Ok so i got a zte quest 5 (z3351s) though qlink. Not the phone i wanted but it was one i could afford. And it works very well just can't run amazon music and other apps at the same time.
But the bloatware is unreal. Used to in my galaxy s3&s4 days i could root and delete all apps i didn't need. I know i can disable them but i want them gone completely.
Majisk didnt work
Kingoroot same even used pc.
I am hoping someone knows of a way i can root this phone or at least delete all the un needed apps for example i have Google maps go (came stock) i put the org google maps which is better plus offers sat view.
Edit i did some math and converting and the useless apps 11 out of 58 come out to 349.72mb which is a lot if your phone only has 16gb of space. Also note i don't have hardly anything.
Worst case i can Hotspot to my note10+ for multitasking but not sure of data limit.
@TexasPride
a phone's Android can get considered "rooted" as soon as in Android the SU-binary is present. Hence you at any time at your own can install the appropriate SU-binary onto your phone's Android by means of ADB.
I heard about adb methods but i haven't messed with it in forever since apk/ios apps came out
jwoegerbauer said:
@TexasPride
a phone's Android can get considered "rooted" as soon as in Android the SU-binary is present. Hence you at any time at your own can install the appropriate SU-binary onto your phone's Android by means of ADB.
Click to expand...
Click to collapse
Are you sure it will always work?
I tried this method of installing supersu: https://github.com/spff/install-supersu-via-adb
As a result, I got my phone eternally showing the boot logo and not booting.
Not a problem to re-flash stock ROM but it is an example that there in no universal way to install SU (or SuperSU) via adb.
If you could give a link to some other method how SU could be installed, I'll give it a try of course.
vp1117 said:
Are you sure it will always work?
I tried this method of installing supersu: https://github.com/spff/install-supersu-via-adb
As a result, I got my phone eternally showing the boot logo and not booting.
Not a problem to re-flash stock ROM but it is an example that there in no universal way to install SU (or SuperSU) via adb.
If you could give a link to some other method how SU could be installed, I'll give it a try of course.
Click to expand...
Click to collapse
I spoke of SU-binary and NOT of SuperSU installer package
Example:
Code:
adb devices
adb push <location-of-matching-su-binary-on-computer> /sdcard/Downloads/ 2>nul
adb shell "chmod 0777 /sdcard/Downloads/su"
Of course you can install SuperSU package by means of ADB and this even when device is booted into Stock Recovery: but this requires to make some mods to SuperSU zip.
TexasPride, sorry I stepped in your thread.
jwoegerbauer said:
I spoke of SU-binary and NOT of SuperSU installer package
Click to expand...
Click to collapse
I see. It is often mixed in numerous materials one can find in the net. Subject is SU-binary update, but the ultimate goal is to install supersu.
jwoegerbauer said:
Example:
Code:
adb devices
adb push <location-of-matching-su-binary-on-computer> /sdcard/Downloads/ 2>nul
adb shell "chmod 0777 /sdcard/Downloads/su"
Click to expand...
Click to collapse
What should be result of running this code? SU-binary located in Downloads with 777 permission? What is the practical sense/use of it?
What software/application would use SU in that location?
Sorry for my questions. I'm not arguing. I try to understand the idea.
jwoegerbauer said:
Of course you can install SuperSU package by means of ADB and this even when device is booted into Stock Recovery: but this requires to make some mods to SuperSU zip.
Click to expand...
Click to collapse
Somehow, with my almost zero knowledge of edify and linux command line I got the same conclusion: SuperSU zip has to be modified in order to install it via adb on devices that do not have TWRP for sideload. I failed to find any examples of SuperSU modding...
@vp1117
Answering your questions from last to first:
Installing SuperSU.zip via ADB
The SuperSU.zip doesn't come with an EDIFY coded script, but with an Android SHELL script - everyone who has knowledge of LINUX scripting can read / modify it.
Android comes with TAR-binary, but not ZIP-binary. Hence the SuperSu.zip must get repacked into SuperSU.tar thus it can get extracted on Phone. The contents of such a TAR-file would look as shown here
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Making use of SU-binary
The SU-binary ( ~110KB ) is nothing else then the root user, as known from LINUX.
Running in Android via ADB a command that requires super-user ( root ) rights is done as follows
Example:
Code:
adb devices
adb shell "/sdard/Downloads/su -c '<ommand-that-requires-root-here>'"
jwoegerbauer said:
Answering your questions from last to first:
Installing SuperSU.zip via ADB
The SuperSU.zip doesn't come with an EDIFY coded script, but with an Android SHELL script - everyone who has knowledge of LINUX scripting can read / modify it.
Android comes with TAR-binary, but not ZIP-binary. Hence the SuperSu.zip must get repacked into SuperSU.tar thus it can get extracted on Phone. The contents of such a TAR-file would look as shown here
Click to expand...
Click to collapse
OK. I guess, I can repack zip to tar.
Sorry for my silly question but why should I need to keep superSU as an archive? Could not I just upload all folders + update-binary.sh to the phone? I'm sure I can do it.
Am I right my next step would be running update-binary.sh (~60 KB) from <adb shell> command line?
jwoegerbauer said:
Making use of SU-binary
The SU-binary ( ~110KB ) is nothing else then the root user, as known from LINUX.
Running in Android via ADB a command that requires super-user ( root ) rights is done as follows
Example:
Code:
adb devices
adb shell "/sdard/Downloads/su -c '<ommand-that-requires-root-here>'"
Click to expand...
Click to collapse
Interestingly, I can execute all commands I need without having su-binary (~100 KB) uploaded to my phone. It is strange but I see #-prompt after I ran <adb shell>. This happens on my UNrooted phone, running stock ROM. I guess, it's a specifics of my phone, no need to try explain it.
I done failed trying to read i dont really understand linux all that well. But if anyone has any links so i can download it and try it
vp1117 said:
Sorry for my silly question but why should I need to keep superSU as an archive? Could not I just upload all folders + update-binary.sh to the phone? I'm sure I can do it.
Am I right my next step would be running update-binary.sh (~60 KB) from <adb shell> command line?
Click to expand...
Click to collapse
Of course it's your decision how you transfer the SuperSU package onto phone: many ways lead to Rome.
My decision was to push SuperSU package repacked as TAR-file onto phone, extract it there, and finally run the modified update-binary.sh when phone is booted into recovery mode:
Code:
adb shell "$(cat < %supersu_dir%/update-binary.sh); echo $?"
So I rebooted to stock recovery and then uploaded following from UPDATE-SuperSU-v2.82-20170528234214.zip package to my phone's folder /tmp:
/arm64
/common
/META-INF
update-binary.sh
Here is what I got:
Z:\android\adb>adb shell "$(cat < /tmp/update-binary.sh); echo $?"
127
/system/bin/sh: #!/sbin/sh: not found
And here's what I got running same command from # command line:
# $(cat < /tmp/update-binary.sh); echo $?
/system/bin/sh: #!/sbin/sh: not found
127
In response to # ls -al /sbin I get lots of lines one of them is as follows:
lrwxrwxrwx 1 root root 7 1970-01-01 00:00 sh -> busybox
I feel that I'm doing something wrong, but what exactly?
In attached txt-file I put some more details I got in command line.
jwoegerbauer said:
... and finally run the modified update-binary.sh when phone is booted into recovery mode:
Click to expand...
Click to collapse
Am I right the only modification needed is to rename update-binary to update-binary.sh ?
@vp1117
NO.
When I said modified then I didn't mean simply rename it: The contents of original update-binary file must be rewritten / deleted in some parts. Also, believe me, it makes sense to repack original SuperSU.zip to SuperSu.tar as I demonstrated above. Take also note that, if device's Android isn't rooted yet, the location for unpacked SuperSU mandatory must be /data/local/tmp.
BTW:
I can see BusyBox is installed on your device's Android. Take note that BusyBox by default comes with the SU-binary. Hence your device's Android is rooted! Wondering why you waste your time with trying to completely install SuperSU from scratch?
jwoegerbauer said:
Wondering why you waste your time with trying to completely install SuperSU from scratch?
Click to expand...
Click to collapse
Good question.
Probably, because I see this when phone restarts from recovery to normal android:
jwoegerbauer said:
Also, believe me, it makes sense to repack original SuperSU.zip to SuperSu.tar as I demonstrated above.
Click to expand...
Click to collapse
OK, no problem, I can re-pack zip into tar.
However, what you demonstrated above was a screenshot showing update-binary.sh being inside the tar. At the same time you don't tell how update-binary.sh must be amended. Is it OK?
TexasPride
I'm very sorry I put so much spam in your thread. Please forgive me. If I knew how to delete my posts here I would deleted them.
vp1117 said:
TexasPride
I'm very sorry I put so much spam in your thread. Please forgive me. If I knew how to delete my posts here I would deleted them.
Click to expand...
Click to collapse
Its ok, i dont mind at all.
@TexasPride
FYI: I no longer participate this hijacked thread.
Related
This all started out as an experiment to get my nandroid system.img file running in the adb emulator. Well sadly I haven't been able to do that (yet) but I have found something useful. I've Seen several people all over asking how to get a working marketplace app in 2.2 on the adb emulator. After a lot of researching (and trial and error) I've managed to get one. Here are the steps I've taken. (Steps 5 and 6 optional, you can just use the included build.prop if you prefer)
1) Create an avd running 2.2 (froyo,plenty of places explain how to do this so I won't)
2) Download the file (attached below, root files included)
3) Unzip to a location that's easy to remember and find.
4) Load your emulated phone (allow it to load fully)
5) enter this command in a command prompt/terminal window (make sure you "cd" to the directory where you extracted the files)
Code:
adb pull /system/build.prop
6) Remove or comment "ro.config.nocheckin=yes" (no quotes, might be able to just change it to "no" but I haven't tried it that way)
7) enter these commands
Winblows (I mean windows)
Code:
adb remount
adb push build.prop /system/build.prop
adb install GoogleServicesFramework.apk
adb install Vending.apk
adb install Gmail.apk (optional but sometimes signing in here lets the market sign in)
adb shell rm /system/app/SdkSetup.apk
Linux
Code:
adb remount
adb push ./build.prop /system/build.prop
adb install ./GoogleServicesFramework.apk
adb install ./Vending.apk
adb install ./Gmail.apk
adb shell rm /system/app/SdkSetup.apk
8) Sign in. If it works you're done if not reboot and try again, sometimes it takes 3 or 4 reboots to set. If your emulated phone has a data signal from your computer (you'll see a 3G and network icon in the notification area) just wait for it to sign in. The cancel button should grey out within a minute. If it says it can't connect restart the emulator and try again, be patient.
There is a known bug that not all apps show up in the marketplace. I'm not sure why so if someone here knows how to fix that by all means leave a post and let me know. If I see it I'll add it to the first post (provided it works of course )
Edit: Working on getting root on the emulator (just for the hell of it). So far I have su in the xbin directory and superuser.apk installed. Not 100% sure what else I need to do to get the su requests to go through though, I'll probably PM a more experienced member and post back when I have more. Got root? I do (got it working.) Here are the steps you need to take.
Rooting the standard android image on the emulator
1) Open a command prompt (cd to the directoy where you extracted the files)
2) enter these commands
Code:
adb shell mount -o rw,remount -t yaffs2 /dev/block/mtdblock03 /system
adb push su /system/xbin/su
adb shell chmod 06755 /system
adb shell chmod 06755 /system/xbin/su
adb install superuser.apk
That's it! You now have a rooted, market-enabled android emulator.
New! N00b-friendly method
1) create your avd
2) download the emulator files archive attached to this post
3) extract somewhere easy to find
4) open command prompt/terminal and cd to the extracted location
5) start your avd
6) Run your script (windows.bat or linux.sh)
7) sign into market and enjoy root!
Note:
You may have to chmod su again upon restarting the emulator.
To get root back simply run the re-root script for your OS (bat for windows,sh for linux)
To install busybox simply run the re-root script, it will automatically install if you're using the script to install on a new avd.
Post 2
[reserved for updates, explanations, pictures, present/future tweaks in progress, etc]
Pictures:
Superuser list,Marketplace (I like solitaire><), Terminal with su permissions, and re-rooted Terminal
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Tweaks:
1: root (done!)
2: busybox (done!)
Wow nice....
Thank you the root resets after reboot, working on making it stick but its not hard to do it again, just start with the "-wipe-data" command and redo the root, market works after reboot though. Still working on getting a dumped system.img to boot, ill post that in its own thread when i get it. Glad you like this.
Sent from my ROOTED T-Mobile myTouch 3G Slide using XDA App
Edit: see first post on how to get root back,no data-wipe!
so cool!! Good job man!
Thanks ^_^ let me know if you find any problems that I haven't already mentioned and I'll see if I can fix them or if they're just an emulator quirk.
Sorry for the double post but I wanted to let you all know busybox is now included! Installation can be performed through scripts (included in the "Emulator Files.rar" archive) or manually. If you wish to do it manually simply open the script in a text editor to see what's going on and enter the commands in a command prompt/terminal window.
I'm not able to make this work, not with a toolkit downloaded yesterday anyway.
Pulling of build.prop works, but pushing fails with a directory related error.
"adb shell" followed by "cd /system" and "ls -l" gives a list of files that does not include build.prop, neither as a file nor as a directory.
"ls -l build.prop" works though, and lists a file with 0644 permissions.
Install of all apks different from Gmail fails, with an error that says that those apks are already installed. Uninstalling them through adb doesn't work, netting instead a simple generic error.
Does anyone know whether I'm doing something wrong or Google has modified the emulator images so to render the Market workaround unusable? If so, where could I download an earlier version of the 2.2 system image?
Many thanks
Rocco
I actually had this issue as well. Try re-making the avd, worked for me. You could also try running the scripts to install, might work. If it doesnt post back and ill post the system.img from my sdk.
Sent from my ROOTED T-Mobile myTouch 3G Slide using XDA App
I have the same problem as ropi. Remade the avd several times with different properties, still no go.
I would really appreciate it if someone could upload a fully set-up avd somewhere.
I'll try again late this afternoon (I'm on CEST). Hope it works. If not, I'd be happy too if some kind soul would upload a link to a working avd
Thanks for the kind help
Rocco
I have no idea why people are having so many problems :/. I had the problem and once I remade the avd it went away. Try starting with the -partition-size 96 option and see if that helps. If not here are the files, just extract to your avd directory, it has the ini and img files you need and it's already setup. Just run re-root to get root back and sign into market and you're good to go.
http://hotfile.com/dl/79959332/3efbade/froyo-avd.rar.html
Edit: I just downloaded the latest revision and everything seems to be working fine :/ As I've said before try starting with -partition-size 96 and also try using the scripts I've provided. That should fix the issues, but if it doesn't there's always the hotfile link I've provided (or if you're just lazy lol)
Edit 2: also,just thought of this, make sure before you push the build.prop you adb remount. Pulling will work fine without doing that but pushing won't. No one said if they had done this and still received the errors so I'm trying to cover all bases. If remount fails try the adb shell mount command posted on the first page.
Thanks dbzfanatic, that avd worked great.
Glad it worked for ya. Let us know how everything works.
Sent from my ROOTED T-Mobile myTouch 3G Slide using XDA App
A lot of apps can not be found in the Market ... I cannot find Lookout....
Yeah, I've mentioned that,firs post. It's a known bug. Nothing I can do to fix it at the moment. You could download the apk on your phone then pull it then install it in the emulator. Bit of a roundabout way of doing things but it's all we can do on the emulator for the time being, at least from what I know.
Ok after a bit of poking around (sorry it took so long) I found out a bit about the market. It seems it's not just your region that it uses to show apps but things like your carrier, presence/absence of a SIM card, Android version, etc. It uses the filters to choose which apps to show and which to exclude (not showing an American user Japanese apps, not showing someone on Verizon T-Mobile apps, etc) so this explains part of the problem. I also found out that the SIM card and IMEI numbers were(are?) hard-coded into the emulator binary, changing these may allow us to see a few more apps. I looked through the binary file a bit and didn't find anything but I'll look more closely in a bit (new job, yay <- read as "groan"). I don't know how to emulate or spoof a carrier so that will still cut us back on some of the apps being seen. If anyone knows how to do this please post here and let us know! It would also be beneficial if a user who has already modified their IMEI and SIM numbers in the emulator to compare the apps list to the one you see in the standard, non-modded emulator binary and let us know if there is a difference or not. The more apps we can see in the marketplace the better!
Just wanted to confirm that I've tried Market Enabler a few days ago and it doesn't seem to work.
Alright thanks for the feedback. Ill keep working on it.
Sent from my ROOTED T-Mobile myTouch 3G Slide using XDA App
Despite several tries, I've so far been unsuccessful in using this method to install the marketplace on a 2.2 avd. Many thanks for having provided ready-made avds, then!
I've been able to install marketplace on the Galaxy Tab images provided by Samsung, though!
Keep up the good work
Hi guys, i tried to root Bluestacks Apps Player Beta for Mac OS X on Windows by using a method similar to the one used to root BS for Windows.
But unfortunately i am not able to test the modded files as i do not actually own a Mac OS X device, and i am not familiar with the OS either.
So i am asking, any volunteer here willing to help me test this experimental modded files?
How to use
1) Download BlueStacks AppPlayer Beta .dmg for Mac OS X & install it.
2) Download modded files provided below, make sure the targeted version is same as your installed version.
3) Extract the downloaded zip and use the modded files to replace the following folders:
Code:
~/Library/BlueStacks App Player/Android/Root.sparsefs/
~/Library/BlueStacks App Player/Android/Prebundled.sparsefs/
~/Library/BlueStacks App Player/Android/Data.sparsefs/
~/Library/BlueStacks App Player/Android/SDCard.sparsefs/
Downloads & Changelogs:
Code:
[URL="http://goo.gl/wJYSR"][SIZE="3"]BSRoot_0.3.6.102d.zip[/SIZE][/URL] (99.88 MB, Pass: [COLOR="Red"][email protected][/COLOR], Last Update: [COLOR="Red"]03/04/2013[/COLOR])
~ Target: BlueStacks for Mac OS X v[URL="http://goo.gl/ILhtK"]0.3.6.102[/URL] Only (Released: 21/03/2013)
+ Allow /system rw
+ su (standalone/on the fly)
+ Google Play v3.10.14
+ Google Contacts/Calendar Sync
+ Flash Player v11.1
+ Holo Launcher v2.0.2 Free
+ Terminal Emulator v1.0.52 OS
- Most bloatware
Notes:
- By replacing above folders, your existing settings & data will be gone, you are advised to create a backup before trying the mod.
* Please note that all version prior to the 03/04/2013 update probably will not work, try the latest version.
* If you tried please at least COME BACK TO VOTE so that i can know how it goes. Thank you!
-Reserved-
I think this worked, still trying to find a way to test the "rooted-ness" of it. Do you know where bluestacks puts the apps it installs from the market? /data seems to be empty.
---------- Post added at 04:58 PM ---------- Previous post was at 04:41 PM ----------
typing su into terminal gets me a segmentation fault
SuperSu hangs or doesn't run.
ESFile Explorer can't use it's "root" features. (Test Fails)
efdisastet said:
I think this worked, still trying to find a way to test the "rooted-ness" of it. Do you know where bluestacks puts the apps it installs from the market? /data seems to be empty.
typing su into terminal gets me a segmentation fault
SuperSu hangs or doesn't run.
ESFile Explorer can't use it's "root" features. (Test Fails)
Click to expand...
Click to collapse
Hi, Thanks for the feedback.
Without SuperSU working properly, terminal is running as app user thus you will not be able to view contents of /data/ as the folder is owned by 'system'.
Not sure why SuperSU is not working. Anyway, I have updated the files to use Superuser 3.2 instead of SuperSU, now with the updated files,
Superuser can be uninstalled easily, and if the superuser still causing problem, try uninstall it & run su without the apk installed.
Appreciate if you can retry the new file & also provide me the output for 'mount'. Thank you.
codelover said:
Hi, Thanks for the feedback.
Without SuperSU working properly, terminal is running as app user thus you will not be able to view contents of /data/ as the folder is owned by 'system'.
Not sure why SuperSU is not working. Anyway, I have updated the files to use Superuser 3.2 instead of SuperSU, now with the updated files,
Superuser can be uninstalled easily, and if the superuser still causing problem, try uninstall it & run su without the apk installed.
Appreciate if you can retry the new file & also provide me the output for 'mount'. Thank you.
Click to expand...
Click to collapse
Superuser app opened, but then closed on its own before I could check the settings.
I cleared data and then it seemed to stay open, so that I can go through the settings.
here's the result of su (still Segmentation fault)
and then mount
(sorry that it's a picture, copy seems to be an option, but can't find a way to paste.)
why does xda resize the pictures so small?
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Re: [Emulator][BlueStacks Beta for Mac] Getting root access - Testers wanted
Would love to try this, codelover, but am wondering if you are testing in your own environment first, or are you expecting us to QA it? Don't get me wrong... I really appreciate you taking the lead on this, I just need to understand what my effort and interest level need to be. Thanks.
Sent from my SAMSUNG-SGH-I317 using xda premium
efdisastet said:
Superuser app opened, but then closed on its own before I could check the settings.
I cleared data and then it seemed to stay open, so that I can go through the settings.
here's the result of su (still Segmentation fault)
and then mount
Click to expand...
Click to collapse
Thanks! Now i know that /system can be mounted rw, one step forward. Next step is to find a working copy of su then we are done.
Can you confirm the Segmentation fault still appear after the apk been removed/uninstalled? One more thing, can you test run su after cd to /sdcard?
Just checked the alpha root by @bitstra, looks like they faced the same problem with superuser apk, so they have su working alone without the apk, maybe i will get you a copy of the su to test.
Btw do you have adb for Mac? Might need it to push su to BS for testing.
meatlocker said:
Would love to try this, codelover, but am wondering if you are testing in your own environment first, or are you expecting us to QA it? Don't get me wrong... I really appreciate you taking the lead on this, I just need to understand what my effort and interest level need to be. Thanks.
Click to expand...
Click to collapse
Hi meatlocker, Thank you for your interest. The answer is no, i have no chance to test it because i do not actually own a Mac.
But i have been working with BS for Windows for months that i am pretty sure Mac version can be rooted too.
I am just trying to help, it's really up to Mac users effort if they really want to see it get rooted.
The more feedback the faster it can be done. If i got a Mac that would be easier since i got several test cases that i can run on my own.
For now, everything is based on my assumption.
codelover said:
Thanks! Now i know that /system can be mounted rw, one step forward. Next step is to find a working copy of su then we are done.
Can you confirm the Segmentation fault still appear after the apk been removed/uninstalled? One more thing, can you test run su after cd to /sdcard?
Just checked the alpha root by @bitstra, looks like they faced the same problem with superuser apk, so they have su working alone without the apk, maybe i will get you a copy of the su to test.
Btw do you have adb for Mac? Might need it to push su to BS for testing.
Click to expand...
Click to collapse
yup, I've got adb installed and it see bluestacks, haven't tried to run any commands or anything
still get the Segmentation Fault and never get a typical su request popup for any app.
uninstalled superuser.
tried su in terminal, still Segmentation fault
installed SuperSu from play store
same results... app didn't run very well... tried to update itself and failed.
uninstalled
installed superuser (3.1.3?) from the Play store
took some screenshots (looked kinda hopeful?)
still same errors in terminal, no access to /data
efdisastet said:
installed SuperSu from play store
same results... app didn't run very well... tried to update itself and failed.
uninstalled
installed superuser (3.1.3?) from the Play store
took some screenshots (looked kinda hopeful?)
still same errors in terminal, no access to /data
Click to expand...
Click to collapse
You cannot install Superuser/SuperSU directly from market because it will install an arm version of the binary instead of the x86 that we need.
Now we need to identify which su binary version works with BS for Mac.
Please download the attached su-test.zip that contains various versions of su, extract to adb folder and then run the following commands:
Code:
adb push su-test /data/local/tmp/
adb shell chmod 777 /data/local/tmp/su*
adb shell /data/local/tmp/su-3.1-x86 -v
adb shell /data/local/tmp/su-3.1.1-x86 -v
adb shell /data/local/tmp/su-3.2-x86 -v
adb shell /data/local/tmp/su-bin-3.1 -v
adb shell /data/local/tmp/su-1.25 -v
adb shell /data/local/tmp/su.x86 -v
adb shell /data/local/tmp/su.orig -v
* Also try to run above su without -v
We are expecting su to returns a version number or 'permission denied' message from a working copy, instead of segmentation fault.
Please let me know which version works. I think we can finalize this soon. Thank you again.
Re: [Emulator][BlueStacks Beta for Mac] Getting root access - Testers wanted
Also, how can we get into the contents of the Android disk image files on a Mac to extract android files, etc?
And how much space do we have in the simulated Android to install apps?
Code:
adb push su-test /data/local/tmp/
adb shell chmod 777 /data/local/tmp/su*
adb shell /data/local/tmp/su-3.1-x86 -v
[COLOR="Red"]returned 3.1[/COLOR]
adb shell /data/local/tmp/su-3.1.1-x86 -v
[COLOR="red"]returned Segmentation fault[/COLOR]
adb shell /data/local/tmp/su-3.2-x86 -v
[COLOR="red"]returned Segmentation fault[/COLOR]
adb shell /data/local/tmp/su-bin-3.1 -v
[COLOR="red"]hung[/COLOR]
adb shell /data/local/tmp/su-1.25 -v
[COLOR="red"]hung[/COLOR]
adb shell /data/local/tmp/su.x86 -v
[COLOR="red"]returned Segmentation fault[/COLOR]
adb shell /data/local/tmp/su.orig -v
[COLOR="red"]returned su: permission denied[/COLOR]
* Also try to run above su without -v
[COLOR="red"]same results as above except that I got Segmentation fault on the ones that hung with -v[/COLOR]
efdisastet said:
Code:
adb shell /data/local/tmp/su-3.1-x86 -v
[COLOR="Red"]returned 3.1[/COLOR]
.....
adb shell /data/local/tmp/su.orig -v
[COLOR="red"]returned su: permission denied[/COLOR]
Click to expand...
Click to collapse
Definately a good news! I will try to rebuild Root.sparsefs to include both working copies of su-3.1 & su.orig.
But if i am not mistaken su.orig only works alone thus not supporting Superuser apk for confirmation.
EDIT: Files updated, download HERE.
CHANGES: Using su.orig copy without any Superuser apk.
NOTE: Might need to replace all new .sparsefs files instead of just Root.sparsefs.
Kinda weird as all su in su-test can run in BS for Windows except su.orig that returned Seg. fault.
Anyway, hope to hear some good news soon.
I replaced the files and kill Bluestacks, then I re-open Bluestacks .... NOTHING HAPPENED, my data and apps still there, and NO ROOT. Why?
nudawa said:
I replaced the files and kill Bluestacks, then I re-open Bluestacks .... NOTHING HAPPENED, my data and apps still there, and NO ROOT. Why?
Click to expand...
Click to collapse
1) Make sure you are using the required version, as these rooted files only works for v0.3.6.102.
2) Once you have replaced Data & SDCard, non of your existing apps should remain; If the apps still there you probably did it wrong.
3) Make sure you close your Bluestacks before replacing those files.
* Please note that the 'rooted files' mentioned above are 4 folders that contains 2 files in each folder.
codelover said:
Definately a good news! I will try to rebuild Root.sparsefs to include both working copies of su-3.1 & su.orig.
But if i am not mistaken su.orig only works alone thus not supporting Superuser apk for confirmation.
EDIT: Files updated, download HERE.
CHANGES: Using su.orig copy without any Superuser apk.
NOTE: Might need to replace all new .sparsefs files instead of just Root.sparsefs.
Kinda weird as all su in su-test can run in BS for Windows except su.orig that returned Seg. fault.
Anyway, hope to hear some good news soon.
Click to expand...
Click to collapse
did you want me to run some more tests?
so far all I've done is load the new files, open terminal, and try su: got permission denied
efdisastet said:
did you want me to run some more tests?
so far all I've done is load the new files, open terminal, and try su: got permission denied
Click to expand...
Click to collapse
Have you tried executing 'su' from adb instead of Terminal?
I am not sure how the included su.orig from alpha should behave as i got segfault here on Windows.
Unlike the newer SuperSU that works without apk, the su-3.1-x86 that worked for you during the test needs superuser apk,
but non of the apks i tested here work with that binary (All hung), kinda weird, until we have a working su+apk, other apps cannot gain root.
So i was thinking maybe we should try other superuser app, like the opensource ClockworkMod Superuser since it support x86 too.
Please download the attached su to test, let's see whether this one still causing segfault or not.
Code:
adb push su /data/local/tmp/
adb shell chmod 777 /data/local/tmp/su
adb shell /data/local/tmp/su -v
As usual, we are expecting su to return some version info.
As i don't think it's a good idea to keep asking you to download & test a new 100M file for something unsure, i provide you an alternative:
By replacing with this modded initrd.img (~/Library/BlueStacks App Player/AppBundle/Contents/Android/initrd.img), if this work (hopefully), it will:
- Create the following public accessible folder if not exists: /data/root
- Create the following test files: /data/root/test
- Change ownership, group & permissions needed for su for all files found inside /data/root/ on every boot.
Click to expand...
Click to collapse
Once replaced initrd.img, reboot and if you see a new file /data/root/test and it's owned by root then you can proceed to the below tests, otherwise useless.
Code:
1) Install ClockworkMod [URL="https://play.google.com/store/apps/details?id=com.koushikdutta.superuser"]Superuser[/URL] or download [URL="http://download.clockworkmod.com/apks/Superuser.apk"]here[/URL].
2) adb push su /data/root/su
3) Restart Bluestacks to get the permissions needed by su.
4) Open terminal & type the following command: /data/root/su # Should get a prompt
* Note that you will be asked to update su binary but you won't be able to do so at the moment. leave that first.
If non of the above work i guess the only option is to test all su binaries and apks, which is very time-consuming.
But i guess i am to giving up instead as it's too hard for me to debug without actually owning a Mac to test it.
codelover said:
Have you tried executing 'su' from adb instead of Terminal?
Click to expand...
Click to collapse
tried running it from an adb shell, still permission denied
I am not sure how the included su.orig from alpha should behave as i got segfault here on Windows.
Unlike the newer SuperSU that works without apk, the su-3.1-x86 that worked for you during the test needs superuser apk,
but non of the apks i tested here work with that binary (All hung), kinda weird, until we have a working su+apk, other apps cannot gain root.
So i was thinking maybe we should try other superuser app, like the opensource ClockworkMod Superuser since it support x86 too.
Please download the attached su to test, let's see whether this one still causing segfault or not.
Code:
adb push su /data/local/tmp/
adb shell chmod 777 /data/local/tmp/su
adb shell /data/local/tmp/su -v
As usual, we are expecting su to return some version info.
Click to expand...
Click to collapse
tried this: segmentation fault
As i don't think it's a good idea to keep asking you to download & test a new 100M file for something unsure, i provide you an alternative:
By replacing with this modded initrd.img (~/Library/BlueStacks App Player/AppBundle/Contents/Android/initrd.img), if this work (hopefully), it will:
Once replaced initrd.img, reboot and if you see a new file /data/root/test and it's owned by root then you can proceed to the below tests, otherwise useless.
Code:
1) Install ClockworkMod [URL="https://play.google.com/store/apps/details?id=com.koushikdutta.superuser"]Superuser[/URL] or download [URL="http://download.clockworkmod.com/apks/Superuser.apk"]here[/URL].
2) adb push su /data/root/su
3) Restart Bluestacks to get the permissions needed by su.
4) Open terminal & type the following command: /data/root/su # Should get a prompt
* Note that you will be asked to update su binary but you won't be able to do so at the moment. leave that first.
If non of the above work i guess the only option is to test all su binaries and apks, which is very time-consuming.
But i guess i am to giving up instead as it's too hard for me to debug without actually owning a Mac to test it.
Click to expand...
Click to collapse
did all that. /data/root exists and seems writable (though trying to do an ls in /data still gives me permission denied)
but /data/root/su still gave me segmentation fault...
which version was that? Which versions did we get to give us a version number the other day?
efdisastet said:
tried running it from an adb shell, still permission denied
/data/root exists and seems writable (though trying to do an ls in /data still gives me permission denied) but /data/root/su still gave me segmentation fault...
which version was that? Which versions did we get to give us a version number the other day?
Click to expand...
Click to collapse
It was su-3.1-x86 that i got it from here but the site is down at the moment. You can still find the binary on my previous post, inside su-test.zip.
With that version i managed to get root with adb, but without a working apk you cannot gain root from other apps since it was designed to act like that.
But what makes me wonder is that the su.orig that worked without apk (anyone confirm?) on alpha supposed to work on this beta too.
Now that /data/root/ is working as expected, it's so much easier for you to test the binaries, just push to /data/root/ and reboot to get the required permissions.
codelover said:
It was su-3.1-x86 that i got it from here but the site is down at the moment. You can still find the binary on my previous post, inside su-test.zip.
With that version i managed to get root with adb, but without a working apk you cannot gain root from other apps since it was designed to act like that.
But what makes me wonder is that the su.orig that worked without apk (anyone confirm?) on alpha supposed to work on this beta too.
Now that /data/root/ is working as expected, it's so much easier for you to test the binaries, just push to /data/root/ and reboot to get the required permissions.
Click to expand...
Click to collapse
/data/root/ may be working as expected, but there still seems to be a "su" in the path somewhere, whose permissions are denied. Will that cause problems
I put the 3.1 file from the su-test folder into /data/root, restarted bluestacks, and then went to terminal, I've attached a screenshot of those results, including calling just "su" to note the difference
Maybe if I had a better handle on what we wanted all the permissions to be and where we wanted this executable su to be, and what su an app/apk like superuser tries to use, I could help more.
Hi,
I have developed a tool to exploit the dirtycow vulnerability and get TEMPORAL ROOT
It bypass the selinux in lollipop 32bits system only, we are working now in a 64bits and Marshmallow version and will be soon, have a lot of work to do it universal.
Im bringing 2 tools, one apk (no computer required) and one rar for adb and linux.
With this tool we will access to those partitions and start the attack there, but in the actual state if you have locked your bootloader a good choice is to have root even temporal one.
·APK
Required: SDCARD
The apk exploits this vuln in the vold context so, is necessary to have a sdcard and mount or extract it, when the app requires, one time per session.
This tool has some utilities for flash boot and system partition, also for backup and 2 methods of root:
·Attack init process (lollipop 32 bits only)
·Attack app_process.(all devices, not really good)
·Get root
Uninstall any supersu manager before root.
The way to use this app is first click in check perms(optional) and you will see if you have permissions to /init file.
If you have permisisons and lollipop 32 you can use the first method to get root.
Also in check permissions you will see if you have rights to backup/flash boot and system partition.
The process takes until 2 minutes to finish so wait please and watch the log window.
# ISSUES #
If you get reboot after get root you can:
-Clean init (restore init process sometimes crash the device, but is safe)
-Install selinux permissive (Set permanent the new selinux policy, not tested)
The first option is safe you just can get a reboot.
The second option is just tested in 3 devices(oppo,xperia,Moto E), so test it with a recovery system working, can break some selinux rule..
·ADB
The adb rar contains some utilities to get root via run-as and init and is only working in Lollipop 32bits.
To execute it:
-Pass rar:"nox"
-Extract the rar in /data/local/tmp/
Code:
chmod 755 /data/local/tmp/exploit.sh
cd /data/local/tmp/
./exploit.sh
This process take some time 1-2 minutes but you will see the progress in the console, please wait,
After will ask to turn off bluetooth do even sometimes is not required, it can accelerate the process.
It will ask to install selinux permissive, if you don't have reboot problems, don't install it, otherwise be sure you have a recovery system working and a stock rom ready to flash, this feature is stable but need more testing.
if all is ok you will see this:
Code:
#Type run-as -s1 to get a shell"
#Type run-as -s2 to execute su daemon"
The run-as -s1 give you a shell with init context but some restrictions because selinux autotransfer domain to run-as
The run-as -s2 will execute su dameon and a su init context with no restrictions.
# ISSUES #
If you get reboot after get root you can:
·mount system partition with flag abort:
Code:
mount -o remount,abort /system
You won't able to mount system in write mode.
This app is in BETA BETA state for now, just 7/9 devices passed not bad at all
I'll add more devices in the list soon
List of rooted devices:
Moto G 5.1 lollipop
Xperia 5.1 lollipop
Oppo 5.1 lollipop
Emulator 5.1 lollipop
XT1528 (MOTO E Verizon prepaid) 5.0.2 lollipop(reboot issues)
Asus Zenfone Go ZB452KG Lollipop(5.1.1)
Smartfren Andromax A / Haier a16c3h (Lollipop 5.1 Firmware 12.2)
Version:0.4
Adb:http://www.mediafire.com/file/r3i900n7jb2zfoo/EXPLOIT_ADB.rar
Apk:http://www.mediafire.com/file/38tyscsaxms00sa/croowt%282%29.apk
Implemented selinux pemissive after reboot.(adb,apk)
Enforce mode working.(adb,apk)
Version: 0.3
Fixed bug creating bl instruction.
Version: 0.2
-Fix bug in apk for some devices
Version: 0.1
-More compatible adb with lollipop 32 bits
-Fixed bug in the shellcode.
-64 bits version of run-as-dirtycow.
Todo:
-Working in Marshmallow 32 bits.
-Apk some fix.
Thanks to n0x for his great help debugging the shellcode issue in Moto G
Great work!
Waiting for 64 bit
I will gladly test with my v10 I've been able to get a temp root shell with dcow. Happy holidays!
Sweet ! Has anyone tested on Note 4? N910A on 5.1.1
I'm currently on 6.0.1 MM so I'm waiting for that release.
Anyone know if this will work with the November Security patch of 2016?
Sent from my SAMSUNG-SM-N910A using Tapatalk
Really cool. I am having a problem trying to connect my device over adb wifi and now this!!! I have a locked head unit and i can't install any apps (all installations blocked and developer mode, usb debug all hidden. ) any way for me to install this onto my phone and attack my device via bluetooth or something? Or autorun once connected to usb? It's a long shot but hey its Christmas!!
Merry Christmas by the way
Can we have access to the run-as-dirtycow source code?
Thanks.
Exploit process
For the developers that are testing this exploit or want to know how it works deeply:
First we dirtycow some privileged process, for example run-as has suid 0 given by selinux capabilities not by the bit setuid.
When we have overwritten run-as, this binary can read /init path, so we copy to other place with our run-as "trojan".
In our run-as we need to put some code to read files, my run-as-dirtycow does:
run-as /init
Will print this file to the stdout(console), if we redirect this output to a file:
run-as /init > /data/local/tmp/init.dmp
We copy /init file through our dirtycowed run-as that has root privileges, and is permitted by Selinux.
We patch init.dmp to create our init.patch with a shellcode to load new policy.
We will use run-as to dirtycow again our init.dmp but patched with a shellcode.
So our run-as trojan also will have the dirtycow exploit and when we exec this binary with the right arguments also will dirtycow any file with read permissions to root.
run-as /init /data/local/tmp/init.patch
Once finish and when the new policy is loaded exec run-as trojan wiht the special parameter -s1 or -s2 give to you a shell root or install su in the device TEMPORAL, no modifies any partition but mount a ext4 partition in /system/xbin with the su binary.
Well this is the process to do it in adb shell, in the apk i am using fsck_msdos to do all this chain of steps.
I like to get some different init from lollipop 32 bits and Marshmallow 32bits to adjust the patcher to Marshmallow.
jucaroba said:
Can we have access to the run-as-dirtycow source code?
Thanks.
Click to expand...
Click to collapse
Is very simple just have the dirtycow exploit original and some code to copy files read and puts.
Anyways soon ill post here, has no many secrets lol, just copy file or execute sh, the main problem now is the patcher, to make it working in Marshamallow and 64bits, i don't have any device with 64bits, yes one xperiaZ that i can install a custom rom with Marshmallow.
But i think the first is to check if the patcher is working in lollipop32 bits well, even ive tested 2 devices and reversed some other inits is not enough to be completely sure that all is ok.
kryz said:
Is very simple just have the dirtycow exploit original and some code to copy files read and puts.
Anyways soon ill post here, has no many secrets lol, just copy file or execute sh, the main problem now is the patcher, to make it working in Marshamallow and 64bits, i don't have any device with 64bits, yes one xperiaZ that i can install a custom rom with Marshmallow.
But i think the first is to check if the patcher is working in lollipop32 bits well, even ive tested 2 devices and reversed some other inits is not enough to be completely sure that all is ok.
Click to expand...
Click to collapse
Thanks for your answer.
I'm trying to use your exploit to be able to read my /data/misc/vold/expand_*.key file. My wife has a Moto G 2014 mobile with official (non rooted) Android 6 Marshmallow. The bootloader is locked. She has deleted accidentally all the pictures in her SD card, that is configured as adopted card (not portable). I have made a cloned copy of the SD in my linux laptop with dd command, but I can not mount the partitions in the SD because I have to know the encryption key.
I can not unlock the bootloader, because the phone will be reseted to factory and the encryption key will be deleted. And I can not read the key file without being root, because of the permissions of the file. I have tried your run-as-dirtycow trojan in the phone, and I can read files I have no permissions for, such as /init.rc. The only missing piece now is that I don't know the exact name of the key file. I only know that it is of the form "expand_*.key". Can your trojan run-as-dirtycow be modified to be able to read the files with this pattern name in a given directory?
Thanks in advance.
kryz said:
Is very simple just have the dirtycow exploit original and some code to copy files read and puts.
Anyways soon ill post here, has no many secrets lol, just copy file or execute sh, the main problem now is the patcher, to make it working in Marshamallow and 64bits, i don't have any device with 64bits, yes one xperiaZ that i can install a custom rom with Marshmallow.
But i think the first is to check if the patcher is working in lollipop32 bits well, even ive tested 2 devices and reversed some other inits is not enough to be completely sure that all is ok.
Click to expand...
Click to collapse
I'm trying to root my boost max+ running 5.1.I tried the check perm option but couldn't remount sdcard,it just froze.Upon reboot it hang at starting apps.Had to remove sdcard to get phone to boot properly.
Sent from my N9521 using Tapatalk
tnomtlaw said:
I'm trying to root my boost max+ running 5.1.I tried the check perm option but couldn't remount sdcard,it just froze.Upon reboot it hang at starting apps.Had to remove sdcard to get phone to boot properly.
Sent from my N9521 using Tapatalk
Click to expand...
Click to collapse
When you mount the sdcard is normal that doesn't mount again, the process hijack fsck_msdos, you have to come back to the application, wait and watch the window log.
It depends on mount will get 1-5 seconds to see the information.
If you see that init is OK, you can proceed with the get root.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
jucaroba said:
Thanks for your answer.
I'm trying to use your exploit to be able to read my /data/misc/vold/expand_*.key file. My wife has a Moto G 2014 mobile with official (non rooted) Android 6 Marshmallow. The bootloader is locked. She has deleted accidentally all the pictures in her SD card, that is configured as adopted card (not portable). I have made a cloned copy of the SD in my linux laptop with dd command, but I can not mount the partitions in the SD because I have to know the encryption key.
I can not unlock the bootloader, because the phone will be reseted to factory and the encryption key will be deleted. And I can not read the key file without being root, because of the permissions of the file. I have tried your run-as-dirtycow trojan in the phone, and I can read files I have no permissions for, such as /init.rc. The only missing piece now is that I don't know the exact name of the key file. I only know that it is of the form "expand_*.key". Can your trojan run-as-dirtycow be modified to be able to read the files with this pattern name in a given directory?
Thanks in advance.
Click to expand...
Click to collapse
The run-as context can't see /data or even /data/misc folders, anyways i will implement the list of directories in the next update.
kryz said:
The run-as context can see /data or even /data/misc folders, anyways i will implement the list of directories in the next update.
Click to expand...
Click to collapse
Yes, I know it can see those folders, I only need to know the name of the file I am interested in.
If you implement the "list of directories" functionality it will be fantastic. Thanks for it.
I will also be very grateful to see the full source code of the trojan.
Waiting eagerly for both things.
Thanks in advance.
jucaroba said:
Yes, I know it can see those folders, I only need to know the name of the file I am interested in.
If you implement the "list of directories" functionality it will be fantastic. Thanks for it.
I will also be very grateful to see the full source code of the trojan.
Waiting eagerly for both things.
Thanks in advance.
Click to expand...
Click to collapse
Sorry wrong type i wanted to say that run-as context can not see those folders.
I mean ive implemented all ready that function "-d" and run-as can not list those folders:
run-as -d /system/etc
Attached run-as-dirtycow.c
kryz said:
Sorry wrong type i wanted to say that run-as context can not see those folders.
I mean ive implemented all ready that function and run-as can not list those folders.
Click to expand...
Click to collapse
Mmmm, so the only way to be able to read a file in /data/misc/vold/ is to be root?
If that is the case, then I suppose I have to wait til your exploit can be used to root a Marshmallow phone.
Am I correct?
Thanks.
jucaroba said:
Mmmm, so the only way to be able to read a file in /data/misc/vold/ is to be root?
If that is the case, then I suppose I have to wait til your exploit can be used to root a Marshmallow phone.
Am I correct?
Thanks.
Click to expand...
Click to collapse
I think so, i don't have that folder in my devices, but i was trying to read on /data folder and no success in one of its sub folders.
Btw what cpu is your device 32 o 64 bits?
Can you post your init file?
kryz said:
I think so, i don't have that folder in my devices, but i was trying to read on /data folder and no success in one of its sub folders.
Btw what cpu is your device 32 o 64 bits?
Can you post your init file?
Click to expand...
Click to collapse
My CPU is 32 bits. It is a Moto G 2014.
I suppose you don't have the /data/misc/vold folder because you are not looking at a Marshmallow system.
What file are you interested in? The /init.rc file?
jucaroba said:
My CPU is 32 bits. It is a Moto G 2014.
I suppose you don't have the /data/misc/vold folder because you are not looking at a Marshmallow system.
What file are you interested in? The /init.rc file?
Click to expand...
Click to collapse
I'm interested in /init file and 32 bits is great
kryz said:
I'm interested in /init file and 32 bits is great
Click to expand...
Click to collapse
No /init file in Marshmallow. At least not in that path.
---------- Post added at 02:19 AM ---------- Previous post was at 01:48 AM ----------
kryz said:
I'm interested in /init file and 32 bits is great
Click to expand...
Click to collapse
Sorry, the file exist, but I can not read it. I can not copy it with your trojan run-as (run-as-dirtycow) either.
Hi kryz,
Please find the /init from 32bit 6.0.1
It is from Xperia Z2 with custom rooted rom (Mx ROM v8.6.0)
How can i copy /init from my boot locked, unrooted, stock 6.0.1 64bit X Performance?
Hoo roo,
Am currently trying to install a custom version of BusyBox to get Linux Deploy working. The installation script is slightly buggy, but you can workaround it by changing the .sh script slightly and creating the folder /system/xbin.
However, having a bit of trouble. Using su in Termux and mounting / as rw, then attempting to mkdir /system/xbin softlocks my Boox Max 3. This appears to be as a result of android 9 doing system-as-root.
I'm following the instructions mentioned in this Github issue.
Am so close to getting working Arch Linux on my eink tablet, can anyone point me in the right direction? Thank you in advance
If you want to tamper Android's system partition then
Phone's bootloader must be unlocked
AVB must be disabled
before.
Also: Android's /system partition is of fixed size. Have you checked there is enough free space to hold the BusyBox suite, too?
Why not install your BusyBox suite in /system/bin, what will overwrite Android's default ToyBox suite thus you won't have 2 more or less equal suites present in Android?
jwoegerbauer said:
If you want to tamper Android's system partition then
Phone's bootloader must be unlocked
AVB must be disabled
before.
Also: Android's /system partition is of fixed size. Have you checked there is enough free space to hold the BusyBox suite, too?
Click to expand...
Click to collapse
Thank you so much for responding jwogerbauer, using TWRP so bootloader is unlocked, and dm-verity is disabled as well. There's also most definitely enough space on /system, can't even make the folder though.
Linux Deploy needs this specific version of BusyBox installed, which is strange. The developer is a bit slack and more of a shell scripting sort of guy, so there's a heap of small hack arounds.
Was thinking there might be something possible with symlinks or something, but no idea where to start
snug.gy said:
Hoo roo,
Am currently trying to install a custom version of BusyBox to get Linux Deploy working. The installation script is slightly buggy, but you can workaround it by changing the .sh script slightly and creating the folder /system/xbin.
However, having a bit of trouble. Using su in Termux and mounting / as rw, then attempting to mkdir /system/xbin softlocks my Boox Max 3. This appears to be as a result of android 9 doing system-as-root.
I'm following the instructions mentioned in this Github issue.
Am so close to getting working Arch Linux on my eink tablet, can anyone point me in the right direction? Thank you in advance
Click to expand...
Click to collapse
How can I create xbin on android 11 please? Its rooted and unlocked thank you
Why trying to install BusyBox? Android since version 6 already comes with ToyBox - Android's official BusyBox equivalent.
xXx yYy said:
Why trying to install BusyBox? Android since version 6 already comes with ToyBox - Android's official BusyBox equivalent.
Click to expand...
Click to collapse
I have instructions to install other things that I'm following and that requires for me to put things into that specific ×bin to then give commands on terminal emulator and working with linux I think it def is for busy box @xXx yYy thanks
Joy28 said:
I have instructions to install other things that I'm following and that requires for me to put things into that specific ×bin to then give commands on terminal emulator and working with linux I think it def is for busy box @xXx yYy thanks
Click to expand...
Click to collapse
So what should I do how do I get it on there? Thx
Joy28 said:
So what should I do how do I get it on there? Thx
Click to expand...
Click to collapse
@xXx yYy
Since now almost 2 years you ( and other member ) are struggling with this problem: looks you ( both ) never correctly read the related posts here.
Same question got asked here, too
Creating /system/xbin on Android 9
Hoo roo, Am currently trying to install a custom version of BusyBox to get Linux Deploy working. The installation script is slightly buggy, but you can workaround it by changing the .sh script slightly and creating the folder /system/xbin...
forum.xda-developers.com
Note:
BusyBox binary ( current version is 1.36_0 released 3 weeks ago ) is compiled to be run on Android 8 and lower. For Android 8 and higher you've to use BusyBox as Magisk module.
My recommdation: Install Brutal BusyBox as Magisk module. Watch this video:
BTW:
Folder /system/xbin holds “Extra” binaries generated by some of 3rd-party-packages that aren’t essential to the system’s operation. To get these binaries working Android's path variable must get adjusted, too.
Folder /system/ sbin typically hold binaries essential to the system administrator, it contains only ueventd and adbd.
FYI:
TWRP times ago has started replacing Busybox with Toybox
xXx yYy said:
Since now almost 2 years you ( and other member ) are struggling with this problem: looks you ( both ) never correctly read the related posts here.
Same question got asked here, too
Creating /system/xbin on Android 9
Hoo roo, Am currently trying to install a custom version of BusyBox to get Linux Deploy working. The installation script is slightly buggy, but you can workaround it by changing the .sh script slightly and creating the folder /system/xbin...
forum.xda-developers.com
Note:
BusyBox binary ( current version is 1.36_0 released 3 weeks ago ) is compiled to be run on Android 8 and lower. For Android 8 and higher you've to use BusyBox as Magisk module.
My recommdation: Install Brutal BusyBox as Magisk module. Watch this video:
BTW:
Folder /system/xbin holds “Extra” binaries generated by some of 3rd-party-packages that aren’t essential to the system’s operation. To get these binaries working Android's path variable must get adjusted, too.
Folder /system/ sbin typically hold binaries essential to the system administrator, it contains only ueventd and adbd.
FYI:
TWRP times ago has started replacing Busybox with Toybox
Click to expand...
Click to collapse
I dont have an sbin either please in really simple terms can you please tell me how to install xbin??? Please I'm going crazy over here
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
No i need this bad please can you point me in the right direction
just install busybox from Magisk
https://github.com/Magisk-Modules-Repo/busybox-ndk
aIecxs said:
just install busybox from Magisk
https://github.com/Magisk-Modules-Repo/busybox-ndk
Click to expand...
Click to collapse
Thanks but I don't think that is the extent of it... I need to put linux file into xbin
I am using Linux Deploy app on systemless-root without any hassle
Please see pm
I don't reply pm. keep it in the threads.
what's the point, if you're rooted with Magisk, just install UPDATE-Busybox.Installer.v1.34.1-ALL-signed.zip from Magisk modules, reboot, and find "compatible BusyBox in path /system/xbin" (or /system/bin if no mount point exist)
Linux Deploy doesn't care about install location of busybox as long as it is in path.
My phone's LCD touchscreen is broken and the phone seems stuck in bootloop. I have access to a custom recovery (OrangeFox is installed, but I should be able to `fastboot boot` into any other).
I have read on this reddit post that it should be possible to flash a new ROM, push my computer's ADB public key to it, boot it and use `scrcpy` to control my phone.
However I'm stuck on the first step: how can I flash a new ROM to my phone via command line from OrangeFox or other recoveries?
You can't flash a Custom ROM via ADB, you've to do this via FASTBOOT or Custom Recovery.
xXx yYy said:
You can't flash a Custom ROM via ADB, you've to do this via FASTBOOT or Custom Recovery.
Click to expand...
Click to collapse
Yes, when I said "ADB", I meant the ADB of a Custom Recovery. I can boot into OrangeFox and then `adb shell` into it. I'm wondering how to install a ROM from there.
Installing the ROM from Fastboot would work too, if it's simpler.
TWRP uses dd to flash raw images and tar + gzip to backup/restore userdata partition. It's all done with shell scripting and adb shell is nearly the same.
@peoro The custom rom zip archive is build as OTA update.zip and either has a payload.bin (A/B slots) or *.dat.br compressed images for A-only devices. Both can be unpacked to get the raw images. Those images can be flashed via ADB or via fastboot.
peoro said:
Yes, when I said "ADB", I meant the ADB of a Custom Recovery. I can boot into OrangeFox and then `adb shell` into it. I'm wondering how to install a ROM from there.
Installing the ROM from Fastboot would work too, if it's simpler.
Click to expand...
Click to collapse
Don't confuse things:
Code:
adb shell
is used to run Android ( Linux ) system commands on Android devices.
WoKoschekk said:
@peoro The custom rom zip archive is build as OTA update.zip and either has a payload.bin (A/B slots) or *.dat.br compressed images for A-only devices. Both can be unpacked to get the raw images. Those images can be flashed via ADB or via fastboot.
Click to expand...
Click to collapse
Thank you for the replies. My phone is A-only (it's a Poco X3 Pro).
I just downloaded a new ROM (the latest crDroid 12 for my device) and I could find a number of `.dat.br` files in its zip:
Code:
$ unzip -Z1 crDroidAndroid-12.1-20230106-vayu-v8.12.zip | grep '.dat.br$'
odm.new.dat.br
product.new.dat.br
system.new.dat.br
system_ext.new.dat.br
vendor.new.dat.br
However I'm not sure where or how to flash these files and what other commands I need to use to e.g. format the various partitions or whatever is needed.
OrangeFox offers a `fox` command line tool (I believe it's a fork of TRWP's command). I believe it should help me with all of this, but I'm too much of a noob to know what to do and how.
Would you know where to find a good guide about installing a ROM via command line?
Otherwise could you tell me what commands I'm supposed to run and/or what operations I'm supposed to do?
I know my way around Linux pretty well, can write and read bash, but am a complete noob for anything related to android. Don't even know what the various partitions are, how they map to the contents of the drive and in general how the boot process works...
xXx yYy said:
Don't confuse things:
Code:
adb shell
is used to run Android ( Linux ) system commands on Android devices.
Click to expand...
Click to collapse
Yeah. ADB gives me access to a shell on the phone. I can have a shell while the phone is in the Custom Recovery (OrangeFox, currently) and I believe I should be able to flash a new ROM from there. That's what I'm trying to do.
Any way to install a new ROM would work for me: `dd`, the `fox` command line tool, or fastboot.
I'm good with bash, but don't know much at all about Android's internals. But I'd love to find a noob-friendly guide on how to flash to a ROM using whatever tool.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
xXx yYy said:
Click to expand...
Click to collapse
Which part?
While my phone is running a custom recovery (OrangeFox, TWRP, whatever), that recovery is able to flash a new ROM. It offers a UI to do so. Right? I can't use the UI, but can run anything on the recovery, via the shell opened by ADB.
Am I saying anything wrong?
I have access both to `fastboot` and to the shell of a running custom recovery. But I don't know how to install the ROM (the content of crDroidAndroid-12.1-20230106-vayu-v8.12.zip ) with either tool, without using the custom recovery's UI.
peoro said:
I have read on this reddit post that it should be possible to flash a new ROM, push my computer's ADB public key to it, boot it and use `scrcpy` to control my phone.
Click to expand...
Click to collapse
The tool scrcpy installs *.odex compiled Java code on your device. This code isn't executable in any recovery.
Options for flashing your ROM:
– TWRP:
1. Put the raw images of your custom ROM into the ADB folder on your desktop and adb push them to the phone or use MTP to copy them.
2. Then you can use the openrecoveryscript.html (TWRP's commandline tool) to flash images.
TWRP Commandline Guide
</style>CLIENT SIDE/SCRIPTinstall FILENAME : install FILENAME zip file.
twrp.me
– ADB:
1. copy all raw images into ADB folder
2. use adb push to flash the images on your device.
– ABD (adb shell):
1. copy all images via adb push or via MTP to your device
2. enter the device's shell with adb shell
3. You said you are familiar with bash scripting. Do you know the dd command and its syntax?
CAUTION: The command dd overwrites EVERYTHING and without a warning!! Be careful and only use it if you know what you're doing.
Creating RAW images:
You need this tool to convert *.dat.br to raw image.
Flash custom ROM via fastboot:
1. convert the *.dat.br to RAW images.
*.dat.br filesRAW imagespartitionodm.new.dat.brodm.imgodmproduct.new.dat.brproduct.imgproductsystem.new.dat.brsystem.imgsystemsystem_ext.new.dat.brsystem_ext.imgsystem_extvendor.new.dat.brvendor.imgvendor
2. Use command
Code:
fastboot flash PARTITION RAW_IMAGE
to flash them all.
xXx yYy said:
Don't confuse things:
Code:
adb shell
is used to run Android ( Linux ) system commands on Android devices.
Click to expand...
Click to collapse
Using ADB commands or adb shell to run commands in the device's shell (#!/system/bin/sh) doesn't matter. Both passing commands through adb.exe to the adbd on the device. Killing the adbd will kill the connection anywhere.
You must NOT teach me what ADB is and/or how it works.
WoKoschekk said:
The tool scrcpy installs *.odex compiled Java code on your device. This code isn't executable in any recovery.
Options for flashing your ROM:
– TWRP:
1. Put the raw images of your custom ROM into the ADB folder on your desktop and adb push them to the phone or use MTP to copy them.
2. Then you can use the openrecoveryscript.html (TWRP's commandline tool) to flash images.
TWRP Commandline Guide
</style>CLIENT SIDE/SCRIPTinstall FILENAME : install FILENAME zip file.
twrp.me
– ADB:
1. copy all raw images into ADB folder
2. use adb push to flash the images on your device.
– ABD (adb shell):
1. copy all images via adb push or via MTP to your device
2. enter the device's shell with adb shell
3. You said you are familiar with bash scripting. Do you know the dd command and its syntax?
CAUTION: The command dd overwrites EVERYTHING and without a warning!! Be careful and only use it if you know what you're doing.
Click to expand...
Click to collapse
Thank you a lot for the detailed answer.
I used the TWRP approach as it seems the simpler.
I know `dd` and can read its man, but I'd rather not mess with the phone's partitions and block devices, unless it could result in a different outcome than using the `twrp` tool.
I tried to install two different ROMs (Lineage and crDroid), but neither manages to boot.
I can see that the few visible pixels on the broken LCD are in different colors for the two ROMs (so it did manage to install something), but neither ROM ever reaches a point where the power button turns the monitor on or off: they're both stuck on the bootloader.
What I did is basically this:
Bash:
$ twrp wite cache
$ twrp wipe system
$ twrp install $ROM.zip
$ twrp format data
$ twrp wipe dalvik
$ twrp wipe cache
$ reboot
If that's a correct way to install a ROM, then I guess I have my answer: some of my phone's hardware is broken
peoro said:
What I did is basically this:
Bash:
Click to expand...
Click to collapse
Use the adb sideload option to flash your ROM. That's the usual way to install it.
Code:
adb shell twrp sideload # to activate the process on client
adb sideload <ROM_PACKAGE> # to activate the process on host
Flashing starts automatically.
xXx yYy said:
You must NOT teach me what ADB is and/or how it works.
Click to expand...
Click to collapse
I'm not teaching. I just gave arguments.
peoro said:
If that's a correct way to install a ROM,
Click to expand...
Click to collapse
Yes, it's the correct way to install. All you need to wipe/format is data.
peoro said:
I tried to install two different ROMs (Lineage and crDroid), but neither manages to boot.
Click to expand...
Click to collapse
Seems you already found the solution yourself
How do you know the ROM does not boot? note first boot takes up to 10 minutes.
alecxs said:
Seems you already found the solution yourself
How do you know the ROM does not boot? note first boot takes up to 10 minutes.
Click to expand...
Click to collapse
When the screen broke, I could tell that the ROM didn't work, because:
1. My phone didn't connect to my router. I can tell by looking at the router's log or at internet services that tell me the last time the device was online.
2. If I try to call or send SMS to SIM on the phone, the phone doesn't ring or vibrate.
3. The screen never turns off. Not even when I press the power button.
All those points still hold with the newly flashed ROM too. Of course now it can't connect to anything, but it still doesn't react to incoming calls or to the power button.
I can kinda see from the glitchy colors on the bottom of the broken LCD that the bootloader animation is displayed, but it seems that it's stuck there...
If you have any ideas on how to debug this, I'm very interested.
This is a dump of `dmesg` (from the custom recovery). It shows a bunch of errors, but I can't tell whether any is about real hardware issues.