Develop Bugs

Superuser su binary

I've noticed that the su binary installed by superuser doesn't survive a reboot. Anyone else have this problem? Any fixes?
Sent from my SPH-D700 using XDA App

Same here. Have to re update after each reboot
Sent from my SPH-D700 using Tapatalk

same here, had to update the binary too

How do you update the su?

Launch superuser, go to settings and scroll to the bottom.
Sent from my SPH-D700 using XDA App

I've found 3 su:
/system/bin/jk-su (original from the oneclick/permanent)
/system/xbin/su (symlink to /sdx/su)
/sdx/su (superuser updates this one)
Superuser does not update /system/bin/jk-su so I decided to.
So far its working.
Sent from my SPH-D700 using XDA App

dangdang said:
I've found 3 su:
/system/bin/jk-su (original from the oneclick/permanent)
/system/xbin/su (symlink to /sdx/su)
/sdx/su (superuser updates this one)
Superuser does not update /system/bin/jk-su so I decided to.
So far its working.
Sent from my SPH-D700 using XDA App
Click to expand...
Click to collapse
How did you update it yourself?

Here's what worked for me. Keep in mind I am rooted using oneclick 2.2.4 which comes with busybox and remount scripts.
1. Update the su binary using superuser.
2. Launch a terminal (I use better terminal emulator pro)
3. Run 'su' from the terminal
4. Mount system rw with 'remount rw'
5. Remove jk-su with 'rm /system/bin/jk-su'
6. Copy the su binary superuser installed with 'cp /sdx/su /system/bin/jk-su'
7. Reboot and it should survive.
Notes:
Do not include single quotes when running the commands.
I'm paranoid about permissions so as root in terminal I ran:
chown root.shell /system/bin/jk-su
chmod 755 /system/bin/jk-su
To match the permissions of the removed jk-su. I'm not sure if this was necessary.
I haven't tested using adb yet so I don't know the steps.
Sent from my SPH-D700 using XDA App

Code:
#cp /sdx/su /system/bin/jk-su
cp: not found
the last part does not work (i have the same root method)
i have to re-root the phone when i get home today. but i will try to move the updated binary with root explorer instead of the command line.

Replace 'cp' with 'busybox cp'.
Sent from my Android using CDMA

dangdang said:
Replace 'cp' with 'busybox cp'.
Sent from my Android using CDMA
Click to expand...
Click to collapse
will try I had the same issues

dangdang said:
Here's what worked for me. Keep in mind I am rooted using oneclick 2.2.4 which comes with busybox and remount scripts.
1. Update the su binary using superuser.
2. Launch a terminal (I use better terminal emulator pro)
3. Run 'su' from the terminal
4. Mount system rw with 'remount rw'
5. Remove jk-su with 'rm /system/bin/jk-su'
6. Copy the su binary superuser installed with 'cp /sdx/su /system/bin/jk-su'
7. Reboot and it should survive.
Notes:
Do not include single quotes when running the commands.
I'm paranoid about permissions so as root in terminal I ran:
chown root.shell /system/bin/jk-su
chmod 755 /system/bin/jk-su
To match the permissions of the removed jk-su. I'm not sure if this was necessary.
I haven't tested using adb yet so I don't know the steps.
Sent from my SPH-D700 using XDA App
Click to expand...
Click to collapse
I have this exact same problem on my Samsung Moment (have to update SU every reboot).
The directory structure seem a bit different. For example, there's no /system/bin/jk-su (in fact, if I find / -name 'jk-su' I get no results at all).
I am poking around the directory structure trying to figure out where to find the source and destination su files that I'm going to have to overwrite and I can't seem to figure which is which. Does anyone have any idea how to do the functional equivalent of dangdang's post on a Moment?
Thanks!

Um... Why did you feel the need to necro this INCREDIBLY ANCIENT thread?

k0nane said:
Um... Why did you feel the need to necro this INCREDIBLY ANCIENT thread?
Click to expand...
Click to collapse
Because people like to bring out the bat again and continue to beat the remaining not decomposed guts out of the horse...
lmao

I was about to say. WTF is everyone talking about SU not surviving a reboot /noodlescratcher
davidrules7778 said:
Because people like to bring out the bat again and continue to beat the remaining not decomposed guts out of the horse...
lmao
Click to expand...
Click to collapse

k0nane said:
Um... Why did you feel the need to necro this INCREDIBLY ANCIENT thread?
Click to expand...
Click to collapse
It was the most relevant post after doing a search. Forum etiquette blows my mind. I can only imagine how much "use the search feature!" I'd have gotten if I'd have made a new post about this. Oh well, I tried.

lol. i hear ya!
DamienWind said:
It was the most relevant post after doing a search. Forum etiquette blows my mind. I can only imagine how much "use the search feature!" I'd have gotten if I'd have made a new post about this. Oh well, I tried.
Click to expand...
Click to collapse

DamienWind said:
It was the most relevant post after doing a search. Forum etiquette blows my mind. I can only imagine how much "use the search feature!" I'd have gotten if I'd have made a new post about this. Oh well, I tried.
Click to expand...
Click to collapse
most likely SU is built into your kernel and short of rebuilding or repacking your kernel you cant update it..

I have a samsung galaxy s I9000 running Gingerbread will this work for me..?

[Request] KF Bootloader Image

I need someone to do me a favor for a project I'm working on. You will need ADB and to know how to follow instructions.
YOUR BOOTLOADER MUST BE UNMODIFIED. *mine is or i would get it myself*
Note: don't type the $ or the # charcters $=not root #=root. It lets you know you are in the right place.
1. From linux terminal: adb shell
$ su
[if linux you will be asked for your password]
# dd if=/dev/block/mmcblk0p2 of=/data/local/tmp/bootloader.img
[some details about bytes done]
# exit (exit until you don't have a # or $ to the left)
2. adb pull /data/local/tmp/bootloader.img
3. ls -al bootloader.img
You should see the bootloader.img file here of non-zero size.
4. put a link as a reply to a download.
From Windows:
1. open an ADB command window (shift+right click on your Platform-Tools folder)
adb shell
$ su
# dd if=/dev/block/mmcblk0p2 of=/data/local/tmp/bootloader.img
[some details about bytes done]
# exit (exit until you don't have a # or $ to the left)
2. adb pull /data/local/tmp/bootloader.img
the file will be pulled to your platform-tools folder (or wherever you have your ADB files)
4. put a link as a reply to a download.
Upload and leave the link. Thanks in advanced. The sooner I get this file the sooner I can publish my project.

Sorry I would but I'm not home but correct me if I'm wrong but if you download the updates from Amazon's website, uboot and xboot are in the .zip. Is that what you're looking for?
Sent from my Galaxy Nexus using XDA App

Assuming everything worked, my bootloader is attached to this post.

JackpotClavin said:
Sorry I would but I'm not home but correct me if I'm wrong but if you download the updates from Amazon's website, uboot and xboot are in the .zip. Is that what you're looking for?
Sent from my Galaxy Nexus using XDA App
Click to expand...
Click to collapse
I tried to get a copy of the boot.img from amazon's site but the problem was it's all source code and I don't know how to compile it yet. (I'm getting there though, every day I move half the distance to the goal )

I can get it simple when I'm home. Just let me know if u still need it
Sent from my Galaxy Nexus using XDA App

Get the update for 6.2, rename the bin to .zip, unpack it and nab the u-boot.bin

pokey9000 said:
Get the update for 6.2, rename the bin to .zip, unpack it and nab the u-boot.bin
Click to expand...
Click to collapse
Oh, ok. I see my mistake now. Thanks.

Thanks, there will be a release in the next few days. Mods you can delete this thread.
Sent from my SPH-D710 using xda premium

Just the stock bootloader IMG that I stated
Sent from my SPH-D710 using xda premium

pyrostic said:
Just the stock bootloader IMG that I stated
Sent from my SPH-D710 using xda premium
Click to expand...
Click to collapse
I got my KF yesterday and am thus finally able to help where I can - do you still need the bootloader image?
Updated yesterday to 6.2 and everything is till unmodified (just pushed a few apps via adb).

emelie said:
I got my KF yesterday and am thus finally able to help where I can - do you still need the bootloader image?
Updated yesterday to 6.2 and everything is till unmodified (just pushed a few apps via adb).
Click to expand...
Click to collapse
no thank you, i already had one.

For posterity's sake, I've attached the u-boot I pulled from 6.0.

pokey9000 said:
For posterity's sake, I've attached the u-boot I pulled from 6.0.
Click to expand...
Click to collapse
Nice thanks pokey
Sent from my SPH-D710 using xda premium

[ICS][Deodex] stock system apps and framework [2.007.04_COM_GEN1]

This will have to be "flashed" through adb and your a100 needs to be on the newest update.
[STOCK ROM] Official Packages It's the first link on that post. We can thank vache for that.
All bloatware is still included, also acer's MusicA.odex did not deodex and is included.
Code:
$ adb shell
$ su
# stop
# mount -wo remount /system
# rm /system/app/*
# rm /system/framework/*
# cd /mnt/external_sd/path_to_tar
# busybox tar xvf A100_2.007.04_COM_GEN1_deodex.tar -C /
Permissions should be fine as it is in tar format otherwise:
Code:
# chmod 644 /system/app/*
# chmod 644 /system/framework/*
dalvik cache will be about 20MB larger and it should be wiped
Code:
# busybox rm /data/dalvik-cache/*
# exit
$ exit
$ adb reboot
It will take a bit longer on the first boot while the cache rebuilds
For anyone that doesn't know deodexing is only useful for creating a ROM/theme.
After any theming of the apps permissions will have to be set and keep the official stock ROM in hand in case of a bootloop.
Code:
# chmod 644 /system/app/apk_package
or
# chmod 644 /system/framework/jar_package
I've been running this for a few days and have had no issues at all.
Using this method we can start building some ROMS. I would suggest using tar and maybe include a small script to flash it.
Let me know if anyone wants a full ROM package as this is only the apps and framework.
A100_2.007.04_COM_GEN1_deodex.tar - 191.05 MB
[edit] As it turns out MusicA does not work at all, it doesn't even show up in the app drawer. Some guy named Jeff Lee compiled some of the framework wrong. com.acer.android.clearfilib_tablet.jar/C:/Users/Jeff_lee/Desktop/_acer/Jeff/clearfilib_tablet.java will not work. It should be a classes.dex file in the jar archive. Oh well it looks like its fixed in ICS.
02/22/12
Here's Deodex ICS, everything deodexed without issues. But without root this will be useless. [edit] We now have root so this will be very useful
A100_0.002.00_WW_GEN1_deodex.tar - 206.06 MB

Pending...

I was meaning to do this for a few days now and I am glad to see it works.
Did you do some more testing to see how it is, performance-wise?

Icewyng said:
I was meaning to do this for a few days now and I am glad to see it works.
Did you do some more testing to see how it is, performance-wise?
Click to expand...
Click to collapse
Nothing more than opening the stock apps and using it as I normally do. Just ran linpack, it got the same result as before deodexing. It really shouldn't run any better or worse. Though odex is supposed to be faster than using the dex format. It's also zipaligned so that can also speed things up a bit to compensate.

eww245 said:
This will have to be "flashed" through adb and your a100 needs to be on the newest update.
[STOCK ROM] Official Packages It's the first link on that post. We can thank vache for that.
All bloatware is still included, also acer's MusicA.odex did not deodex and is included.
Code:
$ adb shell
$ su
# stop
# mount -wo remount /system
# rm /system/app/*
# rm /system/framework/*
# cd /mnt/external_sd/path_to_tar
# busybox tar xvf A100_2.007.04_COM_GEN1_deodex.tar -C /
Permissions should be fine as it is in tar format otherwise:
Code:
# chmod 644 /system/app/*
# chmod 644 /system/framework/*
dalvik cache will be about 20MB larger and it should be wiped
Code:
# busybox rm /data/dalvik-cache/*
# exit
$ exit
$ adb reboot
It will take a bit longer on the first boot while the cache rebuilds
For anyone that doesn't know deodexing is only useful for creating a ROM/theme.
After any theming of the apps permissions will have to be set and keep the official stock ROM in hand in case of a bootloop.
Code:
# chmod 644 /system/app/apk_package
or
# chmod 644 /system/framework/jar_package
I've been running this for a few days and have had no issues at all.
Using this method we can start building some ROMS. I would suggest using tar and maybe include a small script to flash it.
Let me know if anyone wants a full ROM package as this is only the apps and framework.
A100_2.007.04_COM_GEN1_deodex.tar - 191.05 MB
Click to expand...
Click to collapse
Great work eww245! I am definately interested.....just noticed your thread today.

Is there a way to do this on the tablet itself?? Thanks for the work....
Sent from my ADR6400L using xda premium

BrothaJINC said:
Is there a way to do this on the tablet itself?? Thanks for the work....
Sent from my ADR6400L using xda premium
Click to expand...
Click to collapse
Probably but be prepared for a lot of force closings. I suggest you immediately end it with reboot ex: # busybox tar x.... ; reboot
and don't use stop, the screen will go black. Good Luck

So just put in the code above on a terminal then reboot. And have the file on the sdcard
Sent from my ADR6400L using xda premium

BrothaJINC said:
So just put in the code above on a terminal then reboot. And have the file on the sdcard
Sent from my ADR6400L using xda premium
Click to expand...
Click to collapse
Yep, not sure if your on ICS but I haven't tested it yet.

No I'm trying to get to ics... I'm on gen2.... Will post back how it went.... Thanks for the help...
Sent from my ADR6400L using xda premium

Using this method we can start building some ROMS. I would suggest using tar and maybe include a small script to flash it.
Let me know if anyone wants a full ROM package as this is only the apps and framework.
A100_2.007.04_COM_GEN1_deodex.tar - 191.05 MB
hello eww245, i am not familiar with this and at the risk of sounding like a total newb, how would one go about this....what i mean is could you just give the basics to get me started....how would we get past the acer signature and checksums? thanks so much for your hard work

oneovakindoldys2 said:
Using this method we can start building some ROMS. I would suggest using tar and maybe include a small script to flash it.
Let me know if anyone wants a full ROM package as this is only the apps and framework.
A100_2.007.04_COM_GEN1_deodex.tar - 191.05 MB
hello eww245, i am not familiar with this and at the risk of sounding like a total newb, how would one go about this....what i mean is could you just give the basics to get me started....how would we get past the acer signature and checksums? thanks so much for your hard work
Click to expand...
Click to collapse
As far as signatures, all the apks and jars are signed but unless you sign them with all the same keys, files will have to be added / replaced in the archive. They are just zip files.
One tool baksmalli code.google.com/p/smali/ allows the code to be extracted into smalli code, which is quite difficult to read. That's what I used to deodex the files, but something like adding a reboot menu to the long press power button is possible.
Another, ApkTool code.google.com/p/android-apktool/ Will decode all the xml files and extract the images. With that it's possible to change or add string values. Like new translation values or changing text that's already there.
The eaisest edit would be just replacing images. So using 7zip or if you use linux xarchiver works good. As I mentioned above if the apks/jars are unzipped and rezipped the signature changes. So the images will have to be replaced in the archive.
I haven't experiment much yet my self, I tried to change the autobacklight values without any effect, but I did manage to add a CRT power off effect to the framework-res.apk.
Good luck hopefully this helps.

eww245 said:
As far as signatures, all the apks and jars are signed but unless you sign them with all the same keys, files will have to be added / replaced in the archive. They are just zip files.
One tool baksmalli code.google.com/p/smali/ allows the code to be extracted into smalli code, which is quite difficult to read. That's what I used to deodex the files, but something like adding a reboot menu to the long press power button is possible.
Another, ApkTool code.google.com/p/android-apktool/ Will decode all the xml files and extract the images. With that it's possible to change or add string values. Like new translation values or changing text that's already there.
The eaisest edit would be just replacing images. So using 7zip or if you use linux xarchiver works good. As I mentioned above if the apks/jars are unzipped and rezipped the signature changes. So the images will have to be replaced in the archive.
I haven't experiment much yet my self, I tried to change the autobacklight values without any effect, but I did manage to add a CRT power off effect to the framework-res.apk.
Good luck hopefully this helps.
Click to expand...
Click to collapse
Thanks alot Eww, I will do some research on this and see what I can come up with. In the meantime, I have a question [mission actually...lol] for anyone that might have some knowledge. I have been working on cracking fastboot and nvflash on our a100 so we can flash custom roms. I have come to the conclusion that our fastboot/nvflash is locked/disabled in the default prop and init. I have been working on this in my spare time....anyway, this is the progress i have made so far ....i have extracted the leaked ics release, decompressed it, extracted the boot image, unpacked it and used split_boot to seperate the ramdisk from the kernel and made the changes that I thought were necessary. I then used mkboot and finally got it gzipped up without any errors. I now have an edited boot.img for the a100 that should enable fastboot operation, however I have no way to get it back on to the tablet.....tis is the dilemma! Any suggestions with merit will certainly be appreciated. thanks again

How do get cm7 to boot? i flashed it on safestrap 3.05 but all i get is black screen. also check y D3 rom Collection filled the best D3 roms https://www.mediafire.com/folder/b0gq735hrqxx6/Droid_3_ROMS

[HOW-TO] [GSM & CDMA] Root without Unlocking Bootloader via exploit (for 4.0.1/4.0.2)

[HOW-TO] [GSM & CDMA] Root without Unlocking Bootloader via exploit (for 4.0.1/4.0.2)
Edit: This does not works on anything newer than ICL53F (i.e., 4.0.2). It works fine on ITL41D (4.0.1), ITL41F (4.0.1) and ICL53F (4.0.2)
Once you have got root, you can now use segv11's BootUnlocker app to unlock your bootloader without wiping anything. Easy as pie!
Disclaimer: I take no credit for this exploit or the implementation of it (but I will take credit for the step-by step ). Thanks to kendong2 for pointing it out to me here.
So, it looks like zx2c4 has found a local privilege escalation exploit. See source here, and saurik has managed to package it together for Android. See here. Although this may be old news to some, I hadn't seen it before.
So what does this all mean:
If you are running a 2.6.39 kernel (or above), which all Galaxy Nexus' are, you can now root your device without having to unlock your bootloader (and without losing your data).
Moreover, you should now be able to root your device even if your hardware buttons are not working.
Additionally, this allows those who have not received an OTA update and want to apply it without having an unlocked bootloader or root to do so by copying the OTA update to /cache from /sdcard.
Notes:
1) This assumes that you have USB Debugging enable on your device (Settings > Developer Options > Enable USB Debugging) and the drivers for your device installed on your computer. For the drivers, I would recommend you remove all old drivers and install these. If you don't know how to install them, or are having issues, look here.
2) This needs to be done over ADB, as a terminal emulator on-device does not have the appropriate access. If you do not have ADB, I've attached it in the zip. Unzip all files.
3) Some users indicate that, once finished the procedure, they needed to open the Superuser app.
Step-by-step:
1) Download the attached files to your computer and unzip them in the same directory as your adb.exe file;
2) Open a command prompt in the same directory;
3) Copy the files to your device:
adb push mempodroid /data/local/tmp/mempodroid
adb push su /data/local/tmp/su
adb push Superuser.apk /data/local/tmp/Superuser.apk
4) Open a shell: adb shell
5) Change permission on mempodroid to allow it to run: chmod 777 /data/local/tmp/mempodroid
6) Run the exploit: ./data/local/tmp/mempodroid 0xd7f4 0xad4b sh
Note: Once you do step 6, your prompt should change from $ to #. If not, it did not work.
7) Mount the system partition as rw: mount -o remount,rw -t ext4 /dev/block/mmcblk0p1 /system
8) Copy su to /system: cat /data/local/tmp/su > /system/bin/su
9) Change permissions on su: chmod 06755 /system/bin/su
10) Copy Superuser.apk: cat /data/local/tmp/Superuser.apk > /system/app/Superuser.apk
11) Change permissions on Superuser.apk: chmod 0644 /system/app/Superuser.apk
12) Mount the system partition as r/o: mount -o remount,ro -t ext4 /dev/block/mmcblk0p1 /system
13) Rescind root: exit
14) Exit the ADB shell: exit
15) Done. You now should have root without having to unlock your bootloader.

Reserved

Reserved

This is the same as https://github.com/saurik/mempodroid
saurik ftw.

times_infinity said:
This is the same as https://github.com/saurik/mempodroid
saurik ftw.
Click to expand...
Click to collapse
Not sure what you are getting at? I mentioned saurik in the first post, and the link you posted is in the first post. And I mentioned that this may be old news, but I haven't seen it anywhere before today in the GN forums.

Yikes! This exploit works on any kernel from 2.6.39 and >. This could become a common root method for many devices. Linus Torvalds himself posted the fix commit! Nice work by zx2c4!

Sleuth255 said:
Yikes! This exploit works on any kernel from 2.6.39 and >. This could become a common root method for many devices. Linus Torvalds himself posted the fix commit! Nice work by zx2c4!
Click to expand...
Click to collapse
You need ics to have a vulnerable kernel version, so given the number of devices which currently have ics officially, I doubt it will be common. I'd also expect Google and vendors to correct this in next release.
Also many custom kernels don't have this flaw as they are at or over 3.0.18 or have patched it. This prevents gaining unnoticed root.
Sent from my Galaxy Nexus

Hmmm I thought 2.6.39 was found in GB builds. This exploit is almost a root fix for the Moto DX 4.5.621 fiasco. Unfortunately the kernel for that build is 2.6.32.9.
Sent from my Galaxy Nexus using xda premium

This was huge in the headlines a few weeks back. It's nice to see someone putting it to a good use!
Sent from my Galaxy Nexus using xda premium

Hi, been lurking awhile, registered to clear up somethings.
I did some research while attempting to access the /data/local/ -folder with terminal emulator and I found that it would be impossible to write or to find it while being unrooted. Rooting a phone through using an unrooted access root seems impossible.
Did I miss something or is there any other way to copy mempodroid to the data- folder? I sure would like to keep all my files.

Huxleysäl said:
Hi, been lurking awhile, registered to clear up somethings.
I did some research while attempting to access the /data/local/ -folder with terminal emulator and I found that it would be impossible to write or to find it while being unrooted. Rooting a phone through using an unrooted access root seems impossible.
Did I miss something or is there any other way to copy mempodroid to the data- folder? I sure would like to keep all my files.
Click to expand...
Click to collapse
I think you are mistaken. In a terminal emulator type: cd /data/local/tmp
Edit: Fixed a mistake made by auto correct...
Sent from my Galaxy Nexus using Tapatalk

efrant said:
I think you are mistaken. In a terminal emulator type: cd /data/local/temp
Sent from my Galaxy Nexus using Tapatalk
Click to expand...
Click to collapse
Just did. It says "No such file or directory."
Not the best source, but if you google it, people state what I state. Sorry, can't post links

try /data/local/tmp

Huxleysäl said:
Just did. It says "No such file or directory."
Not the best source, but if you google it, people state what I state. Sorry, can't post links
Click to expand...
Click to collapse
Sorry, damn auto correct. It should be: cd /data/local/tmp
Not "temp".
It works fine.
Edit: Sleuth255 beat me to it!
Sent from my Galaxy Nexus using Tapatalk

efrant said:
Sorry, damn auto correct. It should be: cd /data/local/tmp
Not "temp".
It works fine.
Edit: Sleuth255 beat me to it!
Sent from my Galaxy Nexus using Tapatalk
Click to expand...
Click to collapse
Sure, OK, it worked. But as I'm trying to replicate his instructions, copying mempodroid to data/local/tmp doesn't compute. I tried extracting the files, puting mempodroid in a new folder in ./sdcard/ (which I named Nex), and it still couldn't find it.
Wait, just had an idea. Brb

Huxleysäl said:
Sure, OK, it worked. But as I'm trying to replicate his instructions, copying mempodroid to data/local/tmp doesn't compute. I tried extracting the files, puting mempodroid in a new folder in ./sdcard/ (which I named Nex), and it still couldn't find it.
Wait, just had an idea. Brb
Click to expand...
Click to collapse
Hmm. Looks like you may be correct. In GB, we had write access to that directory, but it looks like we don't in ICS. I'll have another look tomorrow and try to figure something out.
Sent from my Galaxy Nexus using Tapatalk

OK, this is exactly what I did:
I downloaded the files, extracted them into the ./sdcard folder of my android. I opened the console, wrote exactly as stated. Reaction? Cannot create /data/local/tmp/mempodroid: Permission denied
So, what I'm thinking is this: I tried the cd ./sdcard/mempodroid, found it. So, logically, that should mean that since the permission is dennied, the problem lies not in where I put the mempodroid, but with my authority over my phone. So, here we are again. Could anybody smarter then me clarify?
efrant said:
Hmm. Looks like you may be correct. In GB, we had write access to that directory, but it looks like we don't in ICS. I'll have another look tomorrow and try to figure something out.
Sent from my Galaxy Nexus using Tapatalk
Click to expand...
Click to collapse
****, I was hoping I was wrong. I originally thought that the exploit was this. But alas.
Try finding an alternative write route to the /data/local/- folder. That should solve all problems, I guess. Big words, ey? This is for the simpletons like me, who stupidly forgot to bootload.

Might want to expand on the steps.
Like what program to use to copy the file.
How do you change permission.
How do you run the exploit.
How to mount rw.
How to copy su.

convolution said:
Might want to expand on the steps.
Like what program to use to copy the file.
How do you change permission.
How do you run the exploit.
How to mount rw.
How to copy su.
Click to expand...
Click to collapse
I hade my initial problems with that too. But as if this moment it doesn't really matter. Read above posts. Anyhow, to answer your question: you need to download a console emulator
Just search for it in the market. Also the commands go in this console
For example: cat /directory/filename > /newdirectory/samefilename means to copy or move from one place. To change permission you just write that line of code ending with 777 instead of cat and then the filename etc and etc.
I didn't know any of this 'till yesterday, so it is quite understandable.
cheers

Huxleysäl said:
F***, I was hoping I was wrong. I originally thought that the exploit was this. But alas.
Try finding an alternative write route to the /data/local/- folder. That should solve all problems, I guess. Big words, ey? This is for the simpletons like me, who stupidly forgot to bootload.
Click to expand...
Click to collapse
I've updated the first post. Give that a go and let me know how it turns out. (The guide may need some minor tweaking, but I am here to help you through it.)
It seems that ADB has rw access to /data/local/tmp but a terminal emulator on-device does not. So for now, you need to be plugged into your computer.
It may be possible to do this with ADB-over-Wi-Fi, but I haven't gotten there yet.

[GUIDE] Rooting your phone...from your phone [ALL US SGS3]

Rooting your phone...from your phone (what?!)
DISCLAIMER: I do not expect anything to go wrong as I have personally tested this. However, YOU are choosing to make these modifications to your phone so I DO NOT take responsibility for any damage that may come as a result of using this. If you come back and point the finger at me, I will laugh at you.
If your phone is not an SGS3, this MAY still work for you. I take absolutely NO responsibility either way.
Prerequisites
The following files are attached to this post for convenience. Download and install the apps, download and extract the zip file somewhere convenient.
Superuser by Koush(MUST be this one. You can change it later if you so desire.)
Terminal Emulator by Jack Palevich ( MUST be this one)
Zip file, extracted somewhere convenient
Click to expand...
Click to collapse
Click to expand...
Click to collapse
THE GOODS
These generic names will be used:
/path/to/motochopperDir - This is the full path to the extracted motochopper-mobile DIRECTORY or FOLDER. Example: /sdcard/motochopper-mobile (will vary depending on where you extracted the files).
NOTE: After running the script, Motochopper may or may not print "Failed", but the exploit DOES indeed work regardless of this. Make sure you reboot for changes to take effect.
Click to expand...
Click to collapse
Click to expand...
Click to collapse
Download the attached zip file AND both apps.
Install Terminal Emulator and Superuser (use a file manager, navigate to the downloaded .apk files and click on each file to install them).
Open up Terminal Emulator and type the following commands. Press the ENTER key after each command.
Code:
cd /path/to/motochopperDir
cat setup.sh > /data/data/jackpal.androidterm/setup.sh
cd /data/data/jackpal.androidterm
chmod 755 setup.sh
./setup.sh /path/to/motochopperDir
From there, my setup.sh script will handle the rest of the process. If you are still unsure, see my sample run below.
Sample run (files were extracted to /sdcard/moto)
Code:
cd /sdcard/moto
cat setup.sh > /data/data/jackpal.androidterm/setup.sh
cd /data/data/jackpal.androidterm
chmod 755 setup.sh
./setup.sh /sdcard/moto
Credits
Motochopper exploit by djrbliss (Dan Rosenburg). Original thread here.
Jack Palevich and Koush for their apps, especially Jack Palevich. This would not be possible without the shared permissions on his app's data directory.
Click to expand...
Click to collapse
Click to expand...
Click to collapse
Links
Download the attachments!
Click to expand...
Click to collapse
Click to expand...
Click to collapse

Flash counters, etc?
Will this method increment any of the flash counters, turn on the triangle etc??

kwmike said:
Will this method increment any of the flash counters, turn on the triangle etc??
Thanks.
Click to expand...
Click to collapse
No, it will not. That's the point, there's no need to use ODIN.
The Thanks button is just to avoid "THANKS" posts in threads. Nothing more. Don't defeat the purpose of why it was introduced.

Not working on new ATT S3 I747
This tool is not working for me. I have tried several times. I always get a 'failed' msg.
I have a 2 day old brand new S3 i747 from ATT. Stock JB 4.1.1
I extracted the motochopper-mobile.zip files to /storage/sdcard0/moto/.
The setup.sh script is in the /data/data/jackpal.androidterm after it is run. The other moto related files are not there as if the script had run ok.
After the reboot superuser needs a new binary and fails when the binary update is attempted.
All other root sensitive apps fail.
_________________________________________________________________________________________________
FIXED:
I used the download/instructions on the OP on the following link:
http://forum.xda-developers.com/showthread.php?t=2252248
While it does not do all the work from the S3 and must be loaded from a Windows environment , it did the job perfectly.
Flash counter, triangle etc. not triggered!!

Try downloading the files and run it again.
I tested it by deleting my su binary and then I ran this tool and rebooted. And BAM, su was placed in /system once again and superuser was fine.
If it still doesn't work, go to the original Motochopper thread and follow the instructions there using your computer.
The Thanks button is just to avoid "THANKS" posts in threads. Nothing more. Don't defeat the purpose of why it was introduced.

Files are now attached to the OP.

CNexus said:
Rooting your phone...from your phone (what?!)
DISCLAIMER: I do not expect anything to go wrong as I have personally tested this. However, YOU are choosing to make these modifications to your phone so I DO NOT take responsibility for any damage that may come as a result of using this. If you come back and point the finger at me, I will laugh at you.
If your phone is not an SGS3, this MAY still work for you. I take absolutely NO responsibility either way.
Download the attached zip file AND both apps.
Install Terminal Emulator and Superuser (use a file manager, navigate to the downloaded .apk files and click on each file to install them).
Open up Terminal Emulator and type the following commands. Press the ENTER key after each command.
Code:
cd /path/to/motochopperDir
cat setup.sh > /data/data/jackpal.androidterm/setup.sh
cd /data/data/jackpal.androidterm
chmod 755 setup.sh
./setup.sh /path/to/motochopperDir
From there, my setup.sh script will handle the rest of the process. If you are still unsure, see my sample run below.
Sample run (files were extracted to /sdcard/moto)
Code:
cd /sdcard/moto
cat setup.sh > /data/data/jackpal.androidterm/setup.sh
cd /data/data/jackpal.androidterm
chmod 755 setup.sh
./setup.sh /sdcard/moto
Click to expand...
Click to collapse
This is too cool. Had no idea this was possible. Is it possible to post screenshots to help the really new members out? That's just a suggestion.
Sent from my SAMSUNG-SGH-I747 using Tapatalk 4 Beta

Bruce Lee said:
This is too cool. Had no idea this was possible. Is it possible to post screenshots to help the really new members out? That's just a suggestion.
Sent from my SAMSUNG-SGH-I747 using Tapatalk 4 Beta
Click to expand...
Click to collapse
It is...I'm a little busy working on other projects at the moment though, as you can see from my sig
Sent from my S3 on Sense 5

That's cool I totally understand. Just thought I would plant the seed. Lol
Sent from my SAMSUNG-SGH-I747 using Tapatalk 4 Beta

So this is suppose to allow Rooting without the use of a computer? if so, im in!

dannieloco said:
So this is suppose to allow Rooting without the use of a computer? if so, im in!
Click to expand...
Click to collapse
Yes, but so far I have only been able to confirm that it works on a couple Sprint phones...you can try it, but I can't guarantee that it will actually root your phone
It finely don't brick it though, if you're worried.

CNexus said:
Yes, but so far I have only been able to confirm that it works on a couple Sprint phones...you can try it, but I can't guarantee that it will actually root your phone
It finely don't brick it though, if you're worried.
Click to expand...
Click to collapse
Yeah Ive read about the motochopper method and its pretty safe.. wont brick the phone. I was actually going to do this to my friend's S3 on sprint. My att s3 is already rooted and rom'd

dannieloco said:
Yeah Ive read about the motochopper method and its pretty safe.. wont brick the phone. I was actually going to do this to my friend's S3 on sprint. My att s3 is already rooted and rom'd
Click to expand...
Click to collapse
Ah ok, good deal haha

CNexus said:
Ah ok, good deal haha
Click to expand...
Click to collapse
So i just tried following every single step but it wont allow for SU binaries to update. When i finished each line of code, it said FAILED and to reboot/battery pull which I did.. Not sure what to do. I was hoping it worked.. did I do something wrong? I even tried installing superuser from the app store and it wasnt updating binaries either.. TitaniumBackup didnt work...

I don't know. Just use the regular method of using ODIN to send a recovery and then flash SU :\

i install 2 apps and kept the zip motochopper on external sd no extract and then use terminal but when i put the codes and hit enter it says "no such file" what am doing wrongg?? please help i need this
Sent from my SAMSUNG-SGH-I747 using xda premium

smallyetzon said:
i install 2 apps and kept the zip motochopper on external sd no extract and then use terminal but when i put the codes and hit enter it says "no such file" what am doing wrongg?? please help i need this
Sent from my SAMSUNG-SGH-I747 using xda premium
Click to expand...
Click to collapse
You're supposed to extract the zip and then pass the path to the directory to setup.sh...

CNexus said:
You're supposed to extract the zip and then pass the path to the directory to setup.sh...
Click to expand...
Click to collapse
ok extracted to extsdcard example:
cd /storage/extsdcard/motochopperdir
???????
Sent from my SAMSUNG-SGH-I747 using xda premium
---------- Post added at 04:40 AM ---------- Previous post was at 04:22 AM ----------
CNexus said:
You're supposed to extract the zip and then pass the path to the directory to setup.sh...
Click to expand...
Click to collapse
i think i did it couse terminal acepted all codes so i restarted and now superuser ask me to update su binary ?? am i done?? please help
Sent from my SAMSUNG-SGH-I747 using xda premium

If you extracted to that directory, then the command you need to run is "./setup.sh /storage/extsdcard/motochopperdir"
But first you need to do "cd /data/data/jackpal.androidterm" if you're not already in that directory.

CNexus said:
If you extracted to that directory, then the command you need to run is "./setup.sh /storage/extsdcard/motochopperdir"
But first you need to do "cd /data/data/jackpal.androidterm" if you're not already in that directory.
Click to expand...
Click to collapse
im so lost my bad i dont want to make u waist your time but is it posible for you to send me the exact commands from top to bottom? i tried your sample and i dont know somethimes it tells me too many arguments haha its getting mad at me sorry for my ignorance on this anyway the extracted zip is on sdcard and is called motochopper-mobile thanks
Sent from my SAMSUNG-SGH-I747 using xda premium