Related
Anyone have or know where I can download the telnetd binary for Android? I think I might have a way to get root privileges on the Samsung Moment...and if it works, I see no reason why it wouldn't work on the Hero.
Just need that darn telnetd binary and any of the support files so I can install it into my phone (as long as the root exploit works.) It's running Android 1.5 btw if that makes a difference.
Why not ssh?
Download dropbear
telnet is an open invitation to get hacked, since the connection is not encrypted.
I know telnet is not encrypted...that's why I'll turn off the radio and enable wifi when I do this.
I was on the IRC (#android-root on freenode) and was pointed in the direction of JesusFreke's build environment, in which (s)he has built a veritable ****-ton of ARM binaries that are *extremely* useful.
http://jf.andblogs.net/2009/05/24/jfv151-images-are-out/
I found JFV1.51 CRB43 US BuildEnvironment (1324) to be particularly useful. Once extracted, I found binaries for a very full busybox, and a few dozen other useful goodies, including telnetd.
From the extracted tar, the binaries are under 'Build/System/ModifiedFiles/xbin'. adb push them to /data/local on the device, then call them via adb shell.
Example:
With device connected, and with the Android SDK installed and in your PATH:
Code:
# tar xvf JFv1.51_CRB43-US_BuildEnvironment.tar.gz
# cd Build/System/ModifiedFiles/xbin
# adb push <program of your choice> /data/local
# adb shell
# /data/local/<program of your choice>
Just out of curiosity...what is your hunch for getting root on the Moment?
@gargarxp - Thanks for the info!
gargarxp said:
Just out of curiosity...what is your hunch for getting root on the Moment?
Click to expand...
Click to collapse
I was looking through all of the recent kernel privilege level escalation reports, and ran across this one:
http://seclists.org/fulldisclosure/2009/Nov/105
It works on kernels up to 2.6.31...which the Moment runs 2.6.27. My plan is to use an Android app to execute this exploit contained in a native executable (which I have confirmed I can execute native code), which will then trigger a shell script I will write to copy the telnetd files into the proper places and start the service as root. From there, I'll telnet in...see if the root user has a password...and go from there.
Actually, if you get this to execute as root, the procedure from there is fairly simple.
From my understanding, the other root exploits have a singular goal: to gain a root shell for the purpose of creating a suid su for the system to use to gain root in the future. From the CDMA Hero process, once a root shell is gained:
Code:
# mount -o remount,rw -t rfs [COLOR="Red"]/dev/stl5[/COLOR] /system
# cd /system/bin
# cat sh > su
# chmod 4775 su
They:
Remount the /system fs as read-write
Go to the /system/bin directory
Copy sh to (a new) su
Set the permissions on that to 4 (SetUID) 775 (User-Group: RWX, Other: RX)
* The bit in red is what I observed the device mounted to /system to be on my Moment. I obtained this information by running adb shell mount and seeing what /dev device was next to /system. Should be the same for every Moment, but the procedure is useful for any Android (or Linux for that matter) device.
Once this is done, any user executing this su will do so as the user/group that the owns executable, which in this case is root:shell.
So, via this method, if you can manage to get a root shell on *any* Android device, bada bing bada boom: rooted.
...At least that is my understanding of it all.
Well...the problem is I can't get my Moment connected to my computer to run adb. I'm on Windows 7 64-bit...and the drivers won't load...and Samsung's PC Studio won't install properly. So, I found source code online for executing native code via an Android app...which should work to execute the native exploit.
And you'll have to excuse me...I've been using Linux for the past 10 years...programmed some projects on the platform...but this is pretty much my first time developing on Android.
Oh no problem at all. Frankly, I'm being overtly descriptive so as to make this post useful to the community in general and not be Moment-specific. I don't wish to encouter the ire of the XDA mods Just trying to do a public service.
So, do you have an ARM binary of the exploit built already (ImpelDown.c)? And if so, could you post a link to download it? I've never cross-compiled before and am currently going 10 rounds with gcc and the android-2.6.27 source tree.
Thank you! I know...it's kinda risky for me posting stuff about the Moment in an XDA forum...but I figure this could help the Hero efforts as well...and XDA was so good to me back when I was using my DIAM500...I wanted to contribute something back.
I'm still trying to get my cross-compiler built. I initially started out with Cygwin and a tool for building a cross-compiler...but that went horribly wrong...tons of compiler errors. I attempted to use Scratchbox on OpenSuse 11.2...but Scratchbox wants to run on a Debian system...ugh...haha.
And as I was typing my response to you...I decided to Google for "arm compiler windows" and found http://www.gnuarm.com/
But rest assured...once there's a working binary...I'll upload it here.
From the Gnash project's dev wiki....
http://wiki.gnashdev.org/Building_for_Android
They raise some issues with using a standard cross-compiler (GNUARM uses Newlib, which isn't the Android libc implementation Bionic...which is apparently a problem)
I grabbed the toolchain they link to on the page and am trying that.
Yeah...I found that out as well after I installed gnuarm...
I also just loaded the native toolkit.
Well gargarxp...I compiled it...ran it...didn't work. I'm going to try another one tomorrow.
This is my personally compiled kernel for the Kindle Fire with a few optimizations.
Acknowledgments:
DooMLoRD - for helping greatly in my initial trials on how to create kernels for the Fire
g1011999 - for providing a working .config
paulobrien - insecure boot image
franciscofranco - for some of the ARM optimizations which I've missed since I stopped modding the N1
hashcode - the 3.0 kernel base
Features:
- compiled using Mjolnir
- CPU overclocking code from OMAPZOOM repositories
- ARM code optimizations
What doesn't work:
same bugs as Hashcode's
Download URL:
http://intersectraven.euroskank.com/kernels/
Latest Changes:
20120730_08XX:
- backported cleancache and zcache improvements from 3.4
20120709_1619:
- added further tweaks to interactive scheduler
- rebased experimental optimization to minimize chance of faulty merge
20120703_1041:
- rebased to hashcode's 3.0.31 kernel with support for the touchscreen filter
- added an experimental optimization which in theory should make the kernel a bit more responsive...at least in theory...
20120619_2251:
- numerous ARM optimizations (most from the 2.6 series)
- ported CM's changes to the interactive governor and low memory killer
- GPU driver is compiled into the kernel
20120601_1145:
- integrated latest BFQ release 4 for selection (not default) in SetCPU
20120513_1557:
- integrated shutdown fix from hashcode
20120512_2044:
- first 3.0 release with almost all my tweaks
20120216_1740:
- final fix for TUN without module (if it still doesn't work, going to module in next release)
- UTF8 support for file systems
- some optimizations
20120211_1219:
- minor update for fixing OpenVPN based VPNs
20120207_19XX:
- unification release (unified all my modifications with my Galaxy Nexus kernel and restarted from scratch)
- ARM optimizations
- OC without thermal control
- compiler optimizations
- CIFS and TUN enabled
- now based on 2.6.35.14
- now in zip version for easier flashing
***DEPRECATED***
Instructions (stock WiFi driver):
1.) Boot to fastboot
2.) Test first using fastboot boot command
Instructions (custom WiFi driver):
1.) Turn off WiFi.
2.) Use adb push command to push tiwlan_drv.ko to /sdcard/
3.) Using root explorer, rename tiwlan_drv.ko from /system/etc/wifi to tiwlan_drv.ko.bak.
4.) Usring root explorer, copy tiwlan_drv.ko from /sdcard/ to /system/etc/wifi. Make sure permissions are same with other files in directory together with owner and group being set to root.
5.) Reboot to fastboot and TEST FIRST using fastboot boot command
Detailed instructions are on the next post.
***DEPRECATED***
GitHub:
http://www.github.com/intersectRaven/kindle-kernel
Detailed Instructions:
Turn off your device's WiFi.
From your command prompt issue the ff. commands:
Code:
adb shell
su
idme bootmode 4002
reboot
This will cause your kindle to reboot to fastboot mode. Issue the ff. commands:
Code:
fastboot -i 0x1949 boot bootnew.img
This will cause the Kindle to boot TEMPORARILY to the new kernel which I assume you downloaded from me.
If it doesn't boot normally, you can turn off your Kindle by holding down the power button for at least 10 seconds then turn it on again.
This will boot your Kindle to fastboot mode again.
If the kernel didn't work:
Code:
fastboot -i 0x1949 oem idme bootmode 4000
fastboot -i 0x1949 reboot
This will reboot your Kindle back to normal.
If the kernel worked, here's how to flash it permanently:
Code:
fastboot -i 0x1949 flash boot bootnew.img
fastboot -i 0x1949 oem idme bootmode 4000
fastboot -i 0x1949 reboot
This should boot up with the new kernel.
Once you've booted up properly, issue the ff. commands to replace your stock WiFi driver with the new one.
Code:
adb push tiwlan_drv.ko /system/etc/wifi/
adb shell
su
cd /system/etc/wifi
chmod 644 tiwlan_drv.ko
Ensure that the permissions, owner and group settings for the new WiFi driver are correct by issuing:
Code:
ls -l
Turn on your WiFi.
Partition Backup Instructions:
From your command prompt, issue the ff. commands:
Code:
adb shell
su
This should give you superuser command prompt on your Kindle Fire. To confirm,
you should see a # as your command prompt. Next, issue the ff. commands to backup the smaller partitions to your sdcard. Make sure that the sdcard isn't mounted on your computer so that it is accessible to the Kindle Fire.
Code:
dd if=/dev/block/mmcblk0p1 of=/sdcard/xloader.bin
dd if=/dev/block/mmcblk0p2 of=/sdcard/bootloader.bin
dd if=/dev/block/mmcblk0p3 of=/sdcard/dkernel.bin
dd if=/dev/block/mmcblk0p4 of=/sdcard/dfs.bin
dd if=/dev/block/mmcblk0p5 of=/sdcard/recovery.bin
dd if=/dev/block/mmcblk0p6 of=/sdcard/backup.bin
dd if=/dev/block/mmcblk0p7 of=/sdcard/boot.bin
After executing those commands, you can now mount the sdcard through USB and copy those files to your HD for backup purposes. The remaining partitions through 8 - 11 can be backed up as well but I'll leave that to your own discretions. These partitions were chosen because they're either critical or unreplicable.
You can also use adb to pull the images above directly to your PC. Here're the commands to do so:
Code:
adb pull /dev/block/mmcblk0p1 xloader.bin
adb pull /dev/block/mmcblk0p2 bootloader.bin
adb pull /dev/block/mmcblk0p3 dkernel.bin
adb pull /dev/block/mmcblk0p4 dfs.bin
adb pull /dev/block/mmcblk0p5 recovery.bin
adb pull /dev/block/mmcblk0p6 backup.bin
adb pull /dev/block/mmcblk0p7 boot.bin
for stock only?
JackpotClavin said:
for stock only?
Click to expand...
Click to collapse
Yeah. There's still a couple of glitches though. Seems connecting USB crashes everything.
And wifi doesn't work?
Sent from my Kindle Fire using xda premium
Veritass said:
And wifi doesn't work?
Sent from my Kindle Fire using xda premium
Click to expand...
Click to collapse
Yup. That's why it's marked INCOMPLETE in the title.
Stock Wifi works now!
*a bit flaky though...drops every now and then...still fixing...
great work mate!!!
have u uploaded sources to git?
also can u please send link of correct toolchain to use?
Have you tried to compile the bluetooth module? I still believe that the Kindle has Bluetooth support
DooMLoRD said:
great work mate!!!
have u uploaded sources to git?
also can u please send link of correct toolchain to use?
Click to expand...
Click to collapse
I'm still thinking of how to quickly upload to git.
As for the toolchain, anything should work. I've fixed my source to use Mjolnir though since I need it for some planned compiler fixes I want to use.
N23 said:
Have you tried to compile the bluetooth module? I still believe that the Kindle has Bluetooth support
Click to expand...
Click to collapse
Not yet. I was quite busy with fixing the WiFi module loading (since it's a pain to build) so I haven't looked at that. Also, even if I enable it, there's no support in the stock ROM so we need CM7 (or 9) to work as well.
intersectRaven said:
I'm still thinking of how to quickly upload to git.
As for the toolchain, anything should work. I've fixed my source to use Mjolnir though since I need it for some planned compiler fixes I want to use.
Not yet. I was quite busy with fixing the WiFi module loading (since it's a pain to build) so I haven't looked at that. Also, even if I enable it, there's no support in the stock ROM so we need CM7 (or 9) to work as well.
Click to expand...
Click to collapse
no problems mate
btw seems one of the kernels i posted yesterday boots, atleast for one user :
http://forum.xda-developers.com/showthread.php?p=20130507#post20130507
regarding wifi, do u have any idea which model of TI chipset is there?
i have the following repo for patched TI modules for Xperia 2011 devices... give it a shot if it works for Kindle Fire...
https://github.com/DooMLoRD/Xperia-2011-TI-WLAN
DooMLoRD said:
no problems mate
btw seems one of the kernels i posted yesterday boots, atleast for one user :
http://forum.xda-developers.com/showthread.php?p=20130507#post20130507
regarding wifi, do u have any idea which model of TI chipset is there?
i have the following repo for patched TI modules for Xperia 2011 devices... give it a shot if it works for Kindle Fire...
https://github.com/DooMLoRD/Xperia-2011-TI-WLAN
Click to expand...
Click to collapse
Thanks for the info! I'll try that later. Fyi, I tried the one in Amazon's release and it didn't work but maybe I did something wrong. I am quite unfamiliar with compiling modules outside of the kernel tree.
*Seems you modified it heavily to prevent reliance in outside export commands.
intersectRaven said:
Thanks for the info! I'll try that later. Fyi, I tried the one in Amazon's release and it didn't work but maybe I did something wrong. I am quite unfamiliar with compiling modules outside of the kernel tree.
*Seems you modified it heavily to prevent reliance in outside export commands.
Click to expand...
Click to collapse
me too
hahahha... yes i had to got bored with long commands
just the msm_env.bash is changed...
DooMLoRD said:
me too
hahahha... yes i had to got bored with long commands
just the msm_env.bash is changed...
Click to expand...
Click to collapse
Forgot to mention that the WiFi is wl1283.
intersectRaven said:
Forgot to mention that the WiFi is wl1283.
Click to expand...
Click to collapse
On the Wifi chip, a quick look at Chipworks indicates that not only does the WL1283 have bluetooth, but also GPS. Providing that its wired up right inside, should we also be able to get GPS working as well? Or is it missing the GPS antenna to make it work?
jcatt said:
On the Wifi chip, a quick look at Chipworks indicates that not only does the WL1283 have bluetooth, but also GPS. Providing that its wired up right inside, should we also be able to get GPS working as well? Or is it missing the GPS antenna to make it work?
Click to expand...
Click to collapse
Might have to add the GPS antenna if anything, but bluetooth could be possible. We just dont know if it has to be enabled in software or if it cant due to the hardware
jcatt said:
On the Wifi chip, a quick look at Chipworks indicates that not only does the WL1283 have bluetooth, but also GPS. Providing that its wired up right inside, should we also be able to get GPS working as well? Or is it missing the GPS antenna to make it work?
Click to expand...
Click to collapse
interesting... the TI driver i have (for Xperia 2011 devices) is WL1273... i have talked to a developer friend and he told me that WL12xx drivers are unified so we can try those drivers too...
Downloading the source here in a bit, but I had a few questions.
Can you check the gpu config? I believe its 1.7 pvr driver but the 3d memory has been cut down a bit. I'm not sure if it'd be possible to move some of that back w/o affecting other optimizations in the kernel. The reason I ask, is that I know ICS/tablet apps would run better with a bit more dedicated 3d mem.
I noted that CM7 was having some audio issues, is the kernel using a stock SoC/Alsa config? Or did they do something odd?
Lastly, I applaud you guys for grinding this out, it's always best to start from the ground up. Great work!
Sent from my DROID3 using XDA App
Kernel updated! See OP for changes.
FLASHEX 2.05 (unified release 4)(Release Date: 5/2/2012)
Description
Flashex is designed to allow people using an Android device to watch hulu and some other restricted sites with Adobe Flash Player and a properly configured web browser as if it was a Windows PC. Dolphin HD Stock Browser(choose "request desktop site" in menu each time) is a good choice but any browser that allows you to act as Desktop via settings should work.
Note: Dolphin HD has some issues with full screen video at the moment so I have switched over to useing the stock browser and selecting "request desktop site" from the upper right-hand menu for now this works and has good full screen performance on FlexReaper and Stock ICS 4.0.3.
How it works
The script will look for libflashplayer.so then attempt to create a copy, edit the copy, and copy the edited version back. It stores the edited copy, and writes it over the default file each time it's run. It will check the version of the current libflashplayer.so file each time before it copies the edited version over. If libflashplayer.so's version has been upgraded or downgraded it will make a new copy, edit, write it back and store the new one to use each time. I suggest using Script Manager to run the script at boot once you run it the first time manually to make the first edited copy.
What's New in Version 2.05?
-Added a few more checks for libflashplayer.so to help improve troubleshooting and configuring on different ROMs and to eliminate the possibility of a hang if libflashplayer.so is not readable.
(Still waiting on feed back and/or -x mode debug output reports. feel free post them or better yet PM them to me)
What's New in Version 2.04?
-Added support for Custom BusyBox from CynogenMod (BusyBox 1.19.4-cm9) when testing the Busybox version
What's New in Version 2.03?
-Added checks to verify Busybox location, permisssions, and version to verify compatability and inform the user if they need to update/reinstall busybox or make a configuration change.
-Various minor refinements.
-Can now safely be test run on ANY device since it will verify the location of all required elements prior to performing any task.
NOTE: This doesnt mean it will enable hulu on an old 500mhz 2.2 device, just that it should be safe to use to modify Adobe Flash on any device capable of properly running it.(If your Adobe Flash is installed in a diffrent location you will need to configure the script to point it's install directory, or put a copy of your libflashplayer.so file into the Flashex2 directory and name it AND_libflashplayer.so and copy the resulting WIN_libflashplayer.so back by hand if you prefer.)
What was new in Version 2.02?
-Fixed various typoes in output messages
-Added a fix for people having issues with strings, grep etc returning as not found when /system/xbin is either not in the users default $PATH or is too low in the list to get used.
What was new in Version 2.01?
-Many minor bug fixes
-Scripts have been unified into a single script.
-Made some changes to how version checking is done
-Script is safer, more reliable, and easier to use over all.(at least IMO hehe)
-Automatic re-edit of edited source file, when either an upgrade or downgrade is detected. This allows the script to be run at boot via Script Manager, or other while still leaving, Adobe Flash to auto update.
-Script is now a single executable file that will both hex edit Adobe Flash(each update), and copy the edited file over to /data when needed.
-Improved version detection
-Improved output messages
Some notes on running during bootup
Once you have decompressed the Flashex2 folder and flashex.sh script to /mnt/sdcard/Flashex2 you will be able to run it automatically at boot via Script Manager if you wish. I currently have been using it this way. I have tested it performing the hexedit during a boot up. It works fine.
Known Limitation
Note: This only applies to auto-running the script via Script Manager, Cron, what ever It takes about 2 minutes with a Tegra 2 to complete the hexedit of the file.
Because of this when booting after an update to libflashplayer.so it will be editing the file for a min or two after your home screen shows. You will want to wait 3 min or so to be safe before you try to use Adobe Flash. This will ONLY happen when the version changes. Since Adobe Flash isn't changed that often it's not a big deal.
The rest of the time, it will be the same version so it will just take a few seconds to copy the file over. This allows you to just watch when you like even right after a system boot.
Install Instructions
Quick Directions:
Download file, unzip/extract the Flashex2 folder and it's contents, copy it to the sdcard to end up with /mnt/sdcard/Flashex2/flashex.sh. Run flashex.sh as root. Set web browser to Desktop. Enjoy watching hulu.
Full Directions:
When using Flashex205.zip via a File Manager like Astro for example.
1) Either download Flashex204b.zip directly to your tablet, or copy it to a micro SD card via PC.(note: you could unzip the contents in Windows if you prefer)
2) Save, Copy or Move Flashex205.zip to /mnt/sdcard/ It has a folder inside already of the correct name.
3) Open Flashex205.zip, then copy/paste the whole folder to /mnt/sdcard/
Note: After you do this you should have a folder named Flashex2 on your internal sdcard example: /mnt/sdcard/Flashex2
4) Inside the Flashex2 folder from the zipfile is flashex.sh
5) run flashex.sh either via terminal emulator or with an app like Script Manager.
The script "can" be run without root, BUT it will only make the hexedited file. It MUST be run as root if you also want the script to install the edited file so you can watch hulu. You can also copy the file by hand.
When using flashex205.tar.gz via a terminal emulator do the following.
1) Either download the file directly to your tablet, or copy it to a micro SD card.
2) Copy or Move the file to /mnt/sdcard/
example(copy): cp /mnt/external_sd/flashex205.tar.gz /mnt/sdcard/
example(move): mv /mnt/external_sd/flashex205.tar.gz /mnt/sdcard/
3) unzip and untar the Flashex folder and flashex.sh script from flashex205.tar.gz
gzip -d /mnt/sdcard/flashex205.tar.gz
tar -xvf /mnt/sdcard/flashex205.tar
Note: If you get an error saying not found. Your trying to install it in a diffrent location then it's currently configured you can probably figure out how to make it work easy enough. Just remember to set the path to the script inside the script it's self so it knows where make/read the edited file.
4) Now change working directories and run the script.
cd /mnt/sdcard/Flashex2
5) Run the script(su is optional, but running as root it wont copy the edited file over)
su
sh flashex.sh
Note: I suggest using sh before the script name though it's not nessesary if the path to sh at the top of the script matches yours.
Confirmed Compatable Device List(Make sure you are rooted if you want to use the script to install the modified file)
Acer Iconia A100, A200, A500 HC or ICS, FlexReaper ------ Use Latest Version
Samsung Galaxy S 4G rooted modified Gingerbread 2.3 --- Use Latest Version
Samsung Galaxy Nexus LTE ----------------------------------- Use Latest Version
Asus Eepad Transformer Prime ------------------------------- Use Version 2.2 or Latest Version
Motorola Droid Razr ------------------------------------------- Use Latest Version
HTC EVO 3D --------------------------------------------------- Use Latest Version
HTC EVO 4G running mikg v11 ------------------------------- Use Latest Version
Note: Any Device that is compatable with Adobe Flash and capable of playing hulu videos(500 Mhz or better ARM7 CPU 256 MB ram, Android 2.2 or better) that has been rooted and has busybox installed should be compatable
If you are attempting to use a Busybox older then v1.18.1 You will have to change a value at the top of the script before attempting to run it since I'm not sure how old of versions are 100% compatible.
===============================================
ATTN: SUPPORT, QUESTIONS, COMMENTS
If you need help getting it to work for your device and cant post in this section you can follow this
->SUPPORT LINK HERE
You can PM me or you can also try me on Twitter
Legal Info
Flashex205.sh was made by NoSudo for personal use
anyone may use it or change it but I retain creative
licence for my work. You should only take credit for your
changes.
I take no reponsablility for anyone elses actions. If you break
something or violate any rules it's on you.
If you wish to try and make money on it or use it for any comercial
venture I expect to be contacted and informed so I may negociate
an acceptable for profit licence with compensation.
This software is FREE and yours to enjoy, give away, edit, use for Non-Profit purposes ONLY.
A NOTE ON VERSIONS!
I recommend the use of the latest version Flashex204.sh. If you have old versions installed. MAKE SURE YOU RUN THE RIGHT ONE. It's up you to reconfigure Script Manager etc. so don't forget or it will keep running the old one.
ALSO Please remember to hit that Thanks button if you find my script useful.
I have been doing a little version testing.
I can confirm that flashex v2.01 does edit other versions so far I have tested it with. I just tested with 11.1.115.7 and it works fine via xxd. Im going to test on Android with Busybox's hexdump next.
I can also confirm that it works on 11.1.111.8 since my tablet just auto-updated. I simply ran the script and updated my hexed version from 11.1.111.7 to 11.1.111.8 as designed.
Just tried the new version and still a no go. See the pic for the full error.
Ran with terminal emulator, gscript, and root explorer. Same error for all.
And you have the .so file from the old version thread.
.so path: /data/data/com.adobe.flashplayer/lib/libflashplayer.so
ICS Leak .012.
busybox 1.19.3
Joecascio2000 said:
Just tried the new version and still a no go. See the pic for the full error.
Ran with terminal emulator, gscript, and root explorer. Same error for all.
And you have the .so file from the old version thread.
.so path: /data/data/com.adobe.flashplayer/lib/libflashplayer.so
ICS Leak .012.
busybox 1.19.3
Click to expand...
Click to collapse
Weard here is the output I got running a test edit. I used the same 2.01 script just modified so it doesn't write to my adobe flash. Kind of sandbox I guess. As you can see it reads and edits it fine. I'll look some more.
Command: '/mnt/sdcard/FLASHEX2_vtest/flashex_vtest.sh'
-------------
Out: $ exec sh '/mnt/sdcard/FLASHEX2_vtest/flashex_vtest.sh'
=================================================
Source Files Doesn't Exist
Destination File: /mnt/sdcard/FLASHEX2_vtest/DST/libflashplayer.so
Destination Ver: Adobe Flash says AND(Androiud) v1111157
Detected READ access for /mnt/sdcard/FLASHEX2_vtest/DST/libflashplayer.so
Created /mnt/sdcard/FLASHEX2_vtest/cache Sucessfully... Checking...
/mnt/sdcard/FLASHEX2_vtest/DST/libflashplayer.so preparing to copy and edit file........
Copy: /mnt/sdcard/FLASHEX2_vtest/cache/libflashplayer_PREMOD looks good =================================================
Preparing to create a hexdump.........
Dont panic...This could take over a minute on a Tegra 2..
Its Converting an 8MB or so Binary on a little tablet...Just wait its fine Created a hexdump of /mnt/sdcard/FLASHEX2_vtest/cache/libflashplayer_PREMOD
=================================================
Preparing to edit /mnt/sdcard/FLASHEX2_vtest/cache/libflashplayer_HEXDUMP..
This might take a minute too.... /mnt/sdcard/FLASHEX2_vtest/cache/libflashplayer_HEXDUMP has been edited... =================================================
Converting /mnt/sdcard/FLASHEX2_vtest/cache/libflashplayer_EDITED to binary...
Binary File: /mnt/sdcard/FLASHEX2_vtest/WIN_libflashplayer.so created...
Checking Binary file /mnt/sdcard/FLASHEX2_vtest/WIN_libflashplayer.so... =================================================
HEXEDIT SUCCESSFUL File: /mnt/sdcard/FLASHEX2_vtest/WIN_libflashplayer.so now reads as Version: WIN 11,1,115,7
Sent from my A100 using XDA
I'm at a bit of a loss as to why it's not working for you Joecascio2000. I'm still looking into it.
I can confirm if I copy your libflashplayer.so v 11.1.115.7 to my device and run the script on it. I AM able to edit the file and get a good binary at the end. I was able to run it via Terminal IDE, Terminal Emulator, and Script Manager.
Going by the error your getting I would say the issue could be related to Busybox. I know you say you have 1.19.3(same as mine)
what happens if you try this from a Terminal
strings /data/data/com.adobe.flashplayer/lib/libflashplayer.so | grep "AND 1[0-2],[0-9]*"
You should get back a list of strings out of the binary, and one of them should say something like "AND 11,1,115,7"
If that doesnt return the correct line, what does this return
strings /data/data/com.adobe.flashplayer/lib/libflashplayer.so | grep "AND 1"
This should return "AND 11,1,115,7" if it doesn't then I would take a closer look at your strings, and grep binaries which would indicate a possible issue with your copy of Busybox or maybe your $PATH as it could effect what version gets used when running a shell command.
I still feel very confused by it working on my device and not on yours with the same file. However I also feel confident that since it works on my A100 we can get it working on yours too without much hassle. We just need to figure out what the deal is.
NoSudo said:
Sent from my A100 using XDA
Click to expand...
Click to collapse
Yeah so weird. I just tried it again after uninstalling flash and re-installing it. Same error. Maybe I'm executing it wrong. This is what I put:
su
sh /mnt/sdcard/Flashex2/flashex201.sh
It does seem to work, just give me an error with the .so file.
EDIT: and both string lines return "no such file or director". I just copy and pasted them in, maybe I did something wrong?...maybe its busybox...?
I just copy and pasted them in, maybe I did something wrong?
Click to expand...
Click to collapse
copy and past of the strings command above should work yes. You can even just run the following
strings /data/data/com.adobe.flashplayer/lib/libflashplayer.so
If that give you bad command or something then you have an issue with either Busybox or your $PATH
$PATH is a special variable that unix/linux/android uses to store the locations of programs like grep, strings, etc. It specifies various directories commands are stored in. If the directory strings is stored in IS NOT in your path the script will not be able to access the command, so I can't say at this point which issue it in fact is, but I'm 99% sure it's one of those two things at this point.
That error is kinda old and can be erroneous. I'll look at that area a little closer later and see.
If you rerun the script after a successful edit it will tell you if it was successful BTW. If /data/data/com.adobe.flashplayer/lib/libflashplayer.so is already edited and is the same version as the WIN_libflashplayer.so Source file it will just print out a message that displays the actual version string from inside both files. The output will look somthing like this
Source File: /2.01FLASHEX_Dev/Lib_Version_Testing/WIN_libflashplayer.so
Source Ver: Adobe Flash says WIN(Windows) v1111157
Destination File: /2.01FLASHEX_Dev/Lib_Version_Testing/DST/libflashplayer.so
Destination Ver: Adobe Flash says WIN(Windows) v1111157
=================================================
It looks like you dont need make any further changes at this time.
Make sure you have set your browser to Desktop in settings(try Dolphin HD)
a
Joecascio2000 said:
Yeah so weird. I just tried it again after uninstalling flash and re-installing it. Same error. Maybe I'm executing it wrong. This is what I put:
su
sh /mnt/sdcard/Flashex2/flashex201.sh
It does seem to work, just give me an error with the .so file.
EDIT: and both string lines return "no such file or director". I just copy and pasted them in, maybe I did something wrong?...maybe its busybox...?
Click to expand...
Click to collapse
It could be. If you don't have a "strings" command the script wont work for you in it's current state. I made extensive use of strings to read info out of the binary files for version checking and to confirm the edit.
The error you got is something you could get from no strings command. It could also just be that the location "strings" is installed if it IS NOT in your $PATH for your ENV this would be a simple fix, in fact I'm tempted to add a PATH="" export PATH line back into the script just in case of stuff like this. I had removed it thinking it overkill.
Two diffrent folks seem to have a Busybox installer available via play.google.com. I use the one from J Rummy because it's only 1.99 for the Pro version instead of 4.99 and so far it has all the features I want and even has 1.19.4 available currently. It sounds like you may just need to figure out the location of the strings command and make sure that directory is exported as part of your $PATH. Let me know if would like assistance figuring this out.
NoSudo said:
It could be. If you don't have a "strings" command the script wont work for you in it's current state. I made extensive use of strings to read info out of the binary files for version checking and to confirm the edit.
The error you got is something you could get from no strings command. It could also just be that the location "strings" is installed if it IS NOT in your $PATH for your ENV this would be a simple fix, in fact I'm tempted to add a PATH="" export PATH line back into the script just in case of stuff like this. I had removed it thinking it overkill.
Two diffrent folks seem to have a Busybox installer available via play.google.com. I use the one from J Rummy because it's only 1.99 for the Pro version instead of 4.99 and so far it has all the features I want and even has 1.19.4 available currently. It sounds like you may just need to figure out the location of the strings command and make sure that directory is exported as part of your $PATH. Let me know if would like assistance figuring this out.
Click to expand...
Click to collapse
When I open terminal emulator the first line reads:
[email protected]:/ $ export PATH=/data/local/bin: $PATH
Also, I can't update busybox because for my current root method 1.19.3 is required.
Joecascio2000 said:
When I open terminal emulator the first line reads:
[email protected]:/ $ export PATH=/data/local/bin: $PATH
Also, I can't update busybox because for my current root method 1.19.3 is required.
Click to expand...
Click to collapse
You don't need a newer version of Busybox I'm running the same version.
it's your $PATH I will post an updated version that includes an Export PATH line to resolve after I eat some dinner.
for now you can copy/paste this into a terminal before running the script. Im guessing if you run that, then the script it will work
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/system/sbin:/system/xbin:/system/bin:/data/local/bin:/vendor/bin; export PATH
Darn...still isn't working. Lol my tab hates me. See the pic I think its a little different.
here's a link the one below is a little low res: http://i.imgur.com/uP9ZR.png
Joecascio2000 said:
Darn...still isn't working. Lol my tab hates me. See the pic I think its a little different.
here's a link the one below is a little low res: http://i.imgur.com/uP9ZR.png
Click to expand...
Click to collapse
It looks like you might still be missing the strings command. Because it doesnt look like anything is getting passed to grep. It looks like strings didnt run, so grep tried to look for the search expression as a file name.
what do you get if you type
ls -la /system/xbin/strings
or even just
ls -la /system/xbin
I show a symbolic link for /system/xbin/strings that points to Busybox. If it's in another location with your version of Busybox you just need to make sure the strings command is located in the path you use.
If you dont have a strings command at all for some reason since you have the same version of Busybox 1.19.3 you should be able to just make a Symbolic Link in /system/xbin(or what ever space you are configured to use) called strings that points to busybox. All those buxybox commands are symlinks to the same binary file in reality.
NoSudo said:
It looks like you might still be missing the strings command. Because it doesnt look like anything is getting passed to grep. It looks like strings didnt run, so grep tried to look for the search expression as a file name.
what do you get if you type
ls -la /system/xbin/strings
or even just
ls -la /system/xbin
I show a symbolic link for /system/xbin/strings that points to Busybox. If it's in another location with your version of Busybox you just need to make sure the strings command is located in the path you use.
If you dont have a strings command at all for some reason since you have the same version of Busybox 1.19.3 you should be able to just make a Symbolic Link in /system/xbin(or what ever space you are configured to use) called strings that points to busybox. All those buxybox commands are symlinks to the same binary file in reality.
Click to expand...
Click to collapse
Both commands showed: not found, however, I looked in /system/xbin/ and busybox and strings are in that folder. Also, right under strings is ( -> busybox )
Joecascio2000 said:
Both commands showed: not found, however, I looked in /system/xbin/ and busybox and strings are in that folder. Also, right under strings is ( -> busybox )
Click to expand...
Click to collapse
Yep the
strings --> busybox
is the way strings and the other Busybox commands look the
"--> Busybox" is to show what it links to, but the name is still strings. It's sorta like a shortcut in windows in a way.
Anyway that means you should be able to use strings try copy/paste this before you run the script in the same terminal.
PATH=$PATH:/system/xbin; export PATH
that take what ever you currently have for a $PATH and add /system/xbin to it
you can view your $PATH by typing
echo $PATH
Either way if your Busybox is properly installed into /system/xbin this should return a few lines out the binary. Just to confirm it's a working command on your system.
/system/xbin/strings /data/data/com.adobe.flashplayer/lib/libflashplayer.so | grep "AND"
I will come up with an up date to check for the location of Busybox and use hard paths for the commands, later in the week. That should avoid this issue coming up in the future.
First off thank you for helping with my pain-in-the-you-know-what tablet.
But sadly still a no go. I did get some more info though: http://i.imgur.com/oVxBz.png
It showed AND 11,1,115,7.
I think it's either the way I'm putting in the commands or the way my tab is rooted.
Joecascio2000 said:
First off thank you for helping with my pain-in-the-you-know-what tablet.
But sadly still a no go. I did get some more info though: http://i.imgur.com/oVxBz.png
It showed AND 11,1,115,7.
I think it's either the way I'm putting in the commands or the way my tab is rooted.
Click to expand...
Click to collapse
First off, Your very welcome. I actually enjoy this kinda stuff as long as I have time.
Next, Since it DID respond with AND 11,1,115,7 I am sure you CAN use the script, once updated. I will be working on an update this weekend. I may have a revised version made today, if I get an extra hour to dedicate to make the changes.
The issue seems to be, for what ever reason your device is having an issue with /system/xbin not being in your PATH or PATH and ENV not working as it should, BUT since /system/xbin/busybox and the symlink /system/xbin/strings both work when you type the full path, it's not a big deal.
I'm also going to try to write in a feature to test the location and version of Busybox and make sure it lists "strings" as a defined function, so the script can identify and resolve the issue when possible.
Updated Version should resolve any issues with the script not being able to use strings, grep etc on some systems.
Also check here for information on configuring Terminal Emulator to work correctly with Busybox. This I belive would get the old script working for those that had issues also for what it's worth.
NoSudo said:
Updated Version should resolve any issues with the script not being able to use strings, grep etc on some systems.
Also check here for information on configuring Terminal Emulator to work correctly with Busybox. This I belive would get the old script working for those that had issues also for what it's worth.
Click to expand...
Click to collapse
This is with the new version 2.02 and after configuring Terminal Emulator:
http://i.imgur.com/Rb458.png
Joecascio2000 said:
This is with the new version 2.02 and after configuring Terminal Emulator:
http://i.imgur.com/Rb458.png
Click to expand...
Click to collapse
Man I am at a total loss as to what your system is doing. That just doesn't make any sense at all. Are you running the script or Copy/Pasting lines into Terminal? What Busybox are you running anyway, not the version where did you get it? It seems totally defective honestly.
The script should work fine for you at this point TBH. Heck it works for me on my Linux PC too when I change the paths, and swap out xxd for hexdump and change the pattern format.
At this point I can only conclude that either you have a bad version of Busybox or you are doing something wrong.
Here is an example of what I mean
BUSYBOXPATH="/system/xbin"
if [ -e "$BUSYBOXPATH/busybox" ]&&[ -e "$BUSYBOXPATH/grep" ]; then
echo "Found BusyBox in $BUSYBOXPATH"
BSYBX_VER=`$BUSYBOXPATH/busybox | $BUSYBOXPATH/grep "BusyBox v"`
echo "Version: $BSYBX_VER"
else
echo "Unable to confirm location of BusyBox, please configure the script"
exit 3
fi
This statement says if /system/xbin/busybox and /system/xbin/busybox exist to echo "Found" etc.
Your output has those lines, so those commands HAVE to exist in those locations or it would respond with
Unable to confirm location of BusyBox, please configure the script.
However the script is unable to read the Version line off busybox because busybox isnt spitting out anything or maybe it's been modified and no longder displays the correct response. Again even a Desktop PC with Linux on it get's this response from Busybox.
What happens when you just type
/system/xbin/busybox
Do you get anything?
You should get something like;
$ busybox
BusyBox v1.19.3 (2011-11-22 01:37:10 MST) multi-call binary
Copyright (C) 1998-2011 Erik Andersen, Rob Landley, Denys Vlasenko
and others. Licensed under GPLv2.
See source distribution for full notice.
Usage: busybox [function] [arguments]...
or: function [arguments]...
BusyBox is a multi-call binary that combines many common Unix
utilities into a single executable. Most people will create a
link to busybox for each function they wish to use and BusyBox
will act like whatever it was invoked as!
Currently defined functions:
[, [[, addgroup, adduser, adjtimex, ar, arping, ash, awk,
basename, brctl, bunzip2, bzcat, bzip2, cal, cat, chgrp,
chmod, chown, chroot, chvt, clear, cmp, cp, cpio, crond,
crontab, cut, date, dc, dd, deallocvt, delgroup, deluser,
df, dirname, dmesg, dos2unix, dpkg, dpkg-deb, du, dumpkmap,
echo, ed, egrep, eject, env, expand, expr, false, fbset,
fdflush, fdisk, fgrep, find, fold, free, freeramdisk, fsck.minix,
ftpget, ftpput, getopt, getty, grep, gunzip, gzip, halt,
head, hexdump, hostid, hostname, httpd, hwclock, id, ifconfig,
ifdown, ifup, init, ip, ipcalc, kill, killall, klogd, last,
length, less, linuxrc, ln, loadfont, loadkmap, logger, login,
logname, logread, losetup, ls, lzmacat, makedevs, md5sum,
mdev, mesg, microcom, mkdir, mkfifo, mkfs.minix, mknod,
mkswap, mktemp, more, mount, mt, mv, nameif, nc, netstat,
nslookup, od, openvt, passwd, patch, pidof, ping, ping6,
pivot_root, poweroff, printf, ps, pwd, rdate, readlink,
realpath, reboot, renice, reset, rm, rmdir, route, rpm,
rpm2cpio, run-parts, sed, setkeycodes, sh, sha1sum, sleep,
sort, start-stop-daemon, static-sh, strings, stty, su, sulogin,
swapoff, swapon, sync, syslogd, tac, tail, tar, tee, telnet,
telnetd, test, tftp, time, top, touch, tr, traceroute, true,
tty, udhcpc, umount, uname, uncompress, unexpand, uniq,
unix2dos, unlzma, unzip, uptime, usleep, uudecode, uuencode,
vconfig, vi, vlock, watch, watchdog, wc, wget, which, who,
whoami, xargs, yes, zcat
Note: Busybox in Android will have a slightly diffrent list of functions but the version line etc is the same.
NoSudo said:
Man I am at a total loss as to what your system is doing. That just doesn't make any sense at all. Are you running the script or Copy/Pasting lines into Terminal? What Busybox are you running anyway, not the version where did you get it? It seems totally defective honestly.
The script should work fine for you at this point TBH. Heck it works for me on my Linux PC too when I change the paths, and swap out xxd for hexdump and change the pattern format.
At this point I can only conclude that either you have a bad version of Busybox or you are doing something wrong.
Click to expand...
Click to collapse
The command I'm using is
Su
Sh /mnt/sdcard/flashex2/flashex202.sh
I think it might be my version of busybox. I think its a modified version because rooting ICS on the a100 was a difficult process. It also says not to update busybox because root will be broken.
Sent from my A100 using XDA Premium HD app
I have managed to get CIFS working on stock Nexus 10.
It's quite a bit more problematic on the Nexus 10 than normal.
There are 2 main issues to deal with. Newer versions of the Linux kernel require a UNC variable to be passed to them and the current version of busybox doesn't do this. There is a patch out. I have extracted the patched busybox binary from craigacomez's AOSP Nexus 10 rom.
(Check it out here: http://forum.xda-developers.com/showthread.php?t=1998585 ). Otherwise it should work on the stock mount command if you specify the unc= mount option with the share.
The other issue is the multiuser stuff. If you execute the mount command from inside Terminal Emulator (or a script program) it looks like it mounts ok and you can 'ls' in the directory but it doesn't work for Android apps, they just see an empty directory but if you do it via a 'adb shell' it works fine in Android apps. My theory is ADB is outside of the multiuser stuff. adb actually ships on the device.
1) Unlock bootloader (fastboot oem unlock)
2) Flash recovery adb flash recovery whatever.img
3) Root device (flash CWM-SuperSU-0.98.zip)
4) Install BusyBox (from the market)
5) Copy md4.ko and cifs.ko to device. The files can go anywhere you like. In this example I will just use the root of the sdcard. Some people like them in /system/modules or /system/lib/modules
6) busybox mount -o rw,remount /
7) adb shell
8) Override /system/bin/busybox with the patched version (maybe move it first so it's backed up).
9) insmod /sdcard/md4.ko
10) insmod /sdcard/cifs.ko
11) busybox mount -t cifs -o username=MYUSER,password=MYPASS,unc=\\\\192.168.1.1\\storage //192.168.1.1/storage /data/media/0/cifs/Storage
You will need to manually preform the last 3 commands each time you reboot the device from a adb shell.
NOTE: You can probably get rid of the -o flags completely. In theory the patched version of busybox makes the UNC bit redundant. Possibly you can use the stock busybox with the UNC flag and avoid using the patched one totally. I have just included it to be sure.
Make sure you type 'busybox mount' not 'mount', by default they are different binaries. Otherwise you can remove the /system/bin/mount command and make a new one linking /system/bin/mount to /system/bin/busybox.
Possibly there is some way to get the mount working in the multiuser environment without requiring busybox. If you figure it out please tell ☺
Some threads on the issue:
http://forum.xda-developers.com/showthread.php?p=34397868#post34397868
http://forum.xda-developers.com/showthread.php?t=733490&page=6
http://www.mail-archive.com/[email protected]/msg17650.html
The modules are for 3.4.5-g4e6298b.
EDIT: I added nls_utf8.ko by request
EDIT2: Since adb comes on the device, it is possible to use it to connect to local host:
1) Install cifs modules to /system/lib/modules
2) Install Script Manager from the play store
3) Copy script to device
4) Start SManager
5) Find your script and open it.
6) Tick the su box
7) Hit save
8) Goto home sccreen
9) Add a 'SMShortcuts' widget to your home screen
10) "Add one script shortcut"
11) Choose your script
12) Optionally use this pretty icon ☺
13) Give it a nice name like "Mount Shares"
Here is a shell script...
Code:
#!/system/bin/sh
# Your settings here
USERNAME="USERNAME"
PASSWORD="PASSWORD"
IPADDRESS="192.168.1.1"
SHARE="storage"
MOUNT_POINT="/data/media/0/cifs/Storage"
# If you need to change the mount command edit this
MOUNT_CMD="\
mount -t cifs \
\
-o \
user=$USERNAME,\
password=$PASSWORD,\
unc=\\\\\\\\\\\\\\\\$IPADDRESS\\\\\\\\$SHARE \
\
//$IPADDRESS/$SHARE \
$MOUNT_POINT"
COMMANDS="\
insmod /system/lib/modules/md4.ko; \
insmod /system/lib/modules/nls_utf8.ko; \
insmod /system/lib/modules/cifs.ko; \
$MOUNT_CMD
"
# Starting ADB...
PORT=`getprop service.adb.tcp.port`
setprop service.adb.tcp.port 5555
adb kill-server
adb start-server
stop adbd
start adbd
adb connect localhost
# Make sure we only use the first device (sometimes there is more than one)
SERIAL=`adb devices | head -n2 | tail -n1 | cut -f1`
if [ "$SERIAL" = "" ] ; then
echo "ERROR: Could not find ADB device.";
fi
echo Mounting share via adb...
adb -s $SERIAL shell su root -c "$COMMANDS"
# If you started adb, then stop it here for security:
adb disconnect localhost
stop adbd
setprop service.adb.tcp.port $PORT
start adbd
RESULT=`mount | grep $MOUNT_POINT`
if [ "$RESULT" = "" ] ; then
echo "Mounting failed..."
else
echo "Mounting sucess!"
fi
echo Done... You may close this script window.
EDIT3: Added usbserial.ko, option.ko and usb_wwan.ko
EDIT4: Some users have reported that the need to modify the script to get it working with their version of SU.
EDIT5: I have uploaded modules for 4.2.2, kernel 3.4.5-gaf9c307 but I haven't actually tested them myself (still on 4.2.1). Apparently the adb loophole has also been patched but it is possible to reenable it by putting a RSA key onto the device. Check out this set of instructions here.
EDIT6: I have updated to 4.2.2 on my Nexus 10 and can confirm the new modules work.
You must setup the adbkey or you will get a "device: offline" message. By default adb when adb first runs it tries to create the keys in the $HOME dir which is /data/.android, but the data directory isn't accessible by the 'shell' user.
I got it working simply by setting the HOME variable to /sdcard and restarting the adb server in the script then Android popped up a query (I have update the script above).
IMPORTANT: The Android Media scanner recursively scans folders for media to add the the database so it shows up in programs like Google Music. On large shares this can be a long process and use heaps of battery life. To prevent this add a blank file with the name ".nomedia" to the root of your mount points (or each individual share if you aren't used 1 folder for all your mounts). This will stop music showing up in programs though.
If you find that the device stops responding (the launcher might work but apps fail to load) or you get reboots (often after the previous bug) this is probably due to a bad wifi connection.
Is it posible to make a CWM flash file?
Great
This is great progress, do you know if there is some way I can use the same to mount my usb OTG with ADB shell so that I can read/write to my pen drives from my android apps/file managers?
I have tried using the busybox mount but that didn't work, do I need the modified mount or will none of this help anyway?
alias_neo said:
This is great progress, do you know if there is some way I can use the same to mount my usb OTG with ADB shell so that I can read/write to my pen drives from my android apps/file managers?
I have tried using the busybox mount but that didn't work, do I need the modified mount or will none of this help anyway?
Click to expand...
Click to collapse
Code:
busybox mount -t FSTYPE /dev/block/sda1 MOUNT_LOCATION
Example:
Code:
busybox mount -t vfat /dev/block/sda1 /storage/sdcard0/usbotg
craigacgomez said:
Code:
busybox mount -t FSTYPE /dev/block/sda1 MOUNT_LOCATION
Example:
Code:
busybox mount -t vfat /dev/block/sda1 /storage/sdcard0/usbotg
Click to expand...
Click to collapse
How is this different to what I'm doing already? Mounting this way doesn't work, only the process that mounted it can see the files.
Although I don't have nexus 10, I am having the similar mounting issue on my nexus 7 until I saw this post.
Advise about "adb shell" really helps me resolve the multiuser issue.
Thanks for sharing.
Any chance you could post the nls-utf8.ko for utf8 support?
Thanks!
H3g3m0n said:
1) Unlock bootloader (adb oem unlock)
Click to expand...
Click to collapse
Isn't it fastboot that unlocks the bootloader, and not adb? (unless adb can do it too; I've only heard of fastboot though)
momulah said:
Is it posible to make a CWM flash file?
Click to expand...
Click to collapse
Not a high priority right now as currently you need to do the manual adb shell stuff by hand to get things mounted, a little extra setup work isn't a huge difference.
alias_neo said:
How is this different to what I'm doing already? Mounting this way doesn't work, only the process that mounted it can see the files.
Click to expand...
Click to collapse
Are you mounting in a 'adb shell' or locally in something like terminal emulator? My OTG cable won't be here for a while so I can't really test myself.
weasal said:
Any chance you could post the nls-utf8.ko for utf8 support?
Thanks!
Click to expand...
Click to collapse
Posted, haven't tested it but it seemed to insmod fine.
espionage724 said:
Isn't it fastboot that unlocks the bootloader, and not adb? (unless adb can do it too; I've only heard of fastboot though)
Click to expand...
Click to collapse
Yeh typoed, i'll fix that now.
Currently I'm thinking of ways to hack around the 'adb shell' requirement, as a basic hackish fix would be to make a program that turns on adb wireless, connects to the local device and issues a command. Of course possibly there is a 'proper' way to do mounting. Another lazy way for those with their shares on a Linux system would be a script issue commands to the server via a ssh, getting it to log back into the phone and mount stuff over adb wireless.
alias_neo said:
How is this different to what I'm doing already? Mounting this way doesn't work, only the process that mounted it can see the files.
Click to expand...
Click to collapse
I've been working on getting OTG support natively in my AOSP based custom ROM and I have had some success... check out my ROM for details
H3g3m0n said:
Currently I'm thinking of ways to hack around the 'adb shell' requirement, as a basic hackish fix would be to make a program that turns on adb wireless, connects to the local device and issues a command. Of course possibly there is a 'proper' way to do mounting. Another lazy way for those with their shares on a Linux system would be a script issue commands to the server via a ssh, getting it to log back into the phone and mount stuff over adb wireless.
Click to expand...
Click to collapse
Just wanted to thank H3g3m0n as I was able to successfully mount over adb. Also came up with a workaround to bypass connecting to a PC, grabbed the arm fastboot binary from this thread and installed it on my nexus 7. Used it to connect wireless adb on the 10 and ran the mount commands on the 7.
H3g3m0n said:
Posted, haven't tested it but it seemed to insmod fine.
Click to expand...
Click to collapse
Thanks, I'll give it a try!
You might find my posts #156 and #162 at http://forum.xda-developers.com/showthread.php?t=1781411&page=17 helpful.
Sorry for the noob ? ...
What are the KO's do?
What is the practical use of then.
Sorry I did a little research on then but I could not find an answer in layman terms
Thank you for allowing me to learn.
Sent from my toroplus using xda premium
spdwiz18 said:
Sorry for the noob ? ...
What are the KO's do?
What is the practical use of then.
Sorry I did a little research on then but I could not find an answer in layman terms
Thank you for allowing me to learn.
Sent from my toroplus using xda premium
Click to expand...
Click to collapse
http://en.wikipedia.org/wiki/Loadable_kernel_module
craigacgomez said:
http://en.wikipedia.org/wiki/Loadable_kernel_module
Click to expand...
Click to collapse
That helps allot.... Now i have an understanding of ko's in general. But what specificly do the modules this thread refers to do and the practical use of then. Thanks foot the help.
Sent from my toroplus using xda premium
spdwiz18 said:
That helps allot.... Now i have an understanding of ko's in general. But what specificly do the modules this thread refers to do and the practical use of then. Thanks foot the help.
Sent from my toroplus using xda premium
Click to expand...
Click to collapse
These modules are needed to enable support for CIFS (Windows share) mounts...
spdwiz18 said:
That helps allot.... Now i have an understanding of ko's in general. But what specificly do the modules this thread refers to do and the practical use of then. Thanks foot the help.
Sent from my toroplus using xda premium
Click to expand...
Click to collapse
Basically you can setup a shared folder from a remote computer. It allows you to have files on another system accessible as if it was part of the internal storage in the device.
Just found out that Android ships with the adb binary on the device itself (after crosscompiling it myself :/, oh well the experience was useful).
It should be possible to setup a script to start the adb server, connect to the localhost and execute the mount without too much difficulty.
Ok, added a script and instructions to the front page for simple on tablet mounting.
Note: Found out there is one small problem with this mode - "adb logcat" is not working. As a workaround run "adb shell su -c logcat"
The Problem:
I am a heavy ADB user (QtADB) and was having problems getting it to mount /system rw and pushing/editing files in real time. Had no problems doing all this by mounting /system in recovery but rebooting the phone just to make some system files changes is kind of inconvenient. So I did some research and found this:
HEXcube said:
The real reason behind adb root or insecure adb is the adb daemon in the device running at root permissions. In pre-Android 4.1 versions, this is usually decided by some initialisation script(like init.rc) at boot time. The script checks for value in default.prop,local.propand other environment variables.
If it finds build.prop,default.prop or local.prop property file with ro.secure=0 adbd is allowed to run as root. You'll get adb root and hence will be able to do commands like adb remount,adb root and adb shell's prompt'll be # by default. The user may be displayed as [email protected] or [email protected] adb GUIs like Android Commander and QtADB will get to work in Root mode.
But,if it's ro.secure=1, adb daemon is made to work in secure mode, and adb won't change to root mode on issuing adb root command. However, if su binary is present in $PATH, u can still call su command from adb shell. But, it's not enough for Android Commander to get Root Access. It is possible to attain adb root through any one of the following methods:
1.For CyanoGenMod based ROMs there is an option in Settings->Developer Settings->Root access to control root access. Choose ADB only or Apps and ADB in options to get adb root.
2.Else use adbd Insecure app by chainfire if you have a rooted device. This is useful, especially for Android 4.1+ devices.
3.Or, you may manually edit default.prop to set it's value to 0, but original default.prop will be restored from boot partition everytime you reboot(this is the reason why adb Insecure cannot permanently do adb root, though there is an option to repeat the rooting procedure everytime the device boots). This method is called temporary adb root. On pre-Android 4.0 ROMs default.prop file was located in / directory. I read that from Android 4.x this file is in ramdisk and so more difficult to edit. But Android 4.0 has local.prop which is easier to modify than default.prop( See method 5)
4.For permanent adb root, you'll have to extract boot.img, change default.prop, repack and then flash it back to device.
5. In Android 4.0 there's local.prop file in /data partition. Setting ro.secure=0 in this file will do adb root permanently. Else you can set another property ro.kernel.qemu=1 in the same file. But, this value makes the system think that it is running in an android emulator. Many exploits and root methods set this property temporarily to gain root. But, it may cause side effects if used permanently. Setting ro.secure=0 is recommended. Do this command in terminal app or adb shell:
echo ro.secure=0 >/data/local.prop
or you can manually copy a local.prop file with ro.secure=0 as it's content to /data.
6.Note that method 3,4 and 5 won't work in Android 4.0 Jelly Bean onwards. According to Dan Rosenburg(drjbliss in XDA),the researcher who discovered adb root emulator exploit and many other exploits, Jelly Bean doesn't parse any property files to set the ownership of adb daemon. The stock adbd will have to be replaced with an insecure one to gain adb root. But still,as adbd is located in /sbin whose contents are reloaded everytime on reboot from boot.img, it won't be permanent.
7. For permanent adb root, you may flash an insecure boot.img(one that contains and insecure adbd)
8. If you're really desperate and can't get adb root to work with any of the above methods use an exploit. Most of the adb based rooting methods utilise some exploit to make the adb daemon run as root. By studying the exploit and implementing it you could gain adb root atleast temporarily.I'm not recommending this method but as a last resort you could try them.
Acknowledgements: Thanks to Dan Rosenberg for explaining the reasons behind adb root, especially the one in Jelly Bean.
Click to expand...
Click to collapse
Original thread: Can't get ADB Root Access in certain ROMs?
So I desided to modify my favorite kernel img and give it a try. I used Imoseyon's leanKernel but it should work with any kernel.
How To:
1. Get Android Image Kitchen and extract it to your PC;
2. Open your_favorite_kernel.zip with 7zip and extract boot.img file to Android Image Kitchen folder;
3. Drag and Drop boot.img over unpackimg.bat. Kernel is unpacked and you will see 2 new folders - ramdisk and split_img;
4. Go to ramdisk folder and open default.prop file with text editor. This probably is not necessary but just in case change ro.secure and ro.adb.secure to 0 (zero):
Code:
ro.secure=0
ro.adb.secure=0
5. Get Chainfire's adbd Insecure v1.30, open it with 7zip, in assets folder you will see 3 .png files. Extract adbd.17.png to ramdisk\sbin folder;
6. Delete original kernel adbd file and rename adbd.17.png to adbd;
7. Go back to Android Image Kitchen folder and run repackimg.bat by just click on it. This will repack the modified kernel to image-new.img file ready for flashing;
8. Rename image-new.img to boot.img and replace the original one in your_favorite_kernel.zip by Drag and Drop in 7zip window;
9. Close 7zip, copy modified your_favorite_kernel.zip to /sdcard and flash it in recovery.
10. Enjoy ADB full root access for /system;
Warnings:
I can't guarantee 100% success with this mod. I did this only with leanKernel and it works great, Haven't tried any other kernels so I am note sure how all this will end up. IT CAN SOFT BRICK YOUR PHONE!!! Keep a copy of the original kernel on your /sdcard!!!
Doing this while trying to find the correct tools for proper repack of the modified kernel sometime I was ending up with the phone not booting to Android, goes straight to download mode. Don't panic... Just remove battery, place it back, hold Volume Up + Home + Power buttons booting to recovery. Flash the original kernel and you are back all good.
The usual stuff:
I AM NOT RESPONSIBLE FOR ANYTHING ... bla-bla-bla...
All the credits goes for the developers created the great tools used for this mod.
If you think it's useful fill free to say THEM and me thanks.
@nijel8
Thanks for sharing this. I will test this out on my device. If successful I would like to share this over in the One SV forums.
I never even considered this idea smh lol.
Edit: confirmed working
Thanks so much for sharing this. I too use adb a lot and need an insecure kernel.
Success. Nexus 5 and I changed Franco kernel to insecure.
Franco kernels used to be insecure but none thus far have been on the N5. Any reason behind this?
Fuzzy13 said:
Thanks so much for sharing this. I too use adb a lot and need an insecure kernel.
Success. Nexus 5 and I changed Franco kernel to insecure.
Franco kernels used to be insecure but none thus far have been on the N5. Any reason behind this?
Click to expand...
Click to collapse
My guess is devs play it safe so average Joe don't mess with /system... ha-ha
btw is "adb logcat" working for you?
Only problem with the adbd from chainfires ADB Insecure is that it breaks adb wireless,any solution ?
nijel8 said:
Note: Found out there is one small problem with this mode - "adb logcat" is not working. As a workaround run "adb shell su -c logcat"
The Problem:
I am a heavy ADB user (QtADB) and was having problems getting it to mount /system rw and pushing/editing files in real time. Had no problems doing all this by mounting /system in recovery but rebooting the phone just to make some system files changes is kind of inconvenient. So I did some research and found this:
Original thread: Can't get ADB Root Access in certain ROMs?
So I desided to modify my favorite kernel img and give it a try. I used Imoseyon's leanKernel but it should work with any kernel.
How To:
1. Get Android Image Kitchen and extract it to your PC;
2. Open your_favorite_kernel.zip with 7zip and extract boot.img file to Android Image Kitchen folder;
3. Drag and Drop boot.img over unpackimg.bat. Kernel is unpacked and you will see 2 new folders - ramdisk and split_img;
4. Go to ramdisk folder and open default.prop file with text editor. This probably is not necessary but just in case change ro.secure and ro.adb.secure to 0 (zero):
Code:
ro.secure=0
ro.adb.secure=0
5. Get Chainfire's adbd Insecure v1.30, open it with 7zip, in assets folder you will see 3 .png files. Extract adbd.17.png to ramdisk\sbin folder;
6. Delete original kernel adbd file and rename adbd.17.png to adbd;
7. Go back to Android Image Kitchen folder and run repackimg.bat by just click on it. This will repack the modified kernel to image-new.img file ready for flashing;
8. Rename image-new.img to boot.img and replace the original one in your_favorite_kernel.zip by Drag and Drop in 7zip window;
9. Close 7zip, copy modified your_favorite_kernel.zip to /sdcard and flash it in recovery.
10. Enjoy ADB full root access for /system;
Warnings:
I can't guarantee 100% success with this mod. I did this only with leanKernel and it works great, Haven't tried any other kernels so I am note sure how all this will end up. IT CAN SOFT BRICK YOUR PHONE!!! Keep a copy of the original kernel on your /sdcard!!!
Doing this while trying to find the correct tools for proper repack of the modified kernel sometime I was ending up with the phone not booting to Android, goes straight to download mode. Don't panic... Just remove battery, place it back, hold Volume Up + Home + Power buttons booting to recovery. Flash the original kernel and you are back all good.
The usual stuff:
I AM NOT RESPONSIBLE FOR ANYTHING ... bla-bla-bla...
All the credits goes for the developers created the great tools used for this mod.
If you think it's useful fill free to say THEM and me thanks.
Click to expand...
Click to collapse
Some time ago I 've tried to do this for a Nexus6, running Marshmallow.
Android has tighten up security, so I got bootloops.
Anyone has managed to do this?
Thank you!
nijel8 said:
Note: Found out there is one small problem with this mode - "adb logcat" is not working. As a workaround run "adb shell su -c logcat"
The Problem:
I am a heavy ADB user (QtADB) and was having problems getting it to mount /system rw and pushing/editing files in real time. Had no problems doing all this by mounting /system in recovery but rebooting the phone just to make some system files changes is kind of inconvenient. So I did some research and found this:
Original thread: Can't get ADB Root Access in certain ROMs?
So I desided to modify my favorite kernel img and give it a try. I used Imoseyon's leanKernel but it should work with any kernel.
How To:
1. Get Android Image Kitchen and extract it to your PC;
2. Open your_favorite_kernel.zip with 7zip and extract boot.img file to Android Image Kitchen folder;
3. Drag and Drop boot.img over unpackimg.bat. Kernel is unpacked and you will see 2 new folders - ramdisk and split_img;
4. Go to ramdisk folder and open default.prop file with text editor. This probably is not necessary but just in case change ro.secure and ro.adb.secure to 0 (zero):
Code:
ro.secure=0
ro.adb.secure=0
5. Get Chainfire's adbd Insecure v1.30, open it with 7zip, in assets folder you will see 3 .png files. Extract adbd.17.png to ramdisk\sbin folder;
6. Delete original kernel adbd file and rename adbd.17.png to adbd;
7. Go back to Android Image Kitchen folder and run repackimg.bat by just click on it. This will repack the modified kernel to image-new.img file ready for flashing;
8. Rename image-new.img to boot.img and replace the original one in your_favorite_kernel.zip by Drag and Drop in 7zip window;
9. Close 7zip, copy modified your_favorite_kernel.zip to /sdcard and flash it in recovery.
10. Enjoy ADB full root access for /system;
Warnings:
I can't guarantee 100% success with this mod. I did this only with leanKernel and it works great, Haven't tried any other kernels so I am note sure how all this will end up. IT CAN SOFT BRICK YOUR PHONE!!! Keep a copy of the original kernel on your /sdcard!!!
Doing this while trying to find the correct tools for proper repack of the modified kernel sometime I was ending up with the phone not booting to Android, goes straight to download mode. Don't panic... Just remove battery, place it back, hold Volume Up + Home + Power buttons booting to recovery. Flash the original kernel and you are back all good.
The usual stuff:
I AM NOT RESPONSIBLE FOR ANYTHING ... bla-bla-bla...
All the credits goes for the developers created the great tools used for this mod.
If you think it's useful fill free to say THEM and me thanks.
Click to expand...
Click to collapse
Can this work with Note 3 N900 (exynos kernel) sir? Or just only for snapdragon chipsrt kernel? Thanks sir!
does this work on locked bootloader devices?
a custom kernel exists for my devices (G928A) with AdB Insecure , but its got a few qwirks that need worked out ( that require fully rooting the device )
all im looking for is insecure Adb, ( which I have tried to change ro.secure=0 and adb.secure=0 both with Echo commands in shell) for temporary adb root on the device
how did ManIT make his custom kernel undetectable/passable by the bootloader but with modifications?
if this will work ... then I will just edit an image pulled from the devices current boot.img and do the same adb insecure edit to the ramdisk.. to update the root flash kernel... shes a bit dated.... and there isn't one for marshmallow specific one yet.
I was also reading about a filler file due to block sizing when repacking the image ... so I created a copy file and edited the contents till it zipped back to within 1kb of data... will this be detected and flagged at boot?
help please
Great tutorial.
I did it by following the steps in your post.
Thank you for clear and precise explanation.
Anybody have a pre-patched / adb root enabled adbd at hand (10.0.36 or higher - current is 10.0.41 I think)?