Related
Anyone have or know where I can download the telnetd binary for Android? I think I might have a way to get root privileges on the Samsung Moment...and if it works, I see no reason why it wouldn't work on the Hero.
Just need that darn telnetd binary and any of the support files so I can install it into my phone (as long as the root exploit works.) It's running Android 1.5 btw if that makes a difference.
Why not ssh?
Download dropbear
telnet is an open invitation to get hacked, since the connection is not encrypted.
I know telnet is not encrypted...that's why I'll turn off the radio and enable wifi when I do this.
I was on the IRC (#android-root on freenode) and was pointed in the direction of JesusFreke's build environment, in which (s)he has built a veritable ****-ton of ARM binaries that are *extremely* useful.
http://jf.andblogs.net/2009/05/24/jfv151-images-are-out/
I found JFV1.51 CRB43 US BuildEnvironment (1324) to be particularly useful. Once extracted, I found binaries for a very full busybox, and a few dozen other useful goodies, including telnetd.
From the extracted tar, the binaries are under 'Build/System/ModifiedFiles/xbin'. adb push them to /data/local on the device, then call them via adb shell.
Example:
With device connected, and with the Android SDK installed and in your PATH:
Code:
# tar xvf JFv1.51_CRB43-US_BuildEnvironment.tar.gz
# cd Build/System/ModifiedFiles/xbin
# adb push <program of your choice> /data/local
# adb shell
# /data/local/<program of your choice>
Just out of curiosity...what is your hunch for getting root on the Moment?
@gargarxp - Thanks for the info!
gargarxp said:
Just out of curiosity...what is your hunch for getting root on the Moment?
Click to expand...
Click to collapse
I was looking through all of the recent kernel privilege level escalation reports, and ran across this one:
http://seclists.org/fulldisclosure/2009/Nov/105
It works on kernels up to 2.6.31...which the Moment runs 2.6.27. My plan is to use an Android app to execute this exploit contained in a native executable (which I have confirmed I can execute native code), which will then trigger a shell script I will write to copy the telnetd files into the proper places and start the service as root. From there, I'll telnet in...see if the root user has a password...and go from there.
Actually, if you get this to execute as root, the procedure from there is fairly simple.
From my understanding, the other root exploits have a singular goal: to gain a root shell for the purpose of creating a suid su for the system to use to gain root in the future. From the CDMA Hero process, once a root shell is gained:
Code:
# mount -o remount,rw -t rfs [COLOR="Red"]/dev/stl5[/COLOR] /system
# cd /system/bin
# cat sh > su
# chmod 4775 su
They:
Remount the /system fs as read-write
Go to the /system/bin directory
Copy sh to (a new) su
Set the permissions on that to 4 (SetUID) 775 (User-Group: RWX, Other: RX)
* The bit in red is what I observed the device mounted to /system to be on my Moment. I obtained this information by running adb shell mount and seeing what /dev device was next to /system. Should be the same for every Moment, but the procedure is useful for any Android (or Linux for that matter) device.
Once this is done, any user executing this su will do so as the user/group that the owns executable, which in this case is root:shell.
So, via this method, if you can manage to get a root shell on *any* Android device, bada bing bada boom: rooted.
...At least that is my understanding of it all.
Well...the problem is I can't get my Moment connected to my computer to run adb. I'm on Windows 7 64-bit...and the drivers won't load...and Samsung's PC Studio won't install properly. So, I found source code online for executing native code via an Android app...which should work to execute the native exploit.
And you'll have to excuse me...I've been using Linux for the past 10 years...programmed some projects on the platform...but this is pretty much my first time developing on Android.
Oh no problem at all. Frankly, I'm being overtly descriptive so as to make this post useful to the community in general and not be Moment-specific. I don't wish to encouter the ire of the XDA mods Just trying to do a public service.
So, do you have an ARM binary of the exploit built already (ImpelDown.c)? And if so, could you post a link to download it? I've never cross-compiled before and am currently going 10 rounds with gcc and the android-2.6.27 source tree.
Thank you! I know...it's kinda risky for me posting stuff about the Moment in an XDA forum...but I figure this could help the Hero efforts as well...and XDA was so good to me back when I was using my DIAM500...I wanted to contribute something back.
I'm still trying to get my cross-compiler built. I initially started out with Cygwin and a tool for building a cross-compiler...but that went horribly wrong...tons of compiler errors. I attempted to use Scratchbox on OpenSuse 11.2...but Scratchbox wants to run on a Debian system...ugh...haha.
And as I was typing my response to you...I decided to Google for "arm compiler windows" and found http://www.gnuarm.com/
But rest assured...once there's a working binary...I'll upload it here.
From the Gnash project's dev wiki....
http://wiki.gnashdev.org/Building_for_Android
They raise some issues with using a standard cross-compiler (GNUARM uses Newlib, which isn't the Android libc implementation Bionic...which is apparently a problem)
I grabbed the toolchain they link to on the page and am trying that.
Yeah...I found that out as well after I installed gnuarm...
I also just loaded the native toolkit.
Well gargarxp...I compiled it...ran it...didn't work. I'm going to try another one tomorrow.
Long post but, hopefully an easy answer that someone can walk me through. I have fully rooted my EVO along with the NAND. I'm trying to move/install (?) Power Manager Pro into the /system/app folder to get full rights so it can turn GPS on/off. The website for the app says that I need to do the following:
After root is obtained you need to install the application into the /system/app directory so that it has enough permission to change the location settings. Open a Terminal Emulator app and execute the following command to copy the application to the sdcard (for the full version the name of the application is /data/app/com.acme.android.powermanagerpro.apk):
su
cp /data/app/com.acme.android.powermanager.apk /sdcard/PowerManager.apk
If you can't find the application in /data/app try /data/apps-private/
Then, un-install Power Manager from the device
Execute the following commands in the terminal emulator to remount the /system directory as read/write and to install the application into the /system/app directory:
su
mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
cp /sdcard/PowerManager.apk /system/app
If you prefer to use adb from your computer, execute these commands:
adb remount
adb shell cp /sdcard/PowerManager.apk /system/app
Several users have utilized root explorer from the Google marketplace to simplify this process.
I have Root Explorer so I would like to do it through there is possible, but I can't seem to get it to work without it getting a FC when it opens after trying to move it.
hmmm, it might be force closing because the system is not mounted as read/write. Never used the app before so I dont know. But you can search the market for terminal emulator and then follow the steps the showed above. It looks like it should work.
...or you could do it through adb shell if you are connected to your 'puter
Trying it in Terminal Emulator with no luck... Wondering if the path is right or if i need to change that? It says:
xport PATH=/data/local/bin:$PATH
$su
cp /data/app.acme.android.powermanagerpro.apk /sdcard/PowerManager.apk
cp: not found
the path seems right (I assume you mean export and not xport). I dont think you need anything special on the rom to access cp through terminal emulator...
Have you tried hooking it up to a computer and entering it through adb shell to see if that works?
[Q] Help me root my OTA upgraded G2 Visionary R14 Don't Work "Visionary R7 needed"
HELP...HELP....HELP.....PLEASE HELP
I have the T-mobile G2 and I did an over the air upgrade in December of 2010, ever since then the only version of VISIONARY that work on my phone was "Visionary R7" I have search all over the web trying to find the "Visionary R7" so far I have yet to find it...that is why I am posting on this forum......By the way I have tried the latest version of Visionary "R14" but it doesn't work, I have also tried Visionary "R3" "R11" "R12" and "13" and they all don't work on my OTA upgraded T-mobile G2....
So if anyone know where I can download "Visionary R7" please let me know...
Or
If someone know of a way to either Temporary or permanently root the G2 without Visionary please let me know as well
Thanks so much for your kind help......
Is temp root working?
Sent from my HTC Vision using XDA App
use this method, it's easier and safer:
http://forum.xda-developers.com/wik...cess_.28Permanent_Root_.2F_.22Permaroot.22.29
My whole goal is to get the phone temporary rooted using visionary and then finding a way to permanently root the phone....so to answer your question temp root is not working using Visionary R14....It did work when I was using Visionary R7... but since the visionary app (which was the R7 version) came off the Android Market, the process has be super difficult...thanks
My whole goal is to get the phone temporary rooted using visionary and then finding a way to permanently root the phone....so to answer your question temp root is not working using Visionary R14....It did work when I was using Visionary R7... but since the visionary app (which was the R7 version) came off the Android Market, the process has be super difficult...thanks
Nonentity018 said:
Is temp root working?
Sent from my HTC Vision using XDA App
Click to expand...
Click to collapse
Cobra281 said:
use this method, it's easier and safer:
http://forum.xda-developers.com/wik...cess_.28Permanent_Root_.2F_.22Permaroot.22.29
Click to expand...
Click to collapse
+1
Like he said, use that, don't waste your time with visionary
sammd301 said:
HELP...HELP....HELP.....PLEASE HELP
I have the T-mobile G2 and I did an over the air upgrade in December of 2010, ever since then the only version of VISIONARY that work on my phone was "Visionary R7" I have search all over the web trying to find the "Visionary R7" so far I have yet to find it...that is why I am posting on this forum......By the way I have tried the latest version of Visionary "R14" but it doesn't work, I have also tried Visionary "R3" "R11" "R12" and "13" and they all don't work on my OTA upgraded T-mobile G2....
So if anyone know where I can download "Visionary R7" please let me know...
Or
If someone know of a way to either Temporary or permanently root the G2 without Visionary please let me know as well
Thanks so much for your kind help......
Click to expand...
Click to collapse
I'd stay away from visionary if I were you! Its messing up just as many phones as it is rooting them!
part of the problem is that a visionary method is stickied in one of these subforums... that needs to be taken down desperately and replaced with gfree/rage.
Cobra281 said:
use this method, it's easier and safer:
http://forum.xda-developers.com/wik...cess_.28Permanent_Root_.2F_.22Permaroot.22.29
Click to expand...
Click to collapse
I am in the process of using this method....I'll let you all know how it turns out. by the thanks for pointing me to it...
Cobra281 said:
use this method, it's easier and safer:
http://forum.xda-developers.com/wik...cess_.28Permanent_Root_.2F_.22Permaroot.22.29
Click to expand...
Click to collapse
Yes I am in the process of using ADB / RAGE method....I run in problem and I could use someone help please...
TEMP ROOT
ON YOUR PC: Unzip the gfree_temp-root.zip files to a folder. From a cmd window or terminal, navigate to that folder and execute these commands:
$ adb push su /sdcard/su
$ adb push Superuser.apk /sdcard/Superuser.apk
$ adb push rage /data/local/tmp/rage
$ adb push busybox /data/local/tmp/busybox
$ adb push root /data/local/tmp/root
$ adb shell chmod 0755 /data/local/tmp/*
===========
All the commands are working except
$ adb push rage /data/local/tmp/rage
the reply I get after input the command is
Cannot open 'rage': No such file or directory
I have search the web for help...but I could find help on that issue
SO please if anyone knows what I am doing wrong could you please help....
thanks
unzip the gfree_temp-root.zip again and make sure it extracted rage.
rage IS in there, I just downloaded the zip and opened it and looked.
yeah, look for a file called "rage". if it's there, you didn't get the proper directory. you have to get to the "gfree_temp-root" directory on your computer, and THEN adb push it
Cobra281 said:
yeah, look for a file called "rage". if it's there, you didn't get the proper directory. you have to get to the "gfree_temp-root" directory on your computer, and THEN adb push it
Click to expand...
Click to collapse
Yes the "Rage" file is there, all the other command work fine...except the one dealing with the "Rage" file
ratchetrizzo said:
unzip the gfree_temp-root.zip again and make sure it extracted rage.
rage IS in there, I just downloaded the zip and opened it and looked.
Click to expand...
Click to collapse
Thanks so much for your input....when I gfree_temp-root.zip file I can see that the "RAGE" file is present but after 20 to 30 minutes the "RAGE" file disappear from the folder but all the other files remains....Is an alternative gfree_temp-root download link that anyone might know of....thanks again
Disable your virus scanner while you do this, I bet its giving a false positive to the rage file and deleting it
Sent from my HTC Vision using XDA App
ratchetrizzo said:
Disable your virus scanner while you do this, I bet its giving a false positive to the rage file and deleting it
Sent from my HTC Vision using XDA App
Click to expand...
Click to collapse
Thanks so much "Ratchetrizzo" for the tip on disable my anti-virus program, I was able to get the "Rage" command line to work....But now I have run into another ROAD BLOCK and truly hoping someone could help me out as well
I am now getting this error on the Terminal Emulator on my G2 after inputting the following command line from rooting instruction...
'You now have read-write access to your /system, hboot, and recovery partitions. But you still need to "lock in" root, and give you 'su' access in the future. So just do:'
"# /data/local/tmp/root" without the # sign
I got this error message
"## mkdir failed for /system/xbin, File exists
## cp: can't stat '/system/xbin/busybox': Not a directory
## Unable to chmod /system/xbin/busybox: not found
## cp: not found
## cp: not found
## Unable to chmod /system/bin/su: No such file or directory"
Once again I am seeking help on this...So if anyone can help...please let me know. Thanks again for all of the support that I have received so far ...
sammd301 said:
Thanks so much "Ratchetrizzo" for the tip on disable my anti-virus program, I was able to get the "Rage" command line to work....But now I have run into another ROAD BLOCK and truly hoping someone could help me out as well
I am now getting this error on the Terminal Emulator on my G2 after inputting the following command line from rooting instruction...
'You now have read-write access to your /system, hboot, and recovery partitions. But you still need to "lock in" root, and give you 'su' access in the future. So just do:'
"# /data/local/tmp/root" without the # sign
I got this error message
"## mkdir failed for /system/xbin, File exists
## cp: can't stat '/system/xbin/busybox': Not a directory
## Unable to chmod /system/xbin/busybox: not found
## cp: not found
## cp: not found
## Unable to chmod /system/bin/su: No such file or directory"
Once again I am seeking help on this...So if anyone can help...please let me know. Thanks again for all of the support that I have received so far ...
Click to expand...
Click to collapse
Well, start all over but once you get a root (a #) for the first time, rm -rf /system/xbin then reboot the phone, then start all over again and see if that works. for some reason you have a /system/xbin FILE, not a directory.
ratchetrizzo said:
Well, start all over but once you get a root (a #) for the first time, rm -rf /system/xbin then reboot the phone, then start all over again and see if that works. for some reason you have a /system/xbin FILE, not a directory.
Click to expand...
Click to collapse
When I input "rm -rf /system/xbin" command I got back
"rm failed for -rf, Read-only file system
sammd301 said:
When I input "rm -rf /system/xbin" command I got back
"rm failed for -rf, Read-only file system
Click to expand...
Click to collapse
well that's a problem, if /system is read only you can't lock in root
do this before you rm that stuff (remember to be at a root # prompt)
mount -o remount,rw /system
then rm the stuff, then start the root process over.
ratchetrizzo said:
well that's a problem, if /system is read only you can't lock in root
do this before you rm that stuff (remember to be at a root # prompt)
mount -o remount,rw /system
then rm the stuff, then start the root process over.
Click to expand...
Click to collapse
Yes, I did what you suggested, but now I am getting
"rm failed for -rt, no such file or directory" after inputting ""rm -rf /system/xbin" command...by the way thanks so much for helping me out on this...
Hello All,
So I decided to try rooting after doing all this research. I chose to use the "rage" method shown here: http://forum.xda-developers.com/showthread.php?t=834228
I download all the files and everything needed, I get adb to work, and I type in the displayed commands. My problem comes in when I move over to the phone and use Terminal Emulator. I type in /data/local/tmp/rage just as the directions specified but emulator then spits back: /data/local/tmp/rage:not found.
I have scoured the internet to find a solution to this problem and I can't seem to find any postings of someone else having the same problem. How do I get past this. Is there something I am missing? Please help!
in terminal or in adb shell... go to that directory to tmp
then do ls to check if rage is in there
so you would go
cd /data
cd /local
cd tmp
then
ls
and hopefully you should see rage in there if you do then try it again if you dont push it back in there
I tried your suggestion using terminal on my phone and it keeps telling me Is: permission denied. So I tried cd /data\local\tmp and it let me get to that point. then i tried the dir command and I get dir: permission denied.
hey, i recently rooted my desire z and i had that problem too
i found that if you don't do run this
Code:
$ adb shell chmod 0755 /data/local/tmp/*
make sure you run that before you type /data/local/tmp/rage in your terminal
I got it to work!! I am rooted. I finally realized that I had missed a space. I am about to flash my first rom!! YAAAAYYY. Thanks to all the hard work of others and their wonderful directions lol
** DISCLAIMER: I AM NOT A DEVELOPER. I DO THIS AS A HOBBY AND SHARE MY FINDINGS IN CASE SOMEONE ELSE FINDS THEM USEFUL. **
** THIS WORKED ON MY DEVICE BUT IT MAY NOT WORK ON YOURS. APPLY AT YOUR OWN RISK **** This method is designed for Amazon fire phone. Do not use it on other devices unless you are familiar with Android file system and are able to apply proper modifications. **
This has been tested with the unlocked US version running 4.6.1.
This procedure installs superSU root binaries and busybox on your system.
Requirements
Make sure your PC can communicate with your fire phone via adb.
The success of this method depends on following the procedure very carefully. So read the instructions and make sure you understand every step before you try it.
Procedure
1- Install and run Kingroot 4.0. You can google and download it or you can use the one in the attached zip file. When Kingroot runs it is all in Chinese, but basically you need to be connected to the internet for it to work. It will do its thing and show progress up to 100% after which you can exit the program. Now your phone is rooted. The following steps replaces the Kinguser with SuperSU.
2- Unzip the attached file in your adb directory and then open an adb terminal and make sure the PC can see your phone (you can check that by typing adb devices). Then type the following:
Code:
adb push su /data/local/tmp
adb push busybox /data/local/tmp
adb shell
3- In the shell that you get type the following and make sure you give the permission when the phone prompts you:
Code:
su
4- Continue by typing the following commands:
Code:
mount -o remount,rw /system
cat /data/local/tmp/su >/system/xbin/daemonsu && chmod 0755 /system/xbin/daemonsu
cat /data/local/tmp/busybox >/system/xbin/busybox && chmod 0755 /system/xbin/busybox
daemonsu -d &
The key is to keep this session running while you continue with the rest, so be careful with typos and monitor this window for any errors.
5- At this point, leave the adb terminal window running and go to your phone, open the Kinguser app, open settings (the wheel at the top right corner of the screen), Root authorization setting, and Remove Root permission. The app will self-uninstall.
6- Uninstall the other two Kingroot programs that are still on your phone (KingRoot and the other one with the blue icon and Chinese text under it).
7- Back to the adb terminal, and type the following:
Code:
cat /data/local/tmp/su >/system/xbin/su && chmod 0755 /system/xbin/su
busybox chattr -ia /system/xbin/ku.sud
busybox chattr -ia /system/xbin/supolicy
rm /system/xbin/ku.sud
rm /system/xbin/supolicy
rm /system/bin/rt.sh
rm /system/bin/install-recovery.sh
rm /system/bin/shipclean
rm /system/bin/start-ssh
busybox chattr -ia /system/etc/install-recovery.sh
busybox chattr -ia /system/etc/install-recovery.sh-ku.bak
rm /system/etc/install-recovery.sh
rm /system/etc/install-recovery.sh-ku.bak
rm /system/etc/install_recovery.sh
rm /system/usr/icu/icusuflag.conf
busybox chattr -ia /system/usr/iku/isu
rm -rf /system/usr/iku
rm /system/kroot_*
rm /sdcard/kr-stock-conf
rm -rf /sdcard/Kingroot
rm -rf /data/data-lib/com.kingroot.RushRoot
rm -rf /data/data-lib/com.kingroot.kinguser
rm -rf /data/data-lib/king
Again, leave the adb terminal window running and go to your phone.
8- Install superSU (from the attached file) on your phone, run it, and let it update the SU binary.
9- Reboot the phone. After about 5 minutes your root is ready.
Hint: It is a good idea to disable Amazon device client platform, DCP platform contracts, and two apps called System Updates in Amazon settings. They are responsible for regular updates, constant chatter with Amazon servers, and possible patching of your root exploit. Also disable Kinesis service which is responsible for major battery drain and heating. You will find it under settings, display, configure motion and gesture settings. Disable all.
Troubleshooting
1- Most of the problems that I noticed people have encountered is due to not reading the instructions fully. So make sure you read the OP word by word.
2- If you miss a step or mess up something go back to installing Kingroot and start over from the beginning.
3- If instant video or some other Amazon app doesn't work it is because you should run them at least once prior to rooting the phone.
4- Finally, I noticed that with an AT&T sim card in the phone Kingroot fails (why am I not surprised?) Either a reboot occurs in the middle of rooting or it completes the cycle without accomplishing root. If that occurs, my best advice is to change your phone company. If that fails, you may need to factory reset your phone or even install the firmware from scratch and try again without the sim card.
Okay. Working. I tried it 2 Times because i get in troubles with the SuperSu App.
After First Time i Cant open it anymore after adb shell.
Second Time i installed SuperSu, but after adbshell the app was gone (!?) - but i installed it again with adb shell before reboot. Now SuperSu is Working.
And now tell me how to change the FireOS to a Android Status Bar with Notifications, and youre my Hero ;D
najoor said:
** DISCLAIMER: I AM NOT A DEVELOPER. I DO THIS AS A HOBBY AND SHARE MY FINDINGS IN CASE SOMEONE ELSE FINDS THEM USEFUL. **
** THIS WORKED ON MY DEVICE BUT IT MAY NOT WORK ON YOURS. APPLY AT YOUR OWN RISK **
This has been tested with the unlocked US version running 4.6.1.
Requirements
Make sure your PC can communicate with your fire phone via adb.
The success of this method depends on following the procedure very carefully. So read the instructions and make sure you understand every step before you try it.
Procedure
1- Install and run Kingroot 4.0. You can google and download it or you can use the one in the attached zip file. When Kingroot runs it is all in Chinese, but basically you need to be connected to the internet for it to work. It will do its thing and show progress up to 100% after which you can exit the program. Now your phone is rooted. The following steps replaces the Kinguser with SuperSU.
2- Unzip the attached file in your adb directory and then open an adb terminal and make sure the PC can see your phone (you can check that by typing adb devices). Then type the following:
Code:
adb push su /data/local/tmp
adb push busybox /data/local/tmp
adb shell
3- In the shell that you get type the following and make sure you give the permission when the phone prompts you:
Code:
su
4- Continue by typing the following commands:
Code:
mount -o remount,rw /system
cat /data/local/tmp/su >/system/xbin/daemonsu && chmod 0755 /system/xbin/daemonsu
cat /data/local/tmp/busybox >/system/xbin/busybox && chmod 0755 /system/xbin/busybox
daemonsu -d &
The key is to keep this session running while you continue with the rest, so be careful with typos and monitor this window for any errors.
5- At this point, leave the adb terminal window running and go to your phone, open the Kinguser app, open settings, Root authorization setting, and Remove Root permission .
6- Uninstall the other two Kingroot programs that are still on your phone (KingRoot and the other one with the blue icon and Chinese text under it).
7- Back to the adb terminal, and type the following:
Code:
cat /data/local/tmp/su >/system/xbin/su && chmod 0755 /system/xbin/su
busybox chattr -ia /system/xbin/ku.sud
busybox chattr -ia /system/xbin/supolicy
rm /system/xbin/ku.sud
rm /system/xbin/supolicy
rm /system/bin/rt.sh
rm /system/bin/install-recovery.sh
busybox chattr -ia /system/etc/install-recovery.sh
rm /system/etc/install-recovery.sh
busybox chattr -ia /system/etc/install-recovery.sh-ku.bak
rm /system/etc/install-recovery.sh-ku.bak
rm /system/kroot_*
rm /sdcard/kr-stock-conf
rm -rf /sdcard/Kingroot
rm /system/usr/icu/icusuflag.conf
busybox chattr -ia /system/usr/iku/isu
rm -rf /system/usr/iku
Again, leave the adb terminal window running and go to your phone.
8- Install superSU (from the attached file) on your phone, run it, and let it update the SU binary.
9- Reboot the phone. After about 5 minutes your root is ready.
Hint: It is a good idea to disable Amazon device client platform, DCP platform contracts, and two apps called System Updates in Amazon settings.
Click to expand...
Click to collapse
Not sure what I'm doing wrong but everything works till I get to rm stage of step 7. Im getting 255 read only file system error. Any ideas what I did wrong. since it didnt work to I have reinstall Kingroot and start over or do I start over from the adb shell part?
Viperise152 said:
Not sure what I'm doing wrong but everything works till I get to rm stage of step 7. Im getting 255 read only file system error. Any ideas what I did wrong. since it didnt work to I have reinstall Kingroot and start over or do I start over from the adb shell part?
Click to expand...
Click to collapse
Do you close the adb window between steps 4 and 7? Step 7 should be continued in the window that you left open in step 4.
Do you get any error message after you type each command in part 4?
To redo the process you should install the Kingroot again and stay overt from the beginning.
I did not get any errors for part 4 just when I get to the first rm command in part 7, I'm getting (rm failed for /system/xbin/ku.sud, Read-only file system). Is that normal?
FIXED!!!
Ok i was not following this step properly "open the Kinguser app, open settings, Root authorization setting, and Remove Root permission ." I was not doing through that Root authorization setting which was a few slots down.
Viperise152 said:
Not sure what I'm doing wrong but everything works till I get to rm stage of step 7. Im getting 255 read only file system error. Any ideas what I did wrong. since it didnt work to I have reinstall Kingroot and start over or do I start over from the adb shell part?
Click to expand...
Click to collapse
Please copy and paste the entire content of the adb terminal up to the point that you get the error message and send it to me via pm so I can debug it.
najoor said:
Please copy and paste the entire content of the adb terminal up to the point that you get the error message and send it to me via pm so I can debug it.
Click to expand...
Click to collapse
I still had this page open while I was giving it another go. I figured out what i was doing wrong. The " open the Kinguser app,open settings, Root authorization setting, and remove root permission." part I was just opening Kinguser settings and hitting the big center button turning it off. Did'nt realize i had to go down a few slots to the Root Authorization Setting then hit the Remove Root Permission. After i did it right Kinguser disappeared unistalled the other 2 apps. Everything after that work fine then. Thanks for trying to help me out. Maybe my confusion will help others.
Viperise152 said:
I still had this page open while I was giving it another go. I figured out what i was doing wrong. The " open the Kinguser app,open settings, Root authorization setting, and remove root permission." part I was just opening Kinguser settings and hitting the big center button turning it off. Did'nt realize i had to go down a few slots to the Root Authorization Setting then hit the Remove Root Permission. After i did it right Kinguser disappeared unistalled the other 2 apps. Everything after that work fine then. Thanks for trying to help me out. Maybe my confusion will help others.
Click to expand...
Click to collapse
Thanks for updating with what you were doing wrong. I was having the same issue. Cheers!
funkadelik said:
Thanks for updating with what you were doing wrong. I was having the same issue. Cheers!
Click to expand...
Click to collapse
And me too I should have read your post instead of bugging najoor who has been a great help to resolve my SuperSU
installation
Great thread :good::good:
thx for the guide.
can you explain why it is better to have SuperSu. What is wrong with kingsu?
planning to do this soon, cheers for the guide
so what is safe to remove out of the stock apps
veti said:
thx for the guide.
can you explain why it is better to have SuperSu. What is wrong with kingsu?
Click to expand...
Click to collapse
King user might even be a better SU than superSU, who knows? The problem is that we don't know kinguser. We don't know who wrote it, we don't know what kind of information it gathers, we don't know if it puts a backdoor exploit in your OS, etc. Super SU is a tool that we have used for years. We know exactly what supersu does and who wrote it. We can even communicate with him on xda. Chainfire, the author of SuperSU even has a weblog that he often uses to talk about the intricacies of designing a tool like superSU. There is almost nothing unknown or suspicious about superSU.
On the contrary kingroot/kinguser seems to be intrusive and sneaky. The first thing it does after rooting your phone is to install some random app on it that has nothing to do with rooting and at best I can describe it as bloat. It saves files and folders all over your phone for no apparent reason. Then, it does everything it can to prevent you from removing it. In effect, the only straightforward way to remove it is to give up root, and even then it very suspiciously leaves some executable files behind that God knows if they are sleeper cells or what. To devise the procedure in the OP I had to go through an extensive search to find every little carp that king user has planted into the system and truth be told I will not be surprised if I discover more hidden gems left behind.
The corrected op guide worked great. I had to tap a blue rectangle at two different times to get kingroot to finish (get to a screen that had 100% on it), but other than that, everything worked.
najoor said:
King user might even be a better SU than superSU, who knows? The problem is that we don't know kinguser. We don't know who wrote it, we don't know what kind of information it gathers, we don't know if it puts a backdoor exploit in your OS, etc. Super SU is a tool that we have used for years. We know exactly what supersu does and who wrote it. We can even communicate with him on xda. Chainfire, the author of SuperSU even has a weblog that he often uses to talk about the intricacies of designing a tool like superSU. There is almost nothing unknown or suspicious about superSU.
On the contrary kingroot/kinguser seems to be intrusive and sneaky. The first thing it does after rooting your phone is to install some random app on it that has nothing to do with rooting and at best I can describe it as bloat. It saves files and folders all over your phone for no apparent reason. Then, it does everything it can to prevent you from removing it. In effect, the only straightforward way to remove it is to give up root, and even then it very suspiciously leaves some executable files behind that God knows if they are sleeper cells or what. To devise the procedure in the OP I had to go through an extensive search to find every little carp that king user has planted into the system and truth be told I will not be surprised if I discover more hidden gems left behind.
Click to expand...
Click to collapse
Thank you _so_ much for your effort. I was doing some research too in advance prior to installing kingroot, but didn't get near as much useful information. Sniffing the network connection for any suspicious behaviour via wireshark and my router wasn't successful at all, as they use https.
I came up with the idea that they could have patched some of the system-apps to load an payload even after you tried to "delete everything"(tm). I am currently checking the MD5 and SHA-1 checksum of a identical, second Firephone without root.
---------- Post added at 09:09 PM ---------- Previous post was at 09:05 PM ----------
Also the Mods should pin your post. I totally agree that KingRoot uses intrusive behaviour - as it seems mostly for statistics, but anyway - and should be replaced with the method described in the OP.
EDIT: The MD5 checksum of an unrooted firephone is identical. The System apps might not have been replaced or touched at all. I didn't got a easy chance to check all apps with the SHA-1 checksum though.
Followed the directions and got the root with 0 issues
Just saw this article saying root is now achievable w/ SuperSU via Towelroot: http://dottech.org/180812/how-to-root-amazon-fire-phone-on-android-4-4-kitkat-guide/
Can anyone verify?
amf100 said:
Just saw this article saying root is now achievable w/ SuperSU via Towelroot: http://dottech.org/180812/how-to-root-amazon-fire-phone-on-android-4-4-kitkat-guide/
Can anyone verify?
Click to expand...
Click to collapse
No, it doesn't work. When you run it, the towelroot app pops up a message saying the phone is currently not supported.
Hmph! That's too bad. I wasn't with my fire phone to check for myself. The internet is so weird lol. Why make a whole page with instructions for nothing? Ugh lol
rm /system/bin/rt.sh
Click to expand...
Click to collapse
This part is not working for me. Can't seem to remove it with root explorer either. Any tips?
Im on 4.6.1 with SuperSu. If im Sideload 4.6.1 again and do an Factory Reset. Is root gone? Because Amazon send me New One Because Hardware issues