Related
I have tried the latest version of Visionary "R14" but it doesn't work, I have also tried Visionary "R3" "R11" "R12" and "13" and they all don't work on my OTA updated T-mobile G2.... either for temp-root or permanent root..I have tried the ADB/Rage/gfree method of rooting and I getting an ERROR on the last part instructions.... ""## mkdir failed for /system/xbin, File exists"
My main question is if anyone could check to see if their version of the Visionary app is the version 7 or r7...if so could you please used titanium backup to send me a copy of the file....
thank you so so much...
Not sure why a specific older version of Visionary would work if the newer (or older) versions would not.
Regarding your error message, is that when you run the command:
/data/local/tmp/root
Click to expand...
Click to collapse
If so you will note that the instructions on the wiki state immediately below that: You may see an error message along the lines of "mkdir: /system/xbin already exists", but if so you can ignore that, the rest of the script should still run ok.
If you boot into the bootloader (press volume down while powering on device) do you have S-OFF? If so you know that the GFREE part at least did work.
sammd301 said:
I have tried the latest version of Visionary "R14" but it doesn't work, I have also tried Visionary "R3" "R11" "R12" and "13" and they all don't work on my OTA updated T-mobile G2.... either for temp-root or permanent root..I have tried the ADB/Rage/gfree method of rooting and I getting an ERROR on the last part instructions.... ""## mkdir failed for /system/xbin, File exists"
My main question is if anyone could check to see if their version of the Visionary app is the version 7 or r7...if so could you please used titanium backup to send me a copy of the file....
thank you so so much...
Click to expand...
Click to collapse
As has been explained in the Development section, be VERY CAREFUL with Visionary as it is known to brick phones.
When I first got my DZ I was eager to Root and uses V14 to obtain root but remember that this is not a 'Real' S-OFF. GFREE is the best and safest method to use. I was a lucky newbie who didn't end up with a brick!
raitchison said:
Not sure why a specific older version of Visionary would work if the newer (or older) versions would not.
Regarding your error message, is that when you run the command:
If so you will note that the instructions on the wiki state immediately below that: You may see an error message along the lines of "mkdir: /system/xbin already exists", but if so you can ignore that, the rest of the script should still run ok.
If you boot into the bootloader (press volume down while powering on device) do you have S-OFF? If so you know that the GFREE part at least did work.
Click to expand...
Click to collapse
yes you are exactly right...when I input in this command " /data/local/tmp/root" then I got back this error "mkdir failed for /system/xbin, File exists" you see the difference, instead of "already exits" I did ignore the error message but when I tried to used a root required app like root explorer...It states the phone needs to rooted before the app can work....Lastly when I enter into the boot loader "I indeed notice that S-OFF" the problem is that the phone is not rooted not even temporary...as far as visionary r7 goes I recall after the OTA, it did work on my phone for temporary rooting...it is when I attempted to used visionary r14 to obtain permanent root that visionary r7 was overwritten by r14...which doesn't work even for temp rooting thanks for your input
gbarayah said:
As has been explained in the Development section, be VERY CAREFUL with Visionary as it is known to brick phones.
When I first got my DZ I was eager to Root and uses V14 to obtain root but remember that this is not a 'Real' S-OFF. GFREE is the best and safest method to use. I was a lucky newbie who didn't end up with a brick!
Click to expand...
Click to collapse
right now...neither method works not the "visionary r14 or ADB/RAGE/GFREE" I wouldn't mind using either method, the problem is that ADB/Rage/GFREE METHOD keep giving this error message "mkdir failed for /system/xbin, File exists" which I have done a ton of research and still can find a fixed,
sammd301 said:
yes you are exactly right...when I input in this command " /data/local/tmp/root" then I got back this error "mkdir failed for /system/xbin, File exists" you see the difference, instead of "already exits" I did ignore the error message but when I tried to used a root required app like root explorer...It states the phone needs to rooted before the app can work....Lastly when I enter into the boot loader "I indeed notice that S-OFF" the problem is that the phone is not rooted not even temporary...as far as visionary r7 goes I recall after the OTA, it did work on my phone for temporary rooting...it is when I attempted to used visionary r14 to obtain permanent root that visionary r7 was overwritten by r14...which doesn't work even for temp rooting thanks for your input
Click to expand...
Click to collapse
Crap I typed up this response but I guess I didn't submit it because it's gone...
OK what you are saying is actually good news, it means you had temp root at one point or gfree would not have worked (you would not have S-OFF now)
If you can get temp root to work even one more time you can flash ClockWorkMod recovery and then load a custom/pre-rooted ROM.
I do suspect that you have messed up your system with your various attempts at rooting (especially the fact that you used visionary and other deprecated root methods) and you need to wipe your system and start over with either a custom ROM or a pre-rooted stock ROM.
I would start by running this section of the root process:
ON YOUR PHONE:
1. Launch Terminal Emulator
2. Execute /data/local/tmp/rage
3. Wait for the message: "Forked #### childs."
4. Menu > Reset Term - Terminal Emulator will exit.
5. Launch Terminal Emulator, it Force Closes. Launch a second time, and you'll have a root shell
Click to expand...
Click to collapse
If you have a # prompt that means you have temp root, from there I would use flash_image to flash ClockWorkMod 3.0.5 to the phone (see guide)
Get ClockWorkMod here
Once you have CWM installed you can basically ignore your current OS and flash whatever you want, you can go with a custom ROM or if you don't want to do that you can go with a pre-rooted stock ROM (see this thread). In any case I would definitely wipe first (from within CWM)
Yeah, flashing a pre-rooted custom ROM is probably your cleanest solution at this point. If you want to try and fix what you have though, you can try the following steps:
1. Follow the instructions to get temp root with rage again.
2. In Terminal, try these commands and look for an error at any point (this is what the root script is actually doing, with the addition of the deletion of the xbin file/directory since that seems to be what is messing up):
Code:
# /data/local/tmp/busybox killall rage
# mount -o rw,remount -t ext3 /dev/block/mmcblk0p25 /system
# rm -rf /system/xbin
# mkdir /system/xbin
# /data/local/tmp/busybox cp /data/local/tmp/busybox /system/xbin/busybox
# chmod 4755 /system/xbin/busybox
# /system/xbin/busybox --install -s /system/bin
# cp /sdcard/Superuser.apk /system/app/Superuser.apk
# cp /sdcard/su /system/bin/su
# chmod 4755 /system/bin/su
Flashing a custom ROM is probably easier though.
ianmcquinn said:
Yeah, flashing a pre-rooted custom ROM is probably your cleanest solution at this point. If you want to try and fix what you have though, you can try the following steps:
1. Follow the instructions to get temp root with rage again.
2. In Terminal, try these commands and look for an error at any point (this is what the root script is actually doing, with the addition of the deletion of the xbin file/directory since that seems to be what is messing up):
Code:
# /data/local/tmp/busybox killall rage
# mount -o rw,remount -t ext3 /dev/block/mmcblk0p25 /system
# rm -rf /system/xbin
# mkdir /system/xbin
# /data/local/tmp/busybox cp /data/local/tmp/busybox /system/xbin/busybox
# chmod 4755 /system/xbin/busybox
# /system/xbin/busybox --install -s /system/bin
# cp /sdcard/Superuser.apk /system/app/Superuser.apk
# cp /sdcard/su /system/bin/su
# chmod 4755 /system/bin/su
Flashing a custom ROM is probably easier though.
Click to expand...
Click to collapse
Right now I going to try to use this command to fix the error and if it doesn't work, I will then try to flash a custom and see how that goes...Update will be posted as I go along....thanks for the kind help....
raitchison said:
Crap I typed up this response but I guess I didn't submit it because it's gone...
OK what you are saying is actually good news, it means you had temp root at one point or gfree would not have worked (you would not have S-OFF now)
If you can get temp root to work even one more time you can flash ClockWorkMod recovery and then load a custom/pre-rooted ROM.
I do suspect that you have messed up your system with your various attempts at rooting (especially the fact that you used visionary and other deprecated root methods) and you need to wipe your system and start over with either a custom ROM or a pre-rooted stock ROM.
I would start by running this section of the root process:
If you have a # prompt that means you have temp root, from there I would use flash_image to flash ClockWorkMod 3.0.5 to the phone (see guide)
Get ClockWorkMod here
Once you have CWM installed you can basically ignore your current OS and flash whatever you want, you can go with a custom ROM or if you don't want to do that you can go with a pre-rooted stock ROM (see this thread). In any case I would definitely wipe first (from within CWM)
Click to expand...
Click to collapse
I will attempt to flash ClockWorkmod, once I try out "ianmcquinn" suggesting in trying to fix the rooting error...thanks for the help
ianmcquinn said:
Yeah, flashing a pre-rooted custom ROM is probably your cleanest solution at this point. If you want to try and fix what you have though, you can try the following steps:
1. Follow the instructions to get temp root with rage again.
2. In Terminal, try these commands and look for an error at any point (this is what the root script is actually doing, with the addition of the deletion of the xbin file/directory since that seems to be what is messing up):
Code:
# /data/local/tmp/busybox killall rage
# mount -o rw,remount -t ext3 /dev/block/mmcblk0p25 /system
# rm -rf /system/xbin
# mkdir /system/xbin
# /data/local/tmp/busybox cp /data/local/tmp/busybox /system/xbin/busybox
# chmod 4755 /system/xbin/busybox
# /system/xbin/busybox --install -s /system/bin
# cp /sdcard/Superuser.apk /system/app/Superuser.apk
# cp /sdcard/su /system/bin/su
# chmod 4755 /system/bin/su
Flashing a custom ROM is probably easier though.
Click to expand...
Click to collapse
Yes I used the wiki instruction to gain temporary root on the phone and proceeded to tryout the above command...I got mostly error with the command below is what I en-counted as I enter the command....
# /data/local/tmp/busybox killall rage
No error here just # prompt
# mount -o rw,remount -t ext3 /dev/block/mmcblk0p25 /system
No error again just # prompt
# rm -rf /system/xbin
Error "rm failed for -rf, Read-only file system"
# mkdir /system/xbin
Error "mkdir failed for /system/xbin, File exists"
# /data/local/tmp/busybox cp /data/local/tmp/busybox /system/xbin/busybox
Error "cp: can't stat '/system/xbin/busybox': Not a directory"
# chmod 4755 /system/xbin/busybox
Error "Unable to chmod /system/xbin/busybox: Not a directory"
# /system/xbin/busybox --install -s /system/bin
Error "/system/xbin/busybox: not found"
# cp /sdcard/Superuser.apk /system/app/Superuser.apk
Error "cp: not found"
# cp /sdcard/su /system/bin/su
Error "cp: not found"
# chmod 4755 /system/bin/su
Error "Unable to chmod /system/bin/su: No such file or directory
I am now going to attempt the Clockwork custom rom flash..
Folks victory is mine....No, VICTORY IS OURS, I sincerely like to thank all of you all, who replied with helpful suggesting...especially the following members "raitchison" from West Hill, CA and "ianmcquinn" a true senior member of xda-developer.
This is what I did to finally get the phone rooted....
I took "Raitchison" advice by trying to use flash_image to flash ClockWorkMod recovery... but during the process I could not get pass copying file to the phone root system folder usind android terminal emulator ...so I input this command "chmod 777/system" to gain write access to the folder...after doing that I manually moved busybox file to system folder and attempted a rooting the phone using the rooting instruction from the HTC G2/DESIRE Z wiki site...at...
http://forum.xda-developers.com/wik...cess_.28Permanent_Root_.2F_.22Permaroot.22.29
And this time around, everything went as normal after rooting the phone I open root required app and Wa La...no error message...
Guys I once again wants thank you all for the support....I also looked forward to help out others facing the same issue...so if anyone has encounter the same or similar issue please feel free to post here and I will response....
Can any one help me I am trying to close this thread...How do I go about doing it....thanks
There is no need to close the thread, if anyone has a similar problem and finds it via search they can come in here and bring the discussion back up, otherwise if there is no activity it will naturally fall to the bottom of the thread list.
It works for me I just did it yday using visionary and gfree all on my phone weird that it doesn't work for you?
Sent from my Liquid Metal using XDA Premium App
Update: Found better instructions here and updated this post with them: http://rootzwiki.com/topic/27003-root-dinc2-on-any-firmware-may-want-to-sticky-later/
Be warned that this has been reported to cause bootloops on Sense ROMs, proceed at your own risk.
A few disclaimers before I begin:
1) I AM NOT RESPONSIBLE FOR ANYTHING YOU DO TO YOUR PHONE. ANYTHING YOU ATTEMPT TO DO YOU DO AT YOUR OWN RISK
2) This method requires use of adb and is not for thr faint of heart. your phone WILL be bootlooping along the way; this is exactly what we want (at a specific point)
Now to begin in earnest
First find what we need!
We need the patched misc version, tacoroot, and the earlier GB RUU
Modified htc drivers or linux, both with working adb installation
disable fastboot on your device
A few disclaimers before I begin:
1) I AM NOT RESPONSIBLE FOR ANYTHING YOU DO TO YOUR PHONE. ANYTHING YOU ATTEMPT TO DO YOU DO AT YOUR OWN RISK
2) This method requires use of adb and is not for thr faint of heart. your phone WILL be bootlooping along the way; this is exactly what we want (at a specific point)
Now to begin in earnest
First find what we need!
We need the patched misc version, tacoroot, and the earlier GB RUU
Modified htc drivers or linux, both with working adb installation
disable fastboot on your device
Now we push, make executable, and execute the tacoroot method
adb push tacoroot.sh /data/local/
adb shell chmod 755 /data/local/tacoroot.sh
adb shell /data/local/tacoroot.sh
At this point we will run tacoroot with the --recovery, (push volume up and power at the triangle) (reboot after this) --setup and --root (run one, wait for the device to settle then run the next)
AT THIS POINT YOUR DEVICEWILL BE BOOTLOOPING; THAT IS PERFECTLY NORMAL
Now we downgrade the misc_version
adb push misc_version /data/local
adb shell chmod 777 /data/local/misc_version
adb shell /data/local/sh -c '/data/local/tmp/misc_version -s 2.18.605.3'
If everything so far has succeeded, youre almost there!
adb reboot bootloader
fastboot oem rebootRUU
fastboot erase cache
fastboot flash zip <your RUU>
fastboot reboot
If everything so far has succeeded, youre almost there!
adb reboot bootloader
fastboot oem rebootRUU
fastboot erase cache
fastboot flash zip <your RUU>
fastboot reboot
Click to expand...
Click to collapse
Tacoroot: https://github.com/CunningLogic/TacoRoot
misc_version: https://github.com/downloads/hyuh/misc_version_universal/misc_version_universal.zip
2.3.3 RUU: http://jellybellys.minus.com/mvivow/2
prototype7 said:
All credit goes to jcase on the RootzWiki forums, I can't try this out myself but I thought I'd share it for those who could use it:
Here are my instructions to preform this. If you do pack this in a script/program , please follow the license that comes with Tacoroot and misc_version
Download https://github.com/d...n_universal.zip
and unzip it
Preform manual tacoroot exploit
adb reboot recovery
(Reboot normally once in recovery, this creates the directory for the log. Continue once booted)
adb shell
rm /data/data/recovery/*
ln -s /data/local.prop /data/data/recovery/log
exit
adb reboot
adb shell
echo 'ro.kernel.qemu=1' > /data/local.prop
exit
adb reboot
(Device will appear to bootloop, but ADB will work, continue once adb is working)
adb push misc_version /data/local/
adb shell
chmod 755 /data/local/misc_version
/data/local/misc_version --set_version 1.11.605.11
rm /data/data/recovery/log
echo 'ro.kernel.qemu=0' > /data/local.prop
adb reboot
Now you can flash the proper ruu to s-off with
Sent from my Incredible 2 using Tapatalk 2 Beta-5
Click to expand...
Click to collapse
I'm going to try this when I get home hopefully I can FINALLY get downgraded...
Sent from my ADR6350 using XDA
Jayydude_SGP said:
I'm going to try this when I get home hopefully I can FINALLY get downgraded...
Sent from my ADR6350 using XDA
Click to expand...
Click to collapse
Let me know how it works .
Sent from my Incredible 2 using Tapatalk 2 Beta-5
I'm just a little unclear about what comes before and after this...
Can we get a post that has ALL the code/instructions spelled out? For instance, the "Preform manual tacoroot exploit"... is that the tacoroot code from before in its entirety, or just a certain part of it?
And then when the instructions in this post are done, are we to then follow the downgrade instructions from beginning to end?
Sorry to be pesty, but really want this to work and I'm just unsure of what all to do. Many many super thanks.
tcwota said:
I'm just a little unclear about what comes before and after this...
Can we get a post that has ALL the code/instructions spelled out? For instance, the "Preform manual tacoroot exploit"... is that the tacoroot code from before in its entirety, or just a certain part of it?
And then when the instructions in this post are done, are we to then follow the downgrade instructions from beginning to end?
Sorry to be pesty, but really want this to work and I'm just unsure of what all to do. Many many super thanks.
Click to expand...
Click to collapse
After you do this, use an RUU to downgrade and then use revolutionary to obtain s-off. I'll look into the tacoroot in a minute, like I said these aren't my instructions.
Edit: Nothing like a quick google search to make you feel like an idiot lol. The adb commands are the manual tacoroot exploit. I'll update the OP to make it more clear.
Sent from my Incredible 2 using Tapatalk 2 Beta-5
OP updated. Make sure to post and tell me if this works.
Thanks, but still unclear about one thing. To flash the RUU, do we follow all the instructions in the downgrade vivow .98 thread?
You have to combine all the instructions.
If you go to the rootzwiki page I spelled it out. Just can't link to external sites because I'm new to xda.
Perfect. Thanks and can't wait to give this a try in the morning.
Do you (or anyone) think it will matter that I have already (successfully) used the HTCDev boot unlocker?
aaronc222 said:
You have to combine all the instructions.
If you go to the rootzwiki page I spelled it out. Just can't link to external sites because I'm new to xda.
Click to expand...
Click to collapse
It took some tinkering (and a bit of sweating), but I was able to get this to work successfully.
I had previously used the HTCdev tool to unlock and was running clockwork recovery. I had to flash the stock recovery and do a factory restore, but still got a "99 unknown fail" when trying to flash the RUU at the end of this process.
A quick google search told me to relock the bootloader with "fastboot oem lock." After the relock, I had to do ANOTHER factory restore and then everything worked fine.
One difference for me: the bootloop started earlier, ie after "adb shell /data/local/tacoroot.sh --root". But I just continued to use adb when I could and got through it.
About to run Revolutionary. Thanks to everyone up to this point! Such a fantastic community!
not to rain on your parade but this makes no sense. after the adb reboot recovery..... i do the adb shell and then it cant find the file/directory
dets34 said:
not to rain on your parade but this makes no sense. after the adb reboot recovery..... i do the adb shell and then it cant find the file/directory
Click to expand...
Click to collapse
Are you rebooting out of the recovery? You do "adb reboot recovery," and then when you get to the red triangle, hold down volume up AND volume down and then the power button, reboot, let the phone reboot back into normal, and then continue the instructions.
unstuck! ... then stuck again
Trying this on a warranty replacement Dinc2 that's got Android 2.3.4, Software number 6.01.605.05 710RD ... the above post got me past the red triangle "!" thing, so I proceeded to:
Code:
adb shell
rm /data/data/recovery/*
ln -s /data/local.prop /data/data/recovery/log
exit
adb reboot
adb shell
echo 'ro.kernel.qemu=1' > /data/local.prop
and got:
Code:
$ echo 'ro.kernel.qemu=1' > /data/local.prop
cannot create /data/local.prop: permission denied
Is it significant that I'm seeing a "$" prompt instead of a "#"? or is that later in the process? Is it significant that, after the sym-linking of /data/local.prop to the log file and then rebooting, my phone had no signal and seemed pretty inoperable, but then after the write to /data/local.prop failed (and I sat googling around for a bit) the phone rebooted itself (no adb commands, and I didn't even breath in its direction) and came back to having signal and my settings, etc. and full operability?
Any help appreciated - I'll come back to this tomorrow ...
jehosephat said:
Trying this on a warranty replacement Dinc2 that's got Android 2.3.4, Software number 6.01.605.05 710RD ... the above post got me past the red triangle "!" thing, so I proceeded to:
Code:
adb shell
rm /data/data/recovery/*
ln -s /data/local.prop /data/data/recovery/log
exit
adb reboot
adb shell
echo 'ro.kernel.qemu=1' > /data/local.prop
and got:
Code:
$ echo 'ro.kernel.qemu=1' > /data/local.prop
cannot create /data/local.prop: permission denied
Is it significant that I'm seeing a "$" prompt instead of a "#"? or is that later in the process? Is it significant that, after the sym-linking of /data/local.prop to the log file and then rebooting, my phone had no signal and seemed pretty inoperable, but then after the write to /data/local.prop failed (and I sat googling around for a bit) the phone rebooted itself (no adb commands, and I didn't even breath in its direction) and came back to having signal and my settings, etc. and full operability?
Any help appreciated - I'll come back to this tomorrow ...
Click to expand...
Click to collapse
I'm in the same situation, any idea's yet? I wonder if I should htcdev unlock just to have root privilages
Here's a better guide for it, I'll update the OP in a minute: http://rootzwiki.com/topic/27003-root-dinc2-on-any-firmware-may-want-to-sticky-later/
Edit: OP updated.
prototype7 said:
Here's a better guide for it, I'll update the OP in a minute: http://rootzwiki.com/topic/27003-root-dinc2-on-any-firmware-may-want-to-sticky-later/
Edit: OP updated.
Click to expand...
Click to collapse
Thanks a lot, quick question though, will this send my phone into a continuous bootloop if I don't run aosp?
Sent from my ADR6425LVW using Tapatalk 2
prototype7 said:
Here's a better guide for it, I'll update the OP in a minute: http://rootzwiki.com/topic/27003-root-dinc2-on-any-firmware-may-want-to-sticky-later/
Edit: OP updated.
Click to expand...
Click to collapse
Trying this now. Hopefully it fixes the
Code:
cannot create /data/local.prop: permission denied
errors other people and myself are seeing.
---------- Post added at 02:46 PM ---------- Previous post was at 02:03 PM ----------
worked until i ran the tacoroot.sh --root command. Didn't root my phone and left me hanging at
Code:
adb shell chmod 777 /data/local/misc_version
adb shell /data/local/sh -c '/data/local/tmp/misc_version -s 2.18.605.3'
after --root this is what i received.
Code:
Usage:
--recovery : For this exploit to work, you must have booted recovery at least on
ce after your last factory reset.
--setup : Setup the phone for root, must be done before --root.
--root : Root the phone.
--undo : Remove TacoRoot.
----------
Rebooting into root.
C:\Program Files (x86)\Android\android-sdk\platforms>abd shell chmod 777 /data/l
ocal/misc_version
'abd' is not recognized as an internal or external command,
operable program or batch file.
C:\Program Files (x86)\Android\android-sdk\platforms>adb shell chmod 777 /data/l
ocal/misc_version
Unable to chmod /data/local/misc_version: No such file or directory
C:\Program Files (x86)\Android\android-sdk\platforms>adb shell /data/local/sh -c
'/data/local/tmp/misc_version -s 2.18.605.3'
/data/local/sh: not found
C:\Program Files (x86)\Android\android-sdk\platforms>
dets34 said:
Trying this now. Hopefully it fixes the
Code:
cannot create /data/local.prop: permission denied
errors other people and myself are seeing.
---------- Post added at 02:46 PM ---------- Previous post was at 02:03 PM ----------
worked until i ran the tacoroot.sh --root command. Didn't root my phone and left me hanging at
Code:
adb shell chmod 777 /data/local/misc_version
adb shell /data/local/sh -c '/data/local/tmp/misc_version -s 2.18.605.3'
after --root this is what i received.
Code:
Usage:
--recovery : For this exploit to work, you must have booted recovery at least on
ce after your last factory reset.
--setup : Setup the phone for root, must be done before --root.
--root : Root the phone.
--undo : Remove TacoRoot.
----------
Rebooting into root.
C:\Program Files (x86)\Android\android-sdk\platforms>abd shell chmod 777 /data/l
ocal/misc_version
'abd' is not recognized as an internal or external command,
operable program or batch file.
C:\Program Files (x86)\Android\android-sdk\platforms>adb shell chmod 777 /data/l
ocal/misc_version
Unable to chmod /data/local/misc_version: No such file or directory
C:\Program Files (x86)\Android\android-sdk\platforms>adb shell /data/local/sh -c
'/data/local/tmp/misc_version -s 2.18.605.3'
/data/local/sh: not found
C:\Program Files (x86)\Android\android-sdk\platforms>
Click to expand...
Click to collapse
Interesting. Looking over the code and tacoroot.sh, nothing actually puts the misc_version where it needs to be lol. Updated the instructions and added "adb push misc_version /data/local" before "adb shell chmod...", try that.
yeah i was just going to say looks like a the push misc_version was missing which solved everything for me.
as for others with this problem if the push misc_version doesn't seem to help i'd take a loot at this post here http://forum.xda-developers.com/showthread.php?t=1526316 for manually changing the version.
s-offffffed
dets34 said:
yeah i was just going to say looks like a the push misc_version was missing which solved everything for me.
as for others with this problem if the push misc_version doesn't seem to help i'd take a loot at this post here http://forum.xda-developers.com/showthread.php?t=1526316 for manually changing the version.
s-offffffed
Click to expand...
Click to collapse
So it worked?
This guide was tested on my samsung galaxy [email protected] gt-B5330 and it worked.
WARNING: this can brick your phone, used on your own risk (both eyes wide open).
The idea behing can be ported on any phone that allows you to upload custom firmware (most samsungs with odin).
The idea is that you escalate to superuser by setting suid on /system/bin/toolbox executable.
By duing that you can run most of the unix commands on android as a superuser.
I is enought for you to copy su utility somewhere where there is not a nosuid option on mountpoint. and make it a suided executable then execute su and get the #.
It's all down hill from here.
I cannot verify for every ics rom out there, but it seems that now ics uses ext4 filesystem for the system partition.
I have made a script that inspects a stock rom firmware isolate the permissions for the toolbox executable and add to them SUID,SUIG.
After that it pachs the firmware back and you can flash it to your device and have a easylly rootable device. (I will post the stept to take to get a standard rooted device).
What you need:
a linux/gnu (it will not work with cygwin because we have to mount the ext4 partition).
simg2img utility (you can get it from xda site it is in ext4_utility packet).
su, busybox and superuser.apk binaries for android (you can take them from a rooting package).
heimdal (for linux) xor odin (for windows and if you cannot flash the firmware on your phone form linux).
I've put all untilities that are not standard into the tar.
just unpack and you have the universal-patch.sh to run over an .tar.md5 firware stock rom.
And post-firmwareUpdate.sh to run after you flash in order to make the root a standard android root.
This was not tested on any other phone (was tested only on GT-B5330) and do it on your own risk.
This rooting does not exploit any weakness (or flaw) in kernel or any thing, it just modifies the stock firmware to make it more flexible so it should be forward compatible with any version of android after ics.
I assume this would exclude HTC's since you meed to be s-off to flash a firmware. I would probably verify that and edit the title if necessary. Other than that, this looks like it could be helpful.
Help to understand the procedure
Hi ETTT,
first of all thanks for your job and effort in finding a solution to this issue.. it has been driving me crazy till now.. but thanx to you i see the light :good: I see it but i cannot really understand the procedure.. Could you please write a step by step explanation of what i need to do. (I am not what we could call a genius with linux).
Thanks in advance.
The First said:
Hi ETTT,
first of all thanks for your job and effort in finding a solution to this issue.. it has been driving me crazy till now.. but thanx to you i see the light :good: I see it but i cannot really understand the procedure.. Could you please write a step by step explanation of what i need to do. (I am not what we could call a genius with linux).
Thanks in advance.
Click to expand...
Click to collapse
If you are refering to the procedure that the script is doing here is the version of step by step (with-out the script):
http://forum.xda-developers.com/showthread.php?t=1956653
If you want to know the step by step with the script, here (I will not respond to more basic than this, like how to boot ubuntu and stuff.):
mkdir -p /tmp/foo
sudo mkdir /mnt
cd /tmp/foo
tar -xzf universal-patch.tar.gz
export PATH=./:$PATH
{get the firmware here and unzip it, it should have a file with .tar.md5 suffix}
./universal-patch.sh {the name of the firmware including the .tar.md5 suffix}
wait a while. you should have by the way about 10 times the size of the zip as free space.
if all goes well you will have a myfrm.tar.md5 rady for flashing.
flash the firmware, and after boot enable usb debuging, hook the phone to pc
sudo adb devices
./post-firmwareUpdate.sh
you should have a rooted phone.
you cannot go any more basic than that.
Have fun.
Thanks for your effort, I'm already have my XWALH3 patched, btw you should to check the patch on line 19, you've misstype something there
Sent from my GT-B5330 using xda app-developers app
The file after qa
phyxar said:
Thanks for your effort, I'm already have my XWALH3 patched, btw you should to check the patch on line 19, you've misstype something there
Sent from my GT-B5330 using xda app-developers app
Click to expand...
Click to collapse
Thanks for testing and input.
phyxar said:
Thanks for your effort, I'm already have my XWALH3 patched, btw you should to check the patch on line 19, you've misstype something there
Sent from my GT-B5330 using xda app-developers app
Click to expand...
Click to collapse
XWALH3 i've produce from your universal-patch cannot being flashed to my phone, odin crash each time open those files
phyxar said:
XWALH3 i've produce from your universal-patch cannot being flashed to my phone, odin crash each time open those files
Click to expand...
Click to collapse
I'm puting the xdelta to the XWALH3
here are the md5s for the original and patched firmware.
cfe3ca545c4a2c8d453e02cd549655a1 B5330XWALH3_B5330OJVALH1_B5330XXLH4_HOME.tar.md5
624f63943bff54941e4042a39d7928f2 myfrm.tar.md5
Now I have some question in order to debug:
does the patching you have done yeild the same file as I have here?
have you use the same imput? (that's why I've give you the md5 of my imput).
Hey you have rooted you b5330 then do you notice any performance upgrade
Sent from my GT-B5330 using xda premium
Can I patch the firmware using windows??
Because I'm on win
I don't really understand using linux
Or can you make single click batch file that I can use it to patch my firmware???
I really appreciate it if someone provide it
Thanks
Sent from my GT-B5330 using xda app-developers app
byboyz said:
Can I patch the firmware using windows??
Because I'm on win
I don't really understand using linux
Or can you make single click batch file that I can use it to patch my firmware???
I really appreciate it if someone provide it
Thanks
Sent from my GT-B5330 using xda app-developers app
Click to expand...
Click to collapse
I don't know windows that much to make a batch clone of the script. so you need linux.
But you can use a live cd (maybe from ubuntu) to run the script.
ETTT said:
I don't know windows that much to make a batch clone of the script. so you need linux.
But you can use a live cd (maybe from ubuntu) to run the script.
Click to expand...
Click to collapse
Thx for ur reply
How can I open XWALH3.patch that u give earlier??
Bcause I don't know anything about linux
Sent from my GT-B5330 using xda app-developers app
byboyz said:
Thx for ur reply
How can I open XWALH3.patch that u give earlier??
Bcause I don't know anything about linux
Sent from my GT-B5330 using xda app-developers app
Click to expand...
Click to collapse
that patch is an xdelta patch.
There is an xdelta application on windows, don't know if it works, but it should work.
ETTT said:
If you are refering to the procedure that the script is doing here is the version of step by step (with-out the script):
http://forum.xda-developers.com/showthread.php?t=1956653
If you want to know the step by step with the script, here (I will not respond to more basic than this, like how to boot ubuntu and stuff.):
mkdir -p /tmp/foo
sudo mkdir /mnt
cd /tmp/foo
tar -xzf universal-patch.tar.gz
export PATH=./:$PATH
{get the firmware here and unzip it, it should have a file with .tar.md5 suffix}
./universal-patch.sh {the name of the firmware including the .tar.md5 suffix}
wait a while. you should have by the way about 10 times the size of the zip as free space.
if all goes well you will have a myfrm.tar.md5 rady for flashing.
flash the firmware, and after boot enable usb debuging, hook the phone to pc
sudo adb devices
./post-firmwareUpdate.sh
you should have a rooted phone.
you cannot go any more basic than that.
Have fun.
Click to expand...
Click to collapse
hi there, I'm stuck at last point/step: ./post-firmwareUpdate.sh
my terminal respond many error about busybox
the code like this:
2684 KB/s (91980 bytes in 0.033s)
4016 KB/s (996704 bytes in 0.242s)
4491 KB/s (1085140 bytes in 0.235s)
.//busybox: 1: .//busybox: Syntax error: word unexpected (expecting ")")
.//busybox: 1: .//busybox: Syntax error: word unexpected (expecting ")")
dd if=/data/local/tmp/su of=/mnt/obb/su # copy the su binary to a place that can be sudoed
chown 0.0 /mnt/obb/su # modify the owner
chmod 6755 /mnt/obb/su # set SUID flag.
/mnt/obb/su # becomes root !!
mount -o remount,rw /system # remount the system partition as readwrite.
dd if=/data/local/tmp/su of=/system/xbin/su #copy su in path
chown 0.0 /system/xbin/su
chmod 6755 /system/xbin/su
chmod 755 /system/bin/toolbox # close the security hole (toolbox is nolonger with SUID)
dd if=/data/local/tmp/Superuser.apk of=/system/app/Superuser.apk # copy the superuser application
chown 0.0 /system/app/Superuser.apk
chmod 666 /system/app/Superuser.apk
#now this is done for busybox
dd if=/data/local/tmp/busybox of=/system/xbin/busybox
chown 0.0 /system/xbin/busybox
chmod 755 /system/xbin/busybox
cd /system/xbin
for k in
nt/obb/su # copy the su binary to a place that can be sudoed <
/mnt/obb/su: cannot open for write: Permission denied
1|[email protected]:/ $ chown 0.0 /mnt/obb/su # modify the owner
Unable to chmod /mnt/obb/su: No such file or directory
10|[email protected]:/ $ chmod 6755 /mnt/obb/su # set SUID flag.
Unable to chmod /mnt/obb/su: No such file or directory
10|[email protected]:/ $ /mnt/obb/su # becomes root !!
/system/bin/sh: /mnt/obb/su: not found
# remount the system partition as readwrite. <
mount: Operation not permitted
/system/xbin/su #copy su in path <
/system/xbin/su: cannot open for write: Read-only file system
1|[email protected]:/ $ chown 0.0 /system/xbin/su
Unable to chmod /system/xbin/su: No such file or directory
10|[email protected]:/ $ chmod 6755 /system/xbin/su
Unable to chmod /system/xbin/su: No such file or directory
# close the security hole (toolbox is nolonger with SUID) <
Unable to chmod /system/bin/toolbox: Read-only file system
er.apk of=/system/app/Superuser.apk # copy the superuser application <
/system/app/Superuser.apk: cannot open for write: Read-only file system
1|[email protected]:/ $ chown 0.0 /system/app/Superuser.apk
Unable to chmod /system/app/Superuser.apk: No such file or directory
10|[email protected]:/ $ chmod 666 /system/app/Superuser.apk
Unable to chmod /system/app/Superuser.apk: No such file or directory
10|[email protected]:/ $ #now this is done for busybox
10|[email protected]:/ $ dd if=/data/local/tmp/busybox of=/system/xbin/busybox
/system/xbin/busybox: cannot open for write: Read-only file system
1|[email protected]:/ $ chown 0.0 /system/xbin/busybox
Unable to chmod /system/xbin/busybox: No such file or directory
10|[email protected]:/ $ chmod 755 /system/xbin/busybox
Unable to chmod /system/xbin/busybox: No such file or directory
10|[email protected]:/ $ cd /system/xbin
[email protected]:/system/xbin $ for k in
Click to expand...
Click to collapse
smhybrid said:
hi there, I'm stuck at last point/step: ./post-firmwareUpdate.sh
my terminal respond many error about busybox
the code like this:
Click to expand...
Click to collapse
Ok it seams busybox has a thing against ")" in comments.
Here is the script without comments, so try this.
ETTT said:
Ok it seams busybox has a thing against ")" in comments.
Here is the script without comments, so try this.
Click to expand...
Click to collapse
no good, it's still have same error...
maybe the problem is in busybox?
and i don't know why I'm unable to do chmod
smhybrid said:
no good, it's still have same error...
maybe the problem is in busybox?
and i don't know why I'm unable to do chmod
Click to expand...
Click to collapse
give this command:
adb shell ls -l /system/bin/toolbox
and let's see if the toolbox has suid.
ETTT said:
give this command:
adb shell ls -l /system/bin/toolbox
and let's see if the toolbox has suid.
Click to expand...
Click to collapse
what i get is
-rwxr-xr-x root shell 99068 2012-08-09 11:59 toolbox
how to get suid?
smhybrid said:
what i get is
-rwxr-xr-x root shell 99068 2012-08-09 11:59 toolbox
how to get suid?
Click to expand...
Click to collapse
have you flash the patched firmware?
ETTT said:
have you flash the patched firmware?
Click to expand...
Click to collapse
well, I've just do all of Your step, except this:
flash the firmware, and after boot enable usb debuging, hook the phone to pc
Click to expand...
Click to collapse
because I don't know the meaning of flash the firmware. How to do that?
So I skip that and hook the phone to pc with usb debugging enabled
i'm new at linux, but I want to try this method for my galaxy chat
Rooting The Ampe A10 Dual core 3g ICS
1.
Download and install the drivers required to connect the tablet to a windows pc (I used Win7) not any old ADB drivers will do the first ones I came across didn’t work so I recommend downloading from here - http://www.topnotchtablets.com/installADBdriver (PDA Net for Android)
2.
Download the rooting program from this thread here
http://forum.xda-developers.com/showthread.php?t=1886460
Bin4ry…zip direct link - http://ul.to/h44f6vni
3.
Extract the contents of the zip folder into a directory on the pc
Rooting is done at your own risk!
4.
Plug the tablet into the pc and run the RunMe.bat file
Screen will pop up select option 1 Normal
follow the instructions on the screen, it will refer to the tablet and you need to select restore. Once updated a reboot will happen and root should be done, if you wish to check root download root checker from the android market
enjoy
you mite like Webkey for example to remotely use the Android
Thanks, I've already rooted the same device as Sanei N10 3G (MSM8625 CPU).
But do you know something about a recovery mod that works with this tablet?
recovery
Hello, I also Sanei N10. found recovery and third-party firmware if found give the link
murkin82 said:
Hello, I also Sanei N10. found recovery and third-party firmware if found give the link
Click to expand...
Click to collapse
Be careful, we're talking about the 3G version with Qualcomm Snapdragon CPU.
If you have anything but root, pls post it.
I have no Ampe A10/Sanei N10 Dual core 3G. recovery or firmware met?!
snapon said:
Rooting The Ampe A10 Dual core 3g ICS
2.
Download the rooting program from this thread here
http://forum.xda-developers.com/showthread.php?t=1886460
Bin4ry…zip direct link - http://ul.to/h44f6vni
Click to expand...
Click to collapse
First of all, thank you for your help!
Could you please upload this file on a site where one can really download it and isnʼt directed elsewhere to register for a paid package?
There are many good file sharing sites, even Googleʼs Drive.
murkin82 said:
Hello, I also Sanei N10. found recovery and third-party firmware if found give the link
Click to expand...
Click to collapse
The Ampe 10 seems to have its own recovery built in and can be started by turning the device off turn it back on hold both volume up and power. From this menu you can recover / update from the SD card. I found the original firmware here 86pp.com/download_view.asp and have installed this one you need to extract msm7627a_fw8937-ota-eng_mmc.zip from the downloaded zip copy it to the SD
I think the firmware can also be found here: szampe.com/support_down.asp? but as its all in Chinese its difficult to tell
Mazarin07 said:
First of all, thank you for your help!
Could you please upload this file on a site where one can really download it and isnʼt directed elsewhere to register for a paid package?
There are many good file sharing sites, even Googleʼs Drive.
Click to expand...
Click to collapse
Its not mine to re-distribute and you can download from that fileshare site without registering or paying you just use the 'Free' option and wait a little longer
thanks
thanks worked for me
murkin82 said:
Hello, I also Sanei N10. found recovery and third-party firmware if found give the link
Click to expand...
Click to collapse
Try this site slatedroid.com/blog/85/entry-96-aokp-cm9-cm10-installation-guide-for-ampe-a10-sanei-n10/
Thanks in advance!
W3sti said:
Thanks, I've already rooted the same device as Sanei N10 3G (MSM8625 CPU).
But do you know something about a recovery mod that works with this tablet?
Click to expand...
Click to collapse
Did you mean you rooted Sanei N 10 with dual core Qualcomm MSM8625? Could you please tell which method you followed, or how you managed to do it.
And also, will I ever be able to install Jelly bean on this particular tablet?
Thanks in advance!
Mt Everest said:
Did you mean you rooted Sanei N 10 with dual core Qualcomm MSM8625? Could you please tell which method you followed, or how you managed to do it.
And also, will I ever be able to install Jelly bean on this particular tablet?
Thanks in advance!
Click to expand...
Click to collapse
Try Tasselhofs rootscript at mediafire.com/?2jt4ft8xpfzyw2g
But in section :root I used this code:
Code:
adb root
adb shell "chmod 777 /system/local/tmp"
adb shell mv /data/local/tmp /data/local/tmp.bak
adb shell ln -s /data /data/local/tmp
adb reboot
@PING 1.1.1.1 -n 1 -w 5000 >NUL
adb wait-for-device
adb shell "echo \"ro.kernel.qemu=1\"> /data/local.prop"
adb reboot
@PING 1.1.1.1 -n 1 -w 5000 >NUL
adb wait-for-device
adb remount
adb shell "chmod 777 /system/bin"
adb push su /system/bin/su
adb shell "chown root.shell /system/bin/su"
adb shell "chmod 06755 /system/bin/su"
adb shell "chmod 06755 /system/bin/su"
adb shell "ln -s /system/bin/su /system/xbin/su"
adb push Superuser.apk /system/app/.
adb shell rm /data/local.prop
adb shell rm /data/local/tmp
adb shell mv /data/local/tmp.bak /data/local/tmp
adb push busybox /data/local/tmp/.
adb shell "chmod 755 /data/local/tmp/busybox"
adb shell "/data/local/tmp/busybox mount -o remount,rw /system"
adb shell "dd if=/data/local/tmp/busybox of=/system/xbin/busybox"
adb shell "chown root.shell /system/xbin/busybox"
adb shell "chmod 04755 /system/xbin/busybox"
adb shell "/system/xbin/busybox --install -s /system/xbin"
adb shell "rm -r /data/local/tmp/busybox"
adb reboot
It's not necessary to use any other options than 1. and 2.
After that install Titanium Backup and check for errors and let TB fix it (Some permissions seems to be "broken".).
snapon said:
Try this site slatedroid.com/blog/85/entry-96-aokp-cm9-cm10-installation-guide-for-ampe-a10-sanei-n10/
Click to expand...
Click to collapse
You cannot use this CM9/10, i'ts only for Allwinner A10 CPU!
For now, I didn't found a working recovery.img for MSM8625.
It worked fine, thank you very much! :good:
One problem still exist: the build.prop file still cannot be edited, is write-protected.
---------- Post added at 10:24 PM ---------- Previous post was at 10:18 PM ----------
snapon said:
...I found the original firmware here 86pp.com/download_view.asp....
I think the firmware can also be found here: szampe.com/support_down.asp? but as its all in Chinese its difficult to tell
Click to expand...
Click to collapse
It was deleted from the first site.
On the second site, more specifically from here, you can download the firmware (version 3 Nov, 2012), but I am afraid that everyting is in Chinese.
....
W3sti said:
Try Tasselhofs rootscript at mediafire.com/?2jt4ft8xpfzyw2g
But in section :root I used this code:
Code:
adb root
adb shell "chmod 777 /system/local/tmp"
adb shell mv /data/local/tmp /data/local/tmp.bak
adb shell ln -s /data /data/local/tmp
adb reboot
@PING 1.1.1.1 -n 1 -w 5000 >NUL
adb wait-for-device
adb shell "echo \"ro.kernel.qemu=1\"> /data/local.prop"
adb reboot
@PING 1.1.1.1 -n 1 -w 5000 >NUL
adb wait-for-device
adb remount
adb shell "chmod 777 /system/bin"
adb push su /system/bin/su
adb shell "chown root.shell /system/bin/su"
adb shell "chmod 06755 /system/bin/su"
adb shell "chmod 06755 /system/bin/su"
adb shell "ln -s /system/bin/su /system/xbin/su"
adb push Superuser.apk /system/app/.
adb shell rm /data/local.prop
adb shell rm /data/local/tmp
adb shell mv /data/local/tmp.bak /data/local/tmp
adb push busybox /data/local/tmp/.
adb shell "chmod 755 /data/local/tmp/busybox"
adb shell "/data/local/tmp/busybox mount -o remount,rw /system"
adb shell "dd if=/data/local/tmp/busybox of=/system/xbin/busybox"
adb shell "chown root.shell /system/xbin/busybox"
adb shell "chmod 04755 /system/xbin/busybox"
adb shell "/system/xbin/busybox --install -s /system/xbin"
adb shell "rm -r /data/local/tmp/busybox"
adb reboot
It's not necessary to use any other options than 1. and 2.
Hey in root you used the following commands means???how??
i have ordered this tablet and will reach me soon i think,i have the tasselhoof rootscript but it is as follows rite?
option 1 is to check the connection
option 2 is to root.
Then after choosing option 1 did you choosed option 2 or did something else???
can you explain briefly please??
Any help will be great...
Click to expand...
Click to collapse
I did root on my Sanei N10 3G Dualcore, but now I cannot find any recovery.img for CWM, can i use the one from single or quad core sanei N10 device?
I want to make a backup (nandroid) so waht can I do?
Thanks in advance
scotty2000 said:
I did root on my Sanei N10 3G Dualcore, but now I cannot find any recovery.img for CWM, can i use the one from single or quad core sanei N10 device?
I want to make a backup (nandroid) so waht can I do?
Thanks in advance
Click to expand...
Click to collapse
You cannot use an other image. For now it's not possible to use nandroid. Try "Titanium Backup Root" for a most complete backup.
---------- Post added at 08:47 PM ---------- Previous post was at 08:40 PM ----------
h.d.modi said:
...
Hey in root you used the following commands means???how??
i have ordered this tablet and will reach me soon i think,i have the tasselhoof rootscript but it is as follows rite?
option 1 is to check the connection
option 2 is to root.
Then after choosing option 1 did you choosed option 2 or did something else???
can you explain briefly please??
Any help will be great...
Click to expand...
Click to collapse
1. Edit the script, replace the code in section ":root", save the file and execute the script
2. Check the connection with option 1 and choose option 2 to root
3. If you don't know what i explained, ask somebody who knows a bit about batch-programming
its worked for sanei n10 dual core 3g tablet pc Thank you !
W3sti said:
You cannot use an other image. For now it's not possible to use nandroid. Try "Titanium Backup Root" for a most complete backup.
Click to expand...
Click to collapse
Thanks!
Is it possible to create an image out of an other one in an easy way and what do i need to do this?
Or is it to much complicated to work out an recovery image?
I am not really firm with those android things but willing to learn if possible with a "how to guide" for building recovery images
Worked great on Ampe A10, 5min job!
Any news about Android 4.1.x update/rom? Cyanogenmod? Any way to get Jellybean?
Tried to find a way to get jelly bean but i think there isn't any...
BTW, does anyone know SNES emulator that works with this tablet?
I thought I'd let folks know what I did in order to root on 8.5.1 and not have slowness. This isn't a complete walkthrough and assumes you have ADB drivers installed and working and access to ADB.
First I used the exploit found in this thread.
http://forum.xda-developers.com/showthread.php?t=2544736
I downloaded kindlehd2013_root.zip and also got the zip copy of superuser from
http://download.clockworkmod.com/superuser/superuser.zip
I extracted all to a folder. I then replaced the su from the kindlehd2013_root.zip with the superuser.zip armeabi folder version. Then you run the commands it has in the post.
adb push su /data/local/tmp/
adb push rootme.sh /data/local/tmp/
adb push exploit /data/local/tmp/
adb shell chmod 755 /data/local/tmp/rootme.sh
adb shell chmod 755 /data/local/tmp/exploit
Before I ran this last line I made sure su had the correct permissions:
type adb shell:
then ran the command
chmod 6755 /data/local/tmp/su
adb shell /data/local/tmp/exploit -c "/data/local/tmp/rootme.sh"
now you can get root via ADB by going into
adb shell
then run the command su
from there I made sure the su had the correct permissions again in the new location:
mount -o remount,rw /system
I had a complaint about space so I just removed the officesuite.apk in /system/apps to the sdcard
chown 0:0 /system/xbin/su
chmod 6755 /system/xbin/su
Then using the superuser.apk from the zip installed it.
adb install superuser.apk
Hope this helps others have success. From here you can follow the tutorials to get Google apps and such. I'd love to run an alternative ROM but have the LTE version and haven't been able to find one that has working LTE.
Hi Macman005!!
I want to use your method to root my Hd 8.9, I dont want too install a room, only install google services to use my chromecast. But before I want to Know:
How I move the officesuite.apk in /system/apps to the sdcard, if I have the space complaint you had?
I really appreciate any help you can provide
jaramosparra said:
Hi Macman005!!
I want to use your method to root my Hd 8.9, I dont want too install a room, only install google services to use my chromecast. But before I want to Know:
How I move the officesuite.apk in /system/apps to the sdcard, if I have the space complaint you had?
I really appreciate any help you can provide
Click to expand...
Click to collapse
On device you can use es file explorer -> enable root explorer from the left side the click on root explorer -> mount r/w -> then make sure /system is rw
Via ADB
adb pull /system/app/OfficeSuite.apk
adb shell
su for root
mount -o remount,rw /system
rm /system/app/OfficeSuite.apk
Hi Macman005
I had follow your instructions and I had manage to root my hd 8.9, total success!!!
Thanks!!
hi there folks,
so i've read through a bunch of guides and steps to accompish getting root on a kindle fire hd 8.9 running 8.5.1
i followed your above steps to the T but everytime i try and execute the exploit i get a error like this
***********
Attempt msm_cameraconfig exploit...
Detected kernel physical address at 0x80008000 form iomem
Attempt put_user exploit...
write: No space left on device
************
i read further into this post and in others that moving files around was the answer but i'm unable to move the files using
Code:
./adb shell
mv /system/OfficeSuite.apk /sdcard
i get a error like "failed cross device link"
so i'm guessing i'll only have access after rooting to move or delete files in /system
************
Code:
$ df
Filesystem Size Used Free Blksize
/dev 383M 32K 383M 4096
/mnt/asec 383M 0K 383M 4096
/mnt/obb 383M 0K 383M 4096
/system 872M 872M 0K 4096
/data 13G 372M 12G 4096
/cache 639M 10M 628M 4096
/efs 15M 4M 11M 4096
/mnt/sdcard 13G 372M 12G 4096
[email protected]:/system/app $
*********
any suggestions tips or links would be appreciated
Use adb pull to get the file out of /system/app then just try to delete it. I'm guessing it won't work though without root.
Did you check to see if su was in the /system/xbin/su dir?
macman005 said:
Use adb pull to get the file out of /system/app then just try to delete it. I'm guessing it won't work though without root.
Did you check to see if su was in the /system/xbin/su dir?
Click to expand...
Click to collapse
already tried rm -rf OfficeSuit.apk
pulling it leaves the file inplace
su is in place in xbin
Code:
[email protected]:/ $ cd /system/xbin/
[email protected]:/system/xbin $ ll
-rwxr-xr-x root shell 59392 2008-08-01 12:00 dexdump
-rwxr-xr-x root shell 63448 2008-08-01 12:00 hciconfig
-rwxr-xr-x root shell 36776 2008-08-01 12:00 hcitool
-rwxr-xr-x root shell 5608 2008-08-01 12:00 hdcp-test
-rwsr-sr-x root root 94208 2014-11-19 22:25 su
127|[email protected]:/sdcard $ su --help
Segmentation fault
139|[email protected]:/sdcard $ su touch test
Segmentation fault
139|[email protected]:/sdcard $ su
Segmentation fault
139|[email protected]:/sdcard $
i've tried tinkering with permissions with no luck
i'm not worried about root on the kindle os, i mostly want to stick CM11 on it - i recall reading a article on cyanogenmod's page about flashing the CM11 rom on the kindle it didn't mention that root was required i just kind of assumed it was to be able to install a second bootloader etc
If you don't need to follow my root you just use this tutorial. The root being slow isn't a big deal since you'll replace it with cm11
http://forum.xda-developers.com/showthread.php?t=2789289
macman005 said:
If you don't need to follow my root you just use this tutorial. The root being slow isn't a big deal since you'll replace it with cm11
http://forum.xda-developers.com/showthread.php?t=2789289
Click to expand...
Click to collapse
sweet thanks for the tip - i'll give this one a try (i'd tried a couple other methods with no success)
Everything good for me until:
adb shell /data/local/tmp/exploit -c "/data/local/tmp/rootme.sh"
Then I get:
Code:
Device detected: KFJWI (IMM76D)
Attempt acdb exploit...
KFJWI (IMM76D) is not supported.
Attempt fj_hdcp exploit...
Attempt msm_cameraconfig exploit...
Detected kernel physical address at 0x80008000 form iomem
Attempt put_user exploit...
After that nothing works. Any ideas where i might have taken the wrong turn?
Do you have su in the /system/xbin folder?
macman005 said:
Do you have su in the /system/xbin folder?
Click to expand...
Click to collapse
Thanks for reply macman.
I gave up... Followed the instructions you gave and all seemed well until step: adb shell /data/local/tmp/exploit -c "/data/local/tmp/rootme.sh"
So not sure but will check when I can try again. Would love to totally clean out amazon junk and turn into android pad.
Im having the same problem as Justanumber, and I'm not sure if I have the su in the /system/xbin folder
I was able to root 8.5.1. What I did was try the Bin4ry method, first option 1, when that didn't work option 2. It made my kindle run slow and was almost unusable. Being very patient due to the slowness, I tried the QEMU method. It seems like some things transferred to the kindle and others didn't and I got an error. I then went back to Bin4ry and ran unroot and got an error. The last thing I tried was to run root option 2 once more and success. I then went right to Hashcodes post and installed a second bootloader and cm11. I'm not a developer so I put everything I did. Maybe someone who knows what they are doing can figure out what is needed from all that. Whatever I did though, I got for on 8.5.1 without any issues once it went through
Sent from my HTC6525LVW using XDA Premium 4 mobile app
worked perfectly for me on 8.5.1, always a bit nervous messing with the kindle but no problems . Big thanks to the op. I didn't have any complaints about space, and there was none of the slowdown problems so many people complain about after rooting the new firmware. Now i have installed hashcode's cm12 port and its like a brand new gadget...
I got as far as "adb shell", but the su command returns "permission denied"
What exactly do you mean when you say "check su permissions." First time using ADB.
please help me
macman005 said:
I thought I'd let folks know what I did in order to root on 8.5.1 and not have slowness. This isn't a complete walkthrough and assumes you have ADB drivers installed and working and access to ADB.
First I used the exploit found in this thread.
http://forum.xda-developers.com/showthread.php?t=2544736
I downloaded kindlehd2013_root.zip and also got the zip copy of superuser from
http://download.clockworkmod.com/superuser/superuser.zip
I extracted all to a folder. I then replaced the su from the kindlehd2013_root.zip with the superuser.zip armeabi folder version. Then you run the commands it has in the post.
adb push su /data/local/tmp/
adb push rootme.sh /data/local/tmp/
adb push exploit /data/local/tmp/
adb shell chmod 755 /data/local/tmp/rootme.sh
adb shell chmod 755 /data/local/tmp/exploit
Before I ran this last line I made sure su had the correct permissions:
type adb shell:
then ran the command
chmod 6755 /data/local/tmp/su
adb shell /data/local/tmp/exploit -c "/data/local/tmp/rootme.sh"
now you can get root via ADB by going into
adb shell
then run the command su
from there I made sure the su had the correct permissions again in the new location:
mount -o remount,rw /system
I had a complaint about space so I just removed the officesuite.apk in /system/apps to the sdcard
chown 0:0 /system/xbin/su
chmod 6755 /system/xbin/su
Then using the superuser.apk from the zip installed it.
adb install superuser.apk
Hope this helps others have success. From here you can follow the tutorials to get Google apps and such. I'd love to run an alternative ROM but have the LTE version and haven't been able to find one that has working LTE.
Click to expand...
Click to collapse
Please help sir can you do a video of it on how to root the version 8.5.1 cause I cnt follow hard instruction pls lemme see
macman005 said:
Do you have su in the /system/xbin folder?
Click to expand...
Click to collapse
Could you specify a little on how to find this out?
I'm also getting stuck after:
adb shell /data/local/tmp/exploit -c "/data/local/tmp/rootme.sh"
"Attempt acdb explot...
KFJWI <IMM76D> is not supported.
Attempt fj_hdcp exploit...
Attempt msm-cameraconfic exploit...
Detected kernel physical address at 0x80008000 from iomem
Attempt put_user exploit...
Thanks
macman005 said:
I thought I'd let folks know what I did in order to root on 8.5.1 and not have slowness. This isn't a complete walkthrough and assumes you have ADB drivers installed and working and access to ADB.
First I used the exploit found in this thread.
http://forum.xda-developers.com/showthread.php?t=2544736
I downloaded kindlehd2013_root.zip and also got the zip copy of superuser from
http://download.clockworkmod.com/superuser/superuser.zip
I extracted all to a folder. I then replaced the su from the kindlehd2013_root.zip with the superuser.zip armeabi folder version. Then you run the commands it has in the post.
adb push su /data/local/tmp/
adb push rootme.sh /data/local/tmp/
adb push exploit /data/local/tmp/
adb shell chmod 755 /data/local/tmp/rootme.sh
adb shell chmod 755 /data/local/tmp/exploit
Before I ran this last line I made sure su had the correct permissions:
type adb shell:
then ran the command
chmod 6755 /data/local/tmp/su
adb shell /data/local/tmp/exploit -c "/data/local/tmp/rootme.sh"
now you can get root via ADB by going into
adb shell
then run the command su
from there I made sure the su had the correct permissions again in the new location:
mount -o remount,rw /system
I had a complaint about space so I just removed the officesuite.apk in /system/apps to the sdcard
chown 0:0 /system/xbin/su
chmod 6755 /system/xbin/su
Then using the superuser.apk from the zip installed it.
adb install superuser.apk
Hope this helps others have success. From here you can follow the tutorials to get Google apps and such. I'd love to run an alternative ROM but have the LTE version and haven't been able to find one that has working LTE.
Click to expand...
Click to collapse
I'm pretty proficient with ADB, so your steps were easy to follow. Now I have a rooted Kindle Fire HD 8.9 on 8.5.1.
Thank you
Hello,
I'm following these instructions. When I run su, i get "Permission Denied."
Any ideas? The steps before seem to run fine.
When i run the exploit, i see the follwing:
Device detected: KFJWI (IMM76D)
Attempt acdb exploit...
KFJWI (IMM76D) is not supported.
Attempt fj_hdcp exploit...
Attempt msm_cameraconfig exploit...
Detected kernel physical address at 0x80008000 form iomem
Attempt put_user exploit...
---------- Post added at 04:27 PM ---------- Previous post was at 03:48 PM ----------
I got it to work.
I enterd adb shell, then exploit again, without the rootme.sh argument.
Then su worked and I was able to get everything to run
Thanks for the instructions!