I know iovyroot for the Z5C allowed this backup but with the recent COW (Copy on Write CVE-2016-5195) vulnerability has anyone been able to develop a way to backup/restore TA partition?
Question: Has anyone developed a tool to backup and restore TA partition for the X Compact yet?
Answer: Yes, by rayman. This method requires firmware 34.1.A.1.198.
http://forum.xda-developers.com/crossdevice-dev/sony/universal-dirtycow-based-ta-backup-t3514236
*Edit: Figured I would update this post since a TA backup was found.
If I understand correctly the only way to backup TA on the z5 is to downgrade to lollipop first. As the XC shipped with 6.0 and there is no way to downgrade and get full root access without unlocking the bootloader, without full root no way to access the TA partition. I don't believe any sony device shipped with marshmallow can be rooted without destroying the TA partition at this time.
The dirty cow exploit is basically a proof of concept at this point, you can get a root shell but thats about it. Hopefully someone will soon find a way to use it to get full root access.
Yes people were capable of backing up TA because of a root exploit on the Z5C lollipop rom. I'm not entirely convinced we need full root with permissive sepolicy.
Could any dev's tell me if a recompile of the toolkit binary with root user hardcoded (setresuid, setresgid) could allow the use of the dd command for TA backup or would there still be SELinux issues with the recompiled toolkit binary?
Related
I installed twrp and SU. Really the only reason I did it is because I use titanium backup to back up and restore apps and such. Otherwise I really don't need root.
I have two questions.
First Question: Can I re-lock the boot loader if I have TWRP and SuperSU installed? If not how can I use Android pay? Is there a work around? It's not allowing me to because it can't verify
Second Question: The OTA 6.0.1 won't stick. I'm pretty sure I've done one other over the air update (at least I thought I did, I may be remembering incorrectly) and it worked just fine. But for some reason 6.0.1 isn't taking. Any ideas?
If you don't need root what you can do is download the 6.0.1 imag direclty from google, put it in your adb/fastboo folder and use the flash-all command and it will erase root, twrp and it will be like you just got it from the factory. The only thing that would be still there is the unlocked bootloader. Once you've performed the flash-all command, you can simple lock the bootloader again. That's if you want to get rid of Root and Twrp.. If not, you can try a Rom like Chroma that has android pay working on it.. Here's the instructions. Hope this helps: http://forum.xda-developers.com/showpost.php?p=64269166&postcount=2338
Edit: Make sure you follow the systemless root instructions from that link to get android pay to work...
So I cannot lock the boot loader if I have root and twrp installed?
I really don't want to use a Rom. I'm happy with stock, just want to be able to use titanium backup.
And are ota updates not working if you have twrp installed?
OTA updates won't flash properly if you have TWRP installed, though I heard there is a way to extract the components of the update you want to apply so you can preserve root and custom recoveries while still updating. Sorry I don't know where the instructions are though.
No you can't lock the bootloader with TWRP installed, it can result in a brick.
I would not lock the bootloader unless you are 100% stock. You open yourself up to unrecoverable bricks. As for the update if you download the image from google you can just flash the individual partitions in fastboot. This way you can preserve your data. Heisenburg has a great guide here: http://forum.xda-developers.com/nexus-6p/general/guides-how-to-guides-beginners-t3206928 You will loose root but getting it back just involves reflashing the SuperSU-v2.62-3-20151211162651.zip from this thread http://forum.xda-developers.com/apps/supersu/wip-android-6-0-marshmellow-t3219344/post64161125#post64161125
Hello All,
I was wondering if the Dirty COW exploit detailed here:
https://gist.github.com/Arinerron/0e99d69d70a778ca13a0087fa6fdfd80
Could be used to root our S7Edges on VZ and others.
-Kev
This would only provide a temporary root, if it even worked, that would not all changes to the /system partition. We have dm-verity checks that are enforced, and all changes to the /system partition would be reverted on reboot. So it would not be a plausible solution, at all.
I think that if we are able to have an app that on startup remake the temporary root working, it's the same then modifying the system init sequence.. no?
I've looked around quite a bit. Can someone point me to the right thread ?
Hi, AFAIK you have to unlock your device to root it. In this case you have no chance to keep your data. Unlocking will wipe all data. How about a backup of your data first? I think there are some apps doing this without root.
You will have to unlock bootloader I. Order to flash super su to gain root access... So backup your stuff... And then try it out
Hello all. I downgraded to MM and backed up drm key before unlocking bootloader. I restore DK.ftf with flashtool 0.9.22.3 successfully.. Can i restore drm key in nougat after unlocking bootloader ??
Flashing DK.ftf restores the DRM key into secondary location, so kernels that support this method of DRM-workaround can access and use it.
Restoring the whole dirtycow generated TA image will re-lock your bootloader.
Now that you know the above then; yes you can.
But if you flashed dk.ftf once it will stay resistant between updates with flashtool, there should be no need to flash it again.
So im rooted on my G5Plus US can i just updated it or do i have to install in some other way?
Yes, you can!
However, it's not trivial. I'm writing a guide.
In any case, you need to use SYSTEMLESS root (for example, with Magisk), and a backup of your SYSTEM, OEM, RECOVERY & BOOT partitions.
And to complete the OEM backup with TWRP we need that some developer will update it.
Regards.