Huawei Bootloader Brute Force - Android General

DISCLAIMER
* I am not responsible for bricked devices, dead SD cards,
* thermonuclear war, or you getting fired because the alarm app failed.
* YOU are choosing to make these modifications, and if
* you point the finger at me for messing up your device, I will laugh at you.
Click to expand...
Click to collapse
UNLOCK BOOTLOADER
This script brute forces your bootloader until it finds the code.
1.Download the python script : mega.nz/file/aoUAka4I#Tkn7fAqLGm4GtG89w-oIrymacQHlfhcfHyl8WHHUDXc
2.Download the python program from Python website.
3.Install the python program.
4.Unzip the script.
5.Write your phone FIRST IMEI down.
6.Enable developer options in Android.
7.Enable USB debugging in Android.
8.Connect your device to the computer and launch the script.
Use command: C:\your file location\your file location\ python unlock.py
9.When prompted insert your phone's FIRST IMEI
The process could take days but you don't have to pay for programs like DC-Unlocker and sooooo on.
If you get the error "unknownfail" you must edit the "unlock.py" file and modify "True" to "False" from "unknownfail" section.
GOOD LUCK!!!!
The program was created by "SkyEmie" and i just made the tutorial.

Is it safe ? Any chance of data loss ?

murali3127 said:
Is it safe ? Any chance of data loss ?
Click to expand...
Click to collapse
If it gets the good bootloader code it automatically reset the mobile phone.All the phones does this.

Ifnit takes days does it continue where left off ?

I got this.
fastboot: error: Command failed
Could not parse output.
Please check the output above yourself.
If you want to disable this feature, switch variable unknownfail to False

murali3127 said:
Is it safe ? Any chance of data loss ?
Click to expand...
Click to collapse
Don't worry. Every bootloader unlocking wipes all user data for sure!
About paid unlocking - to got you unlocking code, phone has to reboot and be wiped. After unlocking bootloader with code, in bootloader mode, phone also had to reboot and wipe all user data. Take your chance to install custom recovery and remove forced encryption if you want to try some custom rom or just backup user data.

murali3127 said:
I got this.
fastboot: error: Command failed
Could not parse output.
Please check the output above yourself.
If you want to disable this feature, switch variable unknownfail to False
Click to expand...
Click to collapse
you must edit unlock.py file (right click>edit with ide>) and at "unknownfail" line it will say "True" change it to "False"

It doesnt work on emui10, Readme says.

Hello. I was very interested in the topic.
Is it possible to unlock the bootloader on the Huawei P30 Pro in this way? I can have Emui 9
Has anyone succeeded?

Has been running for 12 hours so far on my Huawei Y560-U02.
Will update if it works...
Running on the spare PC.
Screen information did not change since it started but I can see the CPU is busy.

Hey guys,
i also have tried to bruteforce my bootloader code with the python script you mentioned. However, without any kind of success. I've tried both EMAIs and it hasn't found a fitting bootloader code. (And yes I got EMUI 5 and the EU version). Seems like my only choice is to buy a dc unlocker code.
Now back to you. Instead of using a single-core python script check out this github repository, where somebody wrote the whole thing in C# but multithreaded. IT'S WAY FASTER. Only took 5-10 Minutes compared to the 5-10 hours python script by SkyEmie. Here is the link:
h t t p s://github.com/rainxh11/HuaweiBootloader_Bruteforce (sorry but i'm new to this forum so i am not allowed to send links unobfuscated) =)
I will try it for some more times but with different methods...
I hope you will succeed and if you do, please post it to this forum.
:good:
Edit: I compiled the program so you can download it directly if you want: h t t p://www .mediafire .com/file/h0w27xk18makz79/HuaweiBootloader_Bruteforce.exe/file

LukasBBB said:
Hey guys,
i also have tried to bruteforce my bootloader code with the python script you mentioned. However, without any kind of success. I've tried both EMAIs and it hasn't found a fitting bootloader code. (And yes I got EMUI 5 and the EU version). Seems like my only choice is to buy a dc unlocker code.
Now back to you. Instead of using a single-core python script check out this github repository, where somebody wrote the whole thing in C# but multithreaded. IT'S WAY FASTER. Only took 5-10 Minutes compared to the 5-10 hours python script by SkyEmie. Here is the link:
h t t p s://github.com/rainxh11/HuaweiBootloader_Bruteforce (sorry but i'm new to this forum so i am not allowed to send links unobfuscated) =)
I will try it for some more times but with different methods...
I hope you will succeed and if you do, please post it to this forum.
:good:
Edit: I compiled the program so you can download it directly if you want: h t t p://www .mediafire .com/file/h0w27xk18makz79/HuaweiBootloader_Bruteforce.exe/file
Click to expand...
Click to collapse
I ran the c# program 3 times, i am not sure if the last number it outputs is the password but i tried it and it failed to unlock.
I am now waiting for python and will follow up with an update when something interesting happens.

It does not seem that the Python method works on my type of device.
It tried to get the C# one running but it seems that it needs to be compiled 1st. I tried to compile it but I get error messages.
Can I get some tips on how to compile or or how to run it...

Johncoool said:
It does not seem that the Python method works on my type of device.
It tried to get the C# one running but it seems that it needs to be compiled 1st. I tried to compile it but I get error messages.
Can I get some tips on how to compile or or how to run it...
Click to expand...
Click to collapse
there is a compiled version of it on github under "releases". Or you can use my compiled version which i included in my thread.
---------- Post added at 10:32 PM ---------- Previous post was at 10:28 PM ----------
Krckoo said:
I ran the c# program 3 times, i am not sure if the last number it outputs is the password but i tried it and it failed to unlock.
I am now waiting for python and will follow up with an update when something interesting happens.
Click to expand...
Click to collapse
No, it tries ALL combinations that are possible for your device given by the IMEI so the last number is just the last one tried.
Important is: your device has to be in bootloader mode for this program to work properly.
Question: what device do you have? I've got the P9 Lite and couldn't bring it to work neither.

LukasBBB said:
Hey guys,
i also have tried to bruteforce my bootloader code with the python script you mentioned. However, without any kind of success. I've tried both EMAIs and it hasn't found a fitting bootloader code. (And yes I got EMUI 5 and the EU version). Seems like my only choice is to buy a dc unlocker code.
Now back to you. Instead of using a single-core python script check out this github repository, where somebody wrote the whole thing in C# but multithreaded. IT'S WAY FASTER. Only took 5-10 Minutes compared to the 5-10 hours python script by SkyEmie. Here is the link:
h t t p s://github.com/rainxh11/HuaweiBootloader_Bruteforce (sorry but i'm new to this forum so i am not allowed to send links unobfuscated) =)
I will try it for some more times but with different methods...
I hope you will succeed and if you do, please post it to this forum.
:good:
Edit: I compiled the program so you can download it directly if you want: h t t p://www .mediafire .com/file/h0w27xk18makz79/HuaweiBootloader_Bruteforce.exe/file
Click to expand...
Click to collapse
if the program hangs at the end with something like a code, is that the code?

XDboy YT BG said:
if the program hangs at the end with something like a code, is that the code?
Click to expand...
Click to collapse
No, look at the thread above for information about how the program works.

Thanks for tip.
C# worked but it only ran through a few and then it just stopped. It created a text file and there are around 300k possible codes for this.
The device I am using is Y560-U02 from 2015 running on Kitkat.
I found a 25 sec video for P9 last week. Maybe someone can figure out how they got it to work. It seems to be running on Python program.
https://peertube.fr/videos/watch/d4d47f18-a0ff-4eda-a21e-3f5ec3064c6e
---------- Post added at 06:46 PM ---------- Previous post was at 06:10 PM ----------
I found a way to bypass when it just stops. It is stopping after 16 attempts each time.
I will test my method and then post it here.
It should work for all Windows users.
---------- Post added at 07:30 PM ---------- Previous post was at 06:46 PM ----------
If you go to task manager you will see that it creates a fastboot.exe for each attempt. So Create a batch file with the below code and it will stop all of them on a loop with the time defined. Run it as Administrator to ensure that it works. Time is in seconds
Download the nircmd from the bottom of the below link. I used the not 64 bit one and and extract it then move the exe files to the C:\Windows\system32 folder or edit the script to include the directory you extract the files to.
https://www.nirsoft.net/utils/nircmd.html
-------------------------------------------------------------------------
@Echo off
:Loop
Timeout /T 10
nircmd.exe killprocess "fastboot.exe"
Goto loop:

Johncoool said:
Thanks for tip.
C# worked but it only ran through a few and then it just stopped. It created a text file and there are around 300k possible codes for this.
The device I am using is Y560-U02 from 2015 running on Kitkat.
I found a 25 sec video for P9 last week. Maybe someone can figure out how they got it to work. It seems to be running on Python program.
https://peertube.fr/videos/watch/d4d47f18-a0ff-4eda-a21e-3f5ec3064c6e
---------- Post added at 06:46 PM ---------- Previous post was at 06:10 PM ----------
I found a way to bypass when it just stops. It is stopping after 16 attempts each time.
I will test my method and then post it here.
It should work for all Windows users.
---------- Post added at 07:30 PM ---------- Previous post was at 06:46 PM ----------
If you go to task manager you will see that it creates a fastboot.exe for each attempt. So Create a batch file with the below code and it will stop all of them on a loop with the time defined. Run it as Administrator to ensure that it works. Time is in seconds
Download the nircmd from the bottom of the below link. I used the not 64 bit one and and extract it then move the exe files to the C:\Windows\system32 folder or edit the script to include the directory you extract the files to.
https://www.nirsoft.net/utils/nircmd.html
-------------------------------------------------------------------------
@Echo off
:Loop
Timeout /T 10
nircmd.exe killprocess "fastboot.exe"
Goto loop:
Click to expand...
Click to collapse
Well in theory, the fastboot.exe files should close automatically after they tried to unlock the bootloader with the given code. Not sure wether this may be dependent from the device youre using.

It seems to be happening on all the devices that are using the C# script.
Even on yours. You mentioned that it is hanging. This is the way to bypass it. It has reached over 30k so far which is over 10%.

Johncoool said:
It seems to be happening on all the devices that are using the C# script.
Even on yours. You mentioned that it is hanging. This is the way to bypass it. It has reached over 30k so far which is over 10%.
Click to expand...
Click to collapse
Well, the funny thing is, the guy in the video also hasn't got it to work, which is not an unexpected result, since it would take decades to do it like he did (he is testing ALL codes from 0 to ?).

Related

Need stock recovery image for Coby 7022 build 20120106

I need a stock recovery image for the Coby Kyros 7022 build 20120106 (previous builds will not work). I tried to flash clockworkmod recovery on my tablet without making a backup of the stock image, only to find that cwm recovery doesn't work with the new build of my tablet. Can anyone give me a stock recovery image for this tablet? Any help would be greatly appreciated!
Same Problem.
I have yet to find a solution since 02/2012.
Maybe you can try this?
stock recovery image for Coby 7022
same probleme right here
Coby 7022 20120106 build
I ended up with no recovery after trying to install clockwork. Recovery didn't work (it bypassed recovery when using the proper keys) and I had no good backup. Flashing older firmware in the 11 2011 timeframe led to boot loops. I've not been able to find a stock Coby 7022 firmware from 20120106. However, I did find another post here regarding a different tablet using the same tcc8803 chipset with the same build date. dub dub dub dxtremeDOTcom.au/forum/viewforum.php?f=15 (remove spaces insert correct www etc...) So I gave it a try. I'm actually able to get the 7022 booted using this firmware and system but the touchscreen is not working, so I'm guessing that driver is not exactly correct.
Completely a noob but wanting to learn. BTW I did not use the FWTool as I read posts this kills the TS
So my ask is, does anyone know of a way to get the drivers for the 7022 build dated 20120106?
---------- Post added at 09:58 AM ---------- Previous post was at 09:51 AM ----------
coolhof said:
Maybe you can try this?
[dub dub dub androidtablets.netSLASHforumSLASHcoby-generation-2/28212-7022-help-cant-restore-2.html#post183680"]stock recovery image for Coby 7022[/URL]
Click to expand...
Click to collapse
This restore didn't work on my system. The 7022 from 20120106 seems to be a rare animal and little info on it yet.
Same problem here, I tried to flash a previous CWM/Stock Recovery and nothing... just bootloop when I try to enter recovery mode. So, does anyone have the stock recovery for the 20120106 build yet? Thank you in advance for the one who can help
20120106 stock lk.rom & MTD file
MostroXxX said:
Same problem here, I tried to flash a previous CWM/Stock Recovery and nothing... just bootloop when I try to enter recovery mode. So, does anyone have the stock recovery for the 20120106 build yet? Thank you in advance for the one who can help
Click to expand...
Click to collapse
After reading a bit, it seems what we need are two files that could be copied off a working stock machine of the proper build date or later. In our case on or after 20120106. The problem for me seems to be the lk.rom file. The ROM I used for the DExtreme pad boots but no touch screen function due to the DExtreme being a 5 touch capacitance screen and the Kyros 7022 being but 2.
There may be other problems with the DExtreme files like the camera being different or even the network adapter but no way of telling without the stock boot file. Anyway, I've resigned myself. My 7022 is a paper weight until I find the stock files.
If anyone comes across this looking to root and clockwork mod your 7022 and it's build date is on or after Jan 6 2012, please stop and use ADB to pull a copy of your stock OS off it first. Not only will you be able to help us out, but you'll be able to restore when things go horribly wrong.
chiefcrewdog said:
After reading a bit, it seems what we need are two files that could be copied off a working stock machine of the proper build date or later. In our case on or after 20120106. The problem for me seems to be the lk.rom file. The ROM I used for the DExtreme pad boots but no touch screen function due to the DExtreme being a 5 touch capacitance screen and the Kyros 7022 being but 2.
There may be other problems with the DExtreme files like the camera being different or even the network adapter but no way of telling without the stock boot file. Anyway, I've resigned myself. My 7022 is a paper weight until I find the stock files.
If anyone comes across this looking to root and clockwork mod your 7022 and it's build date is on or after Jan 6 2012, please stop and use ADB to pull a copy of your stock OS off it first. Not only will you be able to help us out, but you'll be able to restore when things go horribly wrong.
Click to expand...
Click to collapse
Well, I'm expecting another 7022 to arrive next week (kind of a late Mother's day gift), I assume it will be same build, so, I'll try to pull a copy of that unit and see if I can restore it on te semi-dead one. I will post again when it arrives to tell if it worked (or if I have two bricks xD). If it works, I'll upload a copy.
Stock 20120106 Kyros ROM
MostroXxX said:
Well, I'm expecting another 7022 to arrive next week (kind of a late Mother's day gift), I assume it will be same build, so, I'll try to pull a copy of that unit and see if I can restore it on te semi-dead one. I will post again when it arrives to tell if it worked (or if I have two bricks xD). If it works, I'll upload a copy.
Click to expand...
Click to collapse
Any Luck?
chiefcrewdog said:
Any Luck?
Click to expand...
Click to collapse
Neh, It's an international shipment and got delayed. I was supposed to receive it today, but now I'll have to wait 'til monday or tuesday. I'll post when I get them to tell if it worked.
Edit: what I could do was root it. It was quite easy using SuperOneClick, but still no recovery...
chiefcrewdog said:
Any Luck?
Click to expand...
Click to collapse
ehmmm... BAD luck the one that arrived is a previous build (September 2011).
So, for now, we are pretty much screwed :/
I just got a 7022 that has a build date of 20120106. I am new to android so I have no idea what I am doing but if someone gives me step by step instructions I can try to get it off the tablet for you. Good thing I found this forum, I was about to try and root it.
nduke416 said:
I just got a 7022 that has a build date of 20120106. I am new to android so I have no idea what I am doing but if someone gives me step by step instructions I can try to get it off the tablet for you. Good thing I found this forum, I was about to try and root it.
Click to expand...
Click to collapse
That's great!
first, is it rooted, or have you done any MOD?
---------- Post added at 01:05 AM ---------- Previous post was at 12:21 AM ----------
nduke416 said:
I just got a 7022 that has a build date of 20120106. I am new to android so I have no idea what I am doing but if someone gives me step by step instructions I can try to get it off the tablet for you. Good thing I found this forum, I was about to try and root it.
Click to expand...
Click to collapse
1) You need to install the Android SDK, instructions can be found HERE, but basically you need to:
-) Download the .exe and install it
-) Locate the folder where you installed it and run as administrator “SDK Manager.exe”
-) Check (if unchecked) the boxes for SDK Tools, SDK Platform Tools and Google USB Driver Package. You can check any others if you want, but for now, you only need those.
2) You (may) need the specific drivers for the device. You can use the Motorola drivers, which work very nice with the Cobys, you can install the drivers from HERE. Just download and install.
3) You need to root your device, for that, I recommend using SuperOneClick, which can be found HERE. Too root your device:
-) Make sure you have “USB Debugging mode” activated. In your tablet, go to settings -> Applications -> Development and check (if unchecked) the USB Debugging mode.
-) Connect your device to your PC, if it’s the first time you connect it, you need to wait a little while the drivers get configured.
-) When your device is connected and correctly configured, run SuperOneClick as administrator, and click on “Root”. Now wait a little while it gets rooted.
4) Last step, backup recovery image. For this, you’ll need a terminal emulator. You can download “Android Terminal Emulator” from 1mobile.com or any other app market. To do the backup:
-) Open the terminal emulator on your tablet.
-) Request SuperUser Permissions, to do this, write
Code:
su
and hit enter/return, you’ll be asked if you want to grant SuperUser rights to the app Android Terminal Emulator, click “Allow”.
-) Write this line and hit enter/return:
Code:
dd if=/dev/mtd/mtd6 of=/sdcard/recovery.img bs=4096
-) Now, a file named “recovery.img” should be automatically created on your /sdcard folder. THAT, my friend, is the file we so desperately need to revive our tablets, now zip it and uploaded to any server. (Please )
Now that you are rooted, you can do things such as installing the Google apps. There are a lot of tutorials over the internet, but, let me know if you have any trouble so I can help you
WARNING: Don’t, I repeat DON’T try to install ClockWorkMod using ANY of the tutorials found over the internet. Those tutorials work ONLY for builds previous to 20110106, and if you try to do it on your device, you are going to semi-brick it (just like we did xD).
I just got it as a replacement under warranty today and have not done anything to it. I am busy studying for finals now but when I get a chance(prob friday morning) I will follow the steps and upload the recovery.img file
nduke416 said:
I just got it as a replacement under warranty today and have not done anything to it. I am busy studying for finals now but when I get a chance(prob friday morning) I will follow the steps and upload the recovery.img file
Click to expand...
Click to collapse
Well, no problem. If you do that we'll be EXTREMELY thankful
This might be a stupid question but bear with me, I don't know anything about this. Does personal info get stored on the recovery.ing file? Should I remove apps like the amazon app store or other ones that I have to log in with?
Old build no bueno...
MostroXxX said:
ehmmm... BAD luck the one that arrived is a previous build (September 2011).
So, for now, we are pretty much screwed :/
Click to expand...
Click to collapse
Bleh
---------- Post added at 04:51 PM ---------- Previous post was at 04:46 PM ----------
MostroXxX said:
That's great!
first, is it rooted, or have you done any MOD?
---------- Post added at 01:05 AM ---------- Previous post was at 12:21 AM ----------
1) You need to install the Android SDK, instructions can be found HERE, but basically you need to:
-) Download the .exe and install it
-) Locate the folder where you installed it and run as administrator “SDK Manager.exe”
-) Check (if unchecked) the boxes for SDK Tools, SDK Platform Tools and Google USB Driver Package. You can check any others if you want, but for now, you only need those.
2) You (may) need the specific drivers for the device. You can use the Motorola drivers, which work very nice with the Cobys, you can install the drivers from HERE. Just download and install.
3) You need to root your device, for that, I recommend using SuperOneClick, which can be found HERE. Too root your device:
-) Make sure you have “USB Debugging mode” activated. In your tablet, go to settings -> Applications -> Development and check (if unchecked) the USB Debugging mode.
-) Connect your device to your PC, if it’s the first time you connect it, you need to wait a little while the drivers get configured.
-) When your device is connected and correctly configured, run SuperOneClick as administrator, and click on “Root”. Now wait a little while it gets rooted.
4) Last step, backup recovery image. For this, you’ll need a terminal emulator. You can download “Android Terminal Emulator” from 1mobile.com or any other app market. To do the backup:
-) Open the terminal emulator on your tablet.
-) Request SuperUser Permissions, to do this, write
Code:
su
and hit enter/return, you’ll be asked if you want to grant SuperUser rights to the app Android Terminal Emulator, click “Allow”.
-) Write this line and hit enter/return:
Code:
dd if=/dev/mtd/mtd6 of=/sdcard/recovery.img bs=4096
-) Now, a file named “recovery.img” should be automatically created on your /sdcard folder. THAT, my friend, is the file we so desperately need to revive our tablets, now zip it and uploaded to any server. (Please )
Now that you are rooted, you can do things such as installing the Google apps. There are a lot of tutorials over the internet, but, let me know if you have any trouble so I can help you
WARNING: Don’t, I repeat DON’T try to install ClockWorkMod using ANY of the tutorials found over the internet. Those tutorials work ONLY for builds previous to 20110106, and if you try to do it on your device, you are going to semi-brick it (just like we did xD).
Click to expand...
Click to collapse
nduke416 said:
This might be a stupid question but bear with me, I don't know anything about this. Does personal info get stored on the recovery.ing file? Should I remove apps like the amazon app store or other ones that I have to log in with?
Click to expand...
Click to collapse
Will the recovery img work or do we need complete lk.rom and mtds.rom? I was thinking the latter/ You can use ADB to get these files? Still pretty much a noob myself, otherwise I wouldn't be using my 7022 as a coaster.
well I think I did everything right. let me know if this didn't work. link to recovery.img below
depositfiles.com/files/tc8gfx8hr
chiefcrewdog said:
Bleh
---------- Post added at 04:51 PM ---------- Previous post was at 04:46 PM ----------
Will the recovery img work or do we need complete lk.rom and mtds.rom? I was thinking the latter/ You can use ADB to get these files? Still pretty much a noob myself, otherwise I wouldn't be using my 7022 as a coaster.
Click to expand...
Click to collapse
For the recovery, no. You just need to reflash the stock recovery using fastboot. Let's see if this works...
---------- Post added at 01:04 AM ---------- Previous post was at 01:01 AM ----------
nduke416 said:
This might be a stupid question but bear with me, I don't know anything about this. Does personal info get stored on the recovery.ing file? Should I remove apps like the amazon app store or other ones that I have to log in with?
Click to expand...
Click to collapse
Negative, the recovery.img file contains only information about the recovery partition, which is used mostly to restor the tablet to factory defaults
---------- Post added at 01:16 AM ---------- Previous post was at 01:04 AM ----------
IT WORKS!!!! IT FREAKING WORKS!!!
Dude, nduke416, thank you VERY MUCH. You have definitely provided a solution no one did. So, again thank you very much!!!!
for chiefcrewdog:
to reflash it, you just need to enter fastboot mode in your tablet (power + vol down), copy the recovery.img file to your platform-tools directory on your android sdk folder and from there on a cmd:
Code:
fastboot flash recovery recovery.img
and that's it, you have your recovery back on your 7022!!
nduke416 said:
well I think I did everything right. let me know if this didn't work. link to recovery.img below
depositfiles.com/files/tc8gfx8hr
Click to expand...
Click to collapse
Man, is there a possibility you could upload a backup of the boot.img too? the procedure is the same, just changing the dd command to:
Code:
dd if=/dev/mtd/mtd0 of=/sdcard/boot.img bs=4096
I could really appreciate it, that way there is the possibility to have custom ROMs on our builds
Thank you!

[ROOT] Nexus 7 Root

I have the IO version of Nexus 7 for the next 12 hours.
Anyways, I've tried most of Nexus 7 root scripts including latest Transformer Prime, Amazon Kindle, etc...etc...
The main problem with jellybeans is that root cannot be attained through /data/local as you cannot move /data/local/tmp directory as most ICS root scripts can do.
Fastest way would be to build a ClockworkMod Recovery then flash supersu zip files. But I do not have the skills to do that, but I do have the device.
If anyone needs adb pull, let me know and also let me know how to do it.
reserved
reserved for root tomorrow hopefully, i will post some funny lol photos here.
Nexus7 root
Hi, long time no write this forum.
I uploaded root kit for Jelly beans.
you can download shell script and archives to do it.
twitter
@goroh_kun
JellyBeanGetroot.zip
https://t.co/c732G7CM
This is only for developers who can read shell script, and understand
what the script doing. It's not so difficult to understand ;-) .
---------- Post added at 07:16 PM ---------- Previous post was at 06:37 PM ----------
If anyone joinig the Google I/O 2012, I can help you to get root with your Nexus7 / GalaxyNexus(JB ver.). I'm in SF now. ( I don't need donation, but wanna be friend in same hobby !)
Thanks bud, trying this now!!! YOU ROCK!!!
goroh_kun said:
Hi, long time no write this forum.
I uploaded root kit for Jelly beans.
you can download shell script and archives to do it.
twitter
@goroh_kun
JellyBeanGetroot.zip
https://t.co/c732G7CM
This is only for developers who can read shell script, and understand
what the script doing. It's not so difficult to understand ;-) .
---------- Post added at 07:16 PM ---------- Previous post was at 06:37 PM ----------
If anyone joinig the Google I/O 2012, I can help you to get root with your Nexus7 / GalaxyNexus(JB ver.). I'm in SF now. ( I don't need donation, but wanna be friend in same hobby !)
Click to expand...
Click to collapse
(神) what is called GOD  :good:
script
The script didn't work so I am looking into Saurik's exploit:
https://github.com/saurik/mempodroid
If someone can just figure out how to find the offset for exit() and sysresuid() we pretty much have ROOT!
Can anyone tell me how I can find this?
Unn? I tried with newest firmware(JRN84D). and I can see # prompt in command line,
when I use "adb shell".
here is the log of the tool.
http://pastebin.com/Fka5h427
the exploit which used by mempodroid is already fixed. you can't use this tool.
thanks
Looks like somebody may have a solution over at RootzWiki... I can't post a link yet, but look for "pain in the root-n7 root" in the N7 development section.
I have no way to verify if it works... Hope this helps.
Here you go:
http://rootzwiki.com/topic/28585-cwmeasyroot-nexus-7/
jcracken said:
Here you go:
Thanks for the help! And glad you found their updated post. I noticed after I posted the name of the RootzWiki post it was already old news...
Click to expand...
Click to collapse
THANK YOU!
This is awesome, works great.
EDIT: The linked method on RootzWiki, that is. Didn't try anything else before.
DOUBLE EDIT: I can confirm that it also works on Jelly Bean on my Galaxy Nexus.
Attempted while at I/O
Download: goo.im/devs/birdman/CWM-grouper-recovery.img
After oem unlocking and rebooting....
Quote
fastboot flash recovery CWM-grouper-recovery.img
reboot immediately to recovery
to keep cwm perm:
- mount system
- adb shell
- cd /system
- mv recovery-from-boot.p recovery-from-boot.bak
for root, flash this - static.clockworkmod.com/developer/3654/3095/JB-SuperSU.zip​
I'm here at I/O on the 2nd floor trying to root both of my mobile devices. IU followed these instructions (but doing a "fastboot oem unlock" first) but after I do the flash the CWM-grouper-recovery, I volume over to "Recovery mode" on my Galaxy Nexus and select it, it reboots to a "Google" screen and just sits there forever. I've tried a few variations on the loose instructions but never with any success. Sorry if I'm missing some n00b step.
Update:
It helps if you do a "fastboot erase recovery" before flashing.
CWM-grouper-recovery.img works well for the Nexus 7 once you understand that it is touch driven. I was silly and kept using the volume rocker and power key like the old-school CWMs.
On the Galaxy Nexus S, cwm_touch_alpha2_maguro.img is the go to CWM after you've rooted. On both the "JB-SuperSU.zip" works perfectly.
zedomax said:
The script didn't work so I am looking into Saurik's exploit:
https://github.com/saurik/mempodroid
If someone can just figure out how to find the offset for exit() and sysresuid() we pretty much have ROOT!
Can anyone tell me how I can find this?
Click to expand...
Click to collapse
Now that we have the kernel source from here https://github.com/drewis/android_kernel_grouper
it looks like they have a patch in place to block zx2c4's exploit (Saurik implemented it for us, but I would still attribute it to zx2c4). It appears to be the same quick fix that was implemented on the Transformer Prime.
You can read about the original exploit here http://blog.zx2c4.com/749
sparkym3 said:
Now that we have the kernel source from here https://github.com/drewis/android_kernel_grouper
it looks like they have a patch in place to block zx2c4's exploit (Saurik implemented it for us, but I would still attribute it to zx2c4). It appears to be the same quick fix that was implemented on the Transformer Prime.
You can read about the original exploit here http://blog.zx2c4.com/749
Click to expand...
Click to collapse
So this is a security patch?
sparksco said:
So this is a security patch?
Click to expand...
Click to collapse
I'm not sure what your question is exactly, but I will still try and answer. In the new kernel that is being used on the Nexus 7, it includes a patch to block the exploit that we being referred to in that post.
I've made a guide on the forum that has worked for others. I do not see why you are all trying to find an exploit and such. It was pretty straight forward. Did it to mine, all three of my friends the third day of the conference.
http://forum.xda-developers.com/showthread.php?t=1741395
FadedLite said:
I've made a guide on the forum that has worked for others. I do not see why you are all trying to find an exploit and such. It was pretty straight forward. Did it to mine, all three of my friends the third day of the conference.
http://forum.xda-developers.com/showthread.php?t=1741395
Click to expand...
Click to collapse
The post about mempodroid was prior to anyone rooting by unlocking and flashing. I just wanted the knowledge out there that the exploit he was referring to had been patched.
Also, for some of us it is the fun of looking for those types of things and it will ultimately help secure the system in the future, as the found exploits are fixed.
When rooted can you still get OTA updates from google? Someone on here mentioned an app that let's u switch between rooting and unrooting to allow updates is that right?
Sent from my HTC One S using xda app-developers app

[ROM][Deprecated]Lenovo Vibe Z - Rooted + Google Apps

Well, some of you might have had the same urge to buy one of these little wonder with almost the same data sheet than a LG G2 but with a Dual SIM functionality and at a much smaller price. If you are one of these crazy people that ordered their in China just like me, you might have the same disappointment that I felt when I finally received mine: the advertised SD Card slot is just a fantasy and all Google apps have been replaced by their Baidu counterparts. If the English language is indeed present in the Operating System, none of the installed application seems to understand this language. If you just don't speak Chinese just like me, you might end up wondering why on earth you bought a smartphone destined to Chinese people.
So I decided to turn this frustration into something positive and succeeded so I'm happy to bring you my home cooked ROM for the Lenovo K910. But first of all, the usual disclaimer:
Disclaimer
Don't hold me responsible if you brick your phone. This method have been successfully tested on mine but this is no guarantee for yours. You should obviously always have a backup of your data at all time if you're willing to install this ROM (or any other).
Safety measures
Like most Android phones, the Lenovo Vibe Z have many possibilities of recovery. I would advise you to be ready to apply at least this one:
Download the QSB file of your ROM (for example, mine is K910_SS_S_2_040_0039_131101.qsb). Google will point you to a Baidu site where it is downloadable
Put it in the folder /sdcard/SDFUSE/
Shut down your phone
Hold Volume Down and Power button for a few seconds
You end up in a menu with a "SD Card Update" entry. Move down to this entry using the Volume Down button then press ENTER or power button.
Make sure your ROM is available in the list
Cancel and reboot
If your QSB file is visible in the list, you should be pretty safe. If anything goes wrong, use the same method but apply the upgrade this time. Note that this method overwrite everything included your applications, SD Card, ...
What it is
The ROM I'm offering is:
An extract from K910_SS_S_2_040_0039_131101.qsb
Applying only to your system partition (your applications and data should be safe)
Rooted
Busybox-ed
Grossly freed from most vendor applications
Replaced by Google applications
What it is NOT
This was already some work to figure out how to reach that goal so it is not:
Bug free (I have at least observed a strange display glitch for the network icons which turn standard blue instead of Lenovo's white one)
A multi-language ROM
A ROM build from scratch like MIUI, Cyanogenmod, ...
A custom recovery (though this might come in a later stage)
...
Prerequisite
You should have installed:
K910 ADB Driver (available on the CD that appear when you connect the device)
ADB
Fastboot
Just check that your USB debug mode is enabled (in the USB Access Mode menu).
In any of these prerequisite is an issue for you, I'm ready to explain you further but you should also wonder if you are ready to go further because if anything goes wrong, you won't be able to properly act.
The installation
OK, enough talking, now some action. It is pretty simple actually:
Download the ROM and un-7zip it (mirroring in progress)
Reboot your phone in bootloader mode. Therefore, open a command prompt (no matter which OS you're using) and type:
Code:
adb reboot-bootloader
Now your phone is displaying the Lenovo logo
Check that you can access the system
Code:
fastboot devices
If fastboot just return displaying nothing, you might have to run in Administrator/root mode. Under Linux, I had to use sudo.
Unlock the bootloader (this should wipe all your data if it wasn't unlocked previously):
Code:
fastboot oem unlock
Flash the system:
Code:
fastboot flash system <path-to-file>system.img
Reboot:
Code:
fastboot reboot
That's all folks ! After your phone restarts, you should be able to use Google applications (though not all of them are there, at least the Play Store is allowing you to install the others).
What's next ?
I hope to be able to free some time to achieve these next steps:
Publish the script I wrote to extract content from Lenovo QSB files
Apply the same method to the last upgrade (K910_SS_S_2_040_0078_131203 ?). If you are lucky enough to have this version please contact me to see if you can provide the QSB file.
See if I can cook a custom recovery.
This is probably my very first participation to the community so I'll accept any comments as long as they are constructive :good:
Thanks!!!!!
Thank you so much, I'm crazy because I get the phone and to try, where is the link to download please??
Thanks again, you can post pictures?
---------- Post added at 04:44 PM ---------- Previous post was at 04:35 PM ----------
Another important question ... How did you rooteado?
What program did you use?
Thanks.
All need you help please.
I'll need just a few more hours since my upload just missed (I'm not sure why it only uploaded 437 Mb on the 659 Mb)
It will be for the first hours of 2014 (at least for me).
csu333 said:
I'll need just a few more hours since my upload just missed (I'm not sure why it only uploaded 437 Mb on the 659 Mb)
It will be for the first hours of 2014 (at least for me).
Click to expand...
Click to collapse
Thank you very much for your work, but you can tell us how you got to be root??
sakilxda said:
Thank you very much for your work, but you can tell us how you got to be root??
Click to expand...
Click to collapse
Probably in the most complicated way possible: I extracted the system partition from the upgrade file, mounted it in my Linux, put all the needed files and authorization then flashed it on my device.
I confirm that the file is now available but I need a few more messages before I can add the link. In the meanwhile, I can send it privately.
csu333 said:
Probably in the most complicated way possible: I extracted the system partition from the upgrade file, mounted it in my Linux, put all the needed files and authorization then flashed it on my device.
I confirm that the file is now available but I need a few more messages before I can add the link. In the meanwhile, I can send it privately.
Click to expand...
Click to collapse
Sure I get it, I also took little time here and leaves add links.
You could pass it private?
With your permission I'll share it on other sites of course directing people to this thread so they can see their creator and comment.
In several HTCMania we are waiting to receive the phone and while we're compiling everything.
Root on many threads where people are wanting to get and so far you're the only one.
I await your email with the link partner, and with your permission I'll share. A greeting.
sakilxda said:
Sure I get it, I also took little time here and leaves add links.
You could pass it private?
With your permission I'll share it on other sites of course directing people to this thread so they can see their creator and comment.
In several HTCMania we are waiting to receive the phone and while we're compiling everything.
Root on many threads where people are wanting to get and so far you're the only one.
Click to expand...
Click to collapse
As long as you don't ask money for it, feel free to share this as much as you want. My goal is sharing !
You should have received the link in the meanwhile. I'm also busy trying to mirror it on AndroidFileHost but it failed last time so just wait and see.
Latest ROM version release notes
By the way, here are the release notes of the next ROM (K910_SS_S_2_040_0078_131203).
What Google translate by:
Recommend
* Expand the system partition, a number of bug fixes
Update log
System
* Expand the system partition to 1.5G
* Boot and recovery signature added to the system
Show
* Fixed shutdown problem dialog scene mode switching
* Modify profile English translation error
* Adjust section shows the layout
Camera
* Pre-correction first picture black beauty
Click to expand...
Click to collapse
This means that next upgrade will most probably erase all the content of your phone (again) included your data and internal SD Card. This also means that flashing the first version of my custom ROM will make you "lose" 500 Mb, at least until a release based on the latest version of Lenovo's original ROM.
This also mean that:
Next Custom ROM upgrade won't be applicable to the not upgraded phone (you would be certain of bricking your phone)
You will lost 500 Mb worth of storage on your non expandable device
This isn't all good news ...
csu333 said:
As long as you don't ask money for it, feel free to share this as much as you want. My goal is sharing !
You should have received the link in the meanwhile. I'm also busy trying to mirror it on AndroidFileHost but it failed last time so just wait and see.
Click to expand...
Click to collapse
Thank you very much for sharing, of course I will not ask for money and in forums where I am at all costs to visit this thread.
csu333 said:
By the way, here are the release notes of the last ROM (K910_SS_S_2_040_0078_131203):
What Google translate by:
This means that next upgrade will most probably erase all the content of your phone (again) included your data and internal SD Card. This also means that flashing the first version of my custom ROM will make you "lose" 500 Mb, at least until a release based on the latest version of Lenovo's original ROM.
This also mean that:
Next Custom ROM upgrade won't be applicable to the not upgraded phone (you would be certain of bricking your phone)
You will lost 500 Mb worth of storage on your non expandable device
This isn't all good news ...
Click to expand...
Click to collapse
They are not good news. but I honestly what I need are 3 things:
1 Language Spanish, but we already you can not imagine not doing anything?
2 Root, to be able to use apps like Titanium Backup, Root Explorer, etc..
3 Very importantly, GAPPS (Play Store, Gmail), but of course in Spanish or English.
Your Rom has 2 I need and it is very important to me and very many users, it is a great job and the first to do so was you.
I do not mind losing 500mb, but I worry that the next official update is dangerous for us.
Thank you very much for sharing the link. If you write more answers in this thread at XDA have permission to put the link publicly, I think the requirement is 10 responses and almost have them.
---------- Post added at 12:28 PM ---------- Previous post was at 12:11 PM ----------
Apply the same method to the last upgrade (K910_SS_S_2_040_0078_131203). If you are lucky enough to have this version please contact me to see if you can Provide the QSB file.
You control by private (Because here I can not yet) a link to the version you want, I found on google, as I said I have not tested, I hope that this can do wonders lol
I also hope that I root Gapps and either Spanish or English: D
sakilxda said:
They are not good news. but I honestly what I need are 3 things:
1 Language Spanish, but we already you can not imagine not doing anything?
2 Root, to be able to use apps like Titanium Backup, Root Explorer, etc..
3 Very importantly, GAPPS (Play Store, Gmail), but of course in Spanish or English.
Click to expand...
Click to collapse
The few post I read about this are telling that it is close to impossible but I installed morelocale 2 on mine and it does add my language in the application that supports it.
Root is probably my top priority so it will stay available in the future releases
Play Store and GMail are present in the ROM and if you install morelocale 2, it will be in Spanish
sakilxda said:
You control by private (Because here I can not yet) a link to the version you want, I found on google, as I said I have not tested, I hope that this can do wonders lol
I also hope that I root Gapps and either Spanish or English: D
Click to expand...
Click to collapse
This is the link on Baidu I also found but for some reason, I can't flash it on my device so I can't cook it properly. I have to be able to flash it first
csu333 said:
The few post I read about this are telling that it is close to impossible but I installed morelocale 2 on mine and it does add my language in the application that supports it.
Root is probably my top priority so it will stay available in the future releases
Play Store and GMail are present in the ROM and if you install morelocale 2, it will be in Spanish
This is the link on Baidu I also found but for some reason, I can't flash it on my device so I can't cook it properly. I have to be able to flash it first
Click to expand...
Click to collapse
Of course, the priority is Root.
About the Gapps in Spanish or Englis, the could include a patch?
If not, do not worry that you use MoreLocale2.
I'll try to find more links ... it's a shame it does not work ...
The good news with root access is that you can do a lot of crazy things. For example, I'm starting to understand why it is so hard to get this upgrade thanks to a network dump:
Code:
POST /reaper/server/config2 HTTP/1.1
Host: fsr.lenovomm.com
Content-Length: 131
Content-Type: text/plain; charset=ISO-8859-1
Connection: Keep-Alive
User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)
Config.2.1.2.imei.8628720201xxxxxxxxxxxxx
HTTP/1.1 503 Service Unavailable: [B][COLOR="Red"]Back-end server is at capacity[/COLOR][/B]
Content-Length: 0
Connection: keep-alive
That said, I'm sick of coming close to the end and receiving a connection time out
Patience friend, I do not really understand how you could do, but I'm sure you will. Good luck ...
sakilxda said:
Patience friend, I do not really understand how you could do, but I'm sure you will. Good luck ...
Click to expand...
Click to collapse
If I have latest version K910_SS_S_2_040_0109_131226 installed via ota update and push this system.img from previous version it's ok?
Really apreciate your work and hoping to be able to support you anyway. Keep working ! Respect.
katalinscrob said:
If I have latest version K910_SS_S_2_040_0109_131226 installed via ota update and push this system.img from previous version it's ok?
Really apreciate your work and hoping to be able to support you anyway. Keep working ! Respect.
Click to expand...
Click to collapse
This should work since the system it pretty much self contained but since I haven't tested it, I really can't be sure. Furthermore, this is a downgrade of your system.
If you have this version, could you check if you still have the image on your sdcard? This could be in folder /sdcard/lenovoota.
csu333 said:
This should work since the system it pretty much self contained but since I haven't tested it, I really can't be sure. Furthermore, this is a downgrade of your system.
If you have this version, could you check if you still have the image on your sdcard? This could be in folder /sdcard/lenovoota.
Click to expand...
Click to collapse
ok, here's the deal:
1. I tried to push system.img but no working, adb respond "failed: targed locked".
2. I don't have the ota file anymore BUT I have the K910_SS_S_2_040_0109_131226.qsb file. I poot this one in sdfuse folder and updated already before starting procedure with adb from above as you described, no problem just flashed it, btw it wipes everything.
So, my opinions:
1. Locked target issue could be determined by the bootloader beeing locked? Don't we need to unlock it somehow?
2. Can you reinsert root and gapps in this newer version K910_SS_S_2_040_0109_131226.qsb file?
3. How do you decompiled .qsbfile ?
Waiting for your feedback asap.
Respect.
Obs:
- we can use android-aio-flasher just to substitute from working with cmd commands... just sayin', works for me.
- reboot in recovery command doesn't work, just adb reboot bootloader, then lenovo logo appears.
- correct command for pushing system.img is adb fastboot flash system path to system.img.
katalinscrob said:
ok, here's the deal:
1. I tried to push system.img but no working, adb respond "failed: targed locked".
Click to expand...
Click to collapse
Just to be sure, is it an answer from adb or fastboot?
katalinscrob said:
2. I don't have the ota file anymore BUT I have the K910_SS_S_2_040_0109_131226.qsb file. I poot this one in sdfuse folder and updated already before starting procedure with adb from above as you described, no problem just flashed it, btw it wipes everything.
Click to expand...
Click to collapse
This is great news! Do you have any way of posting ithe QSB somewhere?
katalinscrob said:
So, my opinions:
1. Locked target issue could be determined by the bootloader beeing locked? Don't we need to unlock it somehow?
Click to expand...
Click to collapse
I had nothing to do but I did restart a few time with a custom boot.img that I never actually flashed. Maybe this helped?
katalinscrob said:
2. Can you reinsert root and gapps in this newer version K910_SS_S_2_040_0109_131226.qsb file?
Click to expand...
Click to collapse
I sure will!
katalinscrob said:
3. How do you decompiled .qsbfile ?
Click to expand...
Click to collapse
I wrote a script for that purpose. I have to clean it a bit before I can publish it but I'll definitely do it.
katalinscrob said:
Obs:
- we can use android-aio-flasher just to substitute from working with cmd commands... just sayin', works for me.
- reboot in recovery command doesn't work, just adb reboot bootloader, then lenovo logo appears.
- correct command for pushing system.img is adb fastboot flash system path to system.img.
Click to expand...
Click to collapse
You are right. I didn't know about android-auto-flasher, probably because I'm running Linux (which made my task easier to cook the ROM since the system partition can be mourned like any other).
I edited my first post with your correction and the link since I have now 10 messages on the board !
Well who are finding out that important things. Hopefully soon have new developments. I keep watching your work. I hope that more and more we are, I have put in all the sites I've found this link for more developers to come.
csu33 said:
This is great news! Do you have any way of posting ithe QSB somewhere?
Click to expand...
Click to collapse
I have it. please contact me in PM

(needed) Developer willing to port custom recovery to the galaxy tab 4 8.0

Hi there are a few version of the Galaxy Tab 4 8.0 that have no support for a custom recovery.
Source files have been found and are ready to be worked with.
The devices we would like to bring support to are the:
T330NU source file:
http://www.4shared.com/zip/UG28maH2ce/SM-T330NU_NA_KK_Opensource.html
T335K source file:
http://www.4shared.com/zip/9Y4qzw1zce/SM-T335K_KK_Opensource.html
T335L source file:
http://www.4shared.com/zip/nZ4xmfNgba/SM-T335L_KK_Opensource.html
T337a source file:
http://www.4shared.com/zip/21kf9dZYce/SM-T337A_NA_KK_Opensource.html
Boot.img dumped from device T330NU:
http://www.4shared.com/file/nOAtJQbCba/boot.html
Recovery.img dumped from device T330NU:
http://www.4shared.com/file/mSkFIM0Bce/recovery.html
If ANYONE is willing or knows someone who could be willing to port a custom recovery to these devices it would be greatly appreciated if you could pass on the message and spread the word. If we all do work together we should be able to get this done.
There are many people who are willing to test the final work. Thanks in advance.
Hey, I am dedicated to get a recovery for this device also. I am pretty good with computers but have never worked on a recovery project. I do have Linux and can help if needed on anything.
There should be a guide on xda
smknutson said:
There should be a guide on xda
Click to expand...
Click to collapse
I tried recovery builder but had no luck. Was not able to download files after building. Says build has been queud or something like that. Was having trouble getting the stock recovery img off of the phone.
Leonidas87 said:
I tried recovery builder but had no luck. Was not able to download files after building. Says build has been queud or something like that. Was having trouble getting the stock recovery img off of the phone.
Click to expand...
Click to collapse
I have my stock recovery.img if needed
pre4speed said:
I have my stock recovery.img if needed
Click to expand...
Click to collapse
Which Galaxy tab version do you have?
And have did you extract your stock recovery img?
Leonidas87 said:
Which Galaxy tab version do you have?
And have did you extract your stock recovery img?
Click to expand...
Click to collapse
I have the 337a and yup pulled recovery.img and boot.img
pre4speed said:
I have the 337a and yup pulled recovery.img and boot.img
Click to expand...
Click to collapse
My last message had a spelling mistake sorry about that. How did you pull those files tho? I've been having trouble on this device
Leonidas87 said:
My last message had a spelling mistake sorry about that. How did you pull those files tho? I've been having trouble on this device
Click to expand...
Click to collapse
In terminal, type su dd if=/dev/emmc/"boot partition" of=/sdcard/recovery.img
I think you need to enter after su. It will save it to your sd. This is assuming root. You enter your boot partition in the quotes. Use this to find your partitions.
https://play.google.com/store/apps/details?id=com.cls.partition
pre4speed said:
In terminal, type su dd if=/dev/emmc/"boot partition" of=/sdcard/recovery.img
I think you need to enter after su. It will save it to your sd. This is assuming root. You enter your boot partition in the quotes. Use this to find your partitions.
https://play.google.com/store/apps/details?id=com.cls.partition
Click to expand...
Click to collapse
Thanks for the help I think I understand. I have terminal ready and the app installed. Just not sure which partition is the one to fill in the quotations in the terminal.
I'm attaching pictures if that helps.
Also I'm sure I do not include the actual quotes when typing in terminal just to save myself from confusion. I do have root by the way
UPDATE:
THESE PICTURE WERE FOR MY GALAXY NOTE 3 DISRAGAURD THESE PHOTOS. My mistake I was on my phone when I read the message and tried to jump right into it
THERE ARE THE PHOTOS FROM MY GALAXY TAB 4.
These would be the correct locations I need clarification so I know which ones are boot and recovery for pulling/extracting in terminal.
These two represent your recovery and boot partitions. So in the quotes you'll put the mmcblk0p15 for recovery.img.
I found that pulling the recovery is that exact code, whereas pulling the boot was a different code, but found easily on the internet. I got the recovery easy, the boot was a little more work, but did get it.
pre4speed said:
These two represent your recovery and boot partitions. So in the quotes you'll put the mmcblk0p15 for recovery.img.
I found that pulling the recovery is that exact code, whereas pulling the boot was a different code, but found easily on the internet. I got the recovery easy, the boot was a little more work, but did get it.
Click to expand...
Click to collapse
Think I am not typing it exactly how it needs to be. Even tried copy and pasting. So close but yet so far lol. I really think we have all been making progress the last few days. This would help if I could get it to work. Would be useful and handy to have a backup for each device variation.
Pic did not upload for me the first time. Backup did not work yet. I must be typing or copy and pasting wrong
I'm trying to remember how I did it. I believe you open terminal, type su then press enter, then type the rest. Let me do it again and see what my steps were.
---------- Post added at 01:26 PM ---------- Previous post was at 01:13 PM ----------
Ok, I'm sorry. The code I gave you is actually for the boot.img not recovery. Here is the right code. Sorry again.
Type it exactly as I did and you'll find the backup on your sdcard (not external). I actually found the correct code in the 7.7" tab thread. Lol http://forum.xda-developers.com/showthread.php?t=1540641
pre4speed said:
I'm trying to remember how I did it. I believe you open terminal, type su then press enter, then type the rest. Let me do it again and see what my steps were.
---------- Post added at 01:26 PM ---------- Previous post was at 01:13 PM ----------
Ok, I'm sorry. The code I gave you is actually for the boot.img not recovery. Here is the right code. Sorry again.
Type it exactly as I did and you'll find the backup on your sdcard (not external). I actually found the correct code in the 7.7" tab thread. Lol http://forum.xda-developers.com/showthread.php?t=1540641
Click to expand...
Click to collapse
I'm just out right now but will give it a try as soon as I get home. Thanks again much help. Will report back.
Leonidas87 said:
I'm just out right now but will give it a try as soon as I get home. Thanks again much help. Will report back.
Click to expand...
Click to collapse
Ok I have got both recovery and boot.img backed up/pulled. Finally lol thanks a lot
I think we have most of the necessary files to get the job done. If you say you have got you boot.img and recovery backed up and so do I. We have source files also. All we need now is for the recovery to be compiled. For a skilled experienced developer to finish up what we started probably would not be too hard. If only we had someone to really take the time with us with some of the next key steps. I am looking up guides and resources all over the Internet but nothing concrete to get the job done ?
Leonidas87 said:
I think we have most of the necessary files to get the job done. If you say you have got you boot.img and recovery backed up and so do I. We have source files also. All we need now is for the recovery to be compiled. For a skilled experienced developer to finish up what we started probably would not be too hard. If only we had someone to really take the time with us with some of the next key steps. I am looking up guides and resources all over the Internet but nothing concrete to get the job done ?
Click to expand...
Click to collapse
Yeh, I hear that. Like I said before, I've got my buddies looking at it, but these devices that they don't own aren't a priority for them. I don't feel right bugging them about it every day. I'll see if there's anything I can find. I'm not a developer and get lost with code, but guides I can help to find if you have the build environment.
http://rootzwiki.com/topic/23903-how-to-compile-twrp-from-source/
http://forum.xda-developers.com/showthread.php?t=1943625
I am so lost with all that[emoji30]
Leonidas87 said:
Hi there are a few version of the Galaxy Tab 4 8.0 that have no support for a custom recovery.
If ANYONE is willing or knows someone who could be willing to port a custom recovery to these devices it would be greatly appreciated if you could pass on the message and spread the word. If we all do work together we should be able to get this done.
There are many people who are willing to test the final work. Thanks in advance.
Click to expand...
Click to collapse
if you are able to install an omnirom build environment on linux i will make you a local_manifest and show how to build.

Possible root method?

I just came across this possible root method while searching for one on the Fire 8. It's dated for April 4 so it's recent. Though it's for 5.3.2.1, if it does work, maybe can be modified for 5.3.3.0?
https://www.quora.com/How-do-I-root-Kindle-Fire-HD-8-6th-Gen-2016
I'm on my tablet so can't copy and paste the steps. If someone else could?
DragonFire1024 said:
I just came across this possible root method while searching for one on the Fire 8. It's dated for April 4 so it's recent. Though it's for 5.3.2.1, if it does work, maybe can be modified for 5.3.3.0?
https://www.quora.com/How-do-I-root-Kindle-Fire-HD-8-6th-Gen-2016
I'm on my tablet so can't copy and paste the steps. If someone else could?
Click to expand...
Click to collapse
How interesting. I wonder if it will work on the earlier firmware versions too like 5.3.1.0 and 5.3.1.1. That way, don't have to mess with Kingoroot and anything that was put in there that will help the Chinese cyber-attack capability..lol. I'm on 5.1.1, but I'm too lazy to wipe it and try it..maybe later. Unless someone else wants to give it a go?
As far as I know, no root exists for 5.3.3.0. Alexa is a whore.
smokejumper76 said:
How interesting. I wonder if it will work on the earlier firmware versions too like 5.3.1.0 and 5.3.1.1. That way, don't have to mess with Kingoroot and anything that was put in there that will help the Chinese cyber-attack capability..lol. I'm on 5.1.1, but I'm too lazy to wipe it and try it..maybe later. Unless someone else wants to give it a go?
As far as I know, no root exists for 5.3.3.0. Alexa is a whore.
Click to expand...
Click to collapse
I may give it a go. I don't stand to lose anything really. I'm working on a project at the moment regarding Wireless Display (Miracast) though and I don't want to lose any of that so I have to make a back up. No root is supposed to exist for 5.3.2.1 either
DragonFire1024 said:
I may give it a go. I don't stand to lose anything really. I'm working on a project at the moment regarding Wireless Display (Miracast) though and I don't want to lose any of that so I have to make a back up. No root is supposed to exist for 5.3.2.1 either
Click to expand...
Click to collapse
Note there have been reports 5.3.3.0 can be rolled back to 5.3.2.1 on the 5th gen Fire. Not sure if this also applies to 6th gen HD 8. Typically a failed/invalid rollback results in a non-recoverable brick; not something to mess around with lightly.
---------- Post added at 08:40 PM ---------- Previous post was at 08:33 PM ----------
DragonFire1024 said:
I just came across this possible root method while searching for one on the Fire 8. It's dated for April 4 so it's recent. Though it's for 5.3.2.1, if it does work, maybe can be modified for 5.3.3.0?
https://www.quora.com/How-do-I-root-Kindle-Fire-HD-8-6th-Gen-2016
I'm on my tablet so can't copy and paste the steps. If someone else could?
Click to expand...
Click to collapse
Don't get your hopes up. This is a generic tool that lacks favorable references (recent or otherwise) in trusted Android communities. Good luck.
Davey126 said:
Note there have been reports 5.3.3.0 can be rolled back to 5.3.2.1 on the 5th gen Fire. Not sure if this also applies to 6th gen HD 8. Typically a failed/invalid rollback results in a non-recoverable brick; not something to mess around with lightly.
---------- Post added at 08:40 PM ---------- Previous post was at 08:33 PM ----------
Don't get your hopes up. This is a generic tool that lacks favorable references (recent or otherwise) in trusted Android communities. Good luck.
Click to expand...
Click to collapse
I won't give up hope. I'm pretty convinced we'll eventually get root or the bootloader's unlocked. Something tells me Amazon's stock wasn't soaring because of these things or for that matter their so called FireOS. It's only a matter of time.
Just an observation when bricking my XT907 a few days ago (being flashed as we speak...drum roll) I noticed more than one recovery mode. Two for sure, maybe three. There is the generic black screen and white font...you can choose reboot, recovery, wipe partition and fastboot or what not. Well there's also an Android 'Droid Master Reset.' Would that reset to factory or to stock prior to Motorola customization? I've always done it through the first screen. I'm just wondering in case there might be something to exploit in those options. Does a real total Master Reset exist at all for these tablets? Prior to FireOS?
DragonFire1024 said:
I won't give up hope. I'm pretty convinced we'll eventually get root or the bootloader's unlocked. Something tells me Amazon's stock wasn't soaring because of these things or for that matter their so called FireOS. It's only a matter of time.
Click to expand...
Click to collapse
Much has happened over the past 12-15 months to bolster Android security some of which undoubtedly has made it to FireOS. Past techniques used to secure root will be far less effective moving forward.
DragonFire1024 said:
Just an observation when bricking my XT907 a few days ago (being flashed as we speak...drum roll) I noticed more than one recovery mode. Two for sure, maybe three. There is the generic black screen and white font...you can choose reboot, recovery, wipe partition and fastboot or what not. Well there's also an Android 'Droid Master Reset.' Would that reset to factory or to stock prior to Motorola customization? I've always done it through the first screen. I'm just wondering in case there might be something to exploit in those options. Does a real total Master Reset exist at all for these tablets? Prior to FireOS?
Click to expand...
Click to collapse
Never heard of or seen a low level "Master Reset" function in an Amazon device (dating back to 2nd gen Fire HD) or any Android device for that matter.
DragonFire1024 said:
I may give it a go. I don't stand to lose anything really. I'm working on a project at the moment regarding Wireless Display (Miracast) though and I don't want to lose any of that so I have to make a back up. No root is supposed to exist for 5.3.2.1 either
Click to expand...
Click to collapse
Wishing for your success! Really hoping to have new root for this. :fingers-crossed:
Where is the download for this? When I do a search for "SuperOneClick" I get a tool for Gingerbread or older.
ShapeShifter499 said:
Where is the download for this? When I do a search for "SuperOneClick" I get a tool for Gingerbread or older.
Click to expand...
Click to collapse
Here's their site http://www.superoneclickdownload.com/
I've seen the method before in other forums ranging from a few months to a few years. I don't recall which ones or if they worked.
If anyone does try, I recommend following the steps here: http://www.pcworld.com/article/244303/how_to_root_your_kindle_fire.html At least the source is a little bit more 'legit' for lack of better terms.
Is it available for all firmwares??
I've been waiting on 5.3.2.1 for a root strategy on Kingroot and Kingoroot, but after about one year, They can't root my device.
And what is the advantage of using this method? Is it better than Kingroot?
Someone tried this method? It works? Thanks in advance for your responses.
behrad said:
Is it available for all firmwares??
I've been waiting on 5.3.2.1 for a root strategy on Kingroot and Kingoroot, but after about one year, They can't root my device.
And what is the advantage of using this method? Is it better than Kingroot?
Click to expand...
Click to collapse
Didn't work for me but I may not have done it right.
The Steps Are As Follows:
"
Step 1: Turn on your Kindle Fire and tap the top bar, near the battery and Wi-Fi icons; press More... from the drop-down menu, then Device, and tap Allow Installation of Applications to On.
Step 2: Download the Android SDK from the Android Developer site. Get the version with an installer app (installer_r15-windows.exe).
Step 3: Download the Java Development Kit (version 7, at the time of this writing). Make sure to download the appropriate version of the Java Development Kit for your PC--I'm on a 32-bit Windows 7 PC, so I downloaded the Windows x86 version.
Step 4: Install the Java Development Kit. Make sure you do this before you install the Android SDK. All you need to do is to open the installer file you downloaded (mine was called jdk-7u1-windows-i586.exe) and click through the installer wizard.
Step 5: Install the Android SDK. Simply open installer_r15-windows.exe and follow the instructions. Once the Android SDK is finished installing, the SDK Manager app will automatically open with a list of software packages you can download. Go ahead and install all the prechecked packages, but make sure that the Google USB Driver package (listed under Extras) is checked. You'll need this file to let your PC communicate with the Kindle Fire. Wait for SDK Manager to download install and all the packages, and don't panic if it asks you for permission to kill a server or process. Just click OK until it's all done with the install process.
Step 6: Now that you have the SDK installed, you'll have to make two quick modifications to it before you can root the Kindle Fire. First, open up your User Account folder in Windows (C:\Users\(Your Account Name), find the new ".android" directory, and find a file called adb_usb.ini. Open it up in Notepad, add a new line at the bottom of the document, and type 0x1949. Make sure that string is on its own line in the document, save it, and close it. Next, go to wherever you installed the Android SDK itself (probably C:\Program Files\Android\android-sdk), and navigate to the \extra\google\usb_driver\ directory. Find the file called android_winusb.inf and open it in Notepad. There, you'll want to take the following lines and paste them immediately underneath the [Google.NTx86] and [GoogleNTamd64] headings in the document:
;Kindle Fire
%SingleAdbInterface% = USB_Install, USB\VID_1949&PID_0006
%CompositeAdbInterface% = USB_Install, USB\VID_1949&PID_0006&MI_01
Save the file and exit Notepad. If Notepad doesn't let you overwrite android_winusb.inf when you're saving it, save the edited version to your desktop, and then drag the edited version over to the usb_driver directory to replace the old version with your edited version. Windows may ask you for Administrator permission to replace android_winusb.inf--don't worry, it's fine.
Step 7: Plug your Kindle into your PC. You'll need a micro-USB cable to do this, which the Fire doesn't ship with, so you'll have to buy that cable if you don't already have one that you use with your phone or camera. Windows will probably automatically attempt to install a driver for it, fail, and then mount it as a normal storage device. That's fine, though we may have to change something there later.
Step 8: Now that your PC and Kindle are connected, we're going to open up the Android SDK to make sure it recognizes the Kindle. Open up Command Prompt in Windows (Start Menu, All Programs, Accessories, Command Prompt) and navigate to wherever you installed the Android SDK.
Don't remember your DOS commands? That's okay--just open up the Command Prompt and type cd followed by the file path to the platform-tools directory (for example: cd C:\Program Files\Android\android-sdk\platform-tools\). Once you're there, type adb kill-server, press Enter, type adb devices, and then press Enter again. You should see the Command Prompt return with "List of devices attached" and a string of numbers followed by "device"--that means the Android SDK recognizes the Kindle is attached, and you're ready to proceed to the next step.
However, if you don't have any devices listed, it probably means that Windows isn't using your Android SDK USB driver to communicate with your Kindle Fire. Go to Control Panel in Windows, open Device Manager, and scroll down the list of devices until you find your Kindle listed. Right-click the listing and select Update, then click Browse my computer for driver software, Browse, and navigate to the directory that holds the file you edited earlier called android_winusb.inf--probably C:\Program Files\Android\android-sdk\extras\google\usb_driver. Click Next; Windows should now switch over to the Android SDK USB driver for your Kindle. Go back to the Command Prompt; type adb kill-server, press Enter, then type adb devices, and press Enter again. You should see something show up under the list of attached devices.
Step 9: Now you're ready to root your Kindle. All you have to do is download SuperOneClick (and Microsoft's NET 2.0 Framework, if you don't already have it installed), install both apps, open up SuperOneClick, and click Root.
Let SuperOneClick do its thing--the entire process takes a few minutes--and when it's done, go back to the Command Prompt, type adb kill-server, and press Enter. Then, just to be sure, click on the Safely Remove Hardware and Eject Media icon in the Windows Notification Area (usually a picture of a plug with a green checkmark on it), eject the Kindle, and unplug it. Congratulations--you have root access!
" - Qoura, Anya General
---------- Post added at 01:00 PM ---------- Previous post was at 12:54 PM ----------
DragonFire1024 said:
Just an observation when bricking my XT907 a few days ago (being flashed as we speak...drum roll) I noticed more than one recovery mode. Two for sure, maybe three. There is the generic black screen and white font...you can choose reboot, recovery, wipe partition and fastboot or what not. Well there's also an Android 'Droid Master Reset.' Would that reset to factory or to stock prior to Motorola customization? I've always done it through the first screen. I'm just wondering in case there might be something to exploit in those options. Does a real total Master Reset exist at all for these tablets? Prior to FireOS?
Click to expand...
Click to collapse
So you mean to find a way to factory reset the kindle to before it had fire OS, when it still had an unmodified android os(or whatever they came with first)?
If so, that sounds like a possible exploit, though I think Amazon has probably made sure that it was impossible without a brick.
So this giant post is simply and advert for SuperOneClick which is an old rooting method that hasn't worked for years.
Davey126 said:
So this giant post is simply and advert for SuperOneClick which is an old rooting method that hasn't worked for years.
Click to expand...
Click to collapse
Not to mention a lot of links I found in the near past, redirect to Kingroot who I suspect either bought OneClick or put them out of business.

Categories

Resources