Related
Thanks to :
• JF for his recovery.img
• Arisme for the analysis of the dumped french orange firmware and his tools to customize the firmware
1) The tools
Unzip all the tools on one folder on your hard disk (c:\ModifDream for example)
SDK here :
http://developer.android.com/sdk/download.html?v=android-sdk-windows-1.1_r1.zip
fastboot here :
http://member.america.htc.com/download/web_materials/ADP/fastboot.exe
other tools here :
http://www.megaupload.com/?d=XMGZSYOM
You must copy thoses files on the microSD card :
- boot-root.img
- systemDEV.img
- dataDEV.img
- libhtc_ril.so (we need this patch from the original french firmware for a compatibility with the radio)
- wlan.ko (we need this patch from the original french firmware for a compatibility with wifi)
- busybox.asc
- trout-keypad-v3-franch-azerty.kcm.bin (with the ' and the ")
2) Backup of your dream.
We will use the JF recovery :
- Shutdown the dream
- plug it to the PC
- put your dream in fastboot mode
- On the PC, do :
cd\ModifAndroid
fastboot boot recoveryJF.img
- On the dream keyboard do ALT+B to backup your dream
- At the end of the backup do BACK+HOME to reboot
Ok the backup is done (NANDROID folder on your microSD card
3) Patch the boot for permanent root access throw adb
Put the dream in fastboot mode
Plug it to the PC
- On the PC, do :
cd\ModifAndroid
fastboot boot recoveryBoot.img
After the startup of your dream, do on the PC :
adb shell
mount /dev/block/mmcblk0p1 /sdcard
flash_image boot /sdcard/boot-root.img
reboot
4)Install of the new firmware and of all the patchs (ADP firmware)
Put the Dream in fastboot mode and plug it to the PC
- On the PC do :
cd\ModifAndroid
fastboot boot recovery-unyaffs.img
After the startup, do on the PC
adb shell
mount /dev/block/mmcblk0p1 /sdcard
mkdir /tmp/system
mkdir /tmp/data
mount /dev/block/mtdblock3 /tmp/system
mount /dev/block/mtdblock5 /tmp/data
cd /tmp/system
rm -rf * (dont be afraid by the error)
unyaffs /sdcard/systemDEV.img
cd /tmp/data
rm -rf * (dont be afraid by the error)
unyaffs /sdcard/dataDEV.img
cp /sdcard/libhtc_ril.so /tmp/system/lib/
cp /sdcard/wlan.ko /tmp/system/lib/modules/
cp /sdcard/trout-keypad-v3-franch-azerty.kcm.bin /tmp/system/usr/keychars/
cp /sdcard/trout-keypad-v3-franch-azerty.kcm.bin /tmp/system/usr/keychars/trout-keypad-v3.kcm.bin
cp /sdcard/trout-keypad-v3-franch-azerty.kcm.bin /tmp/system/usr/keychars/trout-keypad.kcm.bin
Do on the dream keyboatd ALT + W
After the startup, do on the PC (to have root and busibox) :
cd\ModifAndroid
adb shell
mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
dd if=/sdcard/busybox.asc of=/system/bin/busybox
chmod 4755 /system/bin/busybox
cd /system/bin/
busybox cp -s busybox cp
busybox sh
cat sh > su
chmod 4755 su
reboot
OK, that is finished!
After the startup you will have to sign in with your gmail account. To do it you have first to create an APN (MENU and then NEW APN)
5)Back to the orange firmware
If you need to come back to the orginal situtation, just copy system.img and data.img from your NANDROID backup at the root of your microSD Card and copy and rename the boot.img from this backup to boot-orange.img at the root of the card.
Put the dream in fastboot mode
Plug it to the PC
- On the PC do :
cd\ModifAndroid
fastboot boot recovery-unyaffs.img
After the startup, do on the PC :
adb shell
mount /dev/block/mmcblk0p1 /sdcard
mkdir /tmp/system
mkdir /tmp/data
mount /dev/block/mtdblock3 /tmp/system
mount /dev/block/mtdblock5 /tmp/data
cd /tmp/system
rm –rf * (don't be afraid by the error)
unyaffs /sdcard/system.img
cd /tmp/data
rm –rf * (don't be afraid by the error)
unyaffs /sdcard/data.img
On the dream keyboard do ALT + W
Put again the dream in fastboot mode
On the PC do
cd\ModifAndroid
fastboot boot recoveryBoot.img
After the startup do on the PC :
adb shell
mount /dev/block/mmcblk0p1 /sdcard
flash_image boot /sdcard/boot-orange.img
reboot
REMARK
You will find in the zip a tool : unyaffs. With this tool you can extract on your PC image like system.img or data.img. This is really interesting if you need some patch from the orginal firmware. Maybe italian users can use it to get their keyboard layout, update it (with an hex editor) and replace the french layout in this exemple with the italian one
To use this tool : unyaffs system.img or unyaffs data.img with your image on the same folder fo unyaffs
Ah ouais ca a l'air sport comme méthode.
Oh it's seems pretty hard to do .
Are you sure it's working ?????
Vraiment impressionnant... j'espère que cela fonctionne bien
Tous mes espoirs d'avoir un téléphone Dream fonctionnel vont devenir réalité...
Enorme...
Really impressing I hope that it works well
All my hopes to have a functional telephone Dream are going to become reality
Enormous...
Note that it looks complicated because all steps are shown to give a headstart to other modders.
You can build a simple update.zip from those instructions if you want the most "interesting" parts being
a) gaining root by booting an image
b) using unyaffs to restore the original firmware, since no official update.zip exists for it so far
Really Great Job...
I have try this rom...
It's pretty good... YOU'RE THE KING OF THE ANDROID FRENCH PHONE
I have some problems with synchro (no 3G) and the img files are in English...
Could you help me to put this in French ???
Thanks in advance.
Best Regards
ADP firmware is an German/English firmware. You won't find a french firmware with a good google sync...
For the 3G have you created the new APN as described ?
For the APN :
name : orange
apn : orange
user : orange
pwd : orange
MCC : 208
MNC : 01
type : default
It's working....
Do you think it will be possible to made my own Firmware making a build with the French translations ???
Thanks in advance
You could translate the free (i.e. non Google) apps. But it's going to be a lot of work, when Cupcake is coming in a few months.
After i hacked my dream, following all the steps, my calendar app shuts down all the time...so i went back to orange firmware and my calendar is ok, but no synchro as it's expected to do with this firmware.
Anyone has same issue ? ideas ?
Oh, and before i went back to orange firmware, IM app and voice search were activated oO
Anyway, good job guys !
Problem
That finnish but I got a problem I am block by google account, my sim card is not reconize. I was maybe forget an step, but wich one ?
please help me
thx for that job
have you created the new apn as described ?
yes
yes I create orange apn like describe but It never ask me pin code ;-(
hum hum.. have you done the line cp /sdcard/libhtc_ril.so ...
I think yes, because I just copy/paste all command line, so that one were paste (I hope), if not what can I do ?
thx
i am surfing with my dream so it is not easy to write a specific process... so do again the step 4 and, please. do it line after line to be sure that all is ok...
ok I will try now to do step 4 and tell you if it is good. Or I will go on orange rom
thx geek78
is it normal
/tmp/system # rm –rf *
rm: cannot remove '–rf': No such file or directory
rm: app: is a directory
rm: bin: is a directory
rm: etc: is a directory
rm: fonts: is a directory
rm: framework: is a directory
rm: lib: is a directory
rm: lost+found: is a directory
rm: media: is a directory
rm: sounds: is a directory
rm: usr: is a directory
rm: xbin: is a directory
/tmp/system #
no, do again rm -rf * (dont forget the space after -rf)
yes It is what I do (I just copy and paste) so I keep space, but you said don't worry with error ;-)
The error is maybe here because all the process is ok, just an error in this command line.
I retry
thx
It smelt very good, you are a king, ****ing process, who do what you ask him ;-)
It first view all is good, I just need to do some configuration.
Thanks geek78 and have good night
See yu
This might work on other devices.
WARNING: this might brick your phone use it at your own risk.
Warning you have to have some knowlage of linux to do this kind of stuff.
WARNING: actually you have to have _good_ knowlage of linux/gnu stuff to do it.
The idea is this is to make the /system/bin/toolbox from the stock rom suid (permision 6755, it originaly has 0755)
This is how I did it. It might be simpler.
get a stock rom that you want. for me it was B5330XWALH3
it is now available at samsung-updates.
You need odin (heimdal will not work with my phone) (my was 3.07)
unpack the zip.
you get a .tar.md5 file (the tar file has broken headers so tar from ubuntu 12.04 will not unpackit).
the tar file works in sectors of 512 bytes.
take out the md5sum at the end of file. (some thing like: head -c (the size up to the last md5sum) original.tar.md5 > file1)
split the file so you will have the system.img.md5 separated (some thing like: head -c (the size upto "system.img.md5") file1 > file2;
head -c (the size upto "dt-blob.md5") file1 | tail -c +(the size upto "system.img.md5" + 1) > file3;
tail -c +(the size upto "dt-blob.md5" + 1) file1 > file4
file3 now has the system.img.md5, trim the md5sum from the tail and the tar headr from head (ex.:
head -c (upto the md5sum output from the rear of the file) file3 | tail -c +513 > file5)
file5 is a sparce image file of an ext4 filesystem. run simg2img (from ext4fs_utils (search on xda)) (ex.:
simg2img file5 file6)
sudo mount -o loop,ro file6 /mnt
look for the file /mnt/bin/toolbox (ex.: ls -l /mnt/bin/toolbox) it will give you an output like this:
-rwxr-xr-x 1 root 2000 99068 Aug 9 07:59 /mnt/bin/toolbox
sudo umount /mnt
the permisions and the size of the file yield the following hex sequence that you get in the file (we will hexedit the ext4 fs): ED 81 00 00 FC 82 01 00
in file3 edit the sequence (it should be only one in the file) from ED 81 00 00 FC 82 01 00 to ED 8D 00 00 FC 82 01 00 (practically adding the suid guid bits to the inode of the toolbox)
we are almost done, now to pack our bags and go.
verify that you have indeed put suid guid to toolbox:
head -c (upto the md5sum output from the rear of the file) file3 | tail -c +513 > file5;
simg2img file5 file6;
sudo mount -o loop,ro file6 /mnt;
ls -l /mnt/bin/toolbox
It should give an output:
-rwsr-sr-x 1 root 2000 99068 Aug 9 07:59 /mnt/bin/toolbox
sudo umount /mnt
recalculate the md5sum to the _expanded_ image: md5sum file6 > file7
overide the md5sum at the end of file3 with the one from file7
now pack the pieces in one tar: cat file2 file3 file4 > myfirmware.tar
add the md5sum to it: md5sum myfirmware.tar >> myfirmware.tar
change the name to .tar.md5: mv myfirmware.tar myfirmware.tar.md5
copy the file on a windowze machine (that has odin and the samsung drivers intalled).
update with odin the new firmware (which you should put in the PDA section) (don't forget to un check the repartitioning).
you should have now a practivally rooted device.
in order to have su and Superuser.apk on it you have to do the following steps:
push with adb su, busybox and Superuser.apk into /data/local/tmp on device (you get the files from other forums here at xda)
the next steps are on device (use adb shell)
verify that indeed we have a suid toolbox: ls -l /system/bin/toolbox should give that wanderfull -rwsr-sr-x permission.
find a rw mount that has suid (in my case a tmpfs is mounted /mnt/obb)
copy su to /mnt/obb (remember that we have suid toolbox this means that toolbox now gives you root on any command):
dd if=/data/local/tmp/su of=/mnt/obb/su
give su suid and make it owned by root: chmod 6755 /mnt/obb/su; chown 0.0 /mnt/obb/su
run su now and enjoy the #: /mnt/obb/su -
Click to expand...
Click to collapse
Ofcorse after you get # you should remount /system as rw, copy su in /system/xbin, copy Superuser.apk in /system/app, copy busybox in /system/xbin, make symlinks to busybox for all the comands in /system/xbin.
You should also upon success remove suid from toolbox so as to not mistakely do damage to the system (for instance "rm /")
And here you have it.
If you do not understand what I have done, you should read more linux / tar / ext4 / md5sum.
This method should work for any phone provided that it has odin as bootloader and there is the stock rom available.
hello
I don't have knowledge about how you have rooted the firmware for b5330, the steps you made are waaaay to dificult for me . Could you provide here an already rooted firmware, to download and install. thanks in advance
ETTT said:
This might work on other devices.
WARNING: this might brick your phone use it at your own risk.
Warning you have to have some knowlage of linux to do this kind of stuff.
WARNING: actually you have to have _good_ knowlage of linux/gnu stuff to do it.
The idea is this is to make the /system/bin/toolbox from the stock rom suid (permision 6755, it originaly has 0755)
This is how I did it. It might be simpler.
Ofcorse after you get # you should remount /system as rw, copy su in /system/xbin, copy Superuser.apk in /system/app, copy busybox in /system/xbin, make symlinks to busybox for all the comands in /system/xbin.
You should also upon success remove suid from toolbox so as to not mistakely do damage to the system (for instance "rm /")
And here you have it.
If you do not understand what I have done, you should read more linux / tar / ext4 / md5sum.
This method should work for any phone provided that it has odin as bootloader and there is the stock rom available.
Click to expand...
Click to collapse
bogdan_rize said:
I don't have knowledge about how you have rooted the firmware for b5330, the steps you made are waaaay to dificult for me . Could you provide here an already rooted firmware, to download and install. thanks in advance
Click to expand...
Click to collapse
no need to upload 400M for this little modification.
I'm unable to post links, goto samsung-updates
go and download B5330XWALI2_B5330OXXALI2_B5330XWLH1_HOME stock firmware.
and apply this xdelta patch over it.
xdelta patch sGTB5330.patch B5330XWALI2_B5330OXXALI2_B5330XWLH1_HOME.tar.md5 myfrm.tar.md5
Click to expand...
Click to collapse
after that you have the firmware that I use to root my phone.
Still... this firmware will not have "su" install, it will just be a rootable firware because it has a suid'ed toolbox.
a suid'ed toolbox in android means that you can exec chown and chmod as a root.
So. After the patching of the stock rom and flashing it. you have to have this md5sum output:
032b4344ab503c8413db9127efaa3d83 myfrm.tar.md5
Click to expand...
Click to collapse
odin will accept it (I've used Oding 3.07).
after that you push the files from the attached tar.gz to /data/local/tmp
tar -xzf superuser_stuff.tar.gz
adb push su /data/local/tmp
adb push Superuser.apk /data/local/tmp
adb push busybox /data/local/tmp
Click to expand...
Click to collapse
after that you bassically have to run this commands in an android shell in order to get to a stardard rooted android:
adb shell # enter the in the phone
dd if=/data/local/tmp/su of=/mnt/obb/su # copy the su binary to a place that can be sudoed
chown 0.0 /mnt/obb/su # modify the owner
chmod 6755 /mnt/obb/su # set SUID flag.
/mnt/obb/su # becomes root !!
mount -o remount,rw /system # remount the system partition as readwrite.
dd if=/data/local/tmp/su of=/system/xbin/su #copy su in path
chown 0.0 /system/xbin/su
chmod 6755 /system/xbin/su
chmod 755 /system/bin/toolbox # close the security hole (toolbox is nologer with SUID)
dd if=/data/local/tmp/Superuser.apk of=/system/app/Superuser.apk # copy the superuser application
chown 0.0 /system/app/Superuser.apk
chmod 666 /system/app/Superuser.apk
#now this is done for busybox
dd if=/data/local/tmp/busybox of=/system/xbin/busybox
chown 0.0 /system/xbin/busybox
chmod 755 /system/xbin/busybox
Click to expand...
Click to collapse
have fun.
I downloaded this firmware: Samsung-Updates.com-GT-B5330_COA_1_20120913171601_pducfx5hbw.zip. Where, how, what???...i unzipped it and now how to apply the patch? The rest of the stept i think i get it....i think For you it's easy to say, for me it's hard to do. I've had sgs1, sgs2 and sgs3, and the root of those was sooooooo easy... but this piece of crap b5330 drives me crazy )
ETTT said:
no need to upload 400M for this little modification.
I'm unable to post links, goto samsung-updates
go and download B5330XWALI2_B5330OXXALI2_B5330XWLH1_HOME stock firmware.
and apply this xdelta patch over it.
after that you have the firmware that I use to root my phone.
Still... this firmware will not have "su" install, it will just be a rootable firware because it has a suid'ed toolbox.
a suid'ed toolbox in android means that you can exec chown and chmod as a root.
So. After the patching of the stock rom and flashing it. you have to have this md5sum output:
odin will accept it (I've used Oding 3.07).
after that you push the files from the attached tar.gz to /data/local/tmp
after that you bassically have to run this commands in an android shell in order to get to a stardard rooted android:
have fun.
Click to expand...
Click to collapse
bogdan_rize said:
I downloaded this firmware: Samsung-Updates.com-GT-B5330_COA_1_20120913171601_pducfx5hbw.zip. Where, how, what???...i unzipped it and now how to apply the patch? The rest of the stept i think i get it....i think For you it's easy to say, for me it's hard to do. I've had sgs1, sgs2 and sgs3, and the root of those was sooooooo easy... but this piece of crap b5330 drives me crazy )
Click to expand...
Click to collapse
I've used xdelta package.
if you are on win then you're on your own.
there is xdelta.org and it seems to have pachage for windows.
for sgs[123] was easy because are main streams. may hackers were working on it.
this device is very new/obscure.
I whould have made a script, but alas, "heimdal" firmware loader whould not work with this device.
I've used linux to patch the firmware and windowze to upload it.
So a script whould be imposible, but after you pach .tar.md5 file and load it on your phone is just about cut and paste form my previous post.
My hope is that a more android savy guy will take this concept and make it a script.
I am just happy that I can now have debian on my phone.
yes, i am on win....there is no way to patch that COA firmware (i am from romania) and upload somewhere to download???i know i am probably asking to much from you, but i dont't think i will manage by my own...this rooting busines is driving me crazyyyyy :crying::crying::crying: thank you so much for your answer!!!
ETTT said:
I've used xdelta package.
if you are on win then you're on your own.
there is xdelta.org and it seems to have pachage for windows.
for sgs[123] was easy because are main streams. may hackers were working on it.
this device is very new/obscure.
I whould have made a script, but alas, "heimdal" firmware loader whould not work with this device.
I've used linux to patch the firmware and windowze to upload it.
So a script whould be imposible, but after you pach .tar.md5 file and load it on your phone is just about cut and paste form my previous post.
My hope is that a more android savy guy will take this concept and make it a script.
I am just happy that I can now have debian on my phone.
Click to expand...
Click to collapse
bogdan_rize said:
yes, i am on win....there is no way to patch that COA firmware (i am from romania) and upload somewhere to download???i know i am probably asking to much from you, but i dont't think i will manage by my own...this rooting busines is driving me crazyyyyy :crying::crying::crying: thank you so much for your answer!!!
Click to expand...
Click to collapse
ok here it is the modified firmware.
http://dl.transfer.ro/myfrm-transfer_ro-29oct-8a4089.zip
Interesting, reading carefully
Sent from my GT-B5330 using xda app-developers app
Thank you so much, tomorow morning i know how i'll spend my time...installing and rooting my b5330, unfortunately this evening i don't have my laptop on me forgoted at work ), but i've downloaded the firmware from phone and now waiting to have it done...finally!!! I'll let you know what have i done. Have a nice day and once again thanks!!!
ETTT said:
ok here it is the modified firmware.
http://dl.transfer.ro/myfrm-transfer_ro-29oct-8a4089.zip
Click to expand...
Click to collapse
it's not working, when i'm trying to adb remont it says: remount failed: Opertaion not permited. After i flashed with odin the firmware you gave to me, i think i do not have permission to make any changes, and i don't know why
ETTT said:
ok here it is the modified firmware.
http://dl.transfer.ro/myfrm-transfer_ro-29oct-8a4089.zip
Click to expand...
Click to collapse
Can you make patch for dxlh3..? Thanks
Sent from my GT-B5330 using xda app-developers app
bogdan_rize said:
it's not working, when i'm trying to adb remont it says: remount failed: Opertaion not permited. After i flashed with odin the firmware you gave to me, i think i do not have permission to make any changes, and i don't know why
Click to expand...
Click to collapse
There commands are supposed to be given in a command line box (cmd on win).
where does it gives you error?
adb shell # enter the in the phone
dd if=/data/local/tmp/su of=/mnt/obb/su # copy the su binary to a place that can be sudoed
chown 0.0 /mnt/obb/su # modify the owner
chmod 6755 /mnt/obb/su # set SUID flag.
/mnt/obb/su # becomes root !!
mount -o remount,rw /system # remount the system partition as readwrite.
dd if=/data/local/tmp/su of=/system/xbin/su #copy su in path
chown 0.0 /system/xbin/su
chmod 6755 /system/xbin/su
chmod 755 /system/bin/toolbox # close the security hole (toolbox is nologer with SUID)
dd if=/data/local/tmp/Superuser.apk of=/system/app/Superuser.apk # copy the superuser application
chown 0.0 /system/app/Superuser.apk
chmod 666 /system/app/Superuser.apk
#now this is done for busybox
dd if=/data/local/tmp/busybox of=/system/xbin/busybox
chown 0.0 /system/xbin/busybox
chmod 755 /system/xbin/busybox
finally it worked
yeeeees, damn you're good!!!! i have managed to root my b5330, root checher tell me that i am rooted and busybox is instaled...the only problem is that it shows me that i do not have installed superuser and supersu. Is there a problem if i just copy paste the apk file (supersu.apk and superuser.apk -> i've downloaded the pro version of bouth of them ) straight into the directory /data/local/tmp where it should be? or to copy-paste in another directory. Thanks in advance, CMD(and adb shell) gave me headache, but i finally got it an succedeed )) :victory::good:
ETTT said:
There commands are supposed to be given in a command line box (cmd on win).
where does it gives you error?
adb shell # enter the in the phone
dd if=/data/local/tmp/su of=/mnt/obb/su # copy the su binary to a place that can be sudoed
chown 0.0 /mnt/obb/su # modify the owner
chmod 6755 /mnt/obb/su # set SUID flag.
/mnt/obb/su # becomes root !!
mount -o remount,rw /system # remount the system partition as readwrite.
dd if=/data/local/tmp/su of=/system/xbin/su #copy su in path
chown 0.0 /system/xbin/su
chmod 6755 /system/xbin/su
chmod 755 /system/bin/toolbox # close the security hole (toolbox is nologer with SUID)
dd if=/data/local/tmp/Superuser.apk of=/system/app/Superuser.apk # copy the superuser application
chown 0.0 /system/app/Superuser.apk
chmod 666 /system/app/Superuser.apk
#now this is done for busybox
dd if=/data/local/tmp/busybox of=/system/xbin/busybox
chown 0.0 /system/xbin/busybox
chmod 755 /system/xbin/busybox
Click to expand...
Click to collapse
bogdan_rize said:
yeeeees, damn you're good!!!! i have managed to root my b5330, root checher tell me that i am rooted and busybox is instaled...the only problem is that it shows me that i do not have installed superuser and supersu. Is there a problem if i just copy paste the apk file (supersu.apk and superuser.apk -> i've downloaded the pro version of bouth of them ) straight into the directory /data/local/tmp where it should be? or to copy-paste in another directory. Thanks in advance, CMD(and adb shell) gave me headache, but i finally got it an succedeed )) :victory::good:
Click to expand...
Click to collapse
1. I'm glad you got it.
2. You should give thanks (that button) if I helped you.
3. I'm you dont read instructions. Maybe it's a problem with us romanian engineers, or maybe engineers in general
look at item 11. from my previous post. maybe I just c&p here.
dd if=/data/local/tmp/Superuser.apk of=/system/app/Superuser.apk
So, when you are in adb shell and you go root (su command, you get the promt with #) and you have the /system mounted rw.
Then any apk that you copy to /system/app folder will get intalled and when you list your application (the button with 16 squares) you should see it.
Have fun.
i was having trouble understanding adb shell and cmd from the begining. I never used this command tool...ever ) and i think from yesterday to this day i managed really ok . Anyway i think i will just copy-paste the superuser.apk in "app" folder directly in the system (it's the same thing, isn't it??). I have done that in item 11., and after a restart supersu was instaled, only superuser.apk didn't, i think i wrote something wrong in adb shell
ETTT said:
1. I'm glad you got it.
2. You should give thanks (that button) if I helped you.
3. I'm you dont read instructions. Maybe it's a problem with us romanian engineers, or maybe engineers in general
look at item 11. from my previous post. maybe I just c&p here.
dd if=/data/local/tmp/Superuser.apk of=/system/app/Superuser.apk
So, when you are in adb shell and you go root (su command, you get the promt with #) and you have the /system mounted rw.
Then any apk that you copy to /system/app folder will get intalled and when you list your application (the button with 16 squares) you should see it.
Have fun.
Click to expand...
Click to collapse
hihihi
neeeah, my bad, i thought that in "superuser_stuff" is superuser and supersu files, it was just su->for superuser.apk, easy peasy, it worked and installed from the first time...it was just me verry verry dizzy and confused. Your guide is 100% OK, my phone is rooted and now i can enjoy !!!
ETTT said:
1. I'm glad you got it.
2. You should give thanks (that button) if I helped you.
3. I'm you dont read instructions. Maybe it's a problem with us romanian engineers, or maybe engineers in general
look at item 11. from my previous post. maybe I just c&p here.
dd if=/data/local/tmp/Superuser.apk of=/system/app/Superuser.apk
So, when you are in adb shell and you go root (su command, you get the promt with #) and you have the /system mounted rw.
Then any apk that you copy to /system/app folder will get intalled and when you list your application (the button with 16 squares) you should see it.
Have fun.
Click to expand...
Click to collapse
can you release xdelta patch for your XWALH3 because we have the same device..
phyxar said:
can you release xdelta patch for your XWALH3 because we have the same device..
Click to expand...
Click to collapse
I've started a new more universal thread:
http://forum.xda-developers.com/showthread.php?t=1965600
There you have the shell-script that will patch the firmware for you.
If you still want an xdelta patch I'll make one for you but:
Give a man a fish and it will be full for the day, teach him how to fish and it will never go hungry again.
Have fun.
ETTT said:
ok here it is the modified firmware.
dl.transfer.ro/myfrm-transfer_ro-29oct-8a4089.zip
Click to expand...
Click to collapse
Hello, i'm new here and i don't know about scripting, so need your help..
i downloaded your firmware and install it to my b5330 and did the cmd command, and it worked, thanks..:good:
but now i've a new problem that my b5330 can't type a question mark ('?').. can you help me please..
whenever i want to type a question mark it always typed a comma (',') in the screen..:crying:
it also it change the symbol and language key to emoticon and symbol, but that's not a problem for me..
andhikarogue said:
Hello, i'm new here and i don't know about scripting, so need your help..
i downloaded your firmware and install it to my b5330 and did the cmd command, and it worked, thanks..:good:
but now i've a new problem that my b5330 can't type a question mark ('?').. can you help me please..
whenever i want to type a question mark it always typed a comma (',') in the screen..:crying:
it also it change the symbol and language key to emoticon and symbol, but that's not a problem for me..
Click to expand...
Click to collapse
That's because you have use the romanian firmware. whitch has a qwerty layout keyboard.
you have to do it the right way:
first. find the firmaware for your region:
http://samsung-updates.com/device/?id=GT-B5330
second. find a linux machine and run the script from the thread.
It is unrealistic for me to just upload all the 40 version of the firmware patched.
That is why I've made the script.
If you don't have a linux machine then look for a virtual box ubuntu and run on it.
Cheers.
hello i tryed yesterday to unpack system.ext4.img but the problem is the file was 467 miga and become 200 miga (i flashed it in my mobile but no hope ) "" so it lose data ""
what system i can install in my computer to open ext4.img to edit all data inside it ? read and write
i searched in the other topics but i didnt understand good so i make it dirct
to know why i want to edit ext4.img look to my other topic
http://forum.xda-developers.com/showthread.php?p=49175577#post49175577
al2rhabyy said:
hello i tryed yesterday to unpack system.ext4.img but the problem is the file was 467 miga and become 200 miga (i flashed it in my mobile but no hope ) "" so it lose data ""
what system i can install in my computer to open ext4.img to edit all data inside it ? read and write
i searched in the other topics but i didnt understand good so i make it dirct
to know why i want to edit ext4.img look to my other topic
http://forum.xda-developers.com/showthread.php?p=49175577#post49175577
Click to expand...
Click to collapse
This requires linux (Ubuntu) other wise you are out of luck.
And it requires linux knowledge.
You could rename it to system.img then loop mount it under linux.
Code:
sudo mkdir /mnt/sys
sudo mount -o loop system.img /mnt/sys
cd /mnt/sys
nautilus .
Run that in a linux shell.
Then unmount once you are done reading and writing the image.
Code:
sudo umount -R /mnt/sys
Then copy the system.img to a windows machine again and if you have a samsung phone you could flash the image with odin packed into a tar.
Or rename it back to system.ext4.img then flash it how you were going to.
can you make a video please ? :cyclops:
but with my system file
All,
I've moved this to it's own thread just to keep thing separate.
In case you are uncomfortable with kingroot, or you want a less intrusive install (since we don't need any exploits to root this device - kudos Huawei!) I have built a modified version of the boot image that uses supersu by chainfire instead. This is based on the work done here http://cn.club.vmall.com/space-uid-5467988.html, so we still owe them thanks. All this does, is move the Superuser.apk package into the system partition so that it can be installed as an administrative application, add in a /sbin/su file, and copy /sbin/su into /sbin/xbin so we can use it. Here is a full diff for the 0012 version from the default boot.img supplied by Huawei:
Code:
diff: ./charger: No such file or directory
diff: ~/mediapad/dload.012/boot/filesystem/charger: No such file or directory
diff -r ./default.prop ~/mediapad/dload.012/boot/filesystem/default.prop
4c4
< ro.secure=0
---
> ro.secure=1
6,7c6,7
< ro.debuggable=1
< ro.adb.secure=0
---
> ro.debuggable=0
> ro.adb.secure=1
diff -r ./init.rc ~/mediapad/dload.012/boot/filesystem/init.rc
528,532d527
< service load_boot /sbin/load_boot
< class main
< seclabel u:r:install_recovery:s0
< oneshot
<
Only in ./sbin: load_boot
Only in ./sbin: su
load_boot contains the following:
Code:
#!/system/bin/sh
/sbin/su --auto-daemon &
if [ ! -e /system/app/Superuser.apk ];then
mount -o rw,remount /system
cp -rpf /data/local/tmp/Superuser.apk /system/app/Superuser.apk
chmod 644 /system/app/Superuser.apk
fi
if [ ! -e /system/xbin/su ];then
mount -o rw,remount /system
cp -rpf /sbin/su /system/xbin/
chmod 06755 /system/xbin/su
fi
The /sbin/su file has an md5sum:
Code:
md5sum sbin/su
cd029c6b8b7065ff8ff2860137aeff99 sbin/su
and that matches the md5sum of the su included with v2.46 of chainfires supersu ZIP file (in the link below). So from a security perspective, I think we are pretty clean.
To use this, do the following:
0) Make sure you have unlocked the bootloader first!!!
1) Download chainfires Superuser from here: https://download.chainfire.eu/696/SuperSU/UPDATE-SuperSU-v2.46.zip , and extract the Superuser.apk file from the common folder.
2) adb shell "rm -rf /data/local/tmp/*"
3) adb push <path_to>/Superuser..apk /data/local/tmp/Superuser.apk
4) adb reboot bootloader
( your device will restart)
5) fastboot flash boot <path_to>/super_boot.img
6) fastboot reboot
7) Open the supersu App and update su (otherwise you may have strange issues)
That's it! You're rooted!
This does not do any odd exploits or camera driver adjustments or anything so there shouldn't be any issues with the camera or sound, but, as always, no guarantees.
File is to big too upload here so grab it from here:
703L
b012:
https://www.dropbox.com/s/7wqs6qghphy42sl/super_boot.b012.img?dl=0
b013 - untested for now!!! Tested and works fine:
https://www.dropbox.com/s/9so1wdbofhlbcmo/super_boot.b013.img?dl=0
b015 - Tested and works fine:
https://www.dropbox.com/s/cs767z8yjyfsfku/super_boot.703L.B015.img?dl=0
b106 - Tested and works fine:
https://www.dropbox.com/s/4qvtvpemiko01ie/super_boot.703L.B106.img?dl=0
702L
b003 - Untested! - Potentially Insecure! - I got the link for the 702L image from xda, NOT from emui.com. So I can't speak to the security:
https://www.dropbox.com/s/fp1cj25m1zzqq0m/super_boot.702L.B003.img?dl=0
Root sucessfully without any problems.
Big thanks.
dfsteen said:
All,
I've moved this to it's own thread just to keep thing separate.
In case you are uncomfortable with kingroot, or you want a less intrusive install (since we don't need any exploits to root this device - kudos Huawei!) I have built a modified version of the boot image that uses supersu by chainfire instead. This is based on the work done here http://cn.club.vmall.com/space-uid-5467988.html, so we still owe them thanks. All this does, is move the Superuser.apk package into the system partition so that it can be installed as an administrative application, add in a /sbin/su file, and copy /sbin/su into /sbin/xbin so we can use it. Here is a full diff for the 0012 version from the default boot.img supplied by Huawei:
Code:
diff: ./charger: No such file or directory
diff: ~/mediapad/dload.012/boot/filesystem/charger: No such file or directory
diff -r ./default.prop ~/mediapad/dload.012/boot/filesystem/default.prop
4c4
< ro.secure=0
---
> ro.secure=1
6,7c6,7
< ro.debuggable=1
< ro.adb.secure=0
---
> ro.debuggable=0
> ro.adb.secure=1
diff -r ./init.rc ~/mediapad/dload.012/boot/filesystem/init.rc
528,532d527
< service load_boot /sbin/load_boot
< class main
< seclabel u:r:install_recovery:s0
< oneshot
<
Only in ./sbin: load_boot
Only in ./sbin: su
load_boot contains the following:
Code:
#!/system/bin/sh
/sbin/su --auto-daemon &
if [ ! -e /system/app/Superuser.apk ];then
mount -o rw,remount /system
cp -rpf /data/local/tmp/Superuser.apk /system/app/Superuser.apk
chmod 644 /system/app/Superuser.apk
fi
if [ ! -e /system/xbin/su ];then
mount -o rw,remount /system
cp -rpf /sbin/su /system/xbin/
chmod 06755 /system/xbin/su
fi
The /sbin/su file has an md5sum:
Code:
md5sum sbin/su
cd029c6b8b7065ff8ff2860137aeff99 sbin/su
and that matches the md5sum of the su included with v2.46 of chainfires supersu ZIP file (in the link below). So from a security perspective, I think we are pretty clean.
To use this, do the following:
0) Make sure you have unlocked the bootloader first!!!
1) Download chainfires Superuser from here: https://download.chainfire.eu/696/SuperSU/UPDATE-SuperSU-v2.46.zip , and extract the Superuser.apk file from the common folder.
2) adb shell "rm -rf /data/local/tmp/*"
3) adb push <path_to>/Superuser..apk /data/local/tmp/Superuser.apk
4) adb reboot bootloader
( your device will restart)
5) fastboot flash boot <path_to>/super_boot.img
6) fastboot reboot
7) Open the supersu App and update su (otherwise you may have strange issues)
That's it! You're rooted!
This does not do any odd exploits or camera driver adjustments or anything so there shouldn't be any issues with the camera or sound, but, as always, no guarantees.
File is to big too upload here so grab it from here:
b012:
https://www.dropbox.com/s/wlsjjixext9kbjf/super_boot.b012.img?dl=0
b013 - untested for now!!! Tested and works fine:
https://www.dropbox.com/s/wchc8w6d0qy1npv/super_boot.b013.img?dl=0
Click to expand...
Click to collapse
Would this method work on a GEM-701L as well?
if you point me to the firmware image for that device i can tell you for sure.
Sent from my GEM-703L using XDA Free mobile app
thank you very much, its working great on b013 !
What i did was restoring b012 from sdcard, then i installed directly b013 update, then i rooted the phone using your method and everything is working great.
Now, this probably sounds studip, but could you please explain point 2-6? My Honor X2 is bootloader unlocked but I have no idea what I have to do when you write adb shell.. etc... Do I need any software to do what you suggest or is there a visual guide somewhere to get me going?
Thanks
Can someone give me a link to the Windows drivers please .
dfsteen said:
All,
I've moved this to it's own thread just to keep thing separate.
In case you are uncomfortable with kingroot, or you want a less intrusive install (since we don't need any exploits to root this device - kudos Huawei!) I have built a modified version of the boot image that uses supersu by chainfire instead. This is based on the work done here http://cn.club.vmall.com/space-uid-5467988.html, so we still owe them thanks. All this does, is move the Superuser.apk package into the system partition so that it can be installed as an administrative application, add in a /sbin/su file, and copy /sbin/su into /sbin/xbin so we can use it. Here is a full diff for the 0012 version from the default boot.img supplied by Huawei:
Code:
diff: ./charger: No such file or directory
diff: ~/mediapad/dload.012/boot/filesystem/charger: No such file or directory
diff -r ./default.prop ~/mediapad/dload.012/boot/filesystem/default.prop
4c4
< ro.secure=0
---
> ro.secure=1
6,7c6,7
< ro.debuggable=1
< ro.adb.secure=0
---
> ro.debuggable=0
> ro.adb.secure=1
diff -r ./init.rc ~/mediapad/dload.012/boot/filesystem/init.rc
528,532d527
< service load_boot /sbin/load_boot
< class main
< seclabel u:r:install_recovery:s0
< oneshot
<
Only in ./sbin: load_boot
Only in ./sbin: su
load_boot contains the following:
Code:
#!/system/bin/sh
/sbin/su --auto-daemon &
if [ ! -e /system/app/Superuser.apk ];then
mount -o rw,remount /system
cp -rpf /data/local/tmp/Superuser.apk /system/app/Superuser.apk
chmod 644 /system/app/Superuser.apk
fi
if [ ! -e /system/xbin/su ];then
mount -o rw,remount /system
cp -rpf /sbin/su /system/xbin/
chmod 06755 /system/xbin/su
fi
The /sbin/su file has an md5sum:
Code:
md5sum sbin/su
cd029c6b8b7065ff8ff2860137aeff99 sbin/su
and that matches the md5sum of the su included with v2.46 of chainfires supersu ZIP file (in the link below). So from a security perspective, I think we are pretty clean.
To use this, do the following:
0) Make sure you have unlocked the bootloader first!!!
1) Download chainfires Superuser from here: https://download.chainfire.eu/696/SuperSU/UPDATE-SuperSU-v2.46.zip , and extract the Superuser.apk file from the common folder.
2) adb shell "rm -rf /data/local/tmp/*"
3) adb push <path_to>/Superuser..apk /data/local/tmp/Superuser.apk
4) adb reboot bootloader
( your device will restart)
5) fastboot flash boot <path_to>/super_boot.img
6) fastboot reboot
7) Open the supersu App and update su (otherwise you may have strange issues)
That's it! You're rooted!
This does not do any odd exploits or camera driver adjustments or anything so there shouldn't be any issues with the camera or sound, but, as always, no guarantees.
File is to big too upload here so grab it from here:
b012:
https://www.dropbox.com/s/wlsjjixext9kbjf/super_boot.b012.img?dl=0
b013 - untested for now!!! Tested and works fine:
https://www.dropbox.com/s/wchc8w6d0qy1npv/super_boot.b013.img?dl=0
Click to expand...
Click to collapse
Very nice guide. I followed your instructions and I rooted successfully. I am getting a Cell broadcasts has stopped error upon boot but it really doesn't affect anything so I'm going to freeze it. The good part of this whole process is I ordered my X2 from a seller (zomlong-trading) on eBay and they said they installed an "international" ROM which has all the GAPPS like the Play Store etc.... I had the phone within a week (It shipped on Monday and I got it on Thursday) and the phone came working perfectly. I emailed Huawei for the unlock code and had it within three hours. When I went to unlock apparently the phone was already unlocked so all i had to do was follow your root procedure and that worked like a charm. I can't wait for someone to port the Chinese TWRP to an English version. I'm excited about being able to flash anything AOSP based on this when and if it ever happens. Anyway, thanks for your help.
Bunkerstudio said:
Now, this probably sounds studip, but could you please explain point 2-6? My Honor X2 is bootloader unlocked but I have no idea what I have to do when you write adb shell.. etc... Do I need any software to do what you suggest or is there a visual guide somewhere to get me going?
Thanks
Click to expand...
Click to collapse
Adb and fastboot are tools that you use to interact with android from your PC. You can look here for beginner information:
http://forum.xda-developers.com/showthread.php?t=690362
Note that there are many many threads discussing these things on xda, and the above is only one example. Search around and you will find a whole lot more information.
Confirm: Worked well with GEM-703LT version (32Gb storage)
Didn't work. Rooted using another method
dfsteen said:
All,
I've moved this to it's own thread just to keep thing separate.
In case you are uncomfortable with kingroot, or you want a less intrusive install (since we don't need any exploits to root this device - kudos Huawei!) I have built a modified version of the boot image that uses supersu by chainfire instead. This is based on the work done here http://cn.club.vmall.com/space-uid-5467988.html, so we still owe them thanks. All this does, is move the Superuser.apk package into the system partition so that it can be installed as an administrative application, add in a /sbin/su file, and copy /sbin/su into /sbin/xbin so we can use it. Here is a full diff for the 0012 version from the default boot.img supplied by Huawei:
Code:
diff: ./charger: No such file or directory
diff: ~/mediapad/dload.012/boot/filesystem/charger: No such file or directory
diff -r ./default.prop ~/mediapad/dload.012/boot/filesystem/default.prop
4c4
< ro.secure=0
---
> ro.secure=1
6,7c6,7
< ro.debuggable=1
< ro.adb.secure=0
---
> ro.debuggable=0
> ro.adb.secure=1
diff -r ./init.rc ~/mediapad/dload.012/boot/filesystem/init.rc
528,532d527
< service load_boot /sbin/load_boot
< class main
< seclabel u:r:install_recovery:s0
< oneshot
<
Only in ./sbin: load_boot
Only in ./sbin: su
load_boot contains the following:
Code:
#!/system/bin/sh
/sbin/su --auto-daemon &
if [ ! -e /system/app/Superuser.apk ];then
mount -o rw,remount /system
cp -rpf /data/local/tmp/Superuser.apk /system/app/Superuser.apk
chmod 644 /system/app/Superuser.apk
fi
if [ ! -e /system/xbin/su ];then
mount -o rw,remount /system
cp -rpf /sbin/su /system/xbin/
chmod 06755 /system/xbin/su
fi
The /sbin/su file has an md5sum:
Code:
md5sum sbin/su
cd029c6b8b7065ff8ff2860137aeff99 sbin/su
and that matches the md5sum of the su included with v2.46 of chainfires supersu ZIP file (in the link below). So from a security perspective, I think we are pretty clean.
To use this, do the following:
0) Make sure you have unlocked the bootloader first!!!
1) Download chainfires Superuser from here: https://download.chainfire.eu/696/SuperSU/UPDATE-SuperSU-v2.46.zip , and extract the Superuser.apk file from the common folder.
2) adb shell "rm -rf /data/local/tmp/*"
3) adb push <path_to>/Superuser..apk /data/local/tmp/Superuser.apk
4) adb reboot bootloader
( your device will restart)
5) fastboot flash boot <path_to>/super_boot.img
6) fastboot reboot
7) Open the supersu App and update su (otherwise you may have strange issues)
That's it! You're rooted!
This does not do any odd exploits or camera driver adjustments or anything so there shouldn't be any issues with the camera or sound, but, as always, no guarantees.
File is to big too upload here so grab it from here:
b012:
https://www.dropbox.com/s/wlsjjixext9kbjf/super_boot.b012.img?dl=0
b013 - untested for now!!! Tested and works fine:
https://www.dropbox.com/s/wchc8w6d0qy1npv/super_boot.b013.img?dl=0
Click to expand...
Click to collapse
hi
thanks for your efforts, but do you have the stock recovery.img for b013 rom
thankyou
All,
As soon as b015 goes up on the website I will pull it apart and generate a rooted version. It usually goes up within a week of the OTA update so hang in there!
-Dan
Hi there... I wonder if u can take a look @ GEM-702L ???
theres only one FW for the 702.... but there no stable working boot.img could work with...T.T
While I mean all the 703 bxyz method could root...the 702... but probably theres some problems... like GPU driver sth like that... first.. it caused no sound problem.... random freezes.... n cheesy screen
lcw622 said:
Hi there... I wonder if u can take a look @ GEM-702L ???
theres only one FW for the 702.... but there no stable working boot.img could work with...T.T
While I mean all the 703 bxyz method could root...the 702... but probably theres some problems... like GPU driver sth like that... first.. it caused no sound problem.... random freezes.... n cheesy screen
Click to expand...
Click to collapse
Do you have a link to the firmware?
dfsteen said:
Do you have a link to the firmware?
Click to expand...
Click to collapse
http://forum.xda-developers.com/huawei-mediapad/general/mediapad-x2-firmware-702l-703l-t3168925
dfsteen said:
All,
As soon as b015 goes up on the website I will pull it apart and generate a rooted version. It usually goes up within a week of the OTA update so hang in there!
-Dan
Click to expand...
Click to collapse
Thanks and btw the b015 is already on the website. Excited now
Can't wait for the root of b015 [emoji18]
Gesendet von iPad mit Tapatalk
b015 rooted is now up on the initial posting. Enjoy!
lcw622 said:
http://forum.xda-developers.com/huawei-mediapad/general/mediapad-x2-firmware-702l-703l-t3168925
Click to expand...
Click to collapse
I've posted a rooted boot.img for 702l.b003 from the link you provided. I don't own this device, so it's not tested, but let me know if it works.
I tried
mount -o rw,remount /system/
But
mount: '/system/' not in /proc/mounts
system-as-root = system is mounted as /, not /system
Permissions are fine.
DavidxxxD said:
system-as-root = system is mounted as /, not /system
Permissions are fine.
Click to expand...
Click to collapse
I can't write to / still
Are you root?
What is output of
Bash:
id
Bash:
su -c mount -o remount,rw /
Also try this to find out more
Bash:
mount | grep "/ "
DavidxxxD said:
Are you root?
What is output of
Bash:
id
Bash:
su -c mount -o remount,rw /
Also try this to find out more
Bash:
mount | grep "/ "
Click to expand...
Click to collapse
Bash:
berlna:/ $ id
uid=2000(shell) gid=2000(shell) groups=2000(shell),1004(input),1007(log),1011(adb),1015(sdcard_rw),1028(sdcard_r),1078(ext_data_rw),1079(ext_obb_rw),3001(net_bt_admin),3002(net_bt),3003(inet),3006(net_bw_stats),3009(readproc),3011(uhid),3012 context=u:r:shell:s0
Bash:
berlna:/ $ su -c mount -o remount,rw /
'/dev/block/dm-8' is read-only
Bash:
berlna:/ $ mount | grep "/ "
/dev/block/dm-8 on / type ext4 (ro,seclabel,relatime,discard)
And yes I have root
I've never seen this output from trying to remount. Could be a permanent read-only attribute somewhere. /dev/block/dm-8 looks like your system is on an encrypted partition, this could have something to do with the error. You can try using the busybox version of mount command. Also, does your device have a super partition? That could explain it.
DavidxxxD said:
I've never seen this output from trying to remount. Could be a permanent read-only attribute somewhere. /dev/block/dm-8 looks like your system is on an encrypted partition, this could have something to do with the error. You can try using the busybox version of mount command. Also, does your device have a super partition? That could explain it.
Click to expand...
Click to collapse
This is the same error i also face in oneplus os12 and yes my dev dm-x also is ro even after root
Its super.img and also i try with busybox
But useless
The only way now i can see is unpack backup super
Unpack edit repack and flash back
But its not possible for me
Rewriting the super partition every time, seems to be the only way in your case.
The lpflash tools are used to work with super partitions.
I've attatched a statically linked 64-bit ARM version that can run on the device, built from this source.
Extract the system image using
Bash:
./lpunpack -p system super.img
Note: This can also be run directly on the block device, it only reads.
From there, you can modify the system and add it to a super image (the firmware usually has sparse ones that need to be decompressed first). You could also flash the new system image directly via fastbootd mode.
Note: Ignore any "invaild sparse header" messages from fastboot.
Don't flash unsparse images on Samsung devices! They will not like it!
Hope this is helpful.
DavidxxxD said:
Rewriting the super partition every time, seems to be the only way in your case.
The lpflash tools are used to work with super partitions.
I've attatched a statically linked 64-bit ARM version that can run on the device, built from this source.
Extract the system image using
Bash:
./lpunpack -p system super.img
Note: This can also be run directly on the block device, it only reads.
From there, you can modify the system and add it to a super image (the firmware usually has sparse ones that need to be decompressed first). You could also flash the new system image directly via fastbootd mode.
Note: Ignore any "invaild sparse header" messages from fastboot.
Don't flash unsparse images on Samsung devices! They will not like it!
Hope this is helpful.
Click to expand...
Click to collapse
Its a super.img thx