This is an open discussion about the Straight Talk Galaxy S6. Here I want to discuss about possible root access along with a possibility to downgrade. Looking for any volunteers to help me with this phone.
I own a red magic 3, a G6, and an old S6 with straight talk firmware. I usually use my G6 and S6 to play around with for development purposes.
So awhile back, I managed to root my galaxy S6 straight talk with a third-party rootkit. Not long after that I wanted to upgrade this thing to marshmallow. I managed to succeed in doing it, only to be left with a useless phone.
Upon my research, you can flash an SM-S907VL firmware which appears to be a TracFone firmware for the S6. However, the 907VL appears to not support straight talk users. I attempted to downgrade back to the S906L but the strict SBoot prevents me from going back.
A half year later, I'm still messing with this phone. I want to see about finding a way to gain root access or look for any loop holes (possible exploits) that we could do with this phone. I managed to find a way to root the SM-S907VL. Here's how:
I first did some deep digging on the internet and found combination firmwares for this particular model. Combination ROMs are (what I believe are test ROMs for phones). I managed to flash a combination firmware to it. After that I rooted it with kingroot, uninstalled kingroot SU and switched to SuperSU. Then I installed Flashfire and I tried to flash the SM-S906L but no luck.
However, upon even FURTHER searching, I managed to flash the SM-S906L by ONLY flashing the system.img by extracting it from the md5 and adding it to a tar archive.
Well here is where things get complicated, since I only flashed the system, the kernel is running on a later kernel security patch. Which means rooting it with Kingroot fails. Also, the CVC and modem is still running on the SM-S907VL so even if you put a straight talk sim card into it, it won't work. Bummer
I'm wanting to see how far we can go into this phone and hopefully find a way to somehow get it unlocked somehow.
I'm all ears for y'all!
EDIT: Crap, posted in the wrong category. I should have posted in the general forum.
Related
I am creating this thread because I have not found another ZACT rooting/flashing thread yet and I am hopping that a dev will pop in and start working on this, or help walk me through what I can do to get the ball rolling. Check out my first thread, The future of phones is coming
I received 2 phones a few weeks ago now. I wasn't thinking and just jumped the gun and updated to 4.3 on one of them (the other is my fiances and have instructed her NOT to do the update). I am unable to cf-auto-root with the sprint s3 method, so no root. I read if I get the recovery.img from the phone I can post in on Chainfire's cf-auto-root page and he can make a cf-auto-root for the zact s3. I can not get a recovery.img to send in because it is my understanding that to adb pull the recovery I need root. cant get root because I dont have a recovery.img?
I spoke with zact team members a few times. I told them I was having issues with 4.3 and wanted to go back to 4.2.2. A few people were helpful at first. Unfortunately, they are so small, I seem to keep running into the same people, and then they stop trying to help. What I have learned is, they "have confirmed with there Team, that if you process the software downgrade, the Zact software will not work on your phone. This is based upon how our software interfaces with the firmware." SO, that being said we would need to find out what software they have installed and have it integrated into any roms made. Does that sound right?
They also WILL NOT share the MSL. Which is another reason I want root. I still plan on cloning the phone as a backup if I have issues with flashing. but without the msl, i cant change the qualcomm settings to connect to dfs/cdma to back clone it.
I am not a developer, I could use some direction. I feel ZACT will start growing once people realize how much you can save compared to a sprint plan. I have noticed that I get better service then a lot of the people I work with. I am on prl version 24017, which I have not seen before either.
devildogwillbur said:
I am creating this thread because I have not found another ZACT rooting/flashing thread yet and I am hopping that a dev will pop in and start working on this, or help walk me through what I can do to get the ball rolling. Check out my first thread, The future of phones is coming
I received 2 phones a few weeks ago now. I wasn't thinking and just jumped the gun and updated to 4.3 on one of them (the other is my fiances and have instructed her NOT to do the update). I am unable to cf-auto-root with the sprint s3 method, so no root. I read if I get the recovery.img from the phone I can post in on Chainfire's cf-auto-root page and he can make a cf-auto-root for the zact s3. I can not get a recovery.img to send in because it is my understanding that to adb pull the recovery I need root. cant get root because I dont have a recovery.img?
I spoke with zact team members a few times. I told them I was having issues with 4.3 and wanted to go back to 4.2.2. A few people were helpful at first. Unfortunately, they are so small, I seem to keep running into the same people, and then they stop trying to help. What I have learned is, they "have confirmed with there Team, that if you process the software downgrade, the Zact software will not work on your phone. This is based upon how our software interfaces with the firmware." SO, that being said we would need to find out what software they have installed and have it integrated into any roms made. Does that sound right?
They also WILL NOT share the MSL. Which is another reason I want root. I still plan on cloning the phone as a backup if I have issues with flashing. but without the msl, i cant change the qualcomm settings to connect to dfs/cdma to back clone it.
I am not a developer, I could use some direction. I feel ZACT will start growing once people realize how much you can save compared to a sprint plan. I have noticed that I get better service then a lot of the people I work with. I am on prl version 24017, which I have not seen before either.
Click to expand...
Click to collapse
WARNING!! If you process that downgrade, you will trip KNOX security, then your phone will be bricked. Also, ESN cloning is illegal to talk about on XDA.
sent from my GS3
I will trip knox security? What exactly does Knox do, and what do you mean by that? I though Knox just makes it read 0x1 on the odin screen if you flash now? If thats what you mean, I already did that by flashing cf-auto-root. Its my understanding that the boot loader is the issue when downgrading. but on this site, they say that only at&t users should not try it, and technically this is a sprint phone I believe. Just with added software.
If I am wrong please let me know.
Also, I think you mean that it is not acceptable, not illegal. Illegal would imply I could get arrested for commenting about phone cloning on this site. And although cloning your personal phone for your own uses is not illegal, I will not mention it again on these forums. Thanks for the warnings.
sent from my GS3
Also, I guess I am not necessarily trying to downgrade, just trying to find out what needs to be done so that I can flash or ANYTHING to get away for 4.3 issues. Since the upgrade, my fiance sent me an mms and it has popped up in my messages 5 times, so it looks like she keeps sending it, but I am unable to open it because it wont download.
The more important issue is root. I want to be able to use my root apps to backup, re install my old backups from my last s3, and attempt to get my msl to try and fix the mms issue.
sent from my GS3
Today has been a productive day so far... using Skunk Ape1's root method "[Tutorial] Rooting the Sprint GalaxyS3 the Easy Way" I was able to get twrp recovery installed. (I wasn't able to do this before because prior the only method i knew was to go to goo.manager and that didn't recognize my device) SO, with twrp installed, i flashed the zip file from Skunk Ape1's root method. Following the instructions to the T everything seemed to work fine. After reboot, I had a knox message popped up, saying "SECURITY NOTICE: Unauthorized access to a secured area has..." I relive that root has been installed but knox is keeping locked up still. I am going to look for this mysterious "Knox remover script" that you will see in the first post on that page, then I will attempt root again.
I have officially given up on root currently. I have tried every root method I can find, my flash counter is somewhere around 13. I was able to use the knox removal script from here If anyone has suggestions for root, I am open to ideas. Thanks.
Finally did it
So, today i was just realizing the lack of space i had on my phone from downloading stuff and photos so i wanted to clean it up. I moved all the important stuff off, and though it would be a good time to factory reset and just have a clean new phone to start over again. ( I missed flashing and this was the closest thing I had) So, during the process of factory resting i wanted to clean everything so i click data, cach, internal external.. system.. yeah well bad idea. my phone rebooted and go stuck on the boot. So i restarted in recovery and reset again and this time is warned me that there was no OS installed... F*ck... Zact customer service wont give me the "custom software" that they installed so im screwed.
After hours of thinking and trying to do stupid odd ball things that i knew wouldnt work. I downloaded a sprint stock 4.3 tar file and odined to my phone. started up fine. works great. so... what zact said about flashing roms bricking this phone was BS.. the only custom thing i have seen was in the zact mobile app that came installed had some extra features used to send usage info and reboot stuff for zact troubleshooting. so with stock sprint rom, and zact mobile app im back to my phone working. AND with that, im going to move on to the rooting, and flashing of this piece of crap. Ill be back with more details later.
I have installed CyanogenMod with full root!!!
well first off, i had the CMinstaller set up but it did not recognize my device so after a while i decided to attempt to cf_auto_root, which seemed to work but failed root checker. I wanted to try another method. I had CMinstaller still up* I was attempting THIS method to root. I was using philz_touch_6.15.4-d2spr.tar.md5 that I flashed using Odin 3.07 (that I have had for a long time on my pc. so google that one)https://www.google.com/search?q=odin+3.07&oq=odin+3.07&aqs=chrome..69i57.3464j0j1&sourceid=chrome&ie=UTF-8 After i installed Philz touch, i noticed CMinstaller noticed my phone and started downloading system files. I continued what i was doing with the root method and installed DE-SAMSUNGNIZER_KNOX_REMOVAL_SCRIPT_V1.0 and UPDATE-SuperSU-v1.93 just as CMinstaller finished its download, so i said what the hey, and clicked install. next thing i knew i was running cyanogenmod with full root!!! please someone else verify this and let me know if you get it going too.
Deleted
Stock 4.3 with root
so yeah, just for to check i flashed back to stock 4.3 (not sure who uploaded it but it works) It does have knox so be warned. I then followed the root method in my previous post and it worked fine. i have stock with root. If someone can try it without using that tar file, let me know. Cant really go back once you do it so i cant try the root method with the zact "custom software" myself. Let me know what you find out. Hope this helps someone.
Thanks
Thanks for posting your struggles and successes. With Zact shutting down I was curious about what I could do with my kids' S3s if I don't like the Sprint plan that they are rolling us into. I may be trying this in a couple weeks...
Zact to Ting
Barnsie said:
Thanks for posting your struggles and successes. With Zact shutting down I was curious about what I could do with my kids' S3s if I don't like the Sprint plan that they are rolling us into. I may be trying this in a couple weeks...
Click to expand...
Click to collapse
What I would do and have done for my fiance and myself, get on Zact.com live chat ask them to Deactivate your phones. and give them the DEC on the back of the phones. It takes about one min for it to complete per phone. Then go on over to Ting.com and start up a new account with them using your old zact phone. Ting also lists the MSL that i struggled so much trying to get. I would recommend flashing a stock rooted rom debloated, to get all that ZACT crap off your phones. and start out fresh.
Hi All
Let me start with few good things here You guys are amazing helping and providing tweaks for us:good:
I am Nexus user. I have Installed Custom Recovery, Flashed ROMs and rooted my Nexus 4 and Nexus 5. This is my First Samsung Tablet. I have waited enough for Nexus 10 (2). I finally bought SM-P600.
I was trying to find an Guide with links for Unlocking bootloader and Updating firmware and then flash Custom recovery for this but coudnt figure it out
I have been reading lots of things about Knox and counters related to it.
Can anyone Please help me find answers straight.
1) Any Rooting and Custom Recovery tools or ADB commands without Hitting the KNOX counter {Just In case IF I wanted to return it} If not then which one you recommend ?
By the Way I found few posts related to Rooting Which has confused me more. I used to use Chainfire SUROOT:
Rooting using CF-AUTO Root
Universal Root de la Vega
2) If I Root and want to use Stock ROM of SM-P600 will all apps work normally or any known issues with it ?
3) Is Odin any tool which everyone is taking about ? I am not sure about it Can you provide any links to its dev for more info. Found it about in a Post to return to STOCK ?
4) Are these ROMS and apps Odexed or Deodexed ROM?
5) Any Dependencies for Firmware and with any of the above questions. I mean In Universal Root I saw they were talking about certain version of firmware. Also Should I update the latest firmware and do a Nandriod backup ?
6) Also read that once KNOX counter goes up, I wont get any OTA ? My Plan is I will use it till next Nexus and will give it to parents with stock ROM. If I am using I can always use an Custom Rom and get updates. But for parents I want to return it to stock so that they can easily update when OTA is available.
I would like to make one more suggestion to MOD's Please Pin the Guides like the Rooting and stuff like Return to Stock which are quite common and useful so that its easy for newbies( aka for Samsung) like me.
Thanks
Zaib.
1. This is not really a single question with a single answer I think vaguely what you are asking is if you can root without tripping knox?
Nope. Not at this time.
2. If you use CF-Auto-Root you'll likely find that the vast majority of applications keep working without issue. Of those that don't, a handful you can manage back to a working state with various tweaks, but there are a few that are probably gone for good. You can basically kiss all the Samsung hub apps goodbye, these will start claiming they are not supported in your country even if they were working perfectly prior to rooting, some may continue working for a short time after but eventually something leaks and your access is cut. Screen mirroring will no longer work though this can be fixed with a small zip file flash. OTA updates are also gone.
Forget all the talk about 'triangle away' fixing any of this, it hasn't for me.
3. Odin is a tool that is able to flash firmware files or parts thereof to your device. Heimdall is an alternative suite of applications, while there is a GUI for it, it seems fairly hit and miss on Linux these days, I've never had much luck with it, on the other hand the command line tools work perfectly fine.
Once you trip Knox, there's no turning back! You won't lose your warranty in any meaningful way, but you may end up having to argue about it and drag in government regulators to get your tablet repaired free of charge depending on the dealer response.
4. I don't think this is particularly relevant to the SM-P600. My subjective opinion would be to stick with the bog standard Samsung ROM. If you want cool themes there are a multitude of launchers, Xposed takes care most other things you might ever care to tweak.
5. You have one choice. CF-Auto-Root. Backups are healthy.
6. True, but you'll still be able to flash via Odin so it doesn't really mean much of anything. Once you trip Knox, you can also kiss OTA updates goodbye as well.
What to do
My tab crash while flashing twrp
A.ratyan said:
What to do
My tab crash while flashing twrp
Click to expand...
Click to collapse
How are you flashing TWRP, through recovery or Odin?
I have a 16gb S3 which has been flashed to 4.3 (several times). My sons S3 is a 32GB but he broke the screen and bought a different phone. I thought I would like to swap out my motherboard and put his in my phone (both for the memory, and because I've set my Warranty Bit and I'm not entirely happy with 4.3's performance and his still has 4.1.2 so I can get a free reset on that). Both phones are T999's on the same account. His was bought off ebay but he was able to activate it so my assumption is that the IMEI is clean. Before I do this my questions are:
Will my IMEI change (is the IMEI locked to the motherboard)? If it changes, that's fine, as long as I can just pop my SIM in and be up and running.
Can I just do that swap, put my SIM in and go, or is there anything else I need to do with the phone after the swap? I work in a micro repair shop so I'm fine with doing all the hardware related work, just want to verify if I need to do anything extra after the swap.
The imei, and pretty much everything will be on the motherboard. Just swap it out and insert your SIM. Should be all you need to do.
Sent from my SGH-T999 using Tapatalk
OK, got the swap done, and a hard factory reset on 4.1.2 without issue.
So now I was planning on leaving it at that, but after reading through the [ROOT] TowelRoot - 4.3 & 4.4.2 thread today I'm thinking I'd like to try that. My goal is:
1. Update to latest 4.3 via OTA
2. Use the Towelroot tool to root and de-knox it
3. NOT set the warranty bit in the process (hopefully)
4. Create a debrick.img for T999 with clean NC2 (if it's still needed)
1,2, and 4 I'm good. Just curios if I OTA update 4.1.2 and follow all the steps for using towelroot, is there anything more I should be cautious or aware of about the warranty bit. My hope is that I don't do something stupid that will set it on this motherboard. I'd love to have 4.3 rooted but not set the bit.
I'm not concerned so much about the "modified" system or other counter(s)... triangle away was still working to clear those on my root66 NC2 load.
I think flashing the firmware via Odin is a better option. Too many people often seem to have trouble with OTA's. Thst and I personally just feel clean flashing the build you want is better than patching them up from a previous version.
In the end its what you are more comfortable with though. Just offering an alternative.
I'm comfortable doing an Odin flash but I thought that would set the warranty bit. I would've used root66, so am I off by thinking that? At any rate, I OTA'ed last night, ran towelroot and that worked, but I had some issues with the Supersu portion. It updated binaries, and then when it ask about disabling knox, I got a message saying Supersu install failed (or something similar). When I root checked it, it said it was rooted, and supersu was working, but all the knox related files were still on my phone. So I rebooted and ran supersu a second time and it just came up as it would if it were fully installed and working.
I never did figure out why, I even completely cleaned up/removed supersu from it's settings menu, re-installed it and tried again. At that point, it updated binaries without a hitch but didn't give me any prompt to do anything with knox. So does supersu somehow just disable knox, but leave all the files intact? I manually went in and deleted all the knox files myself at any rate and it didn't appear to screw anything up so far.
I also wondered if supersu issues had anything to do with the fact that when I installed it, I had not yet set Selinux to permissive.
Anyway, all that probably belongs in the threads for towelroot, so I got a little off topic .
Root66 apparently trips the warranty bit for some, but not all people. It did not trip mine. Since you've already done the OTA it doesn't really matter, but what I would've suggested next would've been to flash stock firmware via Odin, then Towelroot.
As for SuperSU, everyone has to reboot (or kill the process) before it'll properly disable Knox. And yes, that's all it does is disable it. Didn't have anything to do with seLinux.
OK, cool. So I guess it worked exactly as intended. Thanks for all the good info.
Interesting about the warranty bit.
Has anyone come across one of these devices in the title. It runs 5.0.2, and the full software version is AK81510A. Granted this is a tablet from a regional cell carrier (Bluegrass Cellular) but I haven't been able to find much in the way of useful information for this device. I've tried numerous methods of rooting including several one-clicks, apks, and even pulling the image and rooting the image myself in ubuntu, but couldn't get anything to work. This is my first android device that I've ever attempted to root so I suppose it's possible that I just jacked something up. Any help/advice is much appreciated!
Hi! For what it's worth, I haven't noticed anyone mention this variant/model before. Have you tried KingRoot? It's awful because it really embeds in your system deeper than people notice most of the time but if you're desperate enough. I've only used KingRoot on the VS985 G3 on 35B (5.1.1) long enough to downgrade some partitions manually in order to be able to flash any old KDZ using LG Flash Tool 2014. Besides all the privacy concerns about what KingRoot might phone home about you or your device, at least on that stock release it required re-rooting using KingRoot every time you reboot, and it needed internet to root.
Edit: At least that model appears on this website but doesn't seem to be any KDZs to restore to 100% stock in case you screw things up enough trying to root. http://devtester.ro/projects/lg-firmwares/country.php?country=United+States Type AK815 in the Search field.
Kingroot was one of the first things I tried, and it fails every time. Even attempted using Kingroot desktop program to root with no results, but then again my chinese is rusty. I was able to pull the system image, but being that I'm by no means an expert or even partially fluent in the rooting ways, have no real idea of what to do with it. Gonna keep digging. Maybe I'll make progress.
Alright so... Apparently I rooted my phone at some point and over the years my phone has gotten really slow. After Googling a bit I found my phone is still on 7.0 when it should be on 8.0 and that confused me a bit until I realized I rooted my phone at some point when I dug up some Android files on my computer. I found this website and discovered I had an account here, so I looked up my posts and found I had used a guide to root my phone located here: https://forum.xda-developers.com/moto-z-play/how-to/howto-moto-z-play-unlock-root-t3508547
After reading around for quite some time I learned that apparently I had to unlock the bootloader to root this phone when on most devices you don't have to apparently, making rooting this device not as simple as just installing an app and pressing a few buttons like on some phones. The guide talks a lot about fastboot and flashing and I have no idea how to follow these steps as it feels like there are steps between steps that are missing since everyone else here already seems to know what to do without including how to do certain steps.
After hours of reading through threads I decided that I wanted to just flash my phone back to a fresh unrooted version of Android and then install the updates OTA. I just spent hours backing up all my apps with Helium until I realized it couldn't backup some apps, so I then Googled and discovered Titanium Backup and backed up everything again through it. Well... why the apps were backing up I stumbled upon a thread here that said I would brick my phone if I flashed back to the original version of Android on this phone then tried to update to the newest version OTA.
Well now I'm a bit paranoid and am hoping someone here can walk me through how to upgrade my rooted Moto Z Play running Android 7.0 to Android 8.0 without bricking it, or throw a guide my way that explains how to do this for simpletons like me.
TL: DR - I suffer from amnesia and don't remember how I ended up rooting my phone, and need to find someone that can explain to someone who is not knowledgeable like me how to upgrade my rooted Moto Z Play to Android 8.0 since my phone is running like hot garbage after all these years.
Thank you in advance to anyone who spent any time reading this wall of text
After messing around for over 12 hours I surprisingly got my phone in a working rooted state on Android Oreo 8.0 without bricking it... But there's one snag. Each time I boot my phone, I first get the "Your device has been unlocked and can't be trusted" (Bootloader unlocked warning) and then it takes me straight into TWRP. Even if I hit Reboot and select "System" it just loops back into TWRP. The only way I can get into my phone it seems is to boot into the bootloader then select start. Not really a big deal, but it's still annoying.
I'm hoping this is something that requires an easy fix and that someone is willing to guide me through it.