Related
Is there something additional I need to do to actually gain "root"? I can't install the clear lock screen from smurf, can't wireless tether.... Don't know what's going on, all of this used to work fine on my Hero - what am I missing?
I don't think you have given enough info for people to even know what the problem is that you are having. Maybe you could be a bit more specific. Do you have superuser installed?
Sorry about that.... basically im on stock 2.2 with supposed "root" using regaws method - problem is, I can't use anything though; adb, wireless tether, I can't flash a lock screen (just sits at boot screen).
Download superuser app from the market place or google it if it is not on your phone already. Install it then launch an app that requires root. You will know real fast if you are rooted.
DomSim said:
Download superuser app from the market place or google it if it is not on your phone already. Install it then launch an app that requires root. You will know real fast if you are rooted.
Click to expand...
Click to collapse
I do have SU... that's the thing but when I try ADB Remount it says device not permitted or something like that, can't remember exactly
You could try full wipe / reflash.
Maybe try a diff ROM too.
You need to flash the engineering bootloader (0.76.2000). Go to Toast's method part 2 and follow the steps to unlock nand. You need the engineering bootloader in order to access /system.
Sent from my PC36100 using XDA App
sombdy said:
You need to flash the engineering bootloader (0.76.2000). Go to Toast's method part 2 and follow the steps to unlock nand. You need the engineering bootloader in order to access /system.
Sent from my PC36100 using XDA App
Click to expand...
Click to collapse
Nand root... I was looking for more info on this, I thought it was the culprit, thanks - ill post results, hopefully good
Edit: Won't work "Permission denied" .... this is really starting to piss me off grrr
DirtyShroomz said:
Nand root... I was looking for more info on this, I thought it was the culprit, thanks - ill post results, hopefully good
Edit: Won't work "Permission denied" .... this is really starting to piss me off grrr
Click to expand...
Click to collapse
Have you run Unrevoked Forever? This will turn off security permissions and should then allow you to flash anything.
Sent from my PC36100 using XDA App
Ok, the reason
Code:
adb remount
doesn't work is because the boot.img isn't patched to allow that, because I forgot to at the time of posting. You still have root (as long as you actually completed the guide successfully), that's just an all time access root through adb
To acheive the same results, type
Code:
adb shell
type
Code:
su
you will then see #. thats root.
Then remount your /system partition using
Code:
mount -o rw,remount / /system
there you go.
regaw_leinad said:
Ok, the reason
Code:
adb remount
doesn't work is because the boot.img isn't patched to allow that, because I forgot to at the time of posting. You still have root (as long as you actually completed the guide successfully), that's just an all time access root through adb
To acheive the same results, type
Code:
adb shell
type
Code:
su
you will then see #. thats root.
Then remount your /system partition using
Code:
mount -o rw,remount / /system
there you go.
Click to expand...
Click to collapse
When I try to type "su" it says "Permission denied"
DirtyShroomz said:
When I try to type "su" it says "Permission denied"
Click to expand...
Click to collapse
Do you have usb debugging on?
Try the new 1 click root in the dev forum. Unrevoked 3.2. See if that doesn't do the trick.
Sent from my PC36100 using XDA App
My guess is you didn't flash the 2.2-root.zip at the end then.. That's the best I can do w/ the info you've given.
one was already asked once but i had two questions
1. Is USB Debugging turned on or off? Settings > Applications > Development
2. you are using a stock rooted rom. are you trying to use sprint's wireless tether app? Sprint's app wont work you need to download wireless tether from the market.
joebags said:
one was already asked once but i had two questions
1. Is USB Debugging turned on or off? Settings > Applications > Development
2. you are using a stock rooted rom. are you trying to use sprint's wireless tether app? Sprint's app wont work you need to download wireless tether from the market.
Click to expand...
Click to collapse
Running stock 2.2. Regaw I did flash 2.2-root at the end and I am trying to use wireless tether not Sprints hotspot
I do have superuser in my apps list and I was able to install SNeoid, Swype, Setcpu, juicedefender and a few others that may require root but it wont let me do anything via adb or install any themes/mods that come in .zips
DirtyShroomz said:
Running stock 2.2. Regaw I did flash 2.2-root at the end and I am trying to use wireless tether not Sprints hotspot
I do have superuser in my apps list and I was able to install SNeoid, Swype, Setcpu, juicedefender and a few others that may require root but it wont let me do anything via adb or install any themes/mods that come in .zips
Click to expand...
Click to collapse
ok do this in command prompt and paste the results in code tags (to save space)
Code:
adb shell ls /system/bin/
regaw_leinad said:
ok do this in command prompt and paste the results in code tags (to save space)
Code:
adb shell ls /system/bin/
Click to expand...
Click to collapse
Code:
setconsole
dumplayer
svc
e2fsck_recvy
chownto
apph
ps
id
chownThp
notify
dhcpcd
pand
renice
bugreport
snd8k
hciattach
iqfd
top
lsmod
setprop
ionice
ifconfig
iptables
kthp_proxy
logwrapper
getevent
htcipcd
su
start
iqd
wipe
ip
smd
sleep
getWiMAXPropDaemond
newfs_msdos
vdc
sync
udhcpd
pppd
rmmod
fsck_msdos
netstat
route
sound8k
rm
radiooptions
pm
logcat
setWiMAXPropDaemond
resize2fs_recvy
htc_inittest
vmstat
dvz
mmcamera_test
keystore
dmesg
system_server
linker
fbtool
reboot
sdptool
busybox
hd
iftop
insmod
bootcomplete
rild
schedtop
debuggerd
wpa_supplicant
schedtest
bluetoothd
ping
btld
ime
omx_tests
tc
sendevent
racoon
toolbox
date
bma150_usr
bootanimation
wimaxDhcpRenew
log
installd
wimax_uart
applypatch
wimaxAddRoute
dexopt
monkey
ln
getprop
album_hdmiexe
stop
surfaceflinger
uevent
akmd
monitorMTD
wimax_mtd
mv
debug_tool
servicemanager
wimaxDumpKmsg
dumpstate
ipd
DmWrapperTest
nandread
kill
gzip
chmod
rmdir
lsc_camera
dbus-daemon
run-as
netcfg
cat
htclogkernel
sh
mount
printenv
mkdir
bmgr
wimaxDhcpRelease
umount
mke2fs_recvy
dnsmasq
input
df
ioctl
am
wimaxDumpLogcat
app_process
chown
htc_timezonetest
service
netd
ls
netsharing
cam_ins_spmo
mm-venc-omx-test
dalvikvm
ser2net
dmagent
shutdown
ndc
dumpsys
mediaserver
vold
sequansd
awb_camera
dd
keypress
cmp
mscompress
wimaxDumpLastKmsg
mtpd
watchprops
ok, so "su" is in there... you should be able to
Code:
adb shell
su
and it give you a #
try opening SuperUser.apk on your phone, THEN doing the above commands. a pop up should come up on your phone saying to allow root to su
regaw_leinad said:
ok, so "su" is in there... you should be able to
Code:
adb shell
su
and it give you a #
try opening SuperUser.apk on your phone, THEN doing the above commands. a pop up should come up on your phone saying to allow root to su
Click to expand...
Click to collapse
that worked, now to get remount do i have to always use that previous command you wrote?
There's already a guide here for obtaining permanent root using VISIONary, but some folks in #G2ROOT are having issues with the way that VISIONary modifies parititons. Using rage directly is a bit cleaner, since you know exactly what it's going to touch at each step of the way. I did NOT come up with any of this on my own, I'm building completely off of work that others have done. Speaking of which-
None of this would be possible without the tireless work that scotty2 put in. He stayed with the project for well over a month, through lots of smashed hopes and dead ends, until the solution was finally found. Were it not for his work, as well as the help of a few other key folks- we wouldn't be here. He deserves our thanks and some donations! We're talking hundreds of hours of work here, a couple bucks is not too much for that. His paypal is:
[email protected]Send him some love! I'm not asking for anything myself, because I spent a half hour putting this together, and that doesn't deserve any donations!
[size=+2]G2 ROOT INSTRUCTIONS[/size]
=================================================
These are modified instructions based on the ones posted at http://bit.ly/g2root that use Visionary. A number of people have run into issues with the way that Visionary juggles around temporary partitions, and using the original root exploit is a much easier, and cleaner method for achieving permanent root. This tutorial will walk you through the rooting process by first achieving temporary root, and moving on to permanent root.
[size=+1]REQUIREMENTS[/size]
=================================================
Visionary disabled at boot or uninstalled completely
Android Terminal Emulator app
ADB
vision-combined-root.zip (Attached to this post, OR these two files: )
G2TempRoot.zip (http://forum.xda-developers.com/showthread.php?t=797042) NOTE: only download the files! Don't follow these instructions yet
vision-perm-root.zip (http://forum.xda-developers.com/showthread.php?t=833965) NOTE: again, just download the files from the thread.
In the commands to run below, $ or # represent the prompt and should NOT be entered as part of the commands.
[size=+2]VERY IMPORTANT![/size]Visionary has caused filesystem corruption for some users during the rooting process. Before attempting the instructions below, make sure that you have "auto run on boot" turned OFF, and reboot your system. Since you will not need visionary anyway after this, you might as well just uninstall visionary and reboot NOW before doing anything.
[size=+1]TEMP ROOT[/size]
=================================================
ON YOUR PC:
Unzip the G2TempRoot files to a folder. From a cmd window or terminal, navigate to that folder and execute these commands:
Code:
$ adb push su /sdcard/su
$ adb push Superuser.apk /sdcard/Superuser.apk
$ adb push rage /data/local/tmp/rage
$ adb push busybox /data/local/tmp/busybox
$ adb push root /data/local/tmp/root
$ adb shell chmod 0755 /data/local/tmp/*
ON YOUR PHONE:
Launch Terminal Emulator
/data/local/tmp/rage
Wait for the message: "Forked #### childs."
Menu > Reset Term - Terminal Emulator will exit.
Launch Terminal Emulator, it Force Closes. Launch a second time, and you'll have a root shell
**NOTE**: in the original directions from the XDA thread, you are instructed to run the /data/local/tmp/root script here. DON'T do this
just yet. Leave the terminal window open.
[size=+1]PERM ROOT[/size]
=================================================
ON YOUR PC:
unzip the vision-perm-root.zip and navigate to that folder. There will be four files. You will need to push two of these to your phone- hboot-eng.img, and one of the wpthis-[..].ko files.
If you HAVE applied the OTA update, push wpthis-OTA.ko.
If you HAVE NOT applied the OTA update, push wpthis-pre-OTA.ko.
Code:
$ adb push hboot-eng.img /data/local
$ adb push wpthis-OTA.ko /data/local
ON YOUR PHONE:
You should still have terminal emulator up, at a root prompt. Now run:
Code:
# insmod /data/local/wpthis-OTA.ko
You should see:
Code:
init_module 'wpthis-OTA.ko' failed (Function not implemented)
That means it worked. This next step is CRUCIAL. You must make sure that you are writing to the proper partition here or you could brick your phone. To be absolutely clear- the partition is mmcblk(zero)p(one)(eight)
Code:
dd if=/data/local/hboot-eng.img of=/dev/block/mmcblk0p18
You should see some messages indicating that it was written. Next, run:
Code:
# /data/local/tmp/root
This will lock in root, and give you 'su' access in the future. Next, run:
Code:
# sync
Now wait at least a minute, just to be safe. After waiting, reboot your phone using the power button. After it finishes starting up, launch the terminal emulator, and type 'su'. You should get the prompt asking you to grant permissions. If you got the prompt, congratulations! You have permanent root!
I used these instructions and they worked brilliantly.
Sounds like it's a little safer than using VISIONary, which some people in the thread are reporting can get confused and not let you root because it thinks you already have root, etc.
I love it when a plan comes together. Perma-root. thanks man, i never had much luck getting visonary to work so this was spot on. worked like a charm
*not smart enough*
*leaves thread*
I really try to leave ADB out of the equation since I'm not comfortable navigating it.... I suppose I could dedicate my time to learning it, but it's not worth it since I would only use it once every two years to root my phone. In 16 hours I'm sure there will probably be a one click perm root method out anyway.
It worked flawlessly!
I always get so stressed when I root my phones, especially without tutorial vids.
I first did my G1 and that worked perfectly fine.
My second attempt at rooting was with my MT3G and that resulted in a bricked device because one of the lines of code was incorrect in the thread.
This, however, was clearly and plainly spelled out exactly to what happened to my phone.
I give you my thanks.
Awesome- glad to hear it's working well for people. If anybody sees areas that I could improve in the description just let me know.
sinistersai4d4d said:
I really try to leave ADB out of the equation since I'm not comfortable navigating it....
Click to expand...
Click to collapse
ADB is worth it IMHO because it makes moving files around easy, whether you're rooted or not. You don't have to turn on SD card storage, you can just do adb pull/push etc to grab or put files when you need them. Worth the effort. The one click root should be out within the next couple days though, you are right about that one.
trigeek,
I already perm rooted earlier, but just wanted to say you gave a very nicely detailed explanation that anyone should be able to follow. Well done!
Great guide. I liked it a lot more than Unforgivens just because it doesn't rely on VisionARY which might mess things up.
Guide worked absolutely great, no problems. I did not try the visionary method first, but for some reason I just felt safer doing it in adb.
Thank you!
Sorry for the noob question...? but does this mean we have fully rooted to G2 and now we can load ROMS on it when they come out ????
Edit: Nevermind I didnt see the sticky
RaffieKol said:
Sorry for the noob question...? but does this mean we have fully rooted to G2 and now we can load ROMS on it when they come out ????
Click to expand...
Click to collapse
You got it!
RaffieKol said:
Sorry for the noob question...? but does this mean we have fully rooted to G2 and now we can load ROMS on it when they come out ????
Edit: Nevermind I didnt see the sticky
Click to expand...
Click to collapse
Custome ROMs, custom Recovery...the whole 9 yards
Thanks for posting this, it was so easy!
Thank you so very much it was a success
this is my first rooting on an android device... im freaking out... but here i go.... if something happens i will just report my phone lost and get a new one i guess ahahah still... im scared.
Issues
I was temp rooted before using rage and then thru Visionary. But I decided to go back to stock till we have permanent root. I perm rooted today using this method. But I'm having the following issues:
1) adb remount
- remount failed: Operation not permitted
2) when using Root Explorer in /system, toggling Mount R/W does not work
- the only way to mount it R/O is thru terminal/adb shell. Once mounted R/O, the only way to mount R/W again is thru a reboot. Issuing mount -o remount ro /system either in terminal or adb shell does not work.
i actually changed my mind... im going to wait for a one click untended root i guess.... to scary...
joackie27 said:
I was temp rooted before using rage and then thru Visionary. But I decided to go back to stock till we have permanent root. I perm rooted today using this method. But I'm having the following issues:
1) adb remount
- remount failed: Operation not permitted
2) when using Root Explorer in /system, toggling Mount R/W does not work
- the only way to mount it R/O is thru terminal/adb shell. Once mounted R/O, the only way to mount R/W again is thru a reboot. Issuing mount -o remount ro /system either in terminal or adb shell does not work.
Click to expand...
Click to collapse
make sure you have debugging enabled.
juanshop said:
i actually changed my mind... im going to wait for a one click untended root i guess.... to scary...
Click to expand...
Click to collapse
Not gonna happen.
then i guess.... im going to jump in it.... wish me luck...
Rooted with this method completely stock kernel...
Ok I am new to Samsung but not new to rooting and using adb. I have been searching and maybe I missed something but I can not get adb working properly on my phone and pc. adb remount does not work so I can not push any files over. I have tried all the methods with mount -o rw,remount -t yaffs2 ... etc...
I can get su permissions on the phone but it will not allow me to transfer any files over at all. I even tried to r/w permission with Root Explorer while connected to phone through cmd window and nada. I am not running CWM so I would like to push files over if I can. I have done it the root explorer way of copy and paste its just that way seems so sloppy to me.
Any help would be appreciated since I cant seem to find a method on the web that works for me
Thanks guys
How are you typing the push command? Remember there are 2 sdcards on this phone.
For the internal sdcard
Code:
adb push c:\this\place /sdcard
for the external sdcard
Code:
adb push c:\this\place /sdcard/external_sd
You *shouldn't* have to use mnt/sdcard/external_sd but give it a shot just to be sure.
Doesn't this phone have to be on for ADB to work? I thought I read that. Obviously that seems a bit odd since most have to be in recovery. Or am I wrong about the on part?
Lastly, if you can run 'adb shell' then use the 'cp' or 'mv' commands to get the files on there.
EDIT: Ok, I completely just misread your post. You're trying to write to the /system? Try mount -o remount,rw /system
I don't know why everyone uses the yaffs, mmcblk, and all the other craziness. You still mount /system just with more typing. Let me know if it works.
KCRic said:
How are you typing the push command? Remember there are 2 sdcards on this phone.
For the internal sdcard
Code:
adb push c:\this\place /sdcard
for the external sdcard
Code:
adb push c:\this\place /sdcard/external_sd
You *shouldn't* have to use mnt/sdcard/external_sd but give it a shot just to be sure.
Doesn't this phone have to be on for ADB to work? I thought I read that. Obviously that seems a bit odd since most have to be in recovery. Or am I wrong about the on part?
Lastly, if you can run 'adb shell' then use the 'cp' or 'mv' commands to get the files on there.
Click to expand...
Click to collapse
tried cp and mv still gave me problems moving file. I forget the error message I got. Also I know the proper push commands I used to do it with my Evo all the time. Its just that this phone wont let me mount system. What do you mean be on ADB?
playya said:
tried cp and mv still gave me problems moving file. I forget the error message I got. Also I know the proper push commands I used to do it with my Evo all the time. Its just that this phone wont let me mount system. What do you mean be on ADB?
Click to expand...
Click to collapse
I meant the phone needs to be on (with debugging selected) in order to use ADB and write to it. At least that's what I think I remember seeing. Could be wrong since I haven't used ADB with this phone yet.
KCRic said:
I meant the phone needs to be on (with debugging selected) in order to use ADB and write to it. At least that's what I think I remember seeing. Could be wrong since I haven't used ADB with this phone yet.
Click to expand...
Click to collapse
correct all that has been done... all the basics you can think of have been done but it just keeps failing on adb remount
adb shell
$ su
#
no problem now, at first yes but I still cant mount system... driving me nuts since I dont use Clockwork right now I want to push files over... and my software on my pc AndroidCommander says NORoot has been obtained....
I'm probably as new to this phone as you are. Mostly just dealt with HTC. Past this point I have no idea what's going on. I can write to my /system - no problem. Hopefully one of the more seasoned guys will jump in here soon. Sorry I'm not much more of a help.
KCRic said:
I'm probably as new to this phone as you are. Mostly just dealt with HTC. Past this point I have no idea what's going on. I can write to my /system - no problem. Hopefully one of the more seasoned guys will jump in here soon. Sorry I'm not much more of a help.
Click to expand...
Click to collapse
what method did you use to root with... Is it the same as what I used the deoxeded stock method I posted above
Did u try with the Odin method? way easier.
Sent from my Galaxy SII √Epic4G Touch
skykc0401 said:
Did u try with the Odin method? way easier.
Sent from my Galaxy SII √Epic4G Touch
Click to expand...
Click to collapse
Odin method to do what? root? If so that is how I rooted thanks
I downloaded an app on the market that fix it.. thanks guys
[HOW-TO] [GSM & CDMA] Root without Unlocking Bootloader via exploit (for 4.0.1/4.0.2)
Edit: This does not works on anything newer than ICL53F (i.e., 4.0.2). It works fine on ITL41D (4.0.1), ITL41F (4.0.1) and ICL53F (4.0.2)
Once you have got root, you can now use segv11's BootUnlocker app to unlock your bootloader without wiping anything. Easy as pie!
Disclaimer: I take no credit for this exploit or the implementation of it (but I will take credit for the step-by step ). Thanks to kendong2 for pointing it out to me here.
So, it looks like zx2c4 has found a local privilege escalation exploit. See source here, and saurik has managed to package it together for Android. See here. Although this may be old news to some, I hadn't seen it before.
So what does this all mean:
If you are running a 2.6.39 kernel (or above), which all Galaxy Nexus' are, you can now root your device without having to unlock your bootloader (and without losing your data).
Moreover, you should now be able to root your device even if your hardware buttons are not working.
Additionally, this allows those who have not received an OTA update and want to apply it without having an unlocked bootloader or root to do so by copying the OTA update to /cache from /sdcard.
Notes:
1) This assumes that you have USB Debugging enable on your device (Settings > Developer Options > Enable USB Debugging) and the drivers for your device installed on your computer. For the drivers, I would recommend you remove all old drivers and install these. If you don't know how to install them, or are having issues, look here.
2) This needs to be done over ADB, as a terminal emulator on-device does not have the appropriate access. If you do not have ADB, I've attached it in the zip. Unzip all files.
3) Some users indicate that, once finished the procedure, they needed to open the Superuser app.
Step-by-step:
1) Download the attached files to your computer and unzip them in the same directory as your adb.exe file;
2) Open a command prompt in the same directory;
3) Copy the files to your device:
adb push mempodroid /data/local/tmp/mempodroid
adb push su /data/local/tmp/su
adb push Superuser.apk /data/local/tmp/Superuser.apk
4) Open a shell: adb shell
5) Change permission on mempodroid to allow it to run: chmod 777 /data/local/tmp/mempodroid
6) Run the exploit: ./data/local/tmp/mempodroid 0xd7f4 0xad4b sh
Note: Once you do step 6, your prompt should change from $ to #. If not, it did not work.
7) Mount the system partition as rw: mount -o remount,rw -t ext4 /dev/block/mmcblk0p1 /system
8) Copy su to /system: cat /data/local/tmp/su > /system/bin/su
9) Change permissions on su: chmod 06755 /system/bin/su
10) Copy Superuser.apk: cat /data/local/tmp/Superuser.apk > /system/app/Superuser.apk
11) Change permissions on Superuser.apk: chmod 0644 /system/app/Superuser.apk
12) Mount the system partition as r/o: mount -o remount,ro -t ext4 /dev/block/mmcblk0p1 /system
13) Rescind root: exit
14) Exit the ADB shell: exit
15) Done. You now should have root without having to unlock your bootloader.
Reserved
Reserved
This is the same as https://github.com/saurik/mempodroid
saurik ftw.
times_infinity said:
This is the same as https://github.com/saurik/mempodroid
saurik ftw.
Click to expand...
Click to collapse
Not sure what you are getting at? I mentioned saurik in the first post, and the link you posted is in the first post. And I mentioned that this may be old news, but I haven't seen it anywhere before today in the GN forums.
Yikes! This exploit works on any kernel from 2.6.39 and >. This could become a common root method for many devices. Linus Torvalds himself posted the fix commit! Nice work by zx2c4!
Sleuth255 said:
Yikes! This exploit works on any kernel from 2.6.39 and >. This could become a common root method for many devices. Linus Torvalds himself posted the fix commit! Nice work by zx2c4!
Click to expand...
Click to collapse
You need ics to have a vulnerable kernel version, so given the number of devices which currently have ics officially, I doubt it will be common. I'd also expect Google and vendors to correct this in next release.
Also many custom kernels don't have this flaw as they are at or over 3.0.18 or have patched it. This prevents gaining unnoticed root.
Sent from my Galaxy Nexus
Hmmm I thought 2.6.39 was found in GB builds. This exploit is almost a root fix for the Moto DX 4.5.621 fiasco. Unfortunately the kernel for that build is 2.6.32.9.
Sent from my Galaxy Nexus using xda premium
This was huge in the headlines a few weeks back. It's nice to see someone putting it to a good use!
Sent from my Galaxy Nexus using xda premium
Hi, been lurking awhile, registered to clear up somethings.
I did some research while attempting to access the /data/local/ -folder with terminal emulator and I found that it would be impossible to write or to find it while being unrooted. Rooting a phone through using an unrooted access root seems impossible.
Did I miss something or is there any other way to copy mempodroid to the data- folder? I sure would like to keep all my files.
Huxleysäl said:
Hi, been lurking awhile, registered to clear up somethings.
I did some research while attempting to access the /data/local/ -folder with terminal emulator and I found that it would be impossible to write or to find it while being unrooted. Rooting a phone through using an unrooted access root seems impossible.
Did I miss something or is there any other way to copy mempodroid to the data- folder? I sure would like to keep all my files.
Click to expand...
Click to collapse
I think you are mistaken. In a terminal emulator type: cd /data/local/tmp
Edit: Fixed a mistake made by auto correct...
Sent from my Galaxy Nexus using Tapatalk
efrant said:
I think you are mistaken. In a terminal emulator type: cd /data/local/temp
Sent from my Galaxy Nexus using Tapatalk
Click to expand...
Click to collapse
Just did. It says "No such file or directory."
Not the best source, but if you google it, people state what I state. Sorry, can't post links
try /data/local/tmp
Huxleysäl said:
Just did. It says "No such file or directory."
Not the best source, but if you google it, people state what I state. Sorry, can't post links
Click to expand...
Click to collapse
Sorry, damn auto correct. It should be: cd /data/local/tmp
Not "temp".
It works fine.
Edit: Sleuth255 beat me to it!
Sent from my Galaxy Nexus using Tapatalk
efrant said:
Sorry, damn auto correct. It should be: cd /data/local/tmp
Not "temp".
It works fine.
Edit: Sleuth255 beat me to it!
Sent from my Galaxy Nexus using Tapatalk
Click to expand...
Click to collapse
Sure, OK, it worked. But as I'm trying to replicate his instructions, copying mempodroid to data/local/tmp doesn't compute. I tried extracting the files, puting mempodroid in a new folder in ./sdcard/ (which I named Nex), and it still couldn't find it.
Wait, just had an idea. Brb
Huxleysäl said:
Sure, OK, it worked. But as I'm trying to replicate his instructions, copying mempodroid to data/local/tmp doesn't compute. I tried extracting the files, puting mempodroid in a new folder in ./sdcard/ (which I named Nex), and it still couldn't find it.
Wait, just had an idea. Brb
Click to expand...
Click to collapse
Hmm. Looks like you may be correct. In GB, we had write access to that directory, but it looks like we don't in ICS. I'll have another look tomorrow and try to figure something out.
Sent from my Galaxy Nexus using Tapatalk
OK, this is exactly what I did:
I downloaded the files, extracted them into the ./sdcard folder of my android. I opened the console, wrote exactly as stated. Reaction? Cannot create /data/local/tmp/mempodroid: Permission denied
So, what I'm thinking is this: I tried the cd ./sdcard/mempodroid, found it. So, logically, that should mean that since the permission is dennied, the problem lies not in where I put the mempodroid, but with my authority over my phone. So, here we are again. Could anybody smarter then me clarify?
efrant said:
Hmm. Looks like you may be correct. In GB, we had write access to that directory, but it looks like we don't in ICS. I'll have another look tomorrow and try to figure something out.
Sent from my Galaxy Nexus using Tapatalk
Click to expand...
Click to collapse
****, I was hoping I was wrong. I originally thought that the exploit was this. But alas.
Try finding an alternative write route to the /data/local/- folder. That should solve all problems, I guess. Big words, ey? This is for the simpletons like me, who stupidly forgot to bootload.
Might want to expand on the steps.
Like what program to use to copy the file.
How do you change permission.
How do you run the exploit.
How to mount rw.
How to copy su.
convolution said:
Might want to expand on the steps.
Like what program to use to copy the file.
How do you change permission.
How do you run the exploit.
How to mount rw.
How to copy su.
Click to expand...
Click to collapse
I hade my initial problems with that too. But as if this moment it doesn't really matter. Read above posts. Anyhow, to answer your question: you need to download a console emulator
Just search for it in the market. Also the commands go in this console
For example: cat /directory/filename > /newdirectory/samefilename means to copy or move from one place. To change permission you just write that line of code ending with 777 instead of cat and then the filename etc and etc.
I didn't know any of this 'till yesterday, so it is quite understandable.
cheers
Huxleysäl said:
F***, I was hoping I was wrong. I originally thought that the exploit was this. But alas.
Try finding an alternative write route to the /data/local/- folder. That should solve all problems, I guess. Big words, ey? This is for the simpletons like me, who stupidly forgot to bootload.
Click to expand...
Click to collapse
I've updated the first post. Give that a go and let me know how it turns out. (The guide may need some minor tweaking, but I am here to help you through it.)
It seems that ADB has rw access to /data/local/tmp but a terminal emulator on-device does not. So for now, you need to be plugged into your computer.
It may be possible to do this with ADB-over-Wi-Fi, but I haven't gotten there yet.
Hi All,
This is just a quick 2 part question as I see many threads for the GNEX on rooting, but none very concrete on removing root. I've tried searching, but I must have missed it.
So, my questions are:
1. Once rooted via whatever method (I used fastboot method myself, thanks efrant for teaching the fastboot stuff), how do I unroot this thing to bring it back to stock configuration?
2. To make the unit truly stock again, can I just use fastboot and flash a factory google image? I know doing this will eliminate all my data, but will it remove all traces of any rooting done? (Insecure Kernal, SU, Busybox and whatever else)?
Please let me know.
Thanks guys... wasn't planning on rooting, but I miss the ability to do it. lol
1. See two.
2. Yes.
Flashing the stock image will bring your phone back to an out-of-the-box state.
Sent from my Galaxy Nexus using Tapatalk 2
infazzdar said:
1. See two.
2. Yes.
Flashing the stock image will bring your phone back to an out-of-the-box state.
Sent from my Galaxy Nexus using Tapatalk 2
Click to expand...
Click to collapse
Thanks man,
Makes me feel better about my decision to root this phone.
Appreciate the reply.
If you installed Superuser to system when you rooted then you'll need to remove that also but here are the basic adb commands for the job (make sure you have data and system mounted via CWM so you have access):
Code:
adb shell
rm /system/bin/su
mount -o remount,ro -t ext4 /dev/block/mmcblk0p1 /system
exit
BusyBox is another matter since CWM installs it to sbin every time you boot with it. Perhaps someone has a better idea (?), but from messing around a bit the other night the best method I've come up with is to use BusyBox to remove BusyBox, as follows:
Code:
adb shell
cd /sbin
cp busybox /data/local/tmp/busybox
chmod 06755 /data/local/tmp/busybox
rm busybox
/data/local/tmp/busybox rm `/data/local/tmp/busybox find -follow -maxdepth 1 -type l`
/data/local/tmp/busybox rm /data/local/tmp/*
exit
that second to last line gets rid of all the stray symlinks busybox left behind, not sure if CWM leaves any of those recovery/symlinks in sbin also or if those should be removed as well; perhaps someone else can fill us in on that point!
osm0sis said:
If you installed Superuser to system when you rooted then you'll need to remove that also but here are the basic adb commands for the job (make sure you have data and system mounted via CWM so you have access):
Code:
adb shell
rm /system/bin/su
mount -o remount,ro -t ext4 /dev/block/mmcblk0p1 /system
exit
BusyBox is another matter since CWM installs it to sbin every time you boot with it. Perhaps someone has a better idea (?), but from messing around a bit the other night the best method I've come up with is to use BusyBox to remove BusyBox, as follows:
Code:
adb shell
cd /sbin
cp busybox /data/local/tmp/busybox
chmod 06755 /data/local/tmp/busybox
rm busybox
/data/local/tmp/busybox rm `/data/local/tmp/busybox find -follow -maxdepth 1 -type l`
/data/local/tmp/busybox rm /data/local/tmp/*
exit
that second to last line gets rid of all the stray symlinks busybox left behind, not sure if CWM leaves any of those recovery/symlinks in sbin also or if those should be removed as well; perhaps someone else can fill us in on that point!
Click to expand...
Click to collapse
So flashing a Google factory image won't remove root? Or it will, but won't remove all evidence if someone went searching around trying to deny warranty.
When I rooted, I used the method of flashing recovery, then installed the su.zip via recovery. When I unrooted I simply flashed a factory image.
when you say installed superuser to system I'm guessing you mean something more advanced than the typical root process, correct?
Sent from my Galaxy Nexus using XDA
thos25 said:
So flashing a Google factory image won't remove root? Or it will, but won't remove all evidence if someone went searching around trying to deny warranty.
When I rooted, I used the method of flashing recovery, then installed the su.zip via recovery. When I unrooted I simply flashed a factory image.
when you say installed superuser to system I'm guessing you mean something more advanced than the typical root process, correct?
Sent from my Galaxy Nexus using XDA
Click to expand...
Click to collapse
Flashing the factory system image DOES remove root (and busybox and anything else you changed on the ROM).There is no need to do anything that osm0sis said to do.
And there is no "more advanced" process of rooting. Root is two files placed on you system: /system/bin/su and /system/app/Superuser.apk. Nothing more. (Whether you place them there yourself, or have CWM do it for you, is irrelevant.) Remove those those and root is gone.
Sent from my Galaxy Nexus using Tapatalk 2
if you grab wugfresh's toolkit itll do all of that with one-click convenience. thats what I do to un-root my Nexus.
Zbraptorsdr said:
if you grab wugfresh's toolkit itll do all of that with one-click convenience. thats what I do to un-root my Nexus.
Click to expand...
Click to collapse
http://forum.xda-developers.com/showthread.php?p=21936493
Sent from my Galaxy Nexus using Tapatalk 2
efrant said:
Flashing the factory system image DOES remove root (and busybox and anything else you changed on the ROM).There is no need to do anything that osm0sis said to do.
Click to expand...
Click to collapse
Right, I was referring to "unroot"ing without reflashing the system.img, since my intent with that method was to keep all settings, etc. as-is, just remove all traces of root.
osm0sis said:
Right, I was referring to "unroot"ing without reflashing the system.img, since my intent with that method was to keep all settings, etc. as-is, just remove all traces of root.
Click to expand...
Click to collapse
Yup, you would need to remove it manually if you were running a custom ROM, but with a stock ROM, flashing the system partition only WOULD leave all your data/settings as is.
osm0sis said:
BusyBox is another matter since CWM installs it to sbin every time you boot with it.
Click to expand...
Click to collapse
IS this true? Can someone confirm? And is it true for all phones?
Zbraptorsdr said:
if you grab wugfresh's toolkit itll do all of that with one-click convenience. thats what I do to un-root my Nexus.
Click to expand...
Click to collapse
The easiest way to do it, just click and its does it on its own.
The-Droidster said:
IS this true? Can someone confirm? And is it true for all phones?
Click to expand...
Click to collapse
Just wanted to clear this up now that I'm a bit more wise on the subject. The sbin stuff doesn't matter since it's all part of the ramdisk, and gets generated on each boot (to recovery or OS) and otherwise doesn't exist. No need to delete anything but su. :good:
osm0sis said:
Just wanted to clear this up now that I'm a bit more wise on the subject. The sbin stuff doesn't matter since it's all part of the ramdisk, and gets generated on each boot (to recovery or OS) and otherwise doesn't exist. No need to delete anything but su. :good:
Click to expand...
Click to collapse
he means, of course, "su" as in /system/bin/su AND /system/app/Superuser.apk. partially correct, i think, ramdisk is only used for early OS boot. Ramdisk + kernel = boot.img.
Recovery is on a different partition, for starters, and AFAIK, deploys needed files to a temporary location on the phone's ram or in the file system, which would be the recovery partition. Busybox gets placed in there as well.
Sent from my i9250
stock kernel has a ramdisk but not all kernels are packaged with one. recovery also has a ramdisk, just as it also has a kernel. Decompile/split/unzip one some time and you'll see /sys/ and /proc/ and /sbin/ all get generated from the ramdisk. And yes, if you for some reason put Superuser.apk or SuperSU.apk in /system/app/ (a completely unnecessary step), then naturally they need to go too.