I have just rooted my 4.4.4 Xt1028 using KingRoot v 4.5.0 it's not permanent and I can't get xposed to install because of the ro system, My main phone is an xt1028 that was unlocked with sunshine on 4.4.3. However sunshine doesn't support the 4.4.4 so Im at a loss on what to do next. Any suggestions?
Indeed, I've stumbled upon the same thing!
Root goes away after a reboot, but enough to run TitaniumBackup, or a few other apps that want root in order to read the file system.
This is identical to the prior PIE exploit that worked up to 4.4.2 I wonder if there is a way to package this stuff from KingRoot in order not to waste time running it so obviously after each reboot ...
http://forum.xda-developers.com/moto-x/orig-development/root-4-4-x-pie-motorola-devices-t2771623
i got a 2013 Moto G Vzw prepaid that i got back when they were $24.95
been waiting to see if it can be rooted or unlocked to get CM installed or something
i turned it on today, tried the activation bypass and i was able to get into the OS
( pressing next, pull down noticication, then multitask and swype away)
(this device is on KK 4.4.4)
i was able to install and run kingroot 4.5.0 and it gave me some error, BUT it worked successfully anyways....
i can confirm root with titanium and terminal etc...
i have yet to restart it, but my purpose of this is to use it as a gopro remote, or playing ingress or some type of home automation
this should get my by until something else is found
The root is temporary whether or not you reboot. After a while, root stops working and sometimes makes your phone unstable. Everything may start to crash and you'd have to reboot your phone.
Teet1 said:
The root is temporary whether or not you reboot. After a while, root stops working and sometimes makes your phone unstable. Everything may start to crash and you'd have to reboot your phone.
Click to expand...
Click to collapse
This is true, I've seen it too.
What is interesting is that root checker claims that there is /system/xbin/su present by Kingroot. But /system is always read only. ES explorer appears to create files in /system, but if you quit and re-launch, there are no files there.
From shell, I tried to quickly replace KingRoot with SuperSu :
http://forum.xda-developers.com/fire-phone/general/root-fire-phone-supersu-t3105546
This did not work since in shell it claims that the file system is read only.
I wonder how Kingroot manages to maintain the illusion of /system/xbin/su for a while.
There could be a way to authorize SuperSu with Kingroot, and keep the temporary root all the way until a reboot.
I would be so happy to have xposed frameworks at least maybe busybox. my main phone is an xt1028 unlocked but my brothers was already on 4.4.4 that's why I'm so excited about this progress
bibikalka said:
This is true, I've seen it too.
What is interesting is that root checker claims that there is /system/xbin/su present by Kingroot. But /system is always read only. ES explorer appears to create files in /system, but if you quit and re-launch, there are no files there.
From shell, I tried to quickly replace KingRoot with SuperSu :
http://forum.xda-developers.com/fire-phone/general/root-fire-phone-supersu-t3105546
This did not work since in shell it claims that the file system is read only.
I wonder how Kingroot manages to maintain the illusion of /system/xbin/su for a while.
There could be a way to authorize SuperSu with Kingroot, and keep the temporary root all the way until a reboot.
Click to expand...
Click to collapse
If it manages to write into /system, perhaps we can exploit KingRoot to do some more in depth stuff?
Teet1 said:
If it manages to write into /system, perhaps we can exploit KingRoot to do some more in depth stuff?
Click to expand...
Click to collapse
It does not write into /system, it just fools the OS for a short while that somehow "su" was placed into /system/xbin . That's the strange thing about it!
bibikalka said:
It does not write into /system, it just fools the OS for a short while that somehow "su" was placed into /system/xbin . That's the strange thing about it!
Click to expand...
Click to collapse
I read it uses an exploit on the system to gain root or temproot. Maybe we can do the same?
Related
Has anyone gotten their fascinate rooted after the OTA Update? I uses to use z4Root but.this is no longer working. It goes rhough the steps but none of the root apps can get super uswr access. I prefer one touch as I dont feel comfotable typing in all the commads for it to be hooked up to the pc
Dirrk's EZ Root v0.2
I was able to edit the START_ROOT.bat file in Dirrk's EZ Root v0.2 so the it would pause for 120 seconds instead of 60 seconds after the first phone reboot. Then, after the reboot, unplug the USB from the phone and reconnect it. I'm not sure if this will work for everyone, but it worked for me.
Roblovesbox said:
Has anyone gotten their fascinate rooted after the OTA Update? I uses to use z4Root but.this is no longer working. It goes rhough the steps but none of the root apps can get super uswr access. I prefer one touch as I dont feel comfotable typing in all the commads for it to be hooked up to the pc
Click to expand...
Click to collapse
there is a 1 click guide on i believe android central that is very easy. all you do is plug in your phone to a cpu download the .zip and open a file, then leave your phone alone for about 5 minutes and its done. it worked for me when z4 failed.. that was the first time i used anything other than z4 and was a little concerned but it was as easy as z4.. if not easier seeing as that z4 caused my phone to lock up a few times while it was in the process
EDIT: Here is the link.. you will need to register at android central to get the file but its very easy.
http://forum.androidcentral.com/fascinate-roms-hacks/33899-how-root.html
Powell730 said:
there is a 1 click guide on i believe android central that is very easy. all you do is plug in your phone to a cpu download the .zip and open a file, then leave your phone alone for about 5 minutes and its done. it worked for me when z4 failed.. that was the first time i used anything other than z4 and was a little concerned but it was as easy as z4.. if not easier seeing as that z4 caused my phone to lock up a few times while it was in the process
EDIT: Here is the link.. you will need to register at android central to get the file but its very easy.
Click to expand...
Click to collapse
This worked! I did do two things as it would error in the beginning. I changed the pause time in the file on the reboot to 120 seconds instead of the 60 as suggested in one post and I had to unplug my usb cable and plug it back in after the first reboot. Easy none the less, thank you!
Okay...it wont let me edit cause im a newb. The root worked or so I thought but now when I run Titanium backup it says it cant acquire root access. Any Ideas on this anyone?
Roblovesbox said:
Okay...it wont let me edit cause im a newb. The root worked or so I thought but now when I run Titanium backup it says it cant acquire root access. Any Ideas on this anyone?
Click to expand...
Click to collapse
Check and see if you have the Superuser app in your apps list. If not, download it from the Market, and then see if your apps that require root access work or not.
Yes I have the super user APP. The apps are just saying they aren't getting root access. They are in the list as well.
http://forum.xda-developers.com/showthread.php?t=803682
this worked for me, i used it last night
I was working on this last night. Z4root installs su to system/bin, while the 2nd root method installs to system/xbin. The ota changed the file permissions for su, but left the file in tact. That's why the one click mod will say your rooted (it sees the su file), but apps won't have root access.
I had to go old school and chmod the su file in system/bin rebooted and got root access again.
For anyone that used a one click root method like z4 root, and still hasn't done the ota update un root the phone first!
On the road but I will post instructions on how I re-rooted in a few hours as well as the specific files needed.
*actually from what I recall, any files needed are included in the one click root mentioned above.
Sent from my SCH-I500 using XDA App
**Follow instructions in this post http://forum.androidcentral.com/526222-post739.html
except, when you get to the portion that says
cd /system/xbin , replace that with cd /system/bin
(I believe only z4root users that did not unroot need to change this, or anyone who has su copied to their /bin directory without the root.)
everything is exactly the same... It's much better linking the post than copying the info again.
My phone w/ OTA dl09 is rooted successful by using Fascinateforums method.
Sent from my SCH-I500 using XDA App
When apps that ask for root permissions are launched, it doesnt work, example: TI backup says that the device isnt rooted and i might have to check the SU binaries. My N7 was rooted before a update for Superuser was available, now something happen after i updated it. But i dont know what...
That's weird. After you updated your SU, did you go to SU to update its binaries?
i did that twice, and it did say to update binaries...so...
you might need SuperSu instead
What Android version are you running?
Droid_Boi86 said:
i did that twice, and it did say to update binaries...so...
Click to expand...
Click to collapse
I had similar problems with "lightly rooted" stock (4.2.1/JOP40D) using a slightly older version of Superuser. Some apps could get root and others could not. But things have been in flux recently; read on...
I poked around a little bit and it appeared that the 4.2 multi-user stuff was interfering with the way that older versions of (ChainsDD's) Superuser worked, and at that time (only a couple weeks ago) ChainsDD had not released a newer update - things were still in flux.
I switched over to SuperSU, and no problems since... but....
...for me, installation of SuperSU didn't go swimmingly. As I recall the SuperSU install instructions say something like "you need to already have root to install the SuperSU `su' binary". Makes sense as it needs to write it's 'su' binary into /system, which in turn means it needs to get root privilege from a pre-existing su/Superuser installation.
So it poses a chicken-and-egg problem if you have lost root completely which I somehow managed to do... wait, I remember now! I had left the old 'su' binary in place, but had manually uninstalled "Superuser" from /system before I attempted the SuperSU install. Doh!
If you have lost root... you can manually install SuperSU offline inside the recovery via adb & the command line, which means getting both the SuperSU.apk and the 'su' binary ahead of time.
You can get the .apk from the market. You can attempt an install - it will download the 'su' binary and (no kidding) place a copy of it in /data/data/eu.chainfire.supersu/files/superuser.png
If you haven't lost root completely inside the booted OS, I suggest mounting /system in "rw" mode prior to running the SuperSU install and startup.
It looks like I am back a version or two - I have superSU v 0.99
4d7abc0eb5898cdb81bc233dcd16e052 /system/app/SuperSU.apk
0034ec008416b1c3fa7010deb8a3a758 /system/xbin/su
-rwsr-sr-x 1 root root 91992 Jan 10 16:40 /system/xbin/su
note the setuid,setgid bits on /system/xbin/su. Also - no symlink from /system/bin/su to xbin/su.
OK, sorry for the long post. There have been new releases from both chainfire (SuperSU) and chainsDD (Superuser) quite recently. Since I haven't had any troubles since 10 January, I haven't been following it closely - YMMV.
cheers
I can't delete any system apps with it anymore, does anybody else have the same problem or even a fix for it?
Working fine on 6.01 for me, Did you try uninstalling and reinstalling it?
I just updated to 6.0.1 myself, rooted using superSU 2.61. I too cannot delete system apps using titanium. I tried to uninstalled and reinstall the app (via playstore) but it didn't help.
I also tried to do the same via the root explorer option in ES file explorer and it didn't work. I tried to toggle the root explorer option in ES, but after I turned it off I couldn't turn it on again. Root checker does say that I have root, and other root apps e.g. adaway, xprivacy still work.
Any help and suggestion is most welcome!
case-sensitive said:
I just updated to 6.0.1 myself, rooted using superSU 2.61. I too cannot delete system apps using titanium. I tried to uninstalled and reinstall the app (via playstore) but it didn't help.
I also tried to do the same via the root explorer option in ES file explorer and it didn't work. I tried to toggle the root explorer option in ES, but after I turned it off I couldn't turn it on again. Root checker does say that I have root, and other root apps e.g. adaway, xprivacy still work.
Any help and suggestion is most welcome!
Click to expand...
Click to collapse
hey guys, "system less root"
That would modify system... Just freeze the apps.
geoff5093 said:
That would modify system... Just freeze the apps.
Click to expand...
Click to collapse
Some people still want to recover the space.
With systemless root you will need to modify the system in TWRP to get titanium and ES working correctly.
It's as simple as going into TWRP and mounting the system R/W.
You then need to open the terminal in the following places:
/system/bin and execute "touch su"
/system/xbin and execute "touch su"
This will create zero byte files for SuperSu to come along and swap/link to on boot so that ES and TiBu can ask for root and get it.
They will then operate as you expect.; with the caveat that you are on your own when you start tinkering and may break something.
tech_head said:
Some people still want to recover the space.
With systemless root you will need to modify the system in TWRP to get titanium and ES working correctly.
It's as simple as going into TWRP and mounting the system R/W.
You then need to open the terminal in the following places:
/system/bin and execute "touch su"
/system/xbin and execute "touch su"
This will create zero byte files for SuperSu to come along and swap/link to on boot so that ES and TiBu can ask for root and get it.
They will then operate as you expect.; with the caveat that you are on your own when you start tinkering and may break something.
Click to expand...
Click to collapse
Pretty sure you lose Android Pay with this method though, just FYI if you care about that.
But if you are running Xposed you broke it anyway. There is a way to get it working.
You will need to remove the empty su files you just created to be able to add cards.
You will need to use a Xposed module to hide modifications to the system so that the device check comes back clean.
It's a pain, but if you want Xposed, TiBu, ES and Android Pay, that is the price.
Sent from my Nexus 6P using Tapatalk
I usually use this app:
https://play.google.com/store/apps/details?id=com.jumobile.manager.systemapp
I'm not on 6.0.1 at the moment so I can't test if it works. Anyone wanna test it out and report back?
WizeGuyDezignz said:
I usually use this app:
https://play.google.com/store/apps/details?id=com.jumobile.manager.systemapp
I'm not on 6.0.1 at the moment so I can't test if it works. Anyone wanna test it out and report back?
Click to expand...
Click to collapse
Doesn't work. Apps restore themselves.
Hello,
I am currently running the H918 model with twrp and full root. Root was successful and the phone is running well. Thanks to all those who put in their time and effort and providing such a quick root capability. Makes the phone even more amazing than it already is.
Unfortunately, I am having an issue with be able to modify system files as I am unable to edit them whatsoever. I have tried using adb and using mount and remount commands but nothing has worked. I was hoping if anybody would be able to assist me with my issue. Thank you.
I've tried reflashing super su and I have busy box installed. Adaway is working properly (only through system less root) and I have been able to hibernate apps through tibu. I still cannot edit any files under /system. Does anyone have any suggestions? Thanks.
use root explorer
Thanks for your response. I've tried many root managers (including root explorer), enabled root permissions, had them successfully granted through supersu and still a no go. I just ran recowvery again and flashed twrp (this time without formatting data) and I am still unable to edit any system files.
ROOT w/o UNLOCKING BOOTLOADER:
Few of Qualcomm Devices have been found to have engineering mode software preinstalled on the device, which has root access. Using the same exploit root can be achieved in OP3, OP3T, OP5 and others, without unlocking the bootloader. Here is a full story: OnePlus Accidentally Pre-Installed an App that acts as a Backdoor to Root Access
The exploit was found by the user Elliot Alderson. An application has been promised by the author soon, to gain root access.
I have tested the method in OnePlus 3T and it works perfectly and passes SafetyNet check, furthermore you do not get DM-Verity error either.
Please follow the guide from here: OnePlus 3T Root w/o unlocking bootloader
Note: Do not modify system files though it won't let you, doing so will trigger Dm Verity.
Magisk Modules do not work, i,e you won't be able to use any modules.
Root and hide root works.
You will get system update but updating might kick you out of the root and you won't be able to gain access to root again.
It works on latest Oreo Beta, as you see in the screenshot.
Disclaimer: Follow the guide at your own risk, it is working fine for me, that in no way means it will work the same for you. Neither me nor the people envolved in this takes any responsibility. You and only you are responsible if anything goes wrong.
Note: I am not the developer or the person who found this exploit or root method. All credits go to them.
SCREENSHOTS ATTACHED
Update 1:
An app has been realsed by Oğuzhan Yiğit here is the link, the full credit goes to him for the same. Here is the link to the post:
Oneplus 3T Root Via App, further it installs SuperSU
This step is required every time you reboot:
adb shell
cd /data/magisk/
./magisk --mountimg xbin.img /system/xbin
magisk --post-fs
magisk --post-fs-data
magisk --service
I haven't tried doing the same, but theoretically, it shouldn't work.
[deleted]
casual_kikoo said:
...OnePlus 2...
Click to expand...
Click to collapse
That phone does not have dm-verity. That's why it works.
DOING THIS ON A ONEPLUS 3 OR NEWER WILL NOT WORK AND YOU WILL BRICK UNTIL YOU QUALCOMM UN-BRICK THE PHONE
Edit: I suggest deleting that and posting it in the OnePlus 2 section since someone will likely try it and brick.
SpasilliumNexus said:
That phone does not have dm-verity. That's why it works.
DOING THIS ON A ONEPLUS 3 OR NEWER WILL NOT WORK AND YOU WILL BRICK UNTIL YOU QUALCOMM UN-BRICK THE PHONE
Edit: I suggest deleting that and posting it in the OnePlus 2 section since someone will likely try it and brick.
Click to expand...
Click to collapse
Ok, as I thougth something else enter into account.
Thanks a lot !
As a newbie can u plz provide me the steps how to gain root access.?
Thanks in advance.
anuajayan said:
As a newbie can u plz provide me the steps how to gain root access.?
Thanks in advance.
Click to expand...
Click to collapse
Please do the necessary steps, I will assist you wherever you get stuck, you can also reach me at telegram on @apurvak
coolstoneapurva said:
Please do the necessary steps, I will assist you wherever you get stuck, you can also reach me at telegram on @apurvak
Click to expand...
Click to collapse
I don't know from where or how to start with? Please guide me accordingly..
replace hosts file
OK, so I decided to take advantage and replace my hosts file. I gain adb root, but then
Code:
@~/Downloads/oneplus[20:56:04]~: adb push hosts /system/etc/hosts
adb: error: failed to copy 'hosts' to '/system/etc/hosts': remote couldn't create file: Read-only file system
hosts: 0 files pushed. 73.3 MB/s (327680 bytes in 0.004s)
trying without success
Code:
@~/Downloads/oneplus[21:00:48]~: adb remount
remount failed
and from within
Code:
@~/Downloads/oneplus[21:00:51]~: adb shell
OnePlus3T:/ # id
uid=0(root) gid=0(root) groups=0(root),1004(input),1007(log),1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),3002(net_bt),3003(inet),3006(net_bw_stats),3009(readproc) context=u:r:su:s0
OnePlus3T:/ # mount -o rw,remount /system
'/dev/block/dm-0' is read-only
What am I doing wrong or need to do to replace my hosts file, please?
mitkko said:
OK, so I decided to take advantage and replace my hosts file. I gain adb root, but then
trying without success
and from within
What am I doing wrong or need to do to replace my hosts file, please?
Click to expand...
Click to collapse
It's a good thing something is stopping you, because you shouldn't be modifying any file on the partitions. Again, dm-verity is enabled. You modifying any file directly will result in getting a corrupt error after a reboot. Use Magisk for systemless modifications.
Please write in first post if OTA will still work on next update. And if possible specify if this woks also on oxygen os open beta with Android Oreo.
That said, anyone know if possible to unlock bootloader state, without trigger the factory reset??
SpasilliumNexus said:
It's a good thing something is stopping you, because you shouldn't be modifying any file on the partitions. Again, dm-verity is enabled. You modifying any file directly will result in getting a corrupt error after a reboot. Use Magisk for systemless modifications.
Click to expand...
Click to collapse
How do I do that? Assume I have already introduced magisk to my phone.
mitkko said:
How do I do that? Assume I have already introduce magisk to my phone.
Click to expand...
Click to collapse
Isn't there a systemless host option for adblock in Magisk's settings? If so, turn it on, install AdAway, turn on systemless hosts in that, apply the adblock.
SpasilliumNexus said:
Isn't there a systemless host option for adblock in Magisk's settings? If so, turn it on, install AdAway, turn on systemless hosts in that, apply the adblock.
Click to expand...
Click to collapse
Never used it before. Is that persistent? I mean after reboot and magisk root gone will it persist? I don't need persistent root, I just want to patch hosts one time only if possible.
mitkko said:
Never used it before. Is that persistent? I mean after reboot and magisk root gone will it persist? I don't need persistent root, I just want to patch hosts one time only if possible.
Click to expand...
Click to collapse
It's not persistent. The last steps for root access in that guide needs to be done after every reboot, which is also needed for AdAway to apply the block. Applying the adblock after root doesn't need a reboot.
You're better off just doing the traditional unlock and root instead.
Hope that makes sense.
Deodexed and Patched EngineeringMode.apk for restore default Privilege
I played a little with Angela`s Root and wanted to restore the previous level of privilege. In the application there is a special button rollback changes, but it is Invisible
Code:
this.mPrivilege = this.findViewById(2131493042);
this.mPrivilege.setOnClickListener(((View$OnClickListener)this));
this.mPrivilege.setVisibility(4); //this.mPrivilege.setVisibility(View.INVISIBLE);
So I did the application deodex and patched the application, changing it to
Code:
this.mPrivilege.setVisibility(0); //this.mPrivilege.setVisibility(View.VISIBLE);
After that I changed the original application to patched
Code:
adb remount
adb push EngineeringMode_SIGNED_ALIGNED.apk /system/app/EngineeringMode/EngineeringMode.apk
And start them
Code:
adb shell am start -n com.android.engineeringmode/.qualcomm.DiagEnabled --es "code" "angela"
Result Screenshort:
After click on the button, the phone restarts and all privileges are restored
mitkko said:
OK, so I decided to take advantage and replace my hosts file. I gain adb root, but then
Code:
@~/Downloads/oneplus[20:56:04]~: adb push hosts /system/etc/hosts
adb: error: failed to copy 'hosts' to '/system/etc/hosts': remote couldn't create file: Read-only file system
hosts: 0 files pushed. 73.3 MB/s (327680 bytes in 0.004s)
trying without success
Code:
@~/Downloads/oneplus[21:00:48]~: adb remount
remount failed
and from within
Code:
@~/Downloads/oneplus[21:00:51]~: adb shell
OnePlus3T:/ # id
uid=0(root) gid=0(root) groups=0(root),1004(input),1007(log),1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),3002(net_bt),3003(inet),3006(net_bw_stats),3009(readproc) context=u:r:su:s0
OnePlus3T:/ # mount -o rw,remount /system
'/dev/block/dm-0' is read-only
What am I doing wrong or need to do to replace my hosts file, please?
Click to expand...
Click to collapse
You shouldn't make any changes to system partion doing to will render you unable to boot, as dm verity is enabled.
andQlimax said:
Please write in first post if OTA will still work on next update. And if possible specify if this woks also on oxygen os open beta with Android Oreo.
That said, anyone know if possible to unlock bootloader state, without trigger the factory reset??
Click to expand...
Click to collapse
Yes it will work on next update as system files are intact, further it works on Beta Oreo as you can see the screenshot. I will further update the post with the same.
seems not working on Android 8 /OOS 5