2016/04/sony-z5-compact-root-without-losing-ta.html?m=1
Check this. You did it right.
I've done it many times

Duvel999 said:
https://twigstechtips.blogspot.com/2016/04/sony-z5-compact-root-without-losing-ta.html?m=1
Check this. You did it right.
I've done it many times
Click to expand...
Click to collapse
Tanks for the link. Now everything has become clear to me and I know what I have to do
Nevertheless I still have some questions.
I know that RootKernel gives me the option to include SuperSU and TWRP directly into a patched kernel.
However, I wonder what would be the better option (perhaps for performance reason or whatever). Is it better to include SuperSU/TWRP into the patched kernel using RootKernel? Or is it better to flash SuperSU/TWRP separately? And what exactly is the difference between the two methods (apart from the obvious)? Anyone who can explain it to me?