Hi, I'm kind of a noob when it comes to rooting devices (I've done it, but only with tutorials I can't do it on my own). Recently I got stuck with my device as I can't find a custom recovery for it.
My question is, is there a universal custom recovery for all smartphones or some kind of temporary custom recovery that can help me just to root my decide?
To root a device's Android a Custom Recovery is NOT needed.
jwoegerbauer said:
To root a device's Android a Custom Recovery is NOT needed.
Click to expand...
Click to collapse
Thank you for replying, the metod without custom recovery requires me to have boot.img which i don't have because there is none online for my specific device.
I tried to Google my way around (extract the image from my own device) but that requires custom recovery
Nikola.L said:
Hi, I'm kind of a noob when it comes to rooting devices (I've done it, but only with tutorials I can't do it on my own). Recently I got stuck with my device as I can't find a custom recovery for it.
My question is, is there a universal custom recovery for all smartphones or some kind of temporary custom recovery that can help me just to root my decide?
Click to expand...
Click to collapse
There is no such thing as a universal custom recovery that works with all devices. There is only custom recovery built for each specific device model number or custom recovery that is compatible with your specific CPU chipset.
Have you considered using Magisk to root your device?
First, you need to find out if your bootloader is locked or unlocked, if it is locked, you'll have to find a method to unlock the bootloader on your specific model number. If it is unlocked, you can use the Magisk method to root your device. You can't use TWRP or Magisk if your bootloader is locked.
Droidriven said:
There is no such thing as a universal custom recovery that works with all devices. There is only custom recovery built for each specific device model number or custom recovery that is compatible with your specific CPU chipset.
Have you considered using Magisk to root your device?
First, you need to find out if your bootloader is locked or unlocked, if it is locked, you'll have to find a method to unlock the bootloader on your specific model number. If it is unlocked, you can use the Magisk method to root your device. You can't use TWRP or Magisk if your bootloader is locked.
Click to expand...
Click to collapse
I managed to unlock my bootloader, that part is done. The problem with magisk is that I need boot image for my device like I mentioned above and there is none online.
Nikola.L said:
Thank you for replying, the metod without custom recovery requires me to have boot.img which i don't have because there is none online for my specific device.
I tried to Google my way around (extract the image from my own device) but that requires custom recovery
Click to expand...
Click to collapse
To root device's Android Magisk - or whatever else 3rd-party tool - is NOT needed if Android version is 6 and up: one only have to replace the merged restricted Toybox by an unrestricted version ( e.g. 0.8.5 ) what comes with SU embedded.
jwoegerbauer said:
To root device's Android Magisk - or whatever else 3rd-party tool - is NOT needed if Android version is 6 and up: one only have to replace the merged restricted Toybox by an unrestricted version ( e.g. 0.8.5 ) what comes with SU embedded.
Click to expand...
Click to collapse
I haven't heard of this metod before, do you have a guide for this or any directive?
jwoegerbauer said:
To root device's Android Magisk - or whatever else 3rd-party tool - is NOT needed if Android version is 6 and up: one only have to replace the merged restricted Toybox by an unrestricted version ( e.g. 0.8.5 ) what comes with SU embedded.
Click to expand...
Click to collapse
I'm assuming that the restricted toybox that you are talking about is part of the system partition. The problem with this idea is that root is required BEFORE you can remove, replace or install anything to or from system partition.
I did a search for:
"Root android merge Toybox"
And I got absolutely no results of any kind discussing how to root android by this method. However, I did see discussions of doing what you mentioned AFTER the device had already been rooted prior to attempting to merge Toybox.
I'm not sure that you understand its usage properly. If that is the case, don't suggest things that you don't understand in depth.
Droidriven said:
I'm not sure that you understand its usage properly. If that is the case, don't suggest things that you don't understand in depth.
Click to expand...
Click to collapse
Why do you troll me? That you lack imagination, I can't help that.
I have several phones' Android rooted the way mentioned above. Also someone in another thread some weeks ago has reported he/she successfully managed it, too.
All you need is a copy of unrestricted Toybox suitable to phone's Android, a working ADB connection and of course knowledge of ADB commands & Linux shell scripting.
FYI: Toybox is located either in /system or /vendor.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
I will reconsider if I want to be active here at all ...
jwoegerbauer said:
Why do you troll me? That you lack imagination, I can't help that.
I have several phones' Android rooted the way mentioned above. Also someone in another thread some weeks ago has reported he/she successfully managed it, too.
All you need is a copy of unrestricted Toybox suitable to phone's Android, a working ADB connection and of course knowledge of ADB commands & Linux shell scripting.
FYI: Toybox is located either in /system or /vendor.
View attachment 5415783
I will reconsider if I want to be active here at all ...
Click to expand...
Click to collapse
Can you provide me with download link for this program? Also any kind of pointers would be helpful if you have any. Thanks a lot!
jwoegerbauer said:
Why do you troll me? That you lack imagination, I can't help that.
I have several phones' Android rooted the way mentioned above. Also someone in another thread some weeks ago has reported he/she successfully managed it, too.
All you need is a copy of unrestricted Toybox suitable to phone's Android, a working ADB connection and of course knowledge of ADB commands & Linux shell scripting.
FYI: Toybox is located either in /system or /vendor.
View attachment 5415783
I will reconsider if I want to be active here at all ...
Click to expand...
Click to collapse
I wasn't trolling, I looked into what you were talking about and I didn't find anything at all about how to use this to root a device, nothing about devices that have been rooted using this method and nothing about which devices it works on or doesn't which made me have doubts, so I questioned you about it.
How is this able to inject anything that isn't stock into system without already being rooted? In my experience, unlocking bootloader allows applying custom software but doesn't allow applying anything to a stock system without being rooted first. If it were that easy, there wouldn't be so many devices on this website that do not have working root methods. If what you say is true then this would work on all devices but it obviously does not. I'll grant that it may work on certain devices but not all. There are many devices since Marshmallow that have not found root by any method, no matter what has been tried. If it were that easy, this method would be more popular and more people would be using it and there would be many, many threads here describing how those users used this method to root this device. My thoughts are that this method must have some kind of limitations on what it works on what it doesnt, which would explain why this method isn't more known or more popular. I've been on this website for many years, including being a Recognized Contributor and a Forum Moderator, I know this website very well and I've seen many different rooting methods come and go, each time there is a breakthrough in rooting methods, that breakthrough immediately becomes more popular and used by everyone and I don't see this happening with the method you mention. I'm just saying there has to be more to this method than what you think.
What kinds of devices have you used this on?
@Droidriven
that the method I mentioned is not popular probably has to do with people not knowing how Android works, people not really knowing what rooting means, people not being able to think EASILY, people not being willing to use ADB ( wrapped into a Windows command script ) or EDIFY ( wrapped into an updater-script ) but people always expecting an app they can click / touch around in.
BTW: I hate all those 3rd-party tools that promise to root Android, especially if they are not open-sourced, I can't see what the programs actually do.
The method I mentioned DOES NOT INJECT additional binaries but simply replaces an existing one - namely Toybox: Toybox is integral part of any Android version 6 and higher, it's independet of a device's brand / model.
As said above: This can get achieved by either a Windows command script utilizing ADB commands and a temporay root or an updater-script utilizing EDIFY commands. IMO using an updater-script ( stored in OTA file ) of course is the more elegant way, it even can get flashed via ADB Sideload method from within Stock Recovery.
See also here:
Been trying for over a month and can't get root on LG Phoenix 5
So I've always had a rooted heavily moded android phone but the situation I find my self in all I'm probably going to have acsses to is a cheap LG Phoenix 5 LM-K300AM and very limited acsses to a PC. I could handle that if this phone was rooted...
forum.xda-developers.com
jwoegerbauer said:
@Droidriven
that the method I mentioned is not popular probably has to do with people not knowing how Android works, people not really knowing what rooting means, people not being able to think EASILY, people not being willing to use ADB ( wrapped into a Windows command script ) or EDIFY ( wrapped into an updater-script ) but people always expecting an app they can click / touch around in.
BTW: I hate all those 3rd-party tools that promise to root Android, especially if they are not open-sourced, I can't see what the programs actually do.
The method I mentioned DOES NOT INJECT additional binaries but simply replaces an existing one - namely Toybox: Toybox is integral part of any Android version 6 and higher, it's independet of a device's brand / model.
As said above: This can get achieved by either a Windows command script utilizing ADB commands and a temporay root or an updater-script utilizing EDIFY commands. IMO using an updater-script ( stored in OTA file ) of course is the more elegant way, it even can get flashed via ADB Sideload method from within Stock Recovery.
See also here:
Been trying for over a month and can't get root on LG Phoenix 5
So I've always had a rooted heavily moded android phone but the situation I find my self in all I'm probably going to have acsses to is a cheap LG Phoenix 5 LM-K300AM and very limited acsses to a PC. I could handle that if this phone was rooted...
forum.xda-developers.com
Click to expand...
Click to collapse
Well that explains it, the method you are talking about uses temp ROOT, it is like I said from the beginning, root(whether temporary or permanent) is required in order to inject anything (and yes, this method DOES inject additional binaries, the su binaries, they weren't there to begin with so they are "additional binaries", they are just included with the replaced file). That part about temp root leads me to believe that may be a factor in some way that limits what devices the method will work on or not.
I've used a similar method to this to root an Intel Atom based device years ago.
I'll try this on a couple of devices that I have that haven't been rooted and see what happens, though I'm not expecting positive results considering the many different methods and tricks that I've learned over the years on them.
To clarify things:
A temporary root is only required if ADB ( Windows command script ) is used.
FYI:
If using ADB ( Windows command script ) then temporary root ( read: matching SU binary, ~100 KB ) by serious programmers gets temporarily stored in /data/local/tmp what by default is mounted as RW on any Android and gets deleted if no longer used.
jwoegerbauer said:
To clarify things:
A temporary root is only required if ADB ( Windows command script ) is used.
FYI:
If using ADB ( Windows command script ) then temporary root ( read: matching SU binary, ~100 KB ) by serious programmers gets temporarily stored in /data/local/tmp what by default is mounted as RW on any Android and gets deleted if no longer used.
Click to expand...
Click to collapse
Yes, I know what temp root is, I've used it myself by different methods. But, I also know that existing temp root solutions don't necessarily work on all devices, as all things android, YMMV, nothing is universally applicable to all android devices except for the fact that they all have a power button.
Related
Due to the disrespect of certain members I will no longer share the tutorials.
This tutorial is not working for Version 7.
An error message is displayed and the R/O cannot be released.
I have reported the error in the original thread.
I'm not very good at English.
PEACH-PIT said:
This tutorial is not working for Version 7.
An error message is displayed and the R/O cannot be released.
I have reported the error in the original thread.
I'm not very good at English.
Click to expand...
Click to collapse
Try and see if @munjeni has V2. That's what I used and it's working fine. He started having problems after that with V3 and onward. I personally have not tried V7.
It is not possible to try v2.
You should not try v3 or earlier, as they have serious errors.
I reported the error and got v9, but never got the r/w.
This tutorial is not working.
So far, I can't get r/w on moto g 5g.
PEACH-PIT said:
It is not possible to try v2.
You should not try v3 or earlier, as they have serious errors.
I reported the error and got v9, but never got the r/w.
This tutorial is not working.
So far, I can't get r/w on moto g 5g.
Click to expand...
Click to collapse
Here are the files I used of V2. While I did not have an error (and still using my phone) please use this at your discretion and your risk. You will be able to achieve R/O access following my guide with this.
https://forum.xda-developers.com/t/script-android-10-universal-mount-system-read-write-r-w.4247311/
"moto g 5g" can use makeSystemRW v1.31.
It must be used in conjunction with makesysrw_repair.
makesysrw_repair requires linux.
The size option will not work if it is too large or too small.
You need to specify an appropriate size.
Please adjust it by yourself.
I got the right result with 20mb.
adb shell
su
chmod +x /data/local/tmp/makesysrw_1.31/makesysrw.sh
setenforce 0
./data/local/tmp/makesysrw_1.31/makesysrw.sh size=20
https://forum.xda-developers.com/t/...t-system-read-write-r-w.4247311/post-84914345
Perhaps this will eliminate the need for makesysrw_repair.
However, you will need an sd card.
adb shell
su
chmod +x /data/local/tmp/makesysrw_1.31/makesysrw.sh
setenforce 0
cd /data/local/tmp/makesysrw_1.31
./makesysrw.sh size=20 out=/external_sd/super.img
Articul8Madness said:
Update: I used Version 2 with no problems. According to @munjeni there are BIG DANGEROUS ISSUES with Version and newer. Starting at V7 there are clone issues. I have tried Version 9 and had those issues.
Using the V2 method you will be able to delete and remove files. The ability to resize the partitions has not been achieved, so you will be at the mercy of the space limitations in the partition.
This tutorial is for people like me that after rooting the Moto One 5G Ace XT-2113 (MetroPCS Qualcomm Variant) running on stock Android 10 discovered that their root did not grant them Write Access to system files. Starting with Android 10, a new System As Root protocol prohibits users from access all of their files due to Dynamic Partitions and being formatted to EXT4_FEATURE_RO_COMPAT_SHARED_BLOCKS, effectively making root useless. You can read about that here:
https://twitter.com/i/web/status/1170404631865778177
Rest not, a method has been made!
Follow the following at your own risk! I am not responsible for any mishaps with your devices and neither is @munjeni. I also don't know if this will work on other variants, as I only have tried this method on the RETUS and RETEU stock firmware. Also, this will NOT obviously work for Verizon, AT&T, and Cricket phones or other mobile carriers that lock their bootloaders.
I want to thank a couple of people for their big beautiful brains and hard work in figuring this out. First, all the love in the world goes out to @lebigmac. This beautiful soul and I have been back and forth a week trying to get something going on the Moto. I thank him for his patience, his genius, and his tenacity to hang in there with my device even after I threatened a bunch of times to go to Apple and be done with this new cumbersome lockdown AndroidOS. He gave the hope as his method has worked on Asus and Xiaomi variants. It has been an honor to be on his beta test team.
Last, but not least, I want to thank @munjeni whose method finally broke on through to the other side. If it were not for his big beautiful brain I’d be ordering me an iPhone and calling it quits. It is due to his and @lebigmac’s hard work researching and testing that gives us the ability to finally have full root access. Thank you guys. I love you both!
And please visit both of their threads and help them continue support and development on this project for ALL of your Android 10 phones (especially this one).
@lebigmac Method: [SCRIPT][Android 10+] Universal Mount System read write R/W
@munjeni Method: [TOOL][WIN,LIN,AND,DARW] Super image unpack-repack tools
Introduction/Preparation
First, go and prepare by READING EVERYTHING I’M WRITING IN THIS POST BEFORE YOU START. Very important. Don't even jump into this without reading this thread here all the way to the end. This isn’t exactly child’s play if you are not comfortable with the ADB Shell or Linux, and if you type the wrong commands you could do serious, irreparable damage to your device. It also doesn’t hurt to read the original thread for this all the way through, and you can find that here: Munjeni's Superpack Repack Tool
Second, make sure your bootloader is unlocked and you have Magisk root on your device. You can check the forum for tutorials on how to do that. This method will ABSOLUTELY NOT WORK if you are not bootloader unlocked, and rooted with your boot.img patched by Magisk. If you can’t figure out that part of it then you definitely aren’t prepared for this.
***NOTES SO YOU DON'T FREAK OUT***
1. While it hasn’t happened to me, there is the possibility that you can brick your phone doing this. As such, make sure you have your firmware already downloaded and available to flash should something go wrong. This is just a precaution, a break glass in case of emergency situation. It’s better to have the files already ready to go with the flashfile commands converted and not need it than need it and frustrated because you didn’t prepare.
2. There is no custom recovery/TWRP for this variant yet (and trust me I’m trying very hard to work on that), so you will have to use ADB Shell to run the commands we need for this exercise. If you are not familiar with that, please do some research on ADB Shell so you’re comfortable and familiar. Google for once is a friend for that!
Files
Here is a list of things you will need going into it.
1. Windows 7. I did it in Windows 7 and Kali Linux so I can’t speak on whether or not this will work smoothly in other versions. This method is exclusively for Windows 7. Go to the original thread on info on how to use it on other platforms.
2. Get Tiny ADB and Fastboot (it's easier to use than Android SDK and smaller) or whatever fastboot you’re comfortable with.
3. Make sure the drivers for your Moto One 5G Ace are already downloaded and installed on your computer.
4. @munjeni’s Super Unpack Repack Tool. Can’t get anywhere with the method without it. You can download it here from the first post: https://forum.xda-developers.com/t/tool-win-lin-and-darw-super-image-unpack-repack-tools.4120963/
5. Root Explorer (or whatever your favorite type of system explorer is). There’s no getting into the system files without it.
6. Busybox. I used Busybox Pro 70 that I had from my MotoG7Power and that worked flawlessly. A newer version of Busybox did not install on my device because I didn’t have Write access going into it but that version I can attest works.
7. Stock Firmware (Just in case, remember?) I used XT2113_KIEV_RETUS_10_QZK30.Q4-40-55_subsidy-DEFAULT_regulatory-DEFAULT_CFC_R1_CFC.xml which is the US Retail software and the XT2113-3_KIEV_RETEU_10_QZKS30.Q4-40-62-2_subsidy-DEFAULT_regulatory-XT2113-3-EU-SAR_CFC.xml instead of MetroPCS's firmware because I hate any branded US carrier bloatware and such and like that factory unlocked from the manufacturer feel. Both of my phones flashed fine with it and you can find it here: Moto One 5G Ace ALL Firmwares. It doesn't matter what your carrier is, they have them all there.
8. The stock charging cable that comes with your phone.
The Process
1. Make sure the phone is at least halfway charged. Last thing you want is the phone to die in the middle of any of this and cause a system error that you might can’t get out of.
2. Make sure your have installed your Root Explorer and Busybox beforehand.
3. Extract @munjeni’s Super Unpack Repack Tool. Copy the file “superrepack.arm64_pie” to your phone.
4. Rename “superrepack.arm64_pie” on your phone to “superrepack” (obviously without quotations).
5. Move “superrepack” file on your phone to /data/local/tmp folder. If you have root and using a root explorer you can’t miss it (obviously without quotations).
6. Connect your phone to your PC via the charging cable.
7. Open TinyADB and Fastboot. Do not open it as an administrator or it will not function correctly getting root access on your device.
8. Type: “adb shell” and press enter. This will change C:/TheNameOfYourDirectory to kiev:/ $
9. Type: “su” and press enter. This will change the dollar sign “$” to a sharp symbol “#” and will look like kiev:/ # Make sure you allow permissions if Magisk asks for it or it will give you a permission denied message.
10. Type: “ls -Alg /dev/block/by-name | grep "super"” and press enter since you need to know where your block device is. It should return a result that looks like “lrwxrwxrwx 1 root 16 1970-01-01 08:07 super -> /dev/block/NameOfYourBlock” (obviously without quotations except the quotations in "super" - keep those)
11. Copy and paste somewhere “/dev/block/NameOfYourBlock” (obviously without quotations). You’re going to need that later.
12. Close TinyADB and Fastboot. Now open a fresh instance of it in a new window.
13. Type: “adb shell” (obviously without quotations) and press enter. This will change C:/TheNameOfYourDirectory to kiev:/ $
14. Type: “su” (obviously without quotations) and press enter. This will change the dollar sign “$” to a sharp symbol “#” and will look like kiev:/ #
15. Type: “chmod 755 /data/local/tmp/superrepack” (obviously without quotations) and press enter as the chmod command will give us root permissions to run the script. This is VERY IMPORTANT. Don’t worry if it goes to a blank next line that’s normal.
16. Type: “setenforce 0” (obviously without quotations) and press enter as we need to disable selinux. Again, don’t worry if it goes to a blank next line as that’s normal.
17. Type: “/data/local/tmp/superrepack /dev/block/NameOfYourBlock” (obviously without quotations) and press enter. Let the script run to the end.
18. Reboot your phone. Close Tiny ADB and Fastboot.
19. When your phone is rebooted go to Root Explorer (or your explorer).
20. Mount the system in your file explorer! You should have R/W Access in ALL of your partitions.
If Something Goes Wrong And You Have To Reflash Your Phone…
Please refer to the guides in the forum on how to get your phone back to stock. There’s one for flashing, one for root, and a subsequent one for debloat.
If you come up with an error, please go to the original thread https://forum.xda-developers.com/t/tool-win-lin-and-darw-super-image-unpack-repack-tools.4120963/ and let @munjeni know what the issue is so he can help.
Hope this brings some love to the Moto One 5G Ace users. We definitely need a boost to lift development spirits.
I will try and answer questions if I can or point you in the right direction.
Click to expand...
Click to collapse
Wow this was the easiest guide to get r/w access. Thanks to everyone involved in this milestone.
I can mount r/w on stock android 10....
Articul8Madness said:
Update: I used Version 2 with no problems. According to @munjeni there are BIG DANGEROUS ISSUES with Version and newer. Starting at V7 there are clone issues. I have tried Version 9 and had those issues.
Using the V2 method you will be able to delete and remove files. The ability to resize the partitions has not been achieved, so you will be at the mercy of the space limitations in the partition.
This tutorial is for people like me that after rooting the Moto One 5G Ace XT-2113 (MetroPCS Qualcomm Variant) running on stock Android 10 discovered that their root did not grant them Write Access to system files. Starting with Android 10, a new System As Root protocol prohibits users from access all of their files due to Dynamic Partitions and being formatted to EXT4_FEATURE_RO_COMPAT_SHARED_BLOCKS, effectively making root useless. You can read about that here:
https://twitter.com/i/web/status/1170404631865778177
Rest not, a method has been made!
Follow the following at your own risk! I am not responsible for any mishaps with your devices and neither is @munjeni. I also don't know if this will work on other variants, as I only have tried this method on the RETUS and RETEU stock firmware. Also, this will NOT obviously work for Verizon, AT&T, and Cricket phones or other mobile carriers that lock their bootloaders.
I want to thank a couple of people for their big beautiful brains and hard work in figuring this out. First, all the love in the world goes out to @lebigmac. This beautiful soul and I have been back and forth a week trying to get something going on the Moto. I thank him for his patience, his genius, and his tenacity to hang in there with my device even after I threatened a bunch of times to go to Apple and be done with this new cumbersome lockdown AndroidOS. He gave the hope as his method has worked on Asus and Xiaomi variants. It has been an honor to be on his beta test team.
Last, but not least, I want to thank @munjeni whose method finally broke on through to the other side. If it were not for his big beautiful brain I’d be ordering me an iPhone and calling it quits. It is due to his and @lebigmac’s hard work researching and testing that gives us the ability to finally have full root access. Thank you guys. I love you both!
And please visit both of their threads and help them continue support and development on this project for ALL of your Android 10 phones (especially this one).
@lebigmac Method: [SCRIPT][Android 10+] Universal Mount System read write R/W
@munjeni Method: [TOOL][WIN,LIN,AND,DARW] Super image unpack-repack tools
Introduction/Preparation
First, go and prepare by READING EVERYTHING I’M WRITING IN THIS POST BEFORE YOU START. Very important. Don't even jump into this without reading this thread here all the way to the end. This isn’t exactly child’s play if you are not comfortable with the ADB Shell or Linux, and if you type the wrong commands you could do serious, irreparable damage to your device. It also doesn’t hurt to read the original thread for this all the way through, and you can find that here: Munjeni's Superpack Repack Tool
Second, make sure your bootloader is unlocked and you have Magisk root on your device. You can check the forum for tutorials on how to do that. This method will ABSOLUTELY NOT WORK if you are not bootloader unlocked, and rooted with your boot.img patched by Magisk. If you can’t figure out that part of it then you definitely aren’t prepared for this.
***NOTES SO YOU DON'T FREAK OUT***
1. While it hasn’t happened to me, there is the possibility that you can brick your phone doing this. As such, make sure you have your firmware already downloaded and available to flash should something go wrong. This is just a precaution, a break glass in case of emergency situation. It’s better to have the files already ready to go with the flashfile commands converted and not need it than need it and frustrated because you didn’t prepare.
2. There is no custom recovery/TWRP for this variant yet (and trust me I’m trying very hard to work on that), so you will have to use ADB Shell to run the commands we need for this exercise. If you are not familiar with that, please do some research on ADB Shell so you’re comfortable and familiar. Google for once is a friend for that!
Files
Here is a list of things you will need going into it.
1. Windows 7. I did it in Windows 7 and Kali Linux so I can’t speak on whether or not this will work smoothly in other versions. This method is exclusively for Windows 7. Go to the original thread on info on how to use it on other platforms.
2. Get Tiny ADB and Fastboot (it's easier to use than Android SDK and smaller) or whatever fastboot you’re comfortable with.
3. Make sure the drivers for your Moto One 5G Ace are already downloaded and installed on your computer.
4. @munjeni’s Super Unpack Repack Tool. Can’t get anywhere with the method without it. You can download it here from the first post: https://forum.xda-developers.com/t/tool-win-lin-and-darw-super-image-unpack-repack-tools.4120963/
5. Root Explorer (or whatever your favorite type of system explorer is). There’s no getting into the system files without it.
6. Busybox. I used Busybox Pro 70 that I had from my MotoG7Power and that worked flawlessly. A newer version of Busybox did not install on my device because I didn’t have Write access going into it but that version I can attest works.
7. Stock Firmware (Just in case, remember?) I used XT2113_KIEV_RETUS_10_QZK30.Q4-40-55_subsidy-DEFAULT_regulatory-DEFAULT_CFC_R1_CFC.xml which is the US Retail software and the XT2113-3_KIEV_RETEU_10_QZKS30.Q4-40-62-2_subsidy-DEFAULT_regulatory-XT2113-3-EU-SAR_CFC.xml instead of MetroPCS's firmware because I hate any branded US carrier bloatware and such and like that factory unlocked from the manufacturer feel. Both of my phones flashed fine with it and you can find it here: Moto One 5G Ace ALL Firmwares. It doesn't matter what your carrier is, they have them all there.
8. The stock charging cable that comes with your phone.
The Process
1. Make sure the phone is at least halfway charged. Last thing you want is the phone to die in the middle of any of this and cause a system error that you might can’t get out of.
2. Make sure your have installed your Root Explorer and Busybox beforehand.
3. Extract @munjeni’s Super Unpack Repack Tool. Copy the file “superrepack.arm64_pie” to your phone.
4. Rename “superrepack.arm64_pie” on your phone to “superrepack” (obviously without quotations).
5. Move “superrepack” file on your phone to /data/local/tmp folder. If you have root and using a root explorer you can’t miss it (obviously without quotations).
6. Connect your phone to your PC via the charging cable.
7. Open TinyADB and Fastboot. Do not open it as an administrator or it will not function correctly getting root access on your device.
8. Type: “adb shell” and press enter. This will change C:/TheNameOfYourDirectory to kiev:/ $
9. Type: “su” and press enter. This will change the dollar sign “$” to a sharp symbol “#” and will look like kiev:/ # Make sure you allow permissions if Magisk asks for it or it will give you a permission denied message.
10. Type: “ls -Alg /dev/block/by-name | grep "super"” and press enter since you need to know where your block device is. It should return a result that looks like “lrwxrwxrwx 1 root 16 1970-01-01 08:07 super -> /dev/block/NameOfYourBlock” (obviously without quotations except the quotations in "super" - keep those)
11. Copy and paste somewhere “/dev/block/NameOfYourBlock” (obviously without quotations). You’re going to need that later.
12. Close TinyADB and Fastboot. Now open a fresh instance of it in a new window.
13. Type: “adb shell” (obviously without quotations) and press enter. This will change C:/TheNameOfYourDirectory to kiev:/ $
14. Type: “su” (obviously without quotations) and press enter. This will change the dollar sign “$” to a sharp symbol “#” and will look like kiev:/ #
15. Type: “chmod 755 /data/local/tmp/superrepack” (obviously without quotations) and press enter as the chmod command will give us root permissions to run the script. This is VERY IMPORTANT. Don’t worry if it goes to a blank next line that’s normal.
16. Type: “setenforce 0” (obviously without quotations) and press enter as we need to disable selinux. Again, don’t worry if it goes to a blank next line as that’s normal.
17. Type: “/data/local/tmp/superrepack /dev/block/NameOfYourBlock” (obviously without quotations) and press enter. Let the script run to the end.
18. Reboot your phone. Close Tiny ADB and Fastboot.
19. When your phone is rebooted go to Root Explorer (or your explorer).
20. Mount the system in your file explorer! You should have R/W Access in ALL of your partitions.
If Something Goes Wrong And You Have To Reflash Your Phone…
Please refer to the guides in the forum on how to get your phone back to stock. There’s one for flashing, one for root, and a subsequent one for debloat.
If you come up with an error, please go to the original thread https://forum.xda-developers.com/t/tool-win-lin-and-darw-super-image-unpack-repack-tools.4120963/ and let @munjeni know what the issue is so he can help.
Hope this brings some love to the Moto One 5G Ace users. We definitely need a boost to lift development spirits.
I will try and answer questions if I can or point you in the right direction.
Click to expand...
Click to collapse
This didn't work for me. My access is no different than when I started. The script showed the third partition was a different type.
Okay I want to give the benefit of doubt here so; what do you mean by V7 having clone issues? I'd say I had clone issues after following this tutorial but a more accurate description would be "hacked". So I'm just a little confused; could you elaborate a little on the "cloning issue" and differences between V2, 7 and 9? Thank you.
Wish we had a working TWRP FOR THE MOTO ACE.. Would open so many doors for this phone...
skinlab said:
Wish we had a working TWRP FOR THE MOTO ACE.. Would open so many doors for this phone...
Click to expand...
Click to collapse
I think it has not been released because it has problems with touch screen operation.
And in the case of motorola, you can't run these tools on twrp.
There is a high possibility that the protection function of the device will kick in and cause an error.
Ok. I got it to work after I reflashed the original ROM. Thanks for you help. I used 3 of your guides to get success! You are to be commended.
clintongsan said:
Okay I want to give the benefit of doubt here so; what do you mean by V7 having clone issues? I'd say I had clone issues after following this tutorial but a more accurate description would be "hacked". So I'm just a little confused; could you elaborate a little on the "cloning issue" and differences between V2, 7 and 9? Thank you.
Click to expand...
Click to collapse
You will have to ask munjeni. I just reposted what he sent me. But its not a hack issue, the superpartitions have a bad habit of reproducing themselves once you mod anything.
PEACH-PIT said:
I think it has not been released because it has problems with touch screen operation.
And in the case of motorola, you can't run these tools on twrp.
There is a high possibility that the protection function of the device will kick in and cause an error.
Click to expand...
Click to collapse
Not true. The Nairo variant of the Moto One 5G has TWRP. The mods over there had to make their own modules. I don't know how to do that, so all I have is an experimental working build with no touchscreen access.
PEACH-PIT said:
https://forum.xda-developers.com/t/script-android-10-universal-mount-system-read-write-r-w.4247311/
"moto g 5g" can use makeSystemRW v1.31.
It must be used in conjunction with makesysrw_repair.
makesysrw_repair requires linux.
The size option will not work if it is too large or too small.
You need to specify an appropriate size.
Please adjust it by yourself.
I got the right result with 20mb.
adb shell
su
chmod +x /data/local/tmp/makesysrw_1.31/makesysrw.sh
setenforce 0
./data/local/tmp/makesysrw_1.31/makesysrw.sh size=20
Click to expand...
Click to collapse
Tried using it in TWRP and it didn't work. Error 73.
Articul8Madness said:
Tried using it in TWRP and it didn't work. Error 73.
Click to expand...
Click to collapse
Why are you using TWRP to run that script?
If you run those scripts in linux, they will work fine.
I'm using BBQlinux.
Unfortunately you can't get r/w unless you use sysrw_repair.
PEACH-PIT said:
Why are you using TWRP to run that script?
If you run those scripts in linux, they will work fine.
I'm using BBQlinux.
Unfortunately you can't get r/w unless you use sysrw_repair.
Click to expand...
Click to collapse
@lebigmac said we could run the script from TWRP. That is how he initially designed it so I gave it a shot.
So, I am brand new here. Just signed up after reading straight for 6.5 hours (give or take). I have also been doing as much research as possible as I want to root my Moto One 5G Ace and it seemed like this forum is the best as far as knowledge and clarity. But it seems that with the multiple guides on here for this same device I am not sure exactly which to follow and where... as well as a few other concerns. But firstly, as I am reading about the R/O aspect, what exactly is the big benefits of going through this process exactly. To my knowledge R/W is one of the biggest benefits to rooting a phone. Not the only one of course but a big one nonetheless. I will hold of with doing anything until I get some opinions on it as well as a definitive answer as to what guide I should be following. Many thanks fellow tinkerers!
Paul_Neocube said:
So, I am brand new here. Just signed up after reading straight for 6.5 hours (give or take). I have also been doing as much research as possible as I want to root my Moto One 5G Ace and it seemed like this forum is the best as far as knowledge and clarity. But it seems that with the multiple guides on here for this same device I am not sure exactly which to follow and where... as well as a few other concerns. But firstly, as I am reading about the R/O aspect, what exactly is the big benefits of going through this process exactly. To my knowledge R/W is one of the biggest benefits to rooting a phone. Not the only one of course but a big one nonetheless. I will hold of with doing anything until I get some opinions on it as well as a definitive answer as to what guide I should be following. Many thanks fellow tinkerers!
Click to expand...
Click to collapse
This phone is great once you have done all the steps. It took me a while to get it all done correctly.
You need to follow the steps in the complete noob guide to rooting. I tried shortcuts that ultimately did not work. Then follow the guide to get read/write access. If you want to debloat, use the guide on using the package manager.
You can also add TWRP recovery. I forgot which guide I chose. I continue to find new dialer, contacts, etc. and remove stock programs. So have fun.
Ok so i got a zte quest 5 (z3351s) though qlink. Not the phone i wanted but it was one i could afford. And it works very well just can't run amazon music and other apps at the same time.
But the bloatware is unreal. Used to in my galaxy s3&s4 days i could root and delete all apps i didn't need. I know i can disable them but i want them gone completely.
Majisk didnt work
Kingoroot same even used pc.
I am hoping someone knows of a way i can root this phone or at least delete all the un needed apps for example i have Google maps go (came stock) i put the org google maps which is better plus offers sat view.
Edit i did some math and converting and the useless apps 11 out of 58 come out to 349.72mb which is a lot if your phone only has 16gb of space. Also note i don't have hardly anything.
Worst case i can Hotspot to my note10+ for multitasking but not sure of data limit.
@TexasPride
a phone's Android can get considered "rooted" as soon as in Android the SU-binary is present. Hence you at any time at your own can install the appropriate SU-binary onto your phone's Android by means of ADB.
I heard about adb methods but i haven't messed with it in forever since apk/ios apps came out
jwoegerbauer said:
@TexasPride
a phone's Android can get considered "rooted" as soon as in Android the SU-binary is present. Hence you at any time at your own can install the appropriate SU-binary onto your phone's Android by means of ADB.
Click to expand...
Click to collapse
Are you sure it will always work?
I tried this method of installing supersu: https://github.com/spff/install-supersu-via-adb
As a result, I got my phone eternally showing the boot logo and not booting.
Not a problem to re-flash stock ROM but it is an example that there in no universal way to install SU (or SuperSU) via adb.
If you could give a link to some other method how SU could be installed, I'll give it a try of course.
vp1117 said:
Are you sure it will always work?
I tried this method of installing supersu: https://github.com/spff/install-supersu-via-adb
As a result, I got my phone eternally showing the boot logo and not booting.
Not a problem to re-flash stock ROM but it is an example that there in no universal way to install SU (or SuperSU) via adb.
If you could give a link to some other method how SU could be installed, I'll give it a try of course.
Click to expand...
Click to collapse
I spoke of SU-binary and NOT of SuperSU installer package
Example:
Code:
adb devices
adb push <location-of-matching-su-binary-on-computer> /sdcard/Downloads/ 2>nul
adb shell "chmod 0777 /sdcard/Downloads/su"
Of course you can install SuperSU package by means of ADB and this even when device is booted into Stock Recovery: but this requires to make some mods to SuperSU zip.
TexasPride, sorry I stepped in your thread.
jwoegerbauer said:
I spoke of SU-binary and NOT of SuperSU installer package
Click to expand...
Click to collapse
I see. It is often mixed in numerous materials one can find in the net. Subject is SU-binary update, but the ultimate goal is to install supersu.
jwoegerbauer said:
Example:
Code:
adb devices
adb push <location-of-matching-su-binary-on-computer> /sdcard/Downloads/ 2>nul
adb shell "chmod 0777 /sdcard/Downloads/su"
Click to expand...
Click to collapse
What should be result of running this code? SU-binary located in Downloads with 777 permission? What is the practical sense/use of it?
What software/application would use SU in that location?
Sorry for my questions. I'm not arguing. I try to understand the idea.
jwoegerbauer said:
Of course you can install SuperSU package by means of ADB and this even when device is booted into Stock Recovery: but this requires to make some mods to SuperSU zip.
Click to expand...
Click to collapse
Somehow, with my almost zero knowledge of edify and linux command line I got the same conclusion: SuperSU zip has to be modified in order to install it via adb on devices that do not have TWRP for sideload. I failed to find any examples of SuperSU modding...
@vp1117
Answering your questions from last to first:
Installing SuperSU.zip via ADB
The SuperSU.zip doesn't come with an EDIFY coded script, but with an Android SHELL script - everyone who has knowledge of LINUX scripting can read / modify it.
Android comes with TAR-binary, but not ZIP-binary. Hence the SuperSu.zip must get repacked into SuperSU.tar thus it can get extracted on Phone. The contents of such a TAR-file would look as shown here
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Making use of SU-binary
The SU-binary ( ~110KB ) is nothing else then the root user, as known from LINUX.
Running in Android via ADB a command that requires super-user ( root ) rights is done as follows
Example:
Code:
adb devices
adb shell "/sdard/Downloads/su -c '<ommand-that-requires-root-here>'"
jwoegerbauer said:
Answering your questions from last to first:
Installing SuperSU.zip via ADB
The SuperSU.zip doesn't come with an EDIFY coded script, but with an Android SHELL script - everyone who has knowledge of LINUX scripting can read / modify it.
Android comes with TAR-binary, but not ZIP-binary. Hence the SuperSu.zip must get repacked into SuperSU.tar thus it can get extracted on Phone. The contents of such a TAR-file would look as shown here
Click to expand...
Click to collapse
OK. I guess, I can repack zip to tar.
Sorry for my silly question but why should I need to keep superSU as an archive? Could not I just upload all folders + update-binary.sh to the phone? I'm sure I can do it.
Am I right my next step would be running update-binary.sh (~60 KB) from <adb shell> command line?
jwoegerbauer said:
Making use of SU-binary
The SU-binary ( ~110KB ) is nothing else then the root user, as known from LINUX.
Running in Android via ADB a command that requires super-user ( root ) rights is done as follows
Example:
Code:
adb devices
adb shell "/sdard/Downloads/su -c '<ommand-that-requires-root-here>'"
Click to expand...
Click to collapse
Interestingly, I can execute all commands I need without having su-binary (~100 KB) uploaded to my phone. It is strange but I see #-prompt after I ran <adb shell>. This happens on my UNrooted phone, running stock ROM. I guess, it's a specifics of my phone, no need to try explain it.
I done failed trying to read i dont really understand linux all that well. But if anyone has any links so i can download it and try it
vp1117 said:
Sorry for my silly question but why should I need to keep superSU as an archive? Could not I just upload all folders + update-binary.sh to the phone? I'm sure I can do it.
Am I right my next step would be running update-binary.sh (~60 KB) from <adb shell> command line?
Click to expand...
Click to collapse
Of course it's your decision how you transfer the SuperSU package onto phone: many ways lead to Rome.
My decision was to push SuperSU package repacked as TAR-file onto phone, extract it there, and finally run the modified update-binary.sh when phone is booted into recovery mode:
Code:
adb shell "$(cat < %supersu_dir%/update-binary.sh); echo $?"
So I rebooted to stock recovery and then uploaded following from UPDATE-SuperSU-v2.82-20170528234214.zip package to my phone's folder /tmp:
/arm64
/common
/META-INF
update-binary.sh
Here is what I got:
Z:\android\adb>adb shell "$(cat < /tmp/update-binary.sh); echo $?"
127
/system/bin/sh: #!/sbin/sh: not found
And here's what I got running same command from # command line:
# $(cat < /tmp/update-binary.sh); echo $?
/system/bin/sh: #!/sbin/sh: not found
127
In response to # ls -al /sbin I get lots of lines one of them is as follows:
lrwxrwxrwx 1 root root 7 1970-01-01 00:00 sh -> busybox
I feel that I'm doing something wrong, but what exactly?
In attached txt-file I put some more details I got in command line.
jwoegerbauer said:
... and finally run the modified update-binary.sh when phone is booted into recovery mode:
Click to expand...
Click to collapse
Am I right the only modification needed is to rename update-binary to update-binary.sh ?
@vp1117
NO.
When I said modified then I didn't mean simply rename it: The contents of original update-binary file must be rewritten / deleted in some parts. Also, believe me, it makes sense to repack original SuperSU.zip to SuperSu.tar as I demonstrated above. Take also note that, if device's Android isn't rooted yet, the location for unpacked SuperSU mandatory must be /data/local/tmp.
BTW:
I can see BusyBox is installed on your device's Android. Take note that BusyBox by default comes with the SU-binary. Hence your device's Android is rooted! Wondering why you waste your time with trying to completely install SuperSU from scratch?
jwoegerbauer said:
Wondering why you waste your time with trying to completely install SuperSU from scratch?
Click to expand...
Click to collapse
Good question.
Probably, because I see this when phone restarts from recovery to normal android:
jwoegerbauer said:
Also, believe me, it makes sense to repack original SuperSU.zip to SuperSu.tar as I demonstrated above.
Click to expand...
Click to collapse
OK, no problem, I can re-pack zip into tar.
However, what you demonstrated above was a screenshot showing update-binary.sh being inside the tar. At the same time you don't tell how update-binary.sh must be amended. Is it OK?
TexasPride
I'm very sorry I put so much spam in your thread. Please forgive me. If I knew how to delete my posts here I would deleted them.
vp1117 said:
TexasPride
I'm very sorry I put so much spam in your thread. Please forgive me. If I knew how to delete my posts here I would deleted them.
Click to expand...
Click to collapse
Its ok, i dont mind at all.
@TexasPride
FYI: I no longer participate this hijacked thread.
Hi everyone, I got a vivo y33s and wanted to ask if you can root it and if there are any custom roms
Every phone's Android can get rooted.
All you have to do is either to replace the pre-installed suite of Android shell commands ( AKA Toybox ) by a version what contains the su command or adding a suitable su binary to Android's filesystem, preferably to /data/local/tmp.
Whether a Custom ROM like LOS etc.pp. exists for this phone or not, IDK. GIYF ...
xXx yYy said:
Every phone's Android can get rooted.
All you have to do is either to replace the pre-installed suite of Android shell commands ( AKA Toybox ) by a version what contains the su command or adding a suitable su binary to Android's filesystem, preferably to /data/local/tmp.
Whether a Custom ROM like LOS etc.pp. exists for this phone or not, IDK. GIYF ...
Click to expand...
Click to collapse
Exist tutorial or guide for this?
I would also like to root my Y33s....
Can anyone please suggest a good (up to date) Tutorial for the ADB stuff.....or any other method for rooting?
greets
Yeah !
I also want to root Vivo y33t.
It is such a headache to watch all the adds, with root access I want to disable all the adds with energized protection. But, could not root this phone.
Expect some helps from XDA specialists here.
Thanks in advance.
I have used magisk to patch the file and android platform tools (fastboot or stuff like that) but it does not work. I dont want to install twrp as i dont really trust custom recoveries as much and i dont want to use odin for the same reason. Is this impossible or is there a way but i am just doing it incorrectly. Please reply asap!
Never installed Magisk nor TWRP, why should I have done it?
To answer your question: A temporary root can get achieved by putting a suitable su into directory /data/local/tmp and making it executable.
https://forum.xda-developers.com/attachments/su-binaries-zip.5566949/
xXx yYy said:
Never installed Magisk nor TWRP, why should I have done it?
To answer your question: A temporary root can get achieved by putting a suitable su into directory /data/local/tmp and making it executable.
https://forum.xda-developers.com/attachments/su-binaries-zip.5566949/
Click to expand...
Click to collapse
The data partition is not accessible without having root first. How are they to place su in data partition to gain temp root without first gaining root to place su in data partition? How can they root the device by using a method that requires root in the first place to achieve what you are telling them?
I think the code
Code:
adb push <PATH-TO-SU-ON-PC> /data/local/tmp
always works , because this path ( /data/local/tmp ) is always present and writable on Android dev device and Emulator.
At least it always worked for me since I'm rooting Android this way.
xXx yYy said:
I think the code
Code:
adb push <PATH-TO-SU-ON-PC> /data/local/tmp
always works , because this path ( /data/local/tmp ) is always present and writable on Android dev device and Emulator.
At least it always worked for me since I'm rooting Android this way.
Click to expand...
Click to collapse
do i unroot my device by rebooting it?
p.s. will doing this solution create a possibility of bricking my device?
Technically seen you can't root / unroot a device, but only Android OS.
As with Android OS root ( sometimes called superuser ) is the same as Administrator with Windows OS. Simply adding an user with elevated privileges never will brick an Android device.
Become familiar what root is the world of Linux OS - take note that Android OS merely is a port of it.
xXx yYy said:
Technically seen you can't root / unroot a device, but only Android OS.
As with Android OS root ( sometimes called superuser ) is the same as Administrator with Windows OS. Simply adding an user with elevated privileges never will brick an Android device.
Become familiar what root is the world of Linux OS - take note that Android OS merely is a port of it.
Click to expand...
Click to collapse
so running that command will give me legit root privileges and i can do the things an admin can do without any malware or damage?
Droidriven said:
The data partition is not accessible without having root first. How are they to place su in data partition to gain temp root without first gaining root to place su in data partition? How can they root the device by using a method that requires root in the first place to achieve what you are telling them?
Click to expand...
Click to collapse
so should i really use magisk to root my device?
moutsu said:
so should i really use magisk to root my device?
Click to expand...
Click to collapse
No, try what was suggested by placing su in the data/local/tmp. If that doesn't work, try using magisk to root your device.
xXx yYy said:
I think the code
Code:
adb push <PATH-TO-SU-ON-PC> /data/local/tmp
always works , because this path ( /data/local/tmp ) is always present and writable on Android dev device and Emulator.
At least it always worked for me since I'm rooting Android this way.
Click to expand...
Click to collapse
I've never seen a device rooted by such simple means, in my experience, it has always required root to even access data partition, especially if trying to push/pull files to/from data via adb.
I mean, if it were really that easy, why would all these rooting tools snd methods that exist on XDA have ever been needed to be created?
What devices have you rooted using this method? Can you provide information that explains and confirms what you say?
Hmmmm...
Short checked on my SM-R860 Android 11...
Code:
freshbs:/ $ cd /data/local/tmp
freshbs:/data/local/tmp $ ls
freshbs:/data/local/tmp $ ls -a1l
total 6
drwxrwx--x 2 shell shell 3452 2022-03-25 01:20 .
drwxr-x--x 4 root root 3452 2022-03-25 01:20 ..
Need more time or drinks to place something here...
Waiting for other results...
Best Regards
@Droidriven
Fellow member @adfree has proven that even with Android 11 directory /data/local/tmp worlwide exists and is writeable.
Sometimes it really makes sense to understand what OP wants to achieve: He just wants to know how Android can be temporarily rooted.
xXx yYy said:
@Droidriven
Fellow member @adfree has proven that even with Android 11 directory /data/local/tmp worlwide exists and is writeable.
Sometimes it really makes sense to understand what OP wants to achieve: He just wants to know how Android can be temporarily rooted.
Click to expand...
Click to collapse
I do need to know how an android can be temporarily rooted so I can give certain apps on my phone root access to recover some stuff I accidentally deleted. However, I do need a bit of clarification on what su file I need to put into the directory as the filed you linked was a zip file.
I would also like a method on how to unroot my device.
Dear moutsu...
IMHO instead blabla... IMHO it makes sense to start from scratch with FULL infos.
I can see only bla bla Samsung Device...
Please give full details...
A
Model Name...
Example:
SM-G920F is Android 7 for instance...
B
Is Phone alive... then give full details about Firmware Version.
Easiest way for most infos...
Type:
*#1234#
Type or make Photo or Screenshot...
Best Regards
@xXx yYy
Thank you very much. But...
I clicked through your profile and find some more puzzle parts of your idea...
Learning to root my old Galaxy S4
I have an old Samsung Galaxy S4. It's been off the network for a while and its system clock has drifted. However, adb works and I can use the old phone as a sandbox environment to learn about low level Android fundamentals. I would like to learn...
forum.xda-developers.com
After this I was drunken enough to try few things with my SM-R860...
WITHOUT success...
Later I will add my ADB output... for better understanding...
IMHO I am not total Noob in Rooting something...
Also I have "some" experiences in recover halfdead devices to backup beloved data...
I am sure you have forgotten about Samsung additional Security check... like Knox crap etc...
So my conclusion...
Your method is good to know...
But chance for success in "newer" Samsung devices is not 100 %...
Maybe you can give Samsung model name... where this work?
I could check SM-G920F with Android 7 just for fun... if I have time...
Thanx in advance.
Best Regards
regardless it is writeable to adb shell only (uid 2000), chown is forbidden anyway. even if you set SUID bit that wouldn't make much sense in /data/local/tmp
furthermore, even if you could place su binary in /system (which requires unlocked bootloader + dm-verity patch) it still requires privileged daemon in background where su want connect apps (but not exist).
so this method never worked, except for some ancient android devices where remount /system was possible from adb root.
and we haven't spoke about selinux, yet
Magisk does all this, but requires* unlocked bootloader - which triggers factory reset. So unless you have some nice exploit like dirty-cow or mtk-su, temporary root is simply impossible.
edit: TWRP is not able to decrypt samsung encryption btw. So if you want have access to userdata partition on locked bootloader the only way would be (samsung signed) so called "combination ROM" (with same bootloader level) to be flashed from Odin via HOME_CSC or heimdall.
if your device is ancient old you might lucky bootloader is unlocked, userdata partition is not encrypted at all, and ROM is just signed with test keys. in that case you can flash anything on recovery partition. philz touch recovery even provided flashable zips that signed with test keys, these zips can be flashed straight from stock recovery without PC. I remember temporary zips exist, that only boot into custom recovery without actually installing it.
edit2: *except some Mediatek devices with AVBv1 where one can flash magisk patched boot.img on locked bootloader
My last 2 cents here ( I no longer participate this thread ):
The su ( read: switchuser ) command is used to run an Android system function as a different user. It is the easiest way to switch or change to the administrative account ( read: superuser ) in the current logged in session.
Most versions of Android disable the superuser ( mostly mistakenly called root user - take note that root user in Android is the user with ID 0 who is by default present on all Android versions, is the user of session when Android gets started ) account by default making the system more secure. But, this also restricts the Android user from running specific system related commands.
Using su to temporarily act as a superuser allows you to bypass this restriction and perform system related tasks with different users.
The synthax of su command is
Code:
su [options] [username [[arguments]]
If a username isn't specified, su defaults to the superuser. Now, the logged-in user can run all system commands. This will also change the home directory and path to executable files.
If the su is used to temporarily act the logged-in user as superuser then the su binary can be located anywhere in Android's filesystem, e.g. /data/local/tmp, /storage/emulated/0, etc.pp, it must not be located in Android's system partition.
xXx yYy said:
My last 2 cents here ( I no longer participate this thread ):
Click to expand...
Click to collapse
yes, that's maybe better. teach yourself about android first. android is not linux
What special privileges "/system/xbin/su" does have w.r.t. root access?
This answer says: Because of the way directory/file permissions are configured on Android, you need to have the su binary on your /system partition in order for it to work. Putting elsewhere...
android.stackexchange.com
what is your current bootloader level? combination ROM is available (haven't checked these download links)
https://www.samsungfirmwares.info/samsung-sm-j415gn-combination-firmware-file-rom
my expectation ro.debuggable=1 is enabled
adb root will work on eng build
aIecxs said:
yes, that's maybe better. teach yourself about android first. android is not linux
What special privileges "/system/xbin/su" does have w.r.t. root access?
This answer says: Because of the way directory/file permissions are configured on Android, you need to have the su binary on your /system partition in order for it to work. Putting elsewhere...
android.stackexchange.com
Click to expand...
Click to collapse
Yeah, I get where they were coming from but.....
Nah. It just doesn't work that way for everybody. Like all things android, it really just depends on what device you have and how crappy its hardware/software and security is. Lower end/cheap and old stuff doesn't have as much time invested in making them secure to save on development and distribution costs.
Unfortunately, Samsung just isn't one of those brands that are easily rooted these days, unless you buy specific models with specific firmware/binary combinations.
Quick background: I want to start fresh with my Nook Tablet and leave out GApps this time, opting for microG instead. I'm familiar with all that entails and have done it on other devices.
The problem, in a nutshell: After wiping and reflashing the custom AOSP 7.0 ROM, I flash a small zip which contains and places the su binary (as far as I understand). Then I reboot and install a Superuser control app. I get "the su binary is out of date" message and do not have root.
I am following my own instructions from here when I first flashed the ROM with GApps. But now they don't work! Later in that thread a few people express problems with the same thing.
So...what does this "out of date" business actually mean? Is there a "use by" date on the su or something? That seems unlikely. I've tried all kinds of orders of operation with this thing but keep coming up with the same result. Searching around on line I can't seem to find any sort of explanation, just a lot of schemes, many dubious.
I've looked at SuperSU zip packages, but every one I try seems to be wanting system-less root and there is no way I know to unlock the bootloader.
I know that Magisk exists, but have never gotten into using it. I'd rather not, if possibe. I just don't see why something that worked a few years ago does not work now. It's not like it needs to contact a remote source for information.
As a last resort I could return to a backup and try to manually remove GApps but I'd really rather start with a clean ROM install and go from there. I need root to do what I want or I wouldn't bother with any of this.
Suggestions, explanations?
Uninstall / delete SuperSU app.
FYI:
The SU binary is a Android shell command typically incorporated in Toybox, the Linux commands suite merged with Android since its version 6, but left off by almost all OEMs - for good reasons.
The SU binary is available as standalone cmdlet at various locations in Internet. It also comes with Magisk.
every rooting solution's su binary is different from traditional linux su.
it simply means the su binary does not fit the Superuser app. according to support thread you still can grant root and just update su binary straight from within the app (won't work with foreign su)
https://forum.xda-developers.com/t/...linux-capable-superuser.3216394/post-64823952
aIecxs said:
every rooting solution's su binary is different from traditional linux su.
it simply means the su binary does not fit the Superuser app. according to support thread you still can grant root and just update su binary straight from within the app (won't work with foreign su)
https://forum.xda-developers.com/t/...linux-capable-superuser.3216394/post-64823952
Click to expand...
Click to collapse
Yeah, but it (the apk) doesn't do anything. And the links in the thread you reference to updated zips, etc., all give 403 errors.
I "understand" the concept of matching the su binary with the superuser controller app, but I can't see how a combination that once worked now does not. That's what is frustrating. Like it's magic.
most likely there is a foreign leftover su (chainfire's SuperSU or something else?) which is not granting access to phhusson's Superuser.
aIecxs said:
most likely there is a foreign leftover su (chainfire's SuperSU or something else?) which is not granting access to phhusson's Superuser.
Click to expand...
Click to collapse
Could be. A TWRP examination of /system/bin shows no sign of su (no wonder it needs "updating"). Meanwhile, /system/superuser is chock full of SuperSU stuff and the phh stuff, including a copy of su. So clear all that out and start again.
I guess I need to check if su is actually placed in /system/bin after flashing the zip package. Otherwise...maybe just put it there myself?
afaik all custom binaries belong to /system/xbin which is also in path. what's wrong with systemless-root in boot?
latest official SR3-SuperSU-v2.79-SR3-20170114223742.zip by Chainfire is capable of.
aIecxs said:
afaik all custom binaries belong to /system/xbin which is also in path. what's wrong with systemless-root in boot?
latest official SR3-SuperSU-v2.79-SR3-20170114223742.zip by Chainfire is capable of.
Click to expand...
Click to collapse
Before flashing the su zip there is an su already present in /system/xbin. After flashing, there is also an su present in /system/bin. And yes, I wiped thoroughly (twice).
I was surprised at the su already in /system/xbin. Out of curiosity I booted up another tablet running CM 13. It, too contains su in both locations, but the dates on the files are very different. The one in /system/bin is today's date, while the one in /system/xbin is sometime back in 2009 (like when the ROM was perhaps cooked up). Turns out even my ancient Nook Simple Touch (which is rooted) has an su in both locations.
Anyway, I see there is clearly an su newly placed in /system/bin now that I've flashed the su zip package. So it should work when the controller app is installed...
None of the Chainfire zips I have tried will work. They all seem to want the bootloader unlocked and so each one fails.
you can flash modified system on locked bootloader? Now you have root and TWRP, I guess bootloader is unlockable. I bet @AdamOutler can. at least, another guy managed it obviously...
https://forum.xda-developers.com/t/barnes-noble-nook-tablet-10-1-bntv650-working.3873476
aIecxs said:
every rooting solution's su binary is different from traditional linux su.
Click to expand...
Click to collapse
Wrong, as so often:
1. The su ( read: Substitute User ) shell command allows users to become other users. This command is thought to escalate privileges by becoming a privileged user; therefore, the default user is the root if no user-id is specified.
2. This is true for su shell command as it comes with Linux and/or Android ( where su since Android version 6 is included in Toybox command suite - and su might also be integral part of 3rd-party Linux commands suite named BusyBox )
3. All 3 mentioned su shell commands equally allows users to become other users. With no arguments passed, USER is root. Only difference is the way and order arguments get passed to su.
@jwoegerbauer you have no clue what you're talking about. I have already tried to explain you here, furthermore I have proofed you wrong there (your linked binaries were not even build with -fPIE)
I get the feeling you don't even know what a Superuser app actually is.
To my knowledge SuperUser app is predecessor of Magisk Manager app.
yes, Magisk app also includes Superuser app (second tab on bottom). how is that related to my question? Did you finally read about what su daemon is, and how the Superuser app grants requesting apps to hook up to daemon?
or do you still insist every Superuser app can just work with every su, or root access can be achieved by just toybox su (like linux su)? if so, please link the toybox used for, so I can test it myself.
I'm surprised that you're not able to find Toybox on the Internet, but you expect a link from me.
I'm also surprised that you obviously take pleasure in disparaging others here if they don't think or act as you do.
BTW:
When I'm mentioning SU at XDA threads, then I really mean the SU binary itself - as it's well known from Linux - and NOT the supersu daemon, what grant root to apps, as you do. Why exactly do one need an app to have root permissions? To enter protected user-space?
I have asked clear question, please tell us which toybox or su binary will work for getting root shell.
where shoud I place it? what permissions should I set, and how?
Spoiler
official toybox
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
BTW:
wasn't it you the one who called me an idiot two times when confronted with your false claims?
You have used the NON-ROOT version of Toybox.
The full version of Toybox you find here:
Index of /toybox/downloads/binaries
It's on you to replace the mangled Toybox version with the full version: shouldn't be too difficult for an Android guru as you are.
First, this toybox is missing important applets without android smartphone wouldn't work properly anymore. That's why one must not replace toybox.
second, you still haven't answered the question which location and permissions one must set.