Related
[Update 12/23] For those of you unable to install the new system update, I've found a solution -- scroll down to the update! I AM NOT RESPONSIBLE FOR ANY DAMAGES THAT MAY OCCUR!
So I figured I'd at least get things started - Credit goes to whomever first tried z4root on their Droid Pro - and to mahst687 for the deodexing.
Lets Begin!
Resources:
Motorola ADB Driver
Android SDK
xUltimate V2.2.2
(Can't post links apparently, sorry -- googles your friend!)
#1 Root:
As seen on numerous android sites already, root is obtainable via z4root in the market. It may not work the first, second, or even third time -- just keep trying, it works I promise.
#2 Bootstrap and Clockwork Recovery
Download and install 'Rom Manager' from the Market. Once installed flash the Droid2 Clockwork Recovery. After flashing, obtain the Droid2 Bootstrapper and install it. Confirm Clockwork Recovery works by booting to recovery via Bootstrap.
#2 Deodex:
Download Android SDK for ADB, as well as the Motorola ADB Drivers posted above. Second, download xUltimate - also posted above. Once everything is downloaded and installed we're ready to begin.
1. Run Main in the xUltimate package - if the ADB drivers installed successfully you should be greeted with a menu containing several options - great!
2. Next run option 1.
3. Run option 2.
3. Run option 3 - sit back and relax for a bit
4. Once option 3 is done doing its thing, navigate to the xUltimate folder, more specifically the "origi_frame", and delete guava.odex
5. Run option 4 - it'll be a short wait
6. Exit the xUltimate
7. Enable USB Mass Storage on the phone and transfer both "done_app", and "done_frame" to the ROOT of the SD card.
8. Once both folders have transferred disable USB Storage, but keep the phone plugged in via USB.
9. Open up a command prompt and browse to the android SDK Tools folder (or where ever your ADB executable is located).
10. Enter the following commands:
Code:
adb shell
su
stop
mount -o rw,remount -t ext3 /dev/block/mmcblk1p21 /system
cp /sdcard/done_app/* /system/app/
cp /sdcard/done_frame/* /system/framework/
rm /system/app/*.odex
rm /system/framework/*.odex
mount -o ro,remount -t ext3 /dev/block/mmcblk1p21 /system
reboot
11. If all went well your phone should reboot - which may take a few minutes. Enjoy!
[Update]12/23/2010
For those of you unable to get the new Droid Pro OTA working I have found a solution! You will need:
1)Root
2)Clockwork Recovery
3)System.img from update
4)Current Nandroid backup of your phone
5)ADB drivers and ASDK
So lets begin.
1)Boot into Clockwork recovery and create a backup of your phone.
2)Once complete, mount the phone as USB storage and pull the system.img file from the nandroid backup folder, as well as the nandroid.md5 (KEEP THESE FILES SAFE!!!!!)
3)Obtain the system.img file from here (Compliments of whoopsiedaisy).
4)Replace the system.img file in the Nandroid backup folder on your PHONE.
5)ADB into your phone (preferably still in recovery) and do the following:
Code:
adb shell
# cd /sdcard/clockworkmod/backup/2010-xx-xx.xx.xx.xx
# rm nandroid.md5
# md5sum *img > nandroid.md5
6)If all goes will it should create a new MD5 checksum file utilizing the new system.img
7)Go to the 'backup and restore' menu in Clockwork, and select 'Advanced Restore'
8)Select the correct nandroid backup folder where the new system.img file is located, and then select 'Restore System'
9)Assuming all goes well, go to Settings, About and check your new system version!
Nice, can't wait to try this on my wifes phone after work.
Sent from my ADR6300 using XDA App
Is the second step necessary if you just want root access so you can install Wireless tether, etc?
jayhammy said:
Is the second step necessary if you just want root access so you can install Wireless tether, etc?
Click to expand...
Click to collapse
Not at all. Simply run z4 if all you require is root access (and a host of apps like Wireless Tether, DroCap, Titanium Backup ...)
Can you please post the quickoffice apk from the Dpro so I can put on an DX? Same would go for the software that allows me to Invite attendees to meetings using GAL. It be copasetic if you can.
Thanks a ton! Freaking worked flawlessly on my Droid X.
Nate
Cool. Cant wait to try this on my wife's phone.
I downloaded everything you said and i started my deodex but when i select option 3 in main it tells me "error no odex file" have i done something wrong please advise
Is it really that simple?
I feel like I must be missing something. I just download an app from the market and reboot and I'm rooted?
Also, what is the deodex for? I want to root my phone to install the apps I want and I want wifi tether. Do I need it?
Also, I really want to understand what is going on under the hood, but I don't know where to start. Is there a 'for dummies' tutorial somewhere that I can go to to start understanding what all of this stuff is, so I can make informed decisions for myself about what I want instead of begging for help on internet forums? Thanks in advance for any suggestions.
Is there a way to unroot? I am not rooted but just curious.
rllong1 said:
Is there a way to unroot? I am not rooted but just curious.
Click to expand...
Click to collapse
Yes, Z4Root app allows you to root, re-root, and UNroot.
I see no uproot button on the screen. Only a root button
Sent from my DROID PRO using XDA App
I had version 1.1 of z4. I now have the. 3 version and it has the unroot button
Sent from my DROID PRO using XDA App
rllong1 said:
I see no uproot button on the screen. Only a root button
Sent from my DROID PRO using XDA App
Click to expand...
Click to collapse
You'll only see the unroot button once you've rooted. Otherwise, it will first show only the "root" option.
jayhammy said:
You'll only see the unroot button once you've rooted. Otherwise, it will first show only the "root" option.
Click to expand...
Click to collapse
I was rooted. I had titanium installed and superuser. Z4 ran fine but I had an old version of it. I dont know if that matters but thats all I did. I downloaded the 1.3 version and I now have the unroot button. On the old version there was no option for temp root either. Just root. On the version I have now there is a temp root and perm root button.
Would just like to let people know that your method for "updating" via nandroid backup would not work for me. Followed all the instructions to the letter and during the advanced restore I continually received md5sum mismatch errors.
So I took the chance and updated through the OTA update, it installed fine but lost root. Ran z4root (twice) and gained root access again .
Looking forward to some real custom daily driver roms for this guy.
darkninja157 said:
Would just like to let people know that your method for "updating" via nandroid backup would not work for me. Followed all the instructions to the letter and during the advanced restore I continually received md5sum mismatch errors.
So I took the chance and updated through the OTA update, it installed fine but lost root. Ran z4root (twice) and gained root access again .
Looking forward to some real custom daily driver roms for this guy.
Click to expand...
Click to collapse
Is there a way to uninstall the CWM recovery?
darkninja157 said:
Would just like to let people know that your method for "updating" via nandroid backup would not work for me. Followed all the instructions to the letter and during the advanced restore I continually received md5sum mismatch errors.
So I took the chance and updated through the OTA update, it installed fine but lost root. Ran z4root (twice) and gained root access again .
Looking forward to some real custom daily driver roms for this guy.
Click to expand...
Click to collapse
Kinda new to the whole rooting thing, just got a new Pro and rooted successfully with z4root, got rid of bloatware and installed titanium backup, wifi tether, etc. Am I correct in reading your post that I can unroot, OTA update, and re-root again? If so, will I have to uninstall bloatware again, or reinstall root apps? Or any other repeats? Any danger in doing this?
mynameismolotov said:
Kinda new to the whole rooting thing, just got a new Pro and rooted successfully with z4root, got rid of bloatware and installed titanium backup, wifi tether, etc. Am I correct in reading your post that I can unroot, OTA update, and re-root again? If so, will I have to uninstall bloatware again, or reinstall root apps? Or any other repeats? Any danger in doing this?
Click to expand...
Click to collapse
No need to un-root. This update is for the system portion only and does not touch the userdata. I simply went ahead on the rooted phone, let the OTA update download and install. In doing so lost root, but had no trouble gaining root access again via z4root. Did not have to re-remove any of the bloatware, at least if I remember correctly. Root apps will not need to be reinstalled but you may need to re-give them permission for root access. No danger that I have noticed or can think of.
For anyone doing the update the android method....
For it to work
You must do the adb "new" md5 creation portion with your phone in clockwork recovery for it to work and to not receive the mismatch error...
To do this, reboot recovery... then plug in usb from your computer... during the phone boot into recovery you should hear the alert from your computer that something from usb was plugged in. Finally, use the mount option in recovery to mount sd card to be able to transfer the .img file over to the correct directory then unmount sd card and do the adb commands in terminal window...
I had the same mismatch errors using my windows 7 machine and creating the md5 with android booted
Hope this helps
Ok so I started the method previously posted before it was linked back to nbecthers method because it supposedly works but I flashed the clockwork it wouldn't flash my custom rom (CM Mod 6.1.1) and returned me to the stock then I tried the correct method and it won't let me adb push flash_img/data/local or mtg0.img to data/local either so I can't cd, chmod the commands to then boot into the stock recovery and flash esprimg.zip followed by clockwork(update.zip cause its already applied but NAND protection stops it from working I guess) because I no longer have a stock recovery to exploit or whatever I have clockwork I have since used androot and root explorer for root used to copy flash_image and mtg0.img to data/local and exploid is in the sqlite_stmt_journals as it should be... So can I run the commands to run flash image and mtg0.img and exploid again from and android shell off my phone with su permissions from androot temp root and then flash a custom image or am a screwed? Or should I run the exploid command toggle wifi and then the flash/mtg commands from android shell or what cause I'm away from a pc and I need to do this to my phone plus it goes to the triangle screen and nothing works I gotta pull the battery...
Honestly, start from ground zero of the updated for 12/30 root method and you will be just fine. Just messing around earlier today I unrooted and rerooted my phone a few times. Stick with eugene373's method from step one on and things should work fine.
Sent from my T-Mobile myTouch 3G Slide using XDA App
I recommend using the one involving the exploid file, it's very simple.
NVM!!! I Stumbled Upon My Own NO PC QUICK ROOT Method!
aaldiar said:
Honestly, start from ground zero of the updated for 12/30 root method and you will be just fine. Just messing around earlier today I unrooted and rerooted my phone a few times. Stick with eugene373's method from step one on and things should work fine.
Sent from my T-Mobile myTouch 3G Slide using XDA App
Click to expand...
Click to collapse
Ok so in my never ending struggle against the Evil Eclair/T-Mo/HTC NAND Protection and the Futility of Trying to flash a ROM With the "Supposed AndRoot QuIck Root Method" As well as a fine point from Nbetcher that the Engineering build must be flashed because Android has NAND protection while running. I have devised my own "No PC ROOT Method!!!"
Required Files (Tested For MT3G SLIDE Latest OTA Unrooted Stock)
1.Download Androot From Location of Choosing (I'm Using Version 1.6.2)
2.Download ESPRIMG.zip (ENG build)
3.Download SlideEng-Package.zip
4.Download Custom Rom Of Your Choosing(Mine Is CM 6.1.1 Stable)
5.Download Android Terminal Emulator(From Market)
6.Download Root Explorer Android (Requires Root) (From Market Or Some Place Online)
7.Download File Explorer (Dev:Adao Team)(From Android Market)
8.Download Latest Clockwork Recovery(I Used 2.5.0.1)
Please Not I Am NOT The DEV Behind these Apps nor am I Resposible For Any Damages You May Incur To Your Device or Warranty by using this Method! Also Before anyone says I repped someone off remeber I accidentally discovered this using 2 failed methods because they essentially cancel each other out.(The Latter Nbetchers works just not after the AndRoot One)!!!
So...
1st Download/Install all needed files from market( File Manager Android Terminal Emulator)
2nd Download all zip images, Recoveries, Roms, apps from phone browser Directly To SD ROOT(Google em until I get links up on Dev Forum)
3rd. Unzip SlideEng-Package.zip To Root using File Manager or Other Zip Program for android(Andro-Zip Works Well)
4th Change Name of Clockwork to Update.zip(Case Sensative)
5th Install AndRoot And Run Root Me With Install Su & Temp Root/Unroot After Reboot Selected(Or Else You Will Boot Loop)
6th Install And Run Root Explorer then Copy and paste flash_img and mtd0.img to /data/local on android device by multi-select copy then RM R/W in program in upper left on data local folder.
7th IMPORTANT!!! Long Press and hold each copied file and set permissions to allow read and write on both user and the lowest option (I Think Dev or system)
8th Run Android Terminal Emulator and type the following commands verbatim spaces included Pressing enter after each line($ n # will be there provided you follwed all steps if not go back to androot and root again):
$ su
# cd /data/local
# chmod 04755 flash_image
# ./flash_image misc mtd0.img
Now power off and reboot using VOL-DOWN + POWER
It'll reboot into the HBoot Screen and ask if you want to Check ESPRIMG.zip after Verifying it will ask you to flash Select Yes (VOL-UP) And Wait DO NOT POWER DOWN OR TAKE OUT BATTERY!!!
Once its Completed it will ask you to Reboot select no Instead and Go To Recovery
Now Select APPLY Update.zip to flash CLOCKWORK RECOVERY YAY!!! :-D Now We Can Flash a Custom Rom With Root and Even Go As Far As S-OFF!!! But Please Be Sure Its Already On Your Micro SD...
Select Wipe Data Factory Reset by Scrolling with VOL- UP/DOWN or Track Pad and Use Power/Trackpad TO Select.
Now Use Install Zip from SD Card to Install Custom Rom(Flash GApps Second if downloaded and desired if using CM Mod 6.1.1) Now Reboot And Enjoy!!! If you Wanna Flash Anything Else Use Rom Manager From Market and Som Custom Roms to Boot into Clockwork!!! Thanks to all the Devs and their tools and immense knowledge for Making this Possible! Thanks To All The ROM Chefs Too!!!
A Work in progress.
DISCLAIMER!
This Document ONLY applies to Acer Iconia A100 devices. For info on upgrading from HC to ICS you can look HERE to see the method I used to upgrade from stock HC 3.2 GEN2 to ICS (Note: This was before the general ICS release. It works on OTA update also) Then follow these directions to get to CWM with Custom ROM.
I'm writing this because we STILL don't seem to have a single clear set of instructions. So here is my attempt at getting one started. Please feel free to point out errors, or help us build a set of directions. I'm not trying replace anyones documentation or take credit for anything. All the info in these directions can already be found here in various posts.
Thanks to Vache, Civato, ZeroNull, Euclid's Brother, Ptesmoke, abliss, aznmode, eew245, crossix, Icewyng, toyface, PG101, Smokku and Everyone else for all the Work an Insight.
ROOT
To root ICS Leaks you need to use mempodroid(info & file here). Eew245 wrote up instructions (on applying mempodroid on A100 to obtain a root shell). ZeroNull also has made a basic script found here that will root the device for you if you prefer.
I use the method outlined by Eew245. You can use your own "su" and "busybox" binaries if you saved them. This method provides full permanent root.
I suggest you install superuser.apk and busybox installer after rooting. Superuser.apk will provide access control for superuser and busybox installer will allow you to update busybox. I also recomend installing terminal emulator(don't forget to configure it to use /system/xbin/sh after you install busybox).
UNLOCK
ZeroNull has made an easy to use package with instructions here If you don't have the Android SDK installed ZeroNulls method works fine. However if you want to use your own platform-tools you will need to modify the scripts first.(Just change the path for adb. Otherwise it will try to look for adb in the scripts working directory instead of platform-tools).
Pic of Bootloader warning about unlocking from Acer
PIC HERE
Lock Unlock Icons from same bootloader screen.
PIC HERE
Note: If you miss the window of oportunity running the script or unlock commands the first time. You DON'T need to rerun the whole script. The a200 bootloader is already installed. You just need to fastboot reboot bootloader again from your console, THEN you can use the vol keys and home to unlock the bootloader. BUT do what ever you feel safest doing and just pay attention and be careful. (Here I'm referring to the waiting too long after the script boots recovery into unlock mode. If you wait too long it times out and you can't choose unlock until you fastboot reboot bootloader again.)
RECOVERY
(make sure you have installed the a200/unlocked bootloader first. You will see a message at the top of the screen that says (UNLOCK MODE) when bootloader is showing it's message at boot.)
Here is the message I'm referring to PIC HERE
NOTE: When installing a Custom Recovery at some point you have to rename /etc/install-recovery.sh or remove it. I would recomend you rename it to install-recovery.sh.bak. You should do this before doing "adb reboot bootloader" otherwise when you try to reboot into recovery from ROM manager you will get a dead android because cwm will be overwriten with the old recovery(and you don't want that). If you DO get a dead android carefully read the directions again. Q. Why didn't I put this in a step? A. Because I dont want people to brick a device so I want to make sure they are paying attention before I tell them to rename a file that will keep the system from fixing recovery if they mess up.
Using Acer Recovery Installer 2.99 Beta(NOT MARKET VERSION)
=======================================
Download .apk enable non-market installers. Run installer, enjoy.
The Acer Recovery Installer 2.99 Beta is found HERE
Using ADB/Fastboot to flash CWM
============================
Use the steps found HERE(obviously don't re-root, unlock, just follow the other parts.
Or you can also use A100 TWRP recovery v2.1.0+ I have not tried it yet. It looks nice, has touch screen functionality, I think it uses a different backup format or something though. I'm not sure and have not had time to read up on it yet.
NOTE: Read my note above about /etc/install-recovery.sh
FLASH FROM CWM
==============
If you used ADB/Fastboot method you will need a way to reboot into CWM. ROM manager or bootloader reboot thingie will work for this.
If you installed Acer Recovery Image you can use it the app to boot into CWM.
CWM 5.5.0.4 uses the Volume Up/Down Toggle to navigate the menu and a short click of the power button to select things. Be careful about what you choose to do in CWM.
MAKE A BACKUP!!
===============
If you have just installed a custom recovery NOW would be a GOOD time to make a backup with CWM.
To Install a Custom ROM
===============
(BE CAREFUL. MAKE SURE The ROM you choose to install DOESN'T have a bootloader.blob and/or /recovery folder inside. Otherwise it could overwrite your CWM)
Just put the .zip file on an SD card and put it into the device. Use ROM Manager or Acer Recovery Installer
More to come, and I will add some pics showing what various screen look like when I'm able.
"I suggest you install superuser.apk and busybox installer after rooting. Superuser.apk will provide access control for superuser and busybox installer will allow you to update busybox. I also recomend installing terminal emulator(don't forget to configure it to use /system/xbin/sh after you install busybox)."
So ZeroNull says to not update busybox ...you say to update it...is there really a problem if you update it??
cheeb said:
"I suggest you install superuser.apk and busybox installer after rooting. Superuser.apk will provide access control for superuser and busybox installer will allow you to update busybox. I also recomend installing terminal emulator(don't forget to configure it to use /system/xbin/sh after you install busybox)."
So ZeroNull says to not update busybox ...you say to update it...is there really a problem if you update it??
Click to expand...
Click to collapse
i +1 the question what will break if i update busy box?
cheeb said:
"I suggest you install superuser.apk and busybox installer after rooting. Superuser.apk will provide access control for superuser and busybox installer will allow you to update busybox. I also recomend installing terminal emulator(don't forget to configure it to use /system/xbin/sh after you install busybox)."
So ZeroNull says to not update busybox ...you say to update it...is there really a problem if you update it??
Click to expand...
Click to collapse
I don't know if this helps or makes things worst, but I have updated busybox after using Zeronull's root script on pretty much every ICS leak, CM9, and Flexreaper without any issues at all. I always read that warning, but ignored it because I need a more complete busybox version for certain tasks I run on my tablet.
NoSudo said:
A Work in progress.
Using ADB/Fastboot to flash CWM
============================
Use the steps found HERE(obviously don't re-root, unlock, just follow the other parts.
Click to expand...
Click to collapse
Just a little tip. Actually same thread post#28 uses very simple method thanks to mapaz04 to flash the recovery.
Great job though!
I did almost the same in my native language.
cheeb said:
"I suggest you install superuser.apk and busybox installer after rooting. Superuser.apk will provide access control for superuser and busybox installer will allow you to update busybox. I also recomend installing terminal emulator(don't forget to configure it to use /system/xbin/sh after you install busybox)."
So ZeroNull says to not update busybox ...you say to update it...is there really a problem if you update it??
Click to expand...
Click to collapse
I have not used ZeroNulls root method. So I am not sure why he says that. I think his script MAY just use the su and busybox in place in /data/local/ or something(not sure havnt D/L the package to figure it out). You CAN setup su and busybox in the correct locations WITHOUT an issue in ICS.
I use the "hard" method which is very simple. I KNOW you can remove the /data/local/tools copy afterwords doing it by hand.
An Explanation:
The reason you have to push su, mempodroid, busybox, and a mount script to /data/local/ is because you can get write access to it WITHOUT su. Then you run mempodroid which does a little magic and tricks system into thinking a shell was started by root. This drops you into the # prompt(temp). Then you mount /system(still using the files from /data/local). Then you copy the files to the correct path inside /system. Once you chmod su and run it you get root becase su is a special kind of executable. It's what is called an SUID application. As long as the permissions are correct to allow you read/exec access to both su and busybox. You no longer need /data/local/tools. At this point you CAN update busybox and su if you like.
P.S. You can also use your OLD su and busybox for the whole thing. I saved my old su and busybox and always just reuse them then update.
If you want to understand more I would suggest reading up on what SUID is all about and also learn about Unix file permissions.
I can confirm that: rooting,bootloader unlock and change on the recovery can be made with OTA update.
Nice work!
gertjanad said:
Nice work!
Click to expand...
Click to collapse
Thanks, and a bump to keep the info around the first page.
Added to bump it back up so people can find it.
Is there a kernel that allows overclocking yet
Sent from my A100 using XDA
I have not played with OCing, I honestly don't see a need.
I know cwm 5.5.0.x has an Overclock menu so I'm guessing yes you can. But I am not familiar enough with the device/cpu to know how the multipliers etc are to be configured, nor do I experience lag or performance issues that would cause me to desire lowering battery efficiency and increase heat for faster performance.
Though I am familiar with the process on PCs both jumpered and jumperless.
Up!
[HOW-TO] [GSM & CDMA] How to root without unlocking bootloader (for ITL41D to JRO03O)
As of Oct 10, 2012: Google has patched this vulnerability starting with JRO03U. That is to say, this works on versions of ICS and JB from ITL41D to JRO03O inclusive. It will not work for JRO03U or newer. (My previous guide found here only worked on Android versions 4.0.1 and 4.0.2, i.e., ITL41D/F and ICL53F.
Once you have root, you can use segv11's BootUnlocker app to unlock your bootloader without wiping anything. Easy as pie!
Disclaimer: I take no credit for this exploit or the implementation of it. All credit goes to Bin4ry and his team. I just isolated the parts required for the GNex, modified it slightly and eliminated the script.
So, it looks like Bin4ry (with the help of a couple of others) has managed to find a way to exploit a timing difference in the "adb restore" command. See source here. (Although this may be old news to some, I hadn't seen it before a few days ago.) This is more for informational purposes, as having a Nexus device, we are able to backup our data, unlock the bootloader and restore the backup, so this is guide is not really that useful for most, but you still have those users who are scared to unlock their bootloader. It is useful however, for those with a broken power button, as it allows them to unlock their bootloader without the power button.
How this works
The way this works is as follows: the "adb restore" command needs to be able to write to /data to restore a backup. Because of this, we can find a way to write something to /data while this is being done. Now, Android parses a file called /data/local.prop on boot. If the following line exists in local.prop, it will boot your device in emulator mode with root shell access: ro.kernel.qemu=1. So, if we can place a file called local.prop with the aforementioned line in /data, once your device boots, it will boot in emulator mode and the shell user has root access, so we now can mount the system partition as r/w.
So what does this all mean:
You can now root any version of ICS and JB released to-date without having to unlock your bootloader (and without losing your data).
Moreover, you should now be able to root your device even if your hardware buttons are not working.
Additionally, this allows those who have not received an OTA update and want to apply it without having an unlocked bootloader or root to do so by copying the OTA update to /cache from /sdcard.
Notes:
1) Please read the entire post before attempting this.
2) This does not wipe any of your data, but I take no responsibility if something happens and you lose your data. Maybe consider doing a backup as per this thread before attempting this.
3) This assumes that you have USB Debugging enable on your device (Settings > Developer Options > Enable USB Debugging) and the drivers for your device installed on your computer. For the drivers, I would recommend you remove all old drivers and install these. If you don't know how to install them, or are having issues, look here.
4) This obviously needs to be done over ADB, as you cannot run adb in a terminal emulator on-device. If you do not have ADB, I've attached it in the zip (Windows and Linux versions). Unzip all files.
Step-by-step:
1) Download the attached files to your computer and unzip them;
2) Open a command prompt in that same directory;
3) Copy the root files to your device:
adb push su /data/local/tmp/su
adb push Superuser.apk /data/local/tmp/Superuser.apk
4) Restore the fake "backup": adb restore fakebackup.ab Note: do not click restore on your device. Just enter the command into the command prompt on your PC and press the enter key.
5) Run the "exploit": adb shell "while ! ln -s /data/local.prop /data/data/com.android.settings/a/file99; do :; done" Note: when you enter this command, you should see your adb window flooded with errors -- this is what is supposed to happen.
6) Now that the "exploit" is running, click restore on your device.
7) Once it finishes, reboot your device: adb reboot Note: Do not try and use your device when it reboots. Running this exploit will reboot your device into emulator mode, so it will be laggy and the screen will flicker -- this is normal.
8) Once it is rebooted, open a shell: adb shell
Note: Once you do step 8, your should have a root shell, i.e., your prompt should be #, not $. If not, it did not work. Start again from step 4. (It may take a few tries for it to work. Thanks segv11.)
Now we can copy su and Superuser.apk to the correct spots to give us root.
9) Mount the system partition as r/w: mount -o remount,rw -t ext4 /dev/block/mmcblk0p1 /system
10) Copy su to /system: cat /data/local/tmp/su > /system/bin/su
11) Change permissions on su: chmod 06755 /system/bin/su
12) Symlink su to /xbin/su: ln -s /system/bin/su /system/xbin/su
13) Copy Superuser.apk to /system: cat /data/local/tmp/Superuser.apk > /system/app/Superuser.apk
14) Change permissions on Superuser.apk: chmod 0644 /system/app/Superuser.apk
15) Delete the file that the exploit created: rm /data/local.prop
16) Exit the ADB shell: exit (May have to type exit twice to get back to your command prompt.)
17) Type the following (not sure if this is needed for the GNex, but it shouldn't matter): adb shell "sync; sync; sync;"
18) Reboot: adb reboot
19) Done. You now should have root without having to unlock your bootloader. If you want to unlock now, you can without wiping anything. See segv11's app linked at the beginning of this post.
Note: If you still do not have root access after doing these steps, redo them and add this step between 10 and 11:
10b) Change the owner of su: chown 0.0 /system/bin/su (Thanks maxrfon.)
I've done all. It installs supersuser app but the phone is not really rooted and apps that requires it doesn't work
Lorenzo_9 said:
I've done all. It installs supersuser app but the phone is not really rooted and apps that requires it doesn't work
Click to expand...
Click to collapse
Did you try opening the Superuser app?
What happens when you open an app that requires root? Do you get the request for su access?
You can open the app but whith apps that requires root there are no requestes and they don't... Even using root checker you see that you're not rooted
Lorenzo_9 said:
You can open the app but whith apps that requires root there are no requestes and they don't... Even using root checker you see that you're not rooted
Click to expand...
Click to collapse
Re-run the entire procedure again (including pushing the su and Superuser.apk files). When I had done it, I used the latest version of su and Superuser.apk, but when I uploaded the files in the attachment in post #1, I used the files that Bin4ry had in his package, which I assume are older. Regardless, re-download the attachment in the first post and try it again.
efrant said:
Re-run the entire procedure again (including pushing the su and Superuser.apk files). When I had done it, I used the latest version of su and Superuser.apk, but when I uploaded the files in the attachment in post #1, I used the files that Bin4ry had in his package, which I assume are older. Regardless, re-download the attachment in the first post and try it again.
Click to expand...
Click to collapse
Ok I'll do it and then I'll report you what happens. So now have you updated su and superuser.apk?
Lorenzo_9 said:
Ok I'll do it and then I'll report you what happens. So now have you updated su and superuser.apk?
Click to expand...
Click to collapse
Yes, I put the latest versions in the zip in the first post.
I can confirm that this works, and also that step 10b was not needed for me. This is the first time I have not used a toolkit so if I can do it, anyone can.
Running a Verizon Galaxy Nexus, this allowed me to update to the leaked Jelly Bean OTA with a locked bootloader. I first flashed stock 4.0.4 and locked the bootloader. I then used the exploit to gain root access, allowing me to apply IMM76Q and JRO03O OTA updates via stock recovery. (Rebooting between updates.) Thank you for creating a guide that this newb could easily understand and follow.
serty4011 said:
I can confirm that this works, and also that step 10b was not needed for me. This is the first time I have not used a toolkit so if I can do it, anyone can.
Running a Verizon Galaxy Nexus, this allowed me to update to the leaked Jelly Bean OTA with a locked bootloader. I first flashed stock 4.0.4 and locked the bootloader. I then used the exploit to gain root access, allowing me to apply IMM76Q and JRO03O OTA updates via stock recovery. (Rebooting between updates.) Thank you for creating a guide that this newb could easily understand and follow.
Click to expand...
Click to collapse
Thanks for confirming that step was not needed.
Thanks!
Bookmarked for future reference :good:
does it work on nexus 7 ?
dacc said:
does it work on nexus 7 ?
Click to expand...
Click to collapse
Yes, it should.
thans for quick response
Works fine for my GNex, big thanks! How about putting it into a script for non-advanced users here?
wictor1992 said:
Works fine for my GNex, big thanks! How about putting it into a script for non-advanced users here?
Click to expand...
Click to collapse
Glad you got it working!
As for putting it into a script, I could but I'd rather not. As with most of the guides that I have written up, I purposely do not put things into a script so that people would actually go through all the steps and, by doing so, maybe get an understanding of what they are actually doing, and hopefully learn something in the process. If I would have packaged it up into a script, a lot of the less experienced users would not even try to go through the steps -- they would just use the script, and no one learns anything yet again. See here for some discussion on one-click scripts. Granted, blindly following a step-by-step is not much better, but I have tried to put comments and explanations throughout to facilitate learning. It's about the journey...
P.S.: I would appreciate it if no one else posts a script in this thread.
efrant said:
P.S.: I would appreciate it if no one else posts a script in this thread.
Click to expand...
Click to collapse
can i make a script that just puts in big text "STOP USING TOOLKITS AND 1 CLICKS"
Zepius said:
can i make a script that just puts in big text "STOP USING TOOLKITS AND 1 CLICKS"
Click to expand...
Click to collapse
LOL! Yes, sure, that's one script I don't mind being posted. LOL!
Heh, fair enough. I think I'm learning a bit about adb
One question: I can't replace system APKs by installing them, it tells me that there is a signature conflict. How can I fix that? I thought it shouldn't happen after rooting. (I'm trying to install the "international" velvet.apk).
wictor1992 said:
Heh, fair enough. I think I'm learning a bit about adb
One question: I can't replace system APKs by installing them, it tells me that there is a signature conflict. How can I fix that? I thought it shouldn't happen after rooting. (I'm trying to install the "international" velvet.apk).
Click to expand...
Click to collapse
Let's try to keep this thread on-topic please.
But to answer your question, don't install the apk. Using a file explorer that has root access, copy it to /system/app (after making sure that system is r/w) and make sure the permissions are set to match the other apks in that directory.
when running adb after running the command where i tell it to restore fake restore and then while the "exploit" is running ikeep getting , in cmd, link failed, no such file or directory, and it just keep doing that. is this normal or did i do something wrong.
efrant said:
Let's try to keep this thread on-topic please.
But to answer your question, don't install the apk. Using a file explorer that has root access, copy it to /system/app (after making sure that system is r/w) and make sure the permissions are set to match the other apks in that directory.
Click to expand...
Click to collapse
So I usually use the toolkit to root, in fact I have been for many versions now.
However with the installation of 4.2.1 I haven't been able to root at all. I use the toolkit in the same way but it simply doesn't root the phone.
So today I tried the manual way. I downloaded and installed SDK tools from google navigated to the adb folder and went through the commands. Everything seemed to go okay apart from when I typed adb shell chmod 06755 /system/bin/su. The command window did nothing.
I carried on and typed adb shell chmod 06755 /system/app/Superuser.apk, when it said "bad command" or something similar.
Rebooted the phone, no root... still.
However the Superuser app is there. So:
1) How do I delete the superuser app, bearing in mind it has system permissions. I'd like to simply start again.
2) I don't have CW recovery installed and would prefer not to bother with it if I can.
3) Just to confirm, when I root the phone, does that allow me to delete files in the /system/app folder?
4) Following this guide on rooting manually. Is that all alright?
5) In a couple of sentences, can someone explain rooting to me? From what I understood, rooting simply opens up the phone to allow access to everywhere, where you can copy and delete files, or apks.
6) If 5 is true, when following the rooting guide (4), which command am I actually telling the system to run as root? Is it simply the "root" command?
7) If 6 is true, how come when I re-boot, the phone won't let me delete things from the system/app folder?
Thanks for any help.
1) stop using a toolkit, and no you didnt root the manual way.
2) download this: http://forum.xda-developers.com/showthread.php?t=1538053 - its supersu, superuser is unreliable on 4.2+
3) fastboot flash a recovery
4) flash the supersu.zip
5) done.
Sorry, I should have explained the Su app is SuperSU.
Just gave it another go using a manual toolkit but still no root access. I also now have an su.apk, superuser.apk (SuperSU) and a su file. Need to delete them all.
What do you mean by "fastboot flash a recovery"? You mean flash a new recovery centre like CW?
Don't these superuser apps just manage app permissions? They don't actually enable the root access do they?
Thanks
anotherxdauser said:
Sorry, I should have explained the Su app is SuperSU.
Just gave it another go using a manual toolkit but still no root access. I also now have an su.apk, superuser.apk (SuperSU) and a su file. Need to delete them all.
What do you mean by "fastboot flash a recovery"? You mean flash a new recovery centre like CW?
Thanks
Click to expand...
Click to collapse
follow this: http://forum.xda-developers.com/showthread.php?t=1529058
Quick Q...
If I flash a 4.2.1 system.img to the phone, it will replace what exactly?
I'm thinking this might be a way to get rid of the root apps which are protected and allow me to update to 4.2.2, THEN look at manually rooting.
anotherxdauser said:
Quick Q...
If I flash a 4.2.1 system.img to the phone, it will replace what exactly?
I'm thinking this might be a way to get rid of the root apps which are protected and allow me to update to 4.2.2, THEN look at manually rooting.
Click to expand...
Click to collapse
it replaces anything in /system... basically the OS.