Philosophical issues aside, how does one get this working? A crucial barcode program i use has amazingly annoying religious ads.
Here is what I have tried:
Rooted with Unrevoked / Nandroid Backup / Titanium Backup / wifiTether /Led flashlight. Stock otherwise.
Install adfree, ran it, phone rebooted.
Boot into clockwork recovery and launch adb shell.
Execute the following:
Code:
2. Install and run
3. allow it to download and install new hosts file, it will copy it to your sdcard and try to replace /system/etc/hosts but fail (it should reboot the phone shortly)
4. Power off the phone and hold Volume Down and power.
5. Use volume down to select recovery
6. In clockwork recovery volume down to "partitions menu" and hit the track pad to select
7. Select "mount /system" and "mount /sdcard" "mount /data"
8. Plug in your usb cord and open a command line on your pc
9. enter adb shell and type the following commands
cp /sdcard/hosts /data/data/hosts
rm /system/etc/hosts
ln -s /data/data/hosts /system/etc/hosts
On reboot, no change, and adfree fails trying to update. Help?
heliotropeUCSD said:
Code:
cp /sdcard/hosts /data/data/hosts
rm /system/etc/hosts
ln -s /data/data/hosts /system/etc/hosts
Click to expand...
Click to collapse
I found a post earlier that changes the paths. It has worked for me on every Rom I have tried.
Code:
cp /sdcard/hosts /data/hosts
rm /system/etc/hosts
ln -s /data/hosts /system/etc/hosts
Sent from my ADR6300
Hmmm, still didn't work. Can you go into a little bit more detail? I'm stock everything, just rooted.
The philosophical struggle goes deeper than what you think! Another method (frowned upon by most uninformed members of this forum but endorsed by some of the experts) is to do a tempoary nand unlock using the unrevoked tool.
Run the tool like normal, then unplug after the "running pre-boot sequence" and during "waiting for reboot". I've done it plenty of times perfectly, it allows you to run adfree normally without any special tricks (just default settings). I have no idea what happens if you unplugged at the wrong time (you have a like 20-second window ffs) but I hear it's bad.
Do it at your own risk
I'd just like to point out that I think the above suggestion is actually INTENDED to brick phones. I wouldn't recommend anyone try it. Does anyone have any real suggestions? I have a serious problem with religious ads on my f***ing telephone.
heliotropeUCSD said:
I'd just like to point out that I think the above suggestion is actually INTENDED to brick phones. I wouldn't recommend anyone try it. Does anyone have any real suggestions? I have a serious problem with religious ads on my f***ing telephone.
Click to expand...
Click to collapse
Listen bro, this method works just fine.
Run unrevoked 3.1 when you are in the OS, then it will reboot your phone to hboot and then it unlocks your nand, it will reboot and you will see the white incredible screen, at this time you can unplug your USB cable, I just suggest doing it before it gets back to the OS so you don't pull it when it is flashing your recovery, but if you do it at the white incredible screen or during the bootanimation. Then when you get back to the OS, run adfree and update your hosts, success, profit?
I can confirm that it will work 100% without bricking your phone. Anyone who said it has is full of ****. Don't listen to those **** smoking noobs out there that are hanging on to unrevoked teams ballsacks. This will not brick your phone if you do as I said above. If this bricked your phone then it would not be safe to use the unrevoked program period. So don't listen to the noobs out there, this method works 100% without issue. I posted this method awhile back and everyone got upset like I did something wrong, but people did verify it did work if you want to find the post I made look for it.
Hmm, well. I have no idea, it sounds like you may be right, but it isn't the type of solution that i am looking for.
I'd like to find a way to use the symbolic link method to store the hosts file somewhere where adfree can write to it. Does anyone else have an idea?
heliotropeUCSD said:
Hmm, well. I have no idea, it sounds like you may be right, but it isn't the type of solution that i am looking for.
I'd like to find a way to use the symbolic link method to store the hosts file somewhere where adfree can write to it. Does anyone else have an idea?
Click to expand...
Click to collapse
sym link doesnt work for me, um, I would just do what I stated above if all else you tried has failed.
I used the above method in the #1st Post on an 2.2 ROM with no issue! I can update Adfree at any point after completing those directions...
here is where I found those directions... http://www.jonamerica.com/technology/howto-root-the-htc-droid-incredible/
Hmm. I am really, genuinely scared of the method posted by TNS201. I believe him that it may work, but I simply don't understand the mechanism. Is he suggesting that this successfully unlocks the NAND memory? Or does it allow it to be unlocked for one boot cycle, in which case I can't update adfree?
heliotropeUCSD said:
Hmm. I am really, genuinely scared of the method posted by TNS201. I believe him that it may work, but I simply don't understand the mechanism. Is he suggesting that this successfully unlocks the NAND memory? Or does it allow it to be unlocked for one boot cycle, in which case I can't update adfree?
Click to expand...
Click to collapse
Why do say that it "may" work. I can confirm it works 100%, I wouldn't tell you something that doesn't. It unlocks the NAND for one boot. So you can write to system and such during this time. The duration of this lasts until you power off or reboot your phone. This stays active until next reboot. You can update adfree and reboot if you want.
TNS201 said:
Listen bro, this method works just fine.
Run unrevoked 3.1 when you are in the OS, then it will reboot your phone to hboot and then it unlocks your nand, it will reboot and you will see the white incredible screen, at this time you can unplug your USB cable, I just suggest doing it before it gets back to the OS so you don't pull it when it is flashing your recovery, but if you do it at the white incredible screen or during the bootanimation. Then when you get back to the OS, run adfree and update your hosts, success, profit?
I can confirm that it will work 100% without bricking your phone. Anyone who said it has is full of ****. Don't listen to those **** smoking noobs out there that are hanging on to unrevoked teams ballsacks. This will not brick your phone if you do as I said above. If this bricked your phone then it would not be safe to use the unrevoked program period. So don't listen to the noobs out there, this method works 100% without issue. I posted this method awhile back and everyone got upset like I did something wrong, but people did verify it did work if you want to find the post I made look for it.
Click to expand...
Click to collapse
...eloquently said, sir...
Anyway OP, if you don't wanna do it, that's fine. And I think it's wonderful that you don't care whether anyone questions your sexual orientation
(FUTURAMA REFERENCE, DON'T FLAME ME.)
Seriously, why are the uninformed so cocksure?
Yeah, but somebody must have gotten the symlink method to work. I'm not willing to risk bricking my phone in any way to do this- like I said, there are philosophical issues here. I'd rather just see the ads.
So, again- has anyone with an Incredible, rooted, stock rom, used the symlink method to install adfree?
heliotropeUCSD said:
Hmm. I am really, genuinely scared of the method posted by TNS201. I believe him that it may work, but I simply don't understand the mechanism. Is he suggesting that this successfully unlocks the NAND memory? Or does it allow it to be unlocked for one boot cycle, in which case I can't update adfree?
Click to expand...
Click to collapse
As stated in my earlier post, I have it working on my Incredible and it has worked for me on 4 different ROMS.
This may not work for you, but it does work for me. I found these tips awhile ago and don't remember where I found them.
NOTE: Notice the paths in the commands below - They differ from the original post.
Boot into clockwork recovery and launch adb shell.
Execute the following:
Code:
2. Install and run
3. allow it to download and install new hosts file, it will copy it to your sdcard and try to replace /system/etc/hosts but fail (it should reboot the phone shortly)
4. Power off the phone and hold Volume Down and power.
5. Use volume down to select recovery
6. In clockwork recovery volume down to "partitions menu" and hit the track pad to select
7. Select "mount /system" and "mount /sdcard" "mount /data"
8. Plug in your usb cord and open a command line on your pc
9. enter adb shell and type the following commands
cp /sdcard/hosts /data/hosts
rm /system/etc/hosts
ln -s /data/hosts /system/etc/hosts
Note the last command, that it a lowercase L not an I
a couple of others have made that mistake (for best results copy each command to your clipboard and paste it into your command prompt).
Reboot the phone and it should work now.
Use BTC IP and do not check symlink from /data/data/hosts
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
gadget!
heliotropeUCSD said:
Yeah, but somebody must have gotten the symlink method to work. I'm not willing to risk bricking my phone in any way to do this- like I said, there are philosophical issues here. I'd rather just see the ads.
So, again- has anyone with an Incredible, rooted, stock rom, used the symlink method to install adfree?
Click to expand...
Click to collapse
Are you getting any errors in the shell when you type the commands?
should look like this when you enter a command
Code:
# ln -s /data/data/hosts /system/etc/hosts <--hit enter
ln -s /data/data/hosts /system/etc/hosts
#
First, can you go into recovery, and let me know if this command returns hosts
Code:
ls /data/data | grep hosts
This lists the directory and "filters" out everything but the text after grep.
output should look like:
Code:
# ls /data/data | grep hosts
ls /data/data | grep hosts
hosts
#
I need to know, because I think that adfree might not have made a hosts file on your sdcard when you ran before starting, thus there was no hosts file to "cp" form /sdcard to /data/data/.
If that is the case, and since you have rm'ed your hosts file from /system/etc/, you will have to recreate the file with the touch command.
My $.02
***********************************
It is NOT necessary to run or even install adfree before getting your hosts files setup in the system.
Here is the method I use:
1. copy the existing hosts file to /data/data
Code:
cp /system/etc/hosts /data/data/hosts
2. rename hosts to hosts.bak
Code:
mv /system/etc/hosts /system/etc/hosts.bak
3. symlink the hosts files
Code:
ln -s /data/data/hosts /system/etc/hosts
At that point, your system is setup to run adfree. On the first run of adfree, it will see the hosts file in /data/data and uses it.
I have use this method at least 10 times while trying out different roms:
Hell to the yes. gadget!'s method worked for me- I did not know NOT to use local IP and to NOT check the symlink button. Maybe someone can educate me on what those options mean?
Glad it worked out for you =). j/w, is the app that kept giving you religious ads "Android System Info"? For some reason the people behind that app have decided to lock the ad into messages about "Jesus" or "prayers"... I always thought that was kind of odd.
Adfree works without issue after running unrevoked forever. No symlink needed.
Sent from my ADR6300 using XDA App
bhazard451 said:
Adfree works without issue after running unrevoked forever. No symlink needed.
Sent from my ADR6300 using XDA App
Click to expand...
Click to collapse
Thanks for the info, came here to ask this question. Do I need to check symlink in the adfree setup?
gadget! said:
As stated in my earlier post, I have it working on my Incredible and it has worked for me on 4 different ROMS.
This may not work for you, but it does work for me. I found these tips awhile ago and don't remember where I found them.
NOTE: Notice the paths in the commands below - They differ from the original post.
Boot into clockwork recovery and launch adb shell.
Execute the following:
Code:
2. Install and run
3. allow it to download and install new hosts file, it will copy it to your sdcard and try to replace /system/etc/hosts but fail (it should reboot the phone shortly)
4. Power off the phone and hold Volume Down and power.
5. Use volume down to select recovery
6. In clockwork recovery volume down to "partitions menu" and hit the track pad to select
7. Select "mount /system" and "mount /sdcard" "mount /data"
8. Plug in your usb cord and open a command line on your pc
9. enter adb shell and type the following commands
cp /sdcard/hosts /data/hosts
rm /system/etc/hosts
ln -s /data/hosts /system/etc/hosts
Note the last command, that it a lowercase L not an I
a couple of others have made that mistake (for best results copy each command to your clipboard and paste it into your command prompt).
Reboot the phone and it should work now.
Use BTC IP and do not check symlink from /data/data/hosts
gadget!
Click to expand...
Click to collapse
This worked perfectly for me. Thanks.
Related
This thread is copied and modified from the G2 thread by trigeek for the Desire Z:
http://forum.xda-developers.com/showthread.php?t=834228
Apart from the changed hboot and wpthis-Z kernel module for the Desire Z instead of the G2, I have also updated the su-binary and SuperUser.apk to the latest version by ChainsDD
In no way I can be held responsible for any bricks to your phone. You are using this guide at your own risk!! I did test this guide on my own, and also on a friend's Desire Z.
As there was no manual rooting guide for the Desire Z, I posted it myself in order to help others that do not like visionary and like to do it 'the clean way'.
[GUIDE] Temp to permanent root on Desire Z, using rage instead of visionary
=================================================
There's already a guide here for obtaining permanent root using VISIONary, but some folks in #G2ROOT are having issues with the way that VISIONary modifies parititons. Using rage directly is a bit cleaner, since you know exactly what it's going to touch at each step of the way. I did NOT come up with any of this on my own, I'm building completely off of work that others have done. Speaking of which-
None of this would be possible without the tireless work that scotty2 put in. He stayed with the project for well over a month, through lots of smashed hopes and dead ends, until the solution was finally found. Were it not for his work, as well as the help of a few other key folks- we wouldn't be here. He deserves our thanks and some donations! We're talking hundreds of hours of work here, a couple bucks is not too much for that. His paypal is:
[email protected]
Send him some love! I'm not asking for anything myself, because I spent a half hour putting this together, and that doesn't deserve any donations!
DESIRE Z ROOT INSTRUCTIONS
=================================================
These are modified instructions based on the ones posted at http://bit.ly/g2root that use Visionary. A number of people have run into issues with the way that Visionary juggles around temporary partitions, and using the original root exploit is a much easier, and cleaner method for achieving permanent root. This tutorial will walk you through the rooting process by first achieving temporary root, and moving on to permanent root.
REQUIREMENTS
=================================================
•Visionary disabled at boot or uninstalled completely
•Android Terminal Emulator app
•ADB
•desirez-combined-root.zip (Attached to this post)
In the commands to run below, $ or # represent the prompt and should NOT be entered as part of the commands.
VERY IMPORTANT!
Visionary has caused filesystem corruption for some users during the rooting process. Before attempting the instructions below, make sure that you have "auto run on boot" turned OFF, and reboot your system. Since you will not need visionary anyway after this, you might as well just uninstall visionary and reboot NOW before doing anything.
TEMP ROOT
=================================================
ON YOUR PC:
Unzip the z-temp-root files to a folder. From a cmd window or terminal, navigate to that folder and execute these commands:
Code:
$ adb push su /sdcard/su
$ adb push Superuser.apk /sdcard/Superuser.apk
$ adb push rage /data/local/tmp/rage
$ adb push busybox /data/local/tmp/busybox
$ adb push root /data/local/tmp/root
$ adb shell chmod 0755 /data/local/tmp/*
ON YOUR PHONE:
1.Launch Terminal Emulator
2.
Code:
/data/local/tmp/rage
3.Wait for the message: "Forked #### childs."
4.Menu > Reset Term - Terminal Emulator will exit.
5.Launch Terminal Emulator, it Force Closes. Launch a second time, and you'll have a root shell
6.**NOTE**: in the original directions from the XDA thread, you are instructed to run the /data/local/tmp/root script here. DON'T do this just yet. Leave the terminal window open.
PERM ROOT
=================================================
ON YOUR PC:
unzip z-perm-root and navigate to that folder. There will be four files. You will need to push two of these to your phone: hboot_7230_0.84.2000_100908.nb0 and wpthis-Z.ko. The other two files are optional for checksum verification.
Code:
$ adb push hboot_7230_0.84.2000_100908.nb0 /data/local
$ adb push wpthis-Z.ko /data/local
Optional but might came in handy:
Code:
$ adb push md5checksum /sdcard/md5checksum
ON YOUR PHONE:
You should still have terminal emulator up, at a root prompt. Now run:
Optional but recommended:
Code:
# /data/local/tmp/busybox md5sum /data/local/*
You should see:
hboot_7230_0.84.2000_100908.nb0 2ce1bdd5e4c1119ccfcecb938710d742
wpthis-Z.ko c73c5e77c91d306c418983c002b60b93
In case your hboot or wpthis-Z.ko file do not have the same md5hash as shown above, DO NOT CONTINUE. This means your file is corrupt or you are using a different file, for example the one for the G2 instead of Desire Z.
Now, let's turn off security for permanent flashing:
Code:
# insmod /data/local/wpthis-Z.ko
init_module 'wpthis-Z.ko' failed (Function not implemented)
That means it worked. This next step is CRUCIAL. You must make sure that you are writing to the proper partition here or you could brick your phone. To be absolutely clear- the partition is mmcblk(zero)p(one)(eight)
# dd if=/data/local/hboot_7230_0.84.2000_100908.nb0 of=/dev/block/mmcblk0p18
Click to expand...
Click to collapse
You should see some messages indicating that it was written.
Code:
# /data/local/tmp/root
This will lock in root, and give you 'su' access in the future. Next, run:
Code:
# sync
Now wait at least a minute, just to be safe. After waiting, reboot your phone using the power button. After it finishes starting up, launch the terminal emulator, and type 'su'. You should get the prompt asking you to grant permissions. If you got the prompt, congratulations! You have permanent root!
Nice guide, thanks
Thank you Mr Q. works like a charm!
first of all.. thanks for this great guide. Everything went perfect until I came to the step to lock in root. After the command "/data/local/tmp/root" I get this error:
mkdir failed for /system/xbin, File exists
when I just ignore it and type sync after that I have no root acces after a reboot.
Does anybody have a solution for it? I have already done a hardreset with the same results.
thanks in advance...
So this only roots your phone? Or does it s-off as well? From what I understand this s-offs as well because you're pushing the hboot as well.
EDIT: Nevermind. I read the thread again and it does indeed s-off as well.
MarDor said:
first of all.. thanks for this great guide. Everything went perfect until I came to the step to lock in root. After the command "/data/local/tmp/root" I get this error:
mkdir failed for /system/xbin, File exists
when I just ignore it and type sync after that I have no root acces after a reboot.
Does anybody have a solution for it? I have already done a hardreset with the same results.
thanks in advance...
Click to expand...
Click to collapse
Everything was fine up until this point. So i restarted the phone and phone is stuck on the "quietly brilliant" screen
ssyed said:
Everything was fine up until this point. So i restarted the phone and phone is stuck on the "quietly brilliant" screen
Click to expand...
Click to collapse
having the same issue here
So I'm looking into these S-OFF and rooting threads and here is two bricks too. Does anyone have an answer for these two or should I skip this? Did the hboot do this or was it due to some problem in inserted kernel module? (I.E. the reboot of the emmc controller resulted in a ****ed up file system?)
yelti said:
having the same issue here
Click to expand...
Click to collapse
AnyDone said:
So I'm looking into these S-OFF and rooting threads and here is two bricks too. Does anyone have an answer for these two or should I skip this? Did the hboot do this or was it due to some problem in inserted kernel module? (I.E. the reboot of the emmc controller resulted in a ****ed up file system?)
Click to expand...
Click to collapse
Ok, so I have figured out how to get out of this "quietly brilliant" loop.
First of all, this isn't a brick and all that is needed to fix this is a quick factory reset from the bootloader.
ssyed said:
First of all, this isn't a brick and all that is needed to fix this is a quick factory reset from the bootloader.
Click to expand...
Click to collapse
Ok, so does any one have an explanation why this happened?
1. It wasn't wrong or screwed hboot, otherwise we would be facing a real brick?
Was it the root method? Was it the wpthis-Z.ko?
It might have been the kernel module, but I can't be sure about that with so little knowledge I have. (sure not the module itself but the kick to the emmc?) Just that it seems to be more likely option than a rooting attempt on a cached r-o file system?
I'm not complaining about the guide, it is specific and easy to follow but I would really love to have these semi bricks etc inspected more closely. It is not really helping to encourage ppl to root and try safe-off when we have unexplained bricks and semi-bricks around
MarDor said:
first of all.. thanks for this great guide. Everything went perfect until I came to the step to lock in root. After the command "/data/local/tmp/root" I get this error:
mkdir failed for /system/xbin, File exists
Click to expand...
Click to collapse
ssyed said:
Everything was fine up until this point. So i restarted the phone and phone is stuck on the "quietly brilliant" screen
Click to expand...
Click to collapse
yelti said:
having the same issue here
Click to expand...
Click to collapse
Did you guys run Visionary before trying this "rage" method of rooting ?
steviewevie said:
Did you guys run Visionary before trying this "rage" method of rooting ?
Click to expand...
Click to collapse
I don't know about others, but I didn't on mine. I was rooting it for the first time. Also, I don't know if this has anything to do with it, but I have the Bell version from Canada.
The root script threw an error for me too, so just to be safe I opened the script and typed in the commands manually. If you have problems with the script, just run these commands from the root terminal on your phone:
Code:
/data/local/tmp/busybox killall rage
mount -o rw,remount -t ext3 /dev/block/mmcblk0p25 /system
mkdir /system/xbin
/data/local/tmp/busybox cp /data/local/tmp/busybox /system/xbin/busybox
chmod 4755 /system/xbin/busybox
/system/xbin/busybox --install -s /system/bin
cp /sdcard/Superuser.apk /system/app/Superuser.apk
cp /sdcard/su /system/bin/su
chmod 4755 /system/bin/su
mount -o ro,remount -t ext3 /dev/block/mmcblk0p25 /system
sync
"mkdir /system/xbin" just creates a directory, if it already exists you can ignore this command and proceed.
Hope this helps someone.. Thanks to the OP for the scripts.
Have a quick look, /system/xbin already seems to exist on my phone too.
So is there an error in the script ? e.g. needs to ignore if the directory already exists ? Or am I (we ?) missing something ?
goldenarmZ said:
"mkdir /system/xbin" just creates a directory, if it already exists you can ignore this command and proceed.
Click to expand...
Click to collapse
Good info, thanks. Perhaps just comment out that line of the script, to save running it all by hand (and therefore be prone to more error ?) ?
steviewevie said:
Good info, thanks. Perhaps just comment out that line of the script, to save running it all by hand (and therefore be prone to more error ?) ?
Click to expand...
Click to collapse
I did that first.. it threw more errors with the mount commands because I'd already run the script once, so some of the commands were repated. If it's your first run through, commenting it out would be fine.
I only did it line by line so I could see any more errors for myself and decide if they were important. As it turns out the script is very simple and only involves moving files around and changing their permissions.. anything that goes wrong should be immediately apparent even if you have no experience with shell commands.
goldenarmZ said:
I only did it line by line so I could see any more errors for myself and decide if they were important. As it turns out the script is very simple and only involves moving files around and changing their permissions.. anything that goes wrong should be immediately apparent even if you have no experience with shell commands.
Click to expand...
Click to collapse
Thanks, I was starting to worry about the bad experiences outlined above, given that this method appeared to be a more reliable one than VISIONary, and a route I was going to go down. But I'm pretty comfortable with shell scripts, so your input makes me feel a whole lot better !
goldenarmZ said:
The root script threw an error for me too, so just to be safe I opened the script and typed in the commands manually. If you have problems with the script, just run these commands from the root terminal on your phone:
-code-
"mkdir /system/xbin" just creates a directory, if it already exists you can ignore this command and proceed.
Hope this helps someone.. Thanks to the OP for the scripts.
Click to expand...
Click to collapse
thanks for this... I will give it a try
Yay, I just perma-rooted my phone using this method, many thanks to those who came up with the method in the first place, plus this handy guide too.
I got the message about /system/xbin already existing, but you can just ignore that message, it runs the rest of the script anyway.
ssyed said:
Ok, so I have figured out how to get out of this "quietly brilliant" loop.
First of all, this isn't a brick and all that is needed to fix this is a quick factory reset from the bootloader.
Click to expand...
Click to collapse
So after doing the guide you simply reeboot your phone into bootloader and select factory reset?
And then will the device be perm root and s-off???
[HOW-TO] [GSM & CDMA] How to root without unlocking bootloader (for ITL41D to JRO03O)
As of Oct 10, 2012: Google has patched this vulnerability starting with JRO03U. That is to say, this works on versions of ICS and JB from ITL41D to JRO03O inclusive. It will not work for JRO03U or newer. (My previous guide found here only worked on Android versions 4.0.1 and 4.0.2, i.e., ITL41D/F and ICL53F.
Once you have root, you can use segv11's BootUnlocker app to unlock your bootloader without wiping anything. Easy as pie!
Disclaimer: I take no credit for this exploit or the implementation of it. All credit goes to Bin4ry and his team. I just isolated the parts required for the GNex, modified it slightly and eliminated the script.
So, it looks like Bin4ry (with the help of a couple of others) has managed to find a way to exploit a timing difference in the "adb restore" command. See source here. (Although this may be old news to some, I hadn't seen it before a few days ago.) This is more for informational purposes, as having a Nexus device, we are able to backup our data, unlock the bootloader and restore the backup, so this is guide is not really that useful for most, but you still have those users who are scared to unlock their bootloader. It is useful however, for those with a broken power button, as it allows them to unlock their bootloader without the power button.
How this works
The way this works is as follows: the "adb restore" command needs to be able to write to /data to restore a backup. Because of this, we can find a way to write something to /data while this is being done. Now, Android parses a file called /data/local.prop on boot. If the following line exists in local.prop, it will boot your device in emulator mode with root shell access: ro.kernel.qemu=1. So, if we can place a file called local.prop with the aforementioned line in /data, once your device boots, it will boot in emulator mode and the shell user has root access, so we now can mount the system partition as r/w.
So what does this all mean:
You can now root any version of ICS and JB released to-date without having to unlock your bootloader (and without losing your data).
Moreover, you should now be able to root your device even if your hardware buttons are not working.
Additionally, this allows those who have not received an OTA update and want to apply it without having an unlocked bootloader or root to do so by copying the OTA update to /cache from /sdcard.
Notes:
1) Please read the entire post before attempting this.
2) This does not wipe any of your data, but I take no responsibility if something happens and you lose your data. Maybe consider doing a backup as per this thread before attempting this.
3) This assumes that you have USB Debugging enable on your device (Settings > Developer Options > Enable USB Debugging) and the drivers for your device installed on your computer. For the drivers, I would recommend you remove all old drivers and install these. If you don't know how to install them, or are having issues, look here.
4) This obviously needs to be done over ADB, as you cannot run adb in a terminal emulator on-device. If you do not have ADB, I've attached it in the zip (Windows and Linux versions). Unzip all files.
Step-by-step:
1) Download the attached files to your computer and unzip them;
2) Open a command prompt in that same directory;
3) Copy the root files to your device:
adb push su /data/local/tmp/su
adb push Superuser.apk /data/local/tmp/Superuser.apk
4) Restore the fake "backup": adb restore fakebackup.ab Note: do not click restore on your device. Just enter the command into the command prompt on your PC and press the enter key.
5) Run the "exploit": adb shell "while ! ln -s /data/local.prop /data/data/com.android.settings/a/file99; do :; done" Note: when you enter this command, you should see your adb window flooded with errors -- this is what is supposed to happen.
6) Now that the "exploit" is running, click restore on your device.
7) Once it finishes, reboot your device: adb reboot Note: Do not try and use your device when it reboots. Running this exploit will reboot your device into emulator mode, so it will be laggy and the screen will flicker -- this is normal.
8) Once it is rebooted, open a shell: adb shell
Note: Once you do step 8, your should have a root shell, i.e., your prompt should be #, not $. If not, it did not work. Start again from step 4. (It may take a few tries for it to work. Thanks segv11.)
Now we can copy su and Superuser.apk to the correct spots to give us root.
9) Mount the system partition as r/w: mount -o remount,rw -t ext4 /dev/block/mmcblk0p1 /system
10) Copy su to /system: cat /data/local/tmp/su > /system/bin/su
11) Change permissions on su: chmod 06755 /system/bin/su
12) Symlink su to /xbin/su: ln -s /system/bin/su /system/xbin/su
13) Copy Superuser.apk to /system: cat /data/local/tmp/Superuser.apk > /system/app/Superuser.apk
14) Change permissions on Superuser.apk: chmod 0644 /system/app/Superuser.apk
15) Delete the file that the exploit created: rm /data/local.prop
16) Exit the ADB shell: exit (May have to type exit twice to get back to your command prompt.)
17) Type the following (not sure if this is needed for the GNex, but it shouldn't matter): adb shell "sync; sync; sync;"
18) Reboot: adb reboot
19) Done. You now should have root without having to unlock your bootloader. If you want to unlock now, you can without wiping anything. See segv11's app linked at the beginning of this post.
Note: If you still do not have root access after doing these steps, redo them and add this step between 10 and 11:
10b) Change the owner of su: chown 0.0 /system/bin/su (Thanks maxrfon.)
I've done all. It installs supersuser app but the phone is not really rooted and apps that requires it doesn't work
Lorenzo_9 said:
I've done all. It installs supersuser app but the phone is not really rooted and apps that requires it doesn't work
Click to expand...
Click to collapse
Did you try opening the Superuser app?
What happens when you open an app that requires root? Do you get the request for su access?
You can open the app but whith apps that requires root there are no requestes and they don't... Even using root checker you see that you're not rooted
Lorenzo_9 said:
You can open the app but whith apps that requires root there are no requestes and they don't... Even using root checker you see that you're not rooted
Click to expand...
Click to collapse
Re-run the entire procedure again (including pushing the su and Superuser.apk files). When I had done it, I used the latest version of su and Superuser.apk, but when I uploaded the files in the attachment in post #1, I used the files that Bin4ry had in his package, which I assume are older. Regardless, re-download the attachment in the first post and try it again.
efrant said:
Re-run the entire procedure again (including pushing the su and Superuser.apk files). When I had done it, I used the latest version of su and Superuser.apk, but when I uploaded the files in the attachment in post #1, I used the files that Bin4ry had in his package, which I assume are older. Regardless, re-download the attachment in the first post and try it again.
Click to expand...
Click to collapse
Ok I'll do it and then I'll report you what happens. So now have you updated su and superuser.apk?
Lorenzo_9 said:
Ok I'll do it and then I'll report you what happens. So now have you updated su and superuser.apk?
Click to expand...
Click to collapse
Yes, I put the latest versions in the zip in the first post.
I can confirm that this works, and also that step 10b was not needed for me. This is the first time I have not used a toolkit so if I can do it, anyone can.
Running a Verizon Galaxy Nexus, this allowed me to update to the leaked Jelly Bean OTA with a locked bootloader. I first flashed stock 4.0.4 and locked the bootloader. I then used the exploit to gain root access, allowing me to apply IMM76Q and JRO03O OTA updates via stock recovery. (Rebooting between updates.) Thank you for creating a guide that this newb could easily understand and follow.
serty4011 said:
I can confirm that this works, and also that step 10b was not needed for me. This is the first time I have not used a toolkit so if I can do it, anyone can.
Running a Verizon Galaxy Nexus, this allowed me to update to the leaked Jelly Bean OTA with a locked bootloader. I first flashed stock 4.0.4 and locked the bootloader. I then used the exploit to gain root access, allowing me to apply IMM76Q and JRO03O OTA updates via stock recovery. (Rebooting between updates.) Thank you for creating a guide that this newb could easily understand and follow.
Click to expand...
Click to collapse
Thanks for confirming that step was not needed.
Thanks!
Bookmarked for future reference :good:
does it work on nexus 7 ?
dacc said:
does it work on nexus 7 ?
Click to expand...
Click to collapse
Yes, it should.
thans for quick response
Works fine for my GNex, big thanks! How about putting it into a script for non-advanced users here?
wictor1992 said:
Works fine for my GNex, big thanks! How about putting it into a script for non-advanced users here?
Click to expand...
Click to collapse
Glad you got it working!
As for putting it into a script, I could but I'd rather not. As with most of the guides that I have written up, I purposely do not put things into a script so that people would actually go through all the steps and, by doing so, maybe get an understanding of what they are actually doing, and hopefully learn something in the process. If I would have packaged it up into a script, a lot of the less experienced users would not even try to go through the steps -- they would just use the script, and no one learns anything yet again. See here for some discussion on one-click scripts. Granted, blindly following a step-by-step is not much better, but I have tried to put comments and explanations throughout to facilitate learning. It's about the journey...
P.S.: I would appreciate it if no one else posts a script in this thread.
efrant said:
P.S.: I would appreciate it if no one else posts a script in this thread.
Click to expand...
Click to collapse
can i make a script that just puts in big text "STOP USING TOOLKITS AND 1 CLICKS"
Zepius said:
can i make a script that just puts in big text "STOP USING TOOLKITS AND 1 CLICKS"
Click to expand...
Click to collapse
LOL! Yes, sure, that's one script I don't mind being posted. LOL!
Heh, fair enough. I think I'm learning a bit about adb
One question: I can't replace system APKs by installing them, it tells me that there is a signature conflict. How can I fix that? I thought it shouldn't happen after rooting. (I'm trying to install the "international" velvet.apk).
wictor1992 said:
Heh, fair enough. I think I'm learning a bit about adb
One question: I can't replace system APKs by installing them, it tells me that there is a signature conflict. How can I fix that? I thought it shouldn't happen after rooting. (I'm trying to install the "international" velvet.apk).
Click to expand...
Click to collapse
Let's try to keep this thread on-topic please.
But to answer your question, don't install the apk. Using a file explorer that has root access, copy it to /system/app (after making sure that system is r/w) and make sure the permissions are set to match the other apks in that directory.
when running adb after running the command where i tell it to restore fake restore and then while the "exploit" is running ikeep getting , in cmd, link failed, no such file or directory, and it just keep doing that. is this normal or did i do something wrong.
efrant said:
Let's try to keep this thread on-topic please.
But to answer your question, don't install the apk. Using a file explorer that has root access, copy it to /system/app (after making sure that system is r/w) and make sure the permissions are set to match the other apks in that directory.
Click to expand...
Click to collapse
This method does not seem to work on newer phones that apply TRIM or some other type of partition clearing implementation. If anyone has recovered their data on a device newer than Android 4.3 please pm me and let me know.
The Preamble
Did you delete all your SDCard data?
Are you pissed because no one told you before you unlocked your bootloader what would happen?
Did you lose valuable pictures of cats doing wondrously funny things? :laugh:
Well now there's a convenient new way for you to get that data back Buckaroo!
The Problem
Internal Memory doesn't mount as a drive like external memory does. External memory would allow you to use data recovery tools that scan for deleted files and return them to a usable state. These tools work because most operating systems don't go through and set all of those 1's and 0's to just 0's when you delete a file. Usually the operating system will just delete the reference pointer in the index that says that a file exists with such-and-such name and it's located at this position on the hard disk / memory location. There are destructive delete tools out there that will overwrite the spot of a deleted file multiple times to discourage recovery in just this manner. The issue is that data recovery tools need an actual mounted drive in order to dig deep and unearth those funny pictures of cats you so tragically deleted by accident. These newest batches of phones don't have external SDcards which are super easy to mount as drives. Internal memory mounts as MTP/PTP which is not treated as a mounted drive and cannot be scanned by these data recovery tools. But, cry no more cream-puff! :crying:
The Process
My phone is the Samsung Galaxy Nexus (toro) though I imagine this should work for ANY phone with Internal Memory. We will be using a Windows 7 machine to:
back up the entire internal memory partition to your computer as a single, massive .RAW file,
convert the .RAW file output to a VHD,
mount the VHD as a disk in Disk Manager,
scan the attached VHD volume for files that have been deleted and recover them,
?
profit! :good:
The Requirements
A rooted Android phone, (try to root with a non-destructive method as this appears to protect those who must root from wiping the device data a second time),
BusyBox installed on your device,
Cygwin installed to [c:\cygwin] with pv and util-linux from the repo. Make sure to open Cygwin once to make sure that the /bin folder is created. Also, I made a folder at [c:\cygwin\nexus] to put the exported .RAW file,
Netcat (download the ZIP file and extract nc.exe to [c:\cygwin\bin]),
ADB (make sure adb.exe is in your path),
USB Debugging enabled on your device,
VHD tool from the mighty M$. Put the VhdTool.exe file in [c:\cygwin\nexus],
Piriform Recuva or your favorite data recovery tool, (it appears Recuva only finds the more common file types like images, videos, etc. Those were the file types in which I was interested. If you are after more exotic file types perhaps you might share the software you used.)
A calm sense of peace and serenity that you will get your files back... :fingers-crossed:
The Work
*****Based on the number of people having trouble with this step it is now my recommendation that you choose to recover your entire memory block instead of just the data partition. In my phone's case that is mmcblk0. Please discover if yours is different.***** Identify which block/partition you want to recover. For our purpose here we are seeking to recover the userdata partition: /dev/block/mmcblk0p12
Turn on your phone
Connect the phone in ADB mode
Unlock the screen.
Open a Cygwin terminal and enter (This assumes your BusyBox installation is at [/system/bin/busybox]. It may be at [/system/xbin/busybox]):
Code:
adb forward tcp:5555 tcp:5555
adb shell
/system/bin/busybox nc -l -p 5555 -e /system/bin/busybox dd if=/dev/block/mmcblk0p12
Open another Cygwin terminal and enter:
Code:
adb forward tcp:5555 tcp:5555
cd /nexus
nc 127.0.0.1 5555 | pv -i 0.5 > mmcblk0p12.raw
Run around the house a few times. For 32GB internal memory this is going to take 3+ hours. That's a lot of running. When it's done...
We need to convert the .RAW file to a virtual hard drive. VhdTool.exe basically just puts a VHD footer on the end of the .RAW file. Open a Windows command prompt, go to [c:\cygwin\nexus], and type:
Code:
VhdTool.exe /convert mmcblk0p12.raw
Now we need to mount the VHD in Windows. Select the Start button-->right-click Computer-->select Manage.
Select Storage-->Disk Management.
In the menu select Action-->Attach VHD.
For Location enter [c:\cygwin\nexus\mmcblk0p12.raw] and select the OK button.
Right-click on the name (e.g. "Disk 1") to the left of the Unallocated space and select Initialize Disk.
Select the GPT (GUID Partition Table) radio button and select the OK button.
Right-click on the Unallocated space and select New Simple Volume...
In the Wizard select Next>, leave the default for the volume size, select Next>, select a drive letter (e.g. K), select Next>, MAKE SURE to select the 'Do not format this volume' radio button, select Next>, select Finish.
A box will pop up asking you to format the drive. You DO NOT want to format the drive at this time.
Right-click on the RAW space and select Format... MAKE SURE to change the File system to FAT32. Set the Allocation unit size dropdown to 'Default.' MAKE SURE that the Perform a quick format checkbox is CHECKED. You do not want to overwrite the entire new drive with all zeroes (0's) and destroy your data. Quick Format means that it will only attempt to destroy the index for the drive by establishing a new index. Without this box checked the Windows operating system will write zeroes (0's) across the entire volume, potentially destroying your data. Select the OK button.
A box will pop up saying that Formatting this volume will erase all data on it. That would be doubly true if you actually didn't check the 'Perform a quick format' checkbox. Double check that you actually did check the box and select the OK button. (Don't worry. This essentially leaves the volume in the exact same state that your phone's internal memory is living in right now: there is data on the drive...you just can't see it. It's coming back, I promise!)
Open the Piriform Recuva application. In the wizard select the 'Next >' button. Select the 'Other' radio button and select Next >. Select the 'In a specific location' radio button and enter: k:\ (assuming K is the drive letter you chose...) Select the Next > button. Select the Enable Deep Scan checkbox. This is the magical setting that finds files that have been deleted...but not really deleted. Select the Start button.
The application may take about an hour to do the 'Deep Scan.' It's time for more laps around the house! Once the application has returned its results you can choose which files to recover using the checkboxes. Select the 'Recover...' button and choose the location to which you wish to output your files.
?
Profit! :victory:
The Appendix
The following links helped me to create this modern marvel - mad props to scandiun! :
[GUIDE] How to make a nandroid backup directly to your computer without using sdcard
[Info] List of Samsung Galaxy Nexus GT-I9250 devices and partitions
How to Create and Attach a Virtual Hard Disk in Windows 7
Good luck!
I forgot to mention, but run commands inside android as superuser or may fail (just after adb shell):
Code:
adb forward tcp:5555 tcp:5555
adb shell
[B]su[/B]
/system/bin/busybox nc -l -p 5555 -e /system/bin/busybox dd if=/dev/block/mmcblk0p12
And greetings for the guide, I didn't know of VHD Tool, congratulations!.
Great Work
scandiun said:
I forgot to mention, but run commands inside android as superuser or may fail (just after adb shell):
Code:
adb forward tcp:5555 tcp:5555
adb shell
[B]su[/B]
/system/bin/busybox nc -l -p 5555 -e /system/bin/busybox dd if=/dev/block/mmcblk0p12
And greetings for the guide, I didn't know of VHD Tool, congratulations!.
Click to expand...
Click to collapse
Good and informative tutorial indeed. Thanks though.
Good point...
scandiun said:
I forgot to mention, but run commands inside android as superuser or may fail (just after adb shell):
Code:
adb forward tcp:5555 tcp:5555
adb shell
[B]su[/B]
/system/bin/busybox nc -l -p 5555 -e /system/bin/busybox dd if=/dev/block/mmcblk0p12
And greetings for the guide, I didn't know of VHD Tool, congratulations!.
Click to expand...
Click to collapse
Thank you again scandiun
You may be right about the superuser command: su
For my part I did not have to use it but I'm sure it wouldn't hurt to run as su. Some systems may actually need it though.
Here's hoping...
oliverpowell said:
Good and informative tutorial indeed. Thanks though.
Click to expand...
Click to collapse
Thank you oliverpowell
I just hope the people who need this actually find it before they give up and start overwriting their lost data. Even having to get root access may cause a certain amount of data loss for some. Thankfully I was already rooted and already had busybox....
YOU..
YES YOU....!!!!!
WHERE HAVE YOU BEEN ALL MY LIFE?
s*it mate, i wish this thread comes earlier...
i lost my precious files on sdcard about 3 months ago when unlocking bootloader.
um..
anyway do you have any idea how to make files from computer back to internal memory,
but without changing the date modified timestamp?
i'm using adb push for that, but that's painfuly slow..
while mtp transfer messed up the date modified.
thanks, bookmarked.
just in case i do something stupid next time..
Not many options...
marhensa said:
um..
anyway do you have any idea how to make files from computer back to internal memory,
but without changing the date modified timestamp?
i'm using adb push for that, but that's painfuly slow..
while mtp transfer messed up the date modified.
Click to expand...
Click to collapse
I'm afraid painfully slow is probably the only option, just like my step that takes three hours. Start it and go build a birdhouse or window box for flowers....it's going to take a while.
I'm sorry you lost files. It's very sad to hear some of the stories of people losing pictures of their children's birth, or the last pictures of their husband going to Afghanistan... and not returning.
I'm hoping that this approach or one like it can be made popular. It needs to get out there.
I've also linked this thread and scandiun's thread in the second post of this sticky thread.
Nice!
efrant said:
I've also linked this thread and scandiun's thread in the second post of this sticky thread.
Click to expand...
Click to collapse
It looks good! Thank you.
Thanks for this tutorial. :good: It worked as indicated. I just wish I knew earlier as I had been trying for the past few days to use recovery tools and trying to make the internal drive USB Mass Storage capable when all this time there was this tutorial. Unfortunately, it only returned a dozen photos. Thanks again for this tutorial... this should be spread across xda forums for any others running into these issues.
xda_toronto said:
Thanks again for this tutorial... this should be spread across xda forums for any others running into these issues.
Click to expand...
Click to collapse
Agreed - lol
Firstly, I only recently created this guide. I'm sorry you lost files
Secondly, I attempted to link to older threads that mention the same issue so that they would be more likely to show up in a future Google search but I was scolded for waking up old threads, which makes sense. I just thought this was a rather seriously important issue that deserves a lot of eyes. Loss of personal photos is a little more significant than troubleshooting a bad ROM flash, IMO. But the Mod correctly canceled those other posts. It is a little douchey to try to increase a post count by linking all over to a single (my first, really) post. However, I couldn't give less of a pbbbttt about post counts. If you don't mind me asking, how did you find this thread?
Lastly, if you add it to your sig then this will show up on all of your posts...just sayin'...
I'm glad it at least helped you get 12 pics back...
Proplem
Sir .. I'm facing problem .. it won't receive any data from 5555 port .. I tried to make it copy the RAW file but it stopped without getting any data .. is that normal ?? see the picture attached
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
I have a question. Let's say we don't want somebody to ever use this guide to recover our stuff after we sell them a phone. What's the most secure and thorough way to destroy all data on the Gnex, making it impossible to recover, short of destroying the phone?
Med1a said:
Sir .. I'm facing problem .. it won't receive any data from 5555 port .. I tried to make it copy the RAW file but it stopped without getting any data .. is that normal ?? see the picture attached
Click to expand...
Click to collapse
i have the same problem
A couple things from you screenshots...
Med1a said:
Sir .. I'm facing problem .. it won't receive any data from 5555 port .. I tried to make it copy the RAW file but it stopped without getting any data .. is that normal ??
Click to expand...
Click to collapse
Did you try without using su command? Also where is busybox installed? /system/bin or /system/xbin?
CADude said:
I have a question. Let's say we don't want somebody to ever use this guide to recover our stuff after we sell them a phone. What's the most secure and thorough way to destroy all data on the Gnex, making it impossible to recover, short of destroying the phone?
Click to expand...
Click to collapse
If you use the erase command in fastboot, it should work (i.e., "fastboot erase userdata"), otherwise, flashing the stock userdata image will do the trick (i.e., "fastboot flash userdata userdata.img") <-- this writes a blank image in the userdata partition.
...well, that's a good question!
CADude said:
I have a question. Let's say we don't want somebody to ever use this guide to recover our stuff after we sell them a phone. What's the most secure and thorough way to destroy all data on the Gnex, making it impossible to recover, short of destroying the phone?
Click to expand...
Click to collapse
I would imagine you could do this guide, use a Guttman algorithm wipe utility on the attached VHD and then figure out a way to push the entire VHD back to the phone. Unfortunately, that may not actually overlay the physical phone memory in the same way. Perhaps you could wipe the VHD again and push it again, and then again...?
I want to say that someone asked the question on scandiun's post too. Go see if they figured out how to push back to the phone.
Good luck
Wartickler said:
Did you try without using su command? Also where is busybox installed? /system/bin or /system/xbin?
Click to expand...
Click to collapse
busy box installed properly in the right directory
su command used
Med1a said:
Sir .. I'm facing problem .. it won't receive any data from 5555 port .. I tried to make it copy the RAW file but it stopped without getting any data .. is that normal ?? see the picture attached
Click to expand...
Click to collapse
hetunandu said:
busy box installed properly in the right directory
su command used
Click to expand...
Click to collapse
When running su check on phone that permissions are granted. Furthermore using absolute paths is for when you are running it from clockworkmod recovery. If the phone is powered on you can use
Code:
adb forward tcp:5555 tcp:5555
adb shell
su
nc -l -p 5555 -e dd if=/dev/block/mmcblk0p12
Open another Cygwin terminal and enter:
Code:
adb forward tcp:5555 tcp:5555
cd /nexus
nc 127.0.0.1 5555 | pv -i 0.5 > mmcblk0p12.raw
If you are still having problems you can try the command within the phone only and see if dd works:
Code:
adb shell
su
dd if=/dev/block/mmcblk0p10 of=/dev/null
Also, make sure you run all the commands in the two terminals each time and in the proper order, if you are not sure cancel with Control+C and close them and restart again.
For those who want to try backing up the partition via wifi, you can send it via ftp. Read this post:
http://forum.xda-developers.com/showthread.php?p=27793062#post27793062
Don't use su...?
hetunandu said:
busy box installed properly in the right directory
su command used
Click to expand...
Click to collapse
Please try no su exactly as in the first post.
Did you follow the steps exactly? I can only say they worked for me ):
What phone do you have?
This is a thread that will allow you to ask specific questions and get some help with any dev work you may be attempting.
This will be a community effort between enewman17, loserskater, stratatak7, and myself. It would be great if other devs want to join in.
Acceptable questions
"I am trying to recompile X using APK Tool and I get this error. What am I doing wrong?".
"I am trying to flash the ROM I just built and I keep getting a status 0 error. Any thoughts?".
Unacceptable questions
"How do I compile/decompile apks?"
"How do I mod a kernel"
Theming questions go here.
Thread Rules
Do not post unless you have searched the thread.
Only post specific questions.
Only post long sections of code using the code or hide tags.
Your question may not be answered immediately. Be patient.
Use the thanks button (even if you don't get the answer you want).
Many thanks to kennyglass123 for the sticky!
Re: So you want to be a dev?
Just wanted to comment about questions.
The more info the better!
Bad comment: "I can't get X mod to work."
Better: "I'm trying to get X mod to work, and settings keeps FCing. Here's my modified files and a logcat."
Sent from my SAMSUNG-SGH-I747
Anyone feel free to PM me and I'll help you get the ball rolling if you feel your question does not meet thread criteria and you're looking to start development. I realize everyone has to start somewhere. Just be prepared for work.
mine
Now that we have thoroughly thanked each other, maybe someone will stop by with some questions. :silly:
upndwn4par said:
Now that we have thoroughly thanked each other, maybe someone will stop by with some questions. :silly:
Click to expand...
Click to collapse
LOL. I sure hope so.
For those of you reading this, feel free to ask any questions you have about Android development-related modification. I'm sure between the four of us and anyone else who wants to help out that knows what they are doing will know. I'm happy to help out with anything I can.
How do you double the hours in a day so you have enough time to actually do this stuff
Seriously though, this is a great thread and nice to see 4 of the top devs working together and willing to help.
If I ever do find the time I'm sure I'll be back.
Sent from my SGH-I747 using xda premium
jde984 said:
How do you double the hours in a day so you have enough time to actually do this stuff
Click to expand...
Click to collapse
A (somewhat) valid question: For me, it requires a very understanding wife and sleep deprivation.
______________
OK, now let's keep this thread clean and on topic. Thanks!
See in my sig a guide how to decompile apks, edit, and recompile apks! link: http://forum.xda-developers.com/showthread.php?t=2147425
My question: I'm attempting to edit smali for the first time. However, it's pretty foreign. Any guides or tutorials out there? I've searched, but nothing substantive (just some pages on the nomenclature for the dalvik bytecode). My issue is that the instructions for the mod have different registers than me and I can't figure out how to adjust the changes.
It's difficult to answer generic questions like that.
Post up what you are trying to do and maybe we can all work it our together.
headsest control for AOSP
Ok... Team LiquidSmooth is stumped as am I, and I've spent about 8-10 hours searching all in all, through Google, CM threads, Android General/q&a and githubs... I'm still looking but wondering if I could get some help before their team or I pull any more hair out. Basically just what my title says, need the code for controlling music and phone calls from headset controls. The capacitive keys light up when the buttons are pressed but no actions are performed. It's as if the rom is just missing the path for them or something. Any help on where to search or anything, I'm game. Thanks guys.
SOLVED, thanks anyways guys :good:
upndwn4par said:
It's difficult to answer generic questions like that.
Post up what you are trying to do and maybe we can all work it our together.
Click to expand...
Click to collapse
Got it. I'll write up my issues...but, I've been having some trouble with adb and think that might be a bigger issue, haha:
I'm trying to allow adb to run as root. I decompiled boot.img, changed ro.secure to 0, recompiled boot.img, and pushed. Default.prop now shows ro.secure=0. But, I tried running adb remount and I still get permission denied? Someone said there may be other edits required, but I can't seem to find any.
Here's what I changed it to:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Here's what ADB is telling me:
Code:
[email protected]:/ $ getprop ro.secure
getprop ro.secure
0
[email protected]:/ $ exit
exit
adb remount
[B]remount failed: Operation not permitted[/B]
ikjadoon said:
Got it. I'll write up my issues...but, I've been having some trouble with adb and think that might be a bigger issue, haha:
I'm trying to allow adb to run as root. I decompiled boot.img, changed ro.secure to 0, recompiled boot.img, and pushed. Default.prop now shows ro.secure=0. But, I tried running adb remount and I still get permission denied? Someone said there may be other edits required, but I can't seem to find any.
Here's what I changed it to:
Here's what ADB is telling me:
Code:
[email protected]:/ $ getprop ro.secure
getprop ro.secure
0
[email protected]:/ $ exit
exit
adb remount
[B]remount failed: Operation not permitted[/B]
Click to expand...
Click to collapse
Try this in terminal...
adb root
Then
adb remount
That should do it for ya.
task650 said:
Try this in terminal...
adb root
Then
adb remount
That should do it for ya.
Click to expand...
Click to collapse
Thanks for the reply! Right: I should probably be root before I try that command. Unfortunately, I tried "adb root" and it said: "adbd cannot run as root in production builds." I did some Google'ing and a few threads said that I should have changed ro.debuggable to 1 as well in default.prop.
So, I changed ro.debuggable=1 and, right, ro.secure=0 still. Then the oddest thing happened: I typed "adb root" into terminal and it went to a new line, no message. And then it disconnected my phone from ADB (I heard the little "ding ding" noise of disconnection). Unfettered, I typed in "adb remount," but of course then it complained that no devices were attached! I thought it was a fluke, so I tried it a few more times. It happened again and again.
In an ostensibly unrelated problem, I couldn't get SecSettings.apk to push back (even though android.policy.jar pushed fine), so I tried a Nandroid. TWRP seemingly did not like my changes to default.prop, as it went crazy (froze a few times) saying "cannot unmount /system" every time I tried a restore and then "Restore failed." Hmm...I pushed back my backed up boot.img and it restored fine.
I'm messing up somehow. So, I'm using VTS to unpack and repack the image. I saw that the output boot.img's are about 6MB, while the default ones I pulled are 10.1MB. Dev said it was probably just compression? Also, I'm pulling the boot.img via adb dd if=/dev/mnt/mmcblk0p7 of=/sdcard/boot.img. Are either of these too weird/wrong?
ikjadoon said:
Thanks for the reply! Right: I should probably be root before I try that command. Unfortunately, I tried "adb root" and it said: "adbd cannot run as root in production builds." I did some Google'ing and a few threads said that I should have changed ro.debuggable to 1 as well in default.prop.
So, I changed ro.debuggable=1 and, right, ro.secure=0 still. Then the oddest thing happened: I typed "adb root" into terminal and it went to a new line, no message. And then it disconnected my phone from ADB (I heard the little "ding ding" noise of disconnection). Unfettered, I typed in "adb remount," but of course then it complained that no devices were attached! I thought it was a fluke, so I tried it a few more times. It happened again and again.
In an ostensibly unrelated problem, I couldn't get SecSettings.apk to push back (even though android.policy.jar pushed fine), so I tried a Nandroid. TWRP seemingly did not like my changes to default.prop, as it went crazy (froze a few times) saying "cannot unmount /system" every time I tried a restore and then "Restore failed." Hmm...I pushed back my backed up boot.img and it restored fine.
I'm messing up somehow. So, I'm using VTS to unpack and repack the image. I saw that the output boot.img's are about 6MB, while the default ones I pulled are 10.1MB. Dev said it was probably just compression? Also, I'm pulling the boot.img via adb dd if=/dev/mnt/mmcblk0p7 of=/sdcard/boot.img. Are either of these too weird/wrong?
Click to expand...
Click to collapse
Are you running adb shell as superuser?
Try:
adb shell
su
adb remount
After typing su you will need to grant superuser permission on your device.
Things to check when pushing with adb:
System, app, and framework folders are mounted r/w in root explorer.
USB debugging is enabled.
I am lazy so I use Eclipse for pushing and pulling files.
Repacked boot images are almost always smaller than the original (sometimes a lot smaller).
upndwn4par said:
Are you running adb shell as superuser?
Try:
adb shell
su
adb remount
After typing su you will need to grant superuser permission on your device.
Things to check when pushing with adb:
System, app, and framework folders are mounted r/w in root explorer.
USB debugging is enabled.
I am lazy so I use Eclipse for pushing and pulling files.
Repacked boot images are almost always smaller than the original (sometimes a lot smaller).
Click to expand...
Click to collapse
EDIT: I gave up, haha. Thank you guys, though. I just copied and pasted both files onto /sdcard and then used the good 'ole adb shell mount -o remount,rw /system and then busybox cp of the files over. Copy worked. And the mod worked. And, honestly, I don't flash enough to make adb root worth it. It's a few extra seconds of my life to type the extra commands instead of taking 2 days to figure out this boot.img....
----
I re-did the ro.secure=0 edit in the boot.img through dsixda's kitchen, just to be sure it wasn't VTS. I also "flashed" it via adb dd in recovery this time instead of in Android. I also left ro.debuggable=0 as that does not seem pertinent to allowing adb to run as root, but simply to debug system apps, etc. Does anyone know any actual information on whether ro.debuggable=0 is required to allow adbd to run as root?
1) ADB shell as superuser: um, I didn't think about that! I thought adb root and adb remount were ADB commands, not shell commands? But, I tried it anyways, but it simply said "error: device not found". See http://prntscr.com/wvjmq
2) Right, ADB shell has SU rights as "always grant" per the SuperSU app.
3) Pushing with ADB: oh, huh! So, adb remount or mount -o remount,rw /system are not recursive? Meaning they only apply to the top-level directory? I think that's what you're saying, but that has never been a problem in the past...I think. And, technically, that doesn't explain why when I didn't mount /system/framework specifically android.policy.jar pushed fine. Pushing SecSettings.apk to /system/app causes a "Permission denied" error. Can Android reject apks? I did a few minor edits to SecSettings.apk, from this mod: http://forum.xda-developers.com/showthread.php?t=2002620
4) Thanks for the boot.img size clarification; got a little worried after having "lost" 40% of the image, haha!
tl;dr:
1) Using either VTS or dsixda's kitchen to modify boot.img to ro.secure=0 and running "adb root" = "adbd cannot run as root in production builds." Pulled and flashed boot.img via adb dd.
2) Unrelated to issue 1 (I think): after mounting system via adb shell (mount -o remount,rw /system), I cannot push SecSettings.apk into /system/app ("Permission denied"), while android.policy.jar pushes just fine /system/framework.
I appreciate everyone's help here. I think it's something really little that I've missed and I just can't figure it out.
ikjadoon said:
EDIT: I gave up, haha. Thank you guys, though. I just copied and pasted both files onto /sdcard and then used the good 'ole adb shell mount -o remount,rw /system and then busybox cp of the files over. Copy worked. And the mod worked. And, honestly, I don't flash enough to make adb root worth it. It's a few extra seconds of my life to type the extra commands instead of taking 2 days to figure out this boot.img....
----
I re-did the ro.secure=0 edit in the boot.img through dsixda's kitchen, just to be sure it wasn't VTS. I also "flashed" it via adb dd in recovery this time instead of in Android. I also left ro.debuggable=0 as that does not seem pertinent to allowing adb to run as root, but simply to debug system apps, etc. Does anyone know any actual information on whether ro.debuggable=0 is required to allow adbd to run as root?
1) ADB shell as superuser: um, I didn't think about that! I thought adb root and adb remount were ADB commands, not shell commands? But, I tried it anyways, but it simply said "error: device not found". See http://prntscr.com/wvjmq
2) Right, ADB shell has SU rights as "always grant" per the SuperSU app.
3) Pushing with ADB: oh, huh! So, adb remount or mount -o remount,rw /system are not recursive? Meaning they only apply to the top-level directory? I think that's what you're saying, but that has never been a problem in the past...I think. And, technically, that doesn't explain why when I didn't mount /system/framework specifically android.policy.jar pushed fine. Pushing SecSettings.apk to /system/app causes a "Permission denied" error. Can Android reject apks? I did a few minor edits to SecSettings.apk, from this mod: http://forum.xda-developers.com/showthread.php?t=2002620
4) Thanks for the boot.img size clarification; got a little worried after having "lost" 40% of the image, haha!
tl;dr:
1) Using either VTS or dsixda's kitchen to modify boot.img to ro.secure=0 and running "adb root" = "adbd cannot run as root in production builds." Pulled and flashed boot.img via adb dd.
2) Unrelated to issue 1 (I think): after mounting system via adb shell (mount -o remount,rw /system), I cannot push SecSettings.apk into /system/app ("Permission denied"), while android.policy.jar pushes just fine /system/framework.
I appreciate everyone's help here. I think it's something really little that I've missed and I just can't figure it out.
Click to expand...
Click to collapse
If you post the kernel (untouched) for me. I will go through the process myself. That when when/if it works I can tell you my exact steps so that you can try it out for yourself. Let me know exactly what you are trying to accomplish also.
task650 said:
If you post the kernel (untouched) for me. I will go through the process myself. That when when/if it works I can tell you my exact steps so that you can try it out for yourself. Let me know exactly what you are trying to accomplish also.
Click to expand...
Click to collapse
You guys are too kind. I feel like you have more important things to do than help a sucker like me. If you're very bored, go ahead.
Attached is my stock, unadulterated boot.img inside a zip. What I am trying to accomplish: push system files from ADB (without going into the shell). I think you need adbd to run as root to do that, right? So, an "insecure" kernel. Thus, I should be able to type "adb root" and then "adb remount" to make /system rw instead of ro and then type "adb push SystemUI.apk /system/app/SystemUI.apk" and it work. I thought I just needed to make ro.secure=0 in the boot.img's default.prop, but it looks like that is not enough.
But, honestly, if it looks like it takes too much time (I'm serious; I honestly think Samsung sent me a borked phone), it's all good. ADB shell and Busybox cp will suffice. I'm just more curious of what I am doing wrong here.
~Ibrahim~
Interesting. I am getting the same error (yes, ro.secure=0 and ro.debuggable=1).
As soon as I am finished with the update I am working on I will look in to this - unless Task figures it out first. If for no other reason, just because I want to know.
Code:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\Me>cd c:\android
c:\Android>adb devices
* daemon not running. starting it now *
* daemon started successfully *
List of devices attached
041b9c2b device
c:\Android>adb shell
[email protected]:/ $ adb root
adb root
* daemon not running. starting it now on port 5038 *
* daemon started successfully *
error: device not found
1|[email protected]:/ $ su
su
[email protected]:/ # adb remount
adb remount
error: device not found
1|[email protected]:/ # adb root
adb root
error: device not found
1|[email protected]:/ #WTF?
upndwn4par said:
Interesting. I am getting the same error (yes, ro.secure=0 and ro.debuggable=1).
As soon as I am finished with the update I am working on I will look in to this - unless Task figures it out first. If for no other reason, just because I want to know.
Code:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\Me>cd c:\android
c:\Android>adb devices
* daemon not running. starting it now *
* daemon started successfully *
List of devices attached
041b9c2b device
c:\Android>adb shell
[email protected]:/ $ adb root
adb root
* daemon not running. starting it now on port 5038 *
* daemon started successfully *
error: device not found
1|[email protected]:/ $ su
su
[email protected]:/ # adb remount
adb remount
error: device not found
1|[email protected]:/ # adb root
adb root
error: device not found
1|[email protected]:/ #WTF?
Click to expand...
Click to collapse
You shouldn't be running adb root inside of a shell. You're running two instances of adb and only need the first connection. The reason you're getting device not found is because you're running an instance of adb on the device and it's looking for other devices. Try it again without running adb shell.
Sent from my SAMSUNG-SGH-I747
** DISCLAIMER: I AM NOT A DEVELOPER. I DO THIS AS A HOBBY AND SHARE MY FINDINGS IN CASE SOMEONE ELSE FINDS THEM USEFUL. **
** THIS WORKED ON MY DEVICE BUT IT MAY NOT WORK ON YOURS. APPLY AT YOUR OWN RISK **** This method is designed for Amazon fire phone. Do not use it on other devices unless you are familiar with Android file system and are able to apply proper modifications. **
This has been tested with the unlocked US version running 4.6.1.
This procedure installs superSU root binaries and busybox on your system.
Requirements
Make sure your PC can communicate with your fire phone via adb.
The success of this method depends on following the procedure very carefully. So read the instructions and make sure you understand every step before you try it.
Procedure
1- Install and run Kingroot 4.0. You can google and download it or you can use the one in the attached zip file. When Kingroot runs it is all in Chinese, but basically you need to be connected to the internet for it to work. It will do its thing and show progress up to 100% after which you can exit the program. Now your phone is rooted. The following steps replaces the Kinguser with SuperSU.
2- Unzip the attached file in your adb directory and then open an adb terminal and make sure the PC can see your phone (you can check that by typing adb devices). Then type the following:
Code:
adb push su /data/local/tmp
adb push busybox /data/local/tmp
adb shell
3- In the shell that you get type the following and make sure you give the permission when the phone prompts you:
Code:
su
4- Continue by typing the following commands:
Code:
mount -o remount,rw /system
cat /data/local/tmp/su >/system/xbin/daemonsu && chmod 0755 /system/xbin/daemonsu
cat /data/local/tmp/busybox >/system/xbin/busybox && chmod 0755 /system/xbin/busybox
daemonsu -d &
The key is to keep this session running while you continue with the rest, so be careful with typos and monitor this window for any errors.
5- At this point, leave the adb terminal window running and go to your phone, open the Kinguser app, open settings (the wheel at the top right corner of the screen), Root authorization setting, and Remove Root permission. The app will self-uninstall.
6- Uninstall the other two Kingroot programs that are still on your phone (KingRoot and the other one with the blue icon and Chinese text under it).
7- Back to the adb terminal, and type the following:
Code:
cat /data/local/tmp/su >/system/xbin/su && chmod 0755 /system/xbin/su
busybox chattr -ia /system/xbin/ku.sud
busybox chattr -ia /system/xbin/supolicy
rm /system/xbin/ku.sud
rm /system/xbin/supolicy
rm /system/bin/rt.sh
rm /system/bin/install-recovery.sh
rm /system/bin/shipclean
rm /system/bin/start-ssh
busybox chattr -ia /system/etc/install-recovery.sh
busybox chattr -ia /system/etc/install-recovery.sh-ku.bak
rm /system/etc/install-recovery.sh
rm /system/etc/install-recovery.sh-ku.bak
rm /system/etc/install_recovery.sh
rm /system/usr/icu/icusuflag.conf
busybox chattr -ia /system/usr/iku/isu
rm -rf /system/usr/iku
rm /system/kroot_*
rm /sdcard/kr-stock-conf
rm -rf /sdcard/Kingroot
rm -rf /data/data-lib/com.kingroot.RushRoot
rm -rf /data/data-lib/com.kingroot.kinguser
rm -rf /data/data-lib/king
Again, leave the adb terminal window running and go to your phone.
8- Install superSU (from the attached file) on your phone, run it, and let it update the SU binary.
9- Reboot the phone. After about 5 minutes your root is ready.
Hint: It is a good idea to disable Amazon device client platform, DCP platform contracts, and two apps called System Updates in Amazon settings. They are responsible for regular updates, constant chatter with Amazon servers, and possible patching of your root exploit. Also disable Kinesis service which is responsible for major battery drain and heating. You will find it under settings, display, configure motion and gesture settings. Disable all.
Troubleshooting
1- Most of the problems that I noticed people have encountered is due to not reading the instructions fully. So make sure you read the OP word by word.
2- If you miss a step or mess up something go back to installing Kingroot and start over from the beginning.
3- If instant video or some other Amazon app doesn't work it is because you should run them at least once prior to rooting the phone.
4- Finally, I noticed that with an AT&T sim card in the phone Kingroot fails (why am I not surprised?) Either a reboot occurs in the middle of rooting or it completes the cycle without accomplishing root. If that occurs, my best advice is to change your phone company. If that fails, you may need to factory reset your phone or even install the firmware from scratch and try again without the sim card.
Okay. Working. I tried it 2 Times because i get in troubles with the SuperSu App.
After First Time i Cant open it anymore after adb shell.
Second Time i installed SuperSu, but after adbshell the app was gone (!?) - but i installed it again with adb shell before reboot. Now SuperSu is Working.
And now tell me how to change the FireOS to a Android Status Bar with Notifications, and youre my Hero ;D
najoor said:
** DISCLAIMER: I AM NOT A DEVELOPER. I DO THIS AS A HOBBY AND SHARE MY FINDINGS IN CASE SOMEONE ELSE FINDS THEM USEFUL. **
** THIS WORKED ON MY DEVICE BUT IT MAY NOT WORK ON YOURS. APPLY AT YOUR OWN RISK **
This has been tested with the unlocked US version running 4.6.1.
Requirements
Make sure your PC can communicate with your fire phone via adb.
The success of this method depends on following the procedure very carefully. So read the instructions and make sure you understand every step before you try it.
Procedure
1- Install and run Kingroot 4.0. You can google and download it or you can use the one in the attached zip file. When Kingroot runs it is all in Chinese, but basically you need to be connected to the internet for it to work. It will do its thing and show progress up to 100% after which you can exit the program. Now your phone is rooted. The following steps replaces the Kinguser with SuperSU.
2- Unzip the attached file in your adb directory and then open an adb terminal and make sure the PC can see your phone (you can check that by typing adb devices). Then type the following:
Code:
adb push su /data/local/tmp
adb push busybox /data/local/tmp
adb shell
3- In the shell that you get type the following and make sure you give the permission when the phone prompts you:
Code:
su
4- Continue by typing the following commands:
Code:
mount -o remount,rw /system
cat /data/local/tmp/su >/system/xbin/daemonsu && chmod 0755 /system/xbin/daemonsu
cat /data/local/tmp/busybox >/system/xbin/busybox && chmod 0755 /system/xbin/busybox
daemonsu -d &
The key is to keep this session running while you continue with the rest, so be careful with typos and monitor this window for any errors.
5- At this point, leave the adb terminal window running and go to your phone, open the Kinguser app, open settings, Root authorization setting, and Remove Root permission .
6- Uninstall the other two Kingroot programs that are still on your phone (KingRoot and the other one with the blue icon and Chinese text under it).
7- Back to the adb terminal, and type the following:
Code:
cat /data/local/tmp/su >/system/xbin/su && chmod 0755 /system/xbin/su
busybox chattr -ia /system/xbin/ku.sud
busybox chattr -ia /system/xbin/supolicy
rm /system/xbin/ku.sud
rm /system/xbin/supolicy
rm /system/bin/rt.sh
rm /system/bin/install-recovery.sh
busybox chattr -ia /system/etc/install-recovery.sh
rm /system/etc/install-recovery.sh
busybox chattr -ia /system/etc/install-recovery.sh-ku.bak
rm /system/etc/install-recovery.sh-ku.bak
rm /system/kroot_*
rm /sdcard/kr-stock-conf
rm -rf /sdcard/Kingroot
rm /system/usr/icu/icusuflag.conf
busybox chattr -ia /system/usr/iku/isu
rm -rf /system/usr/iku
Again, leave the adb terminal window running and go to your phone.
8- Install superSU (from the attached file) on your phone, run it, and let it update the SU binary.
9- Reboot the phone. After about 5 minutes your root is ready.
Hint: It is a good idea to disable Amazon device client platform, DCP platform contracts, and two apps called System Updates in Amazon settings.
Click to expand...
Click to collapse
Not sure what I'm doing wrong but everything works till I get to rm stage of step 7. Im getting 255 read only file system error. Any ideas what I did wrong. since it didnt work to I have reinstall Kingroot and start over or do I start over from the adb shell part?
Viperise152 said:
Not sure what I'm doing wrong but everything works till I get to rm stage of step 7. Im getting 255 read only file system error. Any ideas what I did wrong. since it didnt work to I have reinstall Kingroot and start over or do I start over from the adb shell part?
Click to expand...
Click to collapse
Do you close the adb window between steps 4 and 7? Step 7 should be continued in the window that you left open in step 4.
Do you get any error message after you type each command in part 4?
To redo the process you should install the Kingroot again and stay overt from the beginning.
I did not get any errors for part 4 just when I get to the first rm command in part 7, I'm getting (rm failed for /system/xbin/ku.sud, Read-only file system). Is that normal?
FIXED!!!
Ok i was not following this step properly "open the Kinguser app, open settings, Root authorization setting, and Remove Root permission ." I was not doing through that Root authorization setting which was a few slots down.
Viperise152 said:
Not sure what I'm doing wrong but everything works till I get to rm stage of step 7. Im getting 255 read only file system error. Any ideas what I did wrong. since it didnt work to I have reinstall Kingroot and start over or do I start over from the adb shell part?
Click to expand...
Click to collapse
Please copy and paste the entire content of the adb terminal up to the point that you get the error message and send it to me via pm so I can debug it.
najoor said:
Please copy and paste the entire content of the adb terminal up to the point that you get the error message and send it to me via pm so I can debug it.
Click to expand...
Click to collapse
I still had this page open while I was giving it another go. I figured out what i was doing wrong. The " open the Kinguser app,open settings, Root authorization setting, and remove root permission." part I was just opening Kinguser settings and hitting the big center button turning it off. Did'nt realize i had to go down a few slots to the Root Authorization Setting then hit the Remove Root Permission. After i did it right Kinguser disappeared unistalled the other 2 apps. Everything after that work fine then. Thanks for trying to help me out. Maybe my confusion will help others.
Viperise152 said:
I still had this page open while I was giving it another go. I figured out what i was doing wrong. The " open the Kinguser app,open settings, Root authorization setting, and remove root permission." part I was just opening Kinguser settings and hitting the big center button turning it off. Did'nt realize i had to go down a few slots to the Root Authorization Setting then hit the Remove Root Permission. After i did it right Kinguser disappeared unistalled the other 2 apps. Everything after that work fine then. Thanks for trying to help me out. Maybe my confusion will help others.
Click to expand...
Click to collapse
Thanks for updating with what you were doing wrong. I was having the same issue. Cheers!
funkadelik said:
Thanks for updating with what you were doing wrong. I was having the same issue. Cheers!
Click to expand...
Click to collapse
And me too I should have read your post instead of bugging najoor who has been a great help to resolve my SuperSU
installation
Great thread :good::good:
thx for the guide.
can you explain why it is better to have SuperSu. What is wrong with kingsu?
planning to do this soon, cheers for the guide
so what is safe to remove out of the stock apps
veti said:
thx for the guide.
can you explain why it is better to have SuperSu. What is wrong with kingsu?
Click to expand...
Click to collapse
King user might even be a better SU than superSU, who knows? The problem is that we don't know kinguser. We don't know who wrote it, we don't know what kind of information it gathers, we don't know if it puts a backdoor exploit in your OS, etc. Super SU is a tool that we have used for years. We know exactly what supersu does and who wrote it. We can even communicate with him on xda. Chainfire, the author of SuperSU even has a weblog that he often uses to talk about the intricacies of designing a tool like superSU. There is almost nothing unknown or suspicious about superSU.
On the contrary kingroot/kinguser seems to be intrusive and sneaky. The first thing it does after rooting your phone is to install some random app on it that has nothing to do with rooting and at best I can describe it as bloat. It saves files and folders all over your phone for no apparent reason. Then, it does everything it can to prevent you from removing it. In effect, the only straightforward way to remove it is to give up root, and even then it very suspiciously leaves some executable files behind that God knows if they are sleeper cells or what. To devise the procedure in the OP I had to go through an extensive search to find every little carp that king user has planted into the system and truth be told I will not be surprised if I discover more hidden gems left behind.
The corrected op guide worked great. I had to tap a blue rectangle at two different times to get kingroot to finish (get to a screen that had 100% on it), but other than that, everything worked.
najoor said:
King user might even be a better SU than superSU, who knows? The problem is that we don't know kinguser. We don't know who wrote it, we don't know what kind of information it gathers, we don't know if it puts a backdoor exploit in your OS, etc. Super SU is a tool that we have used for years. We know exactly what supersu does and who wrote it. We can even communicate with him on xda. Chainfire, the author of SuperSU even has a weblog that he often uses to talk about the intricacies of designing a tool like superSU. There is almost nothing unknown or suspicious about superSU.
On the contrary kingroot/kinguser seems to be intrusive and sneaky. The first thing it does after rooting your phone is to install some random app on it that has nothing to do with rooting and at best I can describe it as bloat. It saves files and folders all over your phone for no apparent reason. Then, it does everything it can to prevent you from removing it. In effect, the only straightforward way to remove it is to give up root, and even then it very suspiciously leaves some executable files behind that God knows if they are sleeper cells or what. To devise the procedure in the OP I had to go through an extensive search to find every little carp that king user has planted into the system and truth be told I will not be surprised if I discover more hidden gems left behind.
Click to expand...
Click to collapse
Thank you _so_ much for your effort. I was doing some research too in advance prior to installing kingroot, but didn't get near as much useful information. Sniffing the network connection for any suspicious behaviour via wireshark and my router wasn't successful at all, as they use https.
I came up with the idea that they could have patched some of the system-apps to load an payload even after you tried to "delete everything"(tm). I am currently checking the MD5 and SHA-1 checksum of a identical, second Firephone without root.
---------- Post added at 09:09 PM ---------- Previous post was at 09:05 PM ----------
Also the Mods should pin your post. I totally agree that KingRoot uses intrusive behaviour - as it seems mostly for statistics, but anyway - and should be replaced with the method described in the OP.
EDIT: The MD5 checksum of an unrooted firephone is identical. The System apps might not have been replaced or touched at all. I didn't got a easy chance to check all apps with the SHA-1 checksum though.
Followed the directions and got the root with 0 issues
Just saw this article saying root is now achievable w/ SuperSU via Towelroot: http://dottech.org/180812/how-to-root-amazon-fire-phone-on-android-4-4-kitkat-guide/
Can anyone verify?
amf100 said:
Just saw this article saying root is now achievable w/ SuperSU via Towelroot: http://dottech.org/180812/how-to-root-amazon-fire-phone-on-android-4-4-kitkat-guide/
Can anyone verify?
Click to expand...
Click to collapse
No, it doesn't work. When you run it, the towelroot app pops up a message saying the phone is currently not supported.
Hmph! That's too bad. I wasn't with my fire phone to check for myself. The internet is so weird lol. Why make a whole page with instructions for nothing? Ugh lol
rm /system/bin/rt.sh
Click to expand...
Click to collapse
This part is not working for me. Can't seem to remove it with root explorer either. Any tips?
Im on 4.6.1 with SuperSu. If im Sideload 4.6.1 again and do an Factory Reset. Is root gone? Because Amazon send me New One Because Hardware issues