I am trying to root my huawei P8 lite but WITHOUT using the propriatery SuperSu binary therefore I managed to install the Superuser. But now I am missing the su binary as far I searched I found this su binary https://download.lineageos.org/extras . After that I rebooter to system and typed in my console (with usb debugging enabled):
Code:
adb shell
In the phone's console I typed:
Code:
su
But I get the following error:
Code:
Permission denied
DO you think that SeLinux block me to run su and how I will ovveride this restriction? If not do you have any idea why I cannot execute the su binary?
pc_magas said:
I am trying to root my huawei P8 lite but WITHOUT using the propriatery SuperSu binary therefore I managed to install the Superuser. But now I am missing the su binary as far I searched I found this su binary https://download.lineageos.org/extras . After that I rebooter to system and typed in my console (with usb debugging enabled):
Code:
adb shell
In the phone's console I typed:
Code:
su
But I get the following error:
Code:
Permission denied
DO you think that SeLinux block me to run su and how I will ovveride this restriction? If not do you have any idea why I cannot execute the su binary?
Click to expand...
Click to collapse
You have to flash superSu or magisk or something similiar. There shouldn't be any work around for this. SeLinux has nothing to do with this(I think).
keikari said:
You have to flash superSu or magisk or something similiar. There shouldn't be any work around for this. SeLinux has nothing to do with this(I think).
Click to expand...
Click to collapse
But all these tools need to install somehow the su binary in order to work. What I am trying is to do is ti install it by hand. On GNU/Linux systems that Android is based on use this binary in order to provide su access.
pc_magas said:
But all these tools need to install somehow the su binary in order to work. What I am trying is to do is ti install it by hand. On GNU/Linux systems that Android is based on use this binary in order to provide su access.
Click to expand...
Click to collapse
But that's been purposely prevented. You need to install TWRP recovery then you flash one of them and now you can use "su" command.
I don't know much(read anything) about how linux system works, so I don't understand why you want to get "su" stuff work other than normal way to do it. Meaning is there some specific reason why you don't want to flash SuperSu?
keikari said:
But that's been purposely prevented. You need to install TWRP recovery then you flash one of them and now you can use "su" command.
I don't know much(read anything) about how linux system works, so I don't understand why you want to get "su" stuff work other than normal way to do it. Meaning is there some specific reason why you don't want to flash SuperSu?
Click to expand...
Click to collapse
Because SuperSu is a propriatery software.
pc_magas said:
Because SuperSu is a propriatery software.
Click to expand...
Click to collapse
I think magisk is open source https://forum.xda-developers.com/apps/magisk/official-magisk-v7-universal-systemless-t3473445 maybe you want to give it a try.
ps. Is open source opposite of propriatery? if not pls ignore this post
I love you you're awesome!!!!!
Related
So I have a Samsung Vibrant with the following specs :
Firmware : 2.1-update 1
Baseband : T959UVJI6
Kernel version : 2.6.29
Build : ECLAIR.UVJI6
I used the Samsung Vibrant 1 click root application, have since verified I do have SuperUser installed as well as BusyBox, with quite a few different root based applications such as ClockWorkMod Recovery, One-Click Lag Fix, Set CPU, Titanium Backup, etc., and I have verified that ADB does work from a command prompt, however when I try to access su through ADB by doing the following commands, this happens :
C:/>adb shell
$ su
su
Permission denied
$
I have also tried to use Android Commander from my PC as a kind of root explorer and the program does detect my device and starts, but shows "Root Access : NO". From all threads I have investigated, this would almost seem as though I don't have "true" root access. Can anyone assist me and let me know what I am doing wrong?
bretjrodgers said:
So I have a Samsung Vibrant with the following specs :
Firmware : 2.1-update 1
Baseband : T959UVJI6
Kernel version : 2.6.29
Build : ECLAIR.UVJI6
I used the Samsung Vibrant 1 click root application, have since verified I do have SuperUser installed as well as BusyBox, with quite a few different root based applications such as ClockWorkMod Recovery, One-Click Lag Fix, Set CPU, Titanium Backup, etc., and I have verified that ADB does work from a command prompt, however when I try to access su through ADB by doing the following commands, this happens :
C:/>adb shell
$ su
su
Permission denied
$
I have also tried to use Android Commander from my PC as a kind of root explorer and the program does detect my device and starts, but shows "Root Access : NO". From all threads I have investigated, this would almost seem as though I don't have "true" root access. Can anyone assist me and let me know what I am doing wrong?
Click to expand...
Click to collapse
When you do "Adb shell" > "su" you have to allow it on your phone. A little popup will appear.
If you can su in a terminal on the phone itself then you can be certain you have root.
Are you sure there is not a prompt on the phone when you are attempting su from ADB? It might be asking for su permissions but timing out and showing denied.
bretjrodgers said:
So I have a Samsung Vibrant with the following specs :
Firmware : 2.1-update 1
Baseband : T959UVJI6
Kernel version : 2.6.29
Build : ECLAIR.UVJI6
I used the Samsung Vibrant 1 click root application, have since verified I do have SuperUser installed as well as BusyBox, with quite a few different root based applications such as ClockWorkMod Recovery, One-Click Lag Fix, Set CPU, Titanium Backup, etc., and I have verified that ADB does work from a command prompt, however when I try to access su through ADB by doing the following commands, this happens :
C:/>adb shell
$ su
su
Permission denied
$
I have also tried to use Android Commander from my PC as a kind of root explorer and the program does detect my device and starts, but shows "Root Access : NO". From all threads I have investigated, this would almost seem as though I don't have "true" root access. Can anyone assist me and let me know what I am doing wrong?
Click to expand...
Click to collapse
So after installing SU Terminal & Root Explorer from Android Market, when I did the following :
C:/>adb shell
$ su
su
#
I have verified that SuperUser permissions through ADB are obviously working. However when I do the following command...
C:/>adb root
adbd cannot run as root in production builds
...is displayed. It seems as though, yes, I do have SuperUser access, I don't have root access through ADB and Android Commander still does not recognize root. Is this because I am running the stock ROM, and if so, is there a general thread with all available/recommended Vibrant ROMs to install?
bretjrodgers said:
So after installing SU Terminal & Root Explorer from Android C:/>adb root
adbd cannot run as root in production builds
...is displayed. It seems as though, yes, I do have SuperUser access, I don't have root access through ADB and Android Commander still does not recognize root. Is this because I am running the stock ROM, and if so, is there a general thread with all available/recommended Vibrant ROMs to install?
Click to expand...
Click to collapse
Just to clarify, you realize adb root has nothing to do with your phone?
adb root restarts the adb daemon on the computer you are on as root (something I usually don't recommend).
When you start Android Commander make sure it has permissions on your phone when it makes the request.
d01100100 said:
Just to clarify, you realize adb root has nothing to do with your phone?
adb root restarts the adb daemon on the computer you are on as root (something I usually don't recommend).
When you start Android Commander make sure it has permissions on your phone when it makes the request.
Click to expand...
Click to collapse
Ok so I now understand the purpose of the adb root command after some additional research. I guess the issue is that when I run Android Commander, even though it does detect my device on the PC, it does not ask for/request SU permissions on my device
The FAQ thread for Android Commander:
http://forum.xda-developers.com/showthread.php?t=628138
** If you using Win7/Vista run Program as Administrator or disable UAC, otherwise this function will fail!
Click to expand...
Click to collapse
Guess I never needed for something like this since I'm comfortable with the command line.
d01100100 said:
The FAQ thread for Android Commander:
http://forum.xda-developers.com/showthread.php?t=628138
Guess I never needed for something like this since I'm comfortable with the command line.
Click to expand...
Click to collapse
I am running the program with both UAC disabled, and running as administrator and still the program does not recognize as root. I am only worried not just about Android Commander, but the possibility for functionality of other programs that require root as well.
Type adb shell
You'll see '$' as your prompt, type 'su'
$ su
You'll see '#' as your prompt, type 'id'
# id
uid=0(root) gid=0(root)
That means you have root.
Further proof you can remount /system from ro to rw.
You have root, Android Commander isn't the standard to judge whether your root is working correctly. Just a cursory glance at the app thread, it requires quite a bit of finesse to get working and it's touchy about which rom you're using. If yours doesn't work and you've actually followed the directions, send the developer your logs in the proper thread.
Why not just download the app Terminal Emulator and just type "su".... you'll either get the # or Permission Denied.
Based off everything you said, yes, you have root... ^ easiest way to test though. No need to deal with adb.
hi,guys!
as this title says i found a tool named "rageagainstthecage",but i want to know how dose it work.Can anyone help me ? thanks
try superoneclick
Are you using Linux to grant root access on your Defy?
I rooted mine yestarday and I was a little confused on how to make it, I have same file as you as I read. rageagainstthecage is the exploit that will you grant root privileges. The instructions for linux are here [1]. I replaced 'exploit.bin' with 'rageagainstthecage' or you can use the one provided in that post 'psneuter', the proccess is simple
1. Copy files to phone using adb (I used /data/local/tmp as directory in the phone): su, busybox, Superuser.apk and exploit (exploit name, let's say: rageagainstthecage)
2. Make the exploit executable and execute it
3. Give permissions to the commands su and busybox
4. There you go
All the credits for the autor of the post on IBM forum
I hope this help you with your question
[1]
PHP:
www_ibm_com/developerworks/mydeveloperworks/blogs/coolwinding/entry/how_to_root_defy_on_linux1
jianbangguo said:
try superoneclick
Click to expand...
Click to collapse
Dose the superoneclick use "rageagainstthecage" to grant adb root access? i just want to know "rageagainstthecage", how dose it work? can you help me? thanks
cristianpark said:
Are you using Linux to grant root access on your Defy?
I rooted mine yestarday and I was a little confused on how to make it, I have same file as you as I read. rageagainstthecage is the exploit that will you grant root privileges. The instructions for linux are here [1]. I replaced 'exploit.bin' with 'rageagainstthecage' or you can use the one provided in that post 'psneuter', the proccess is simple
1. Copy files to phone using adb (I used /data/local/tmp as directory in the phone): su, busybox, Superuser.apk and exploit (exploit name, let's say: rageagainstthecage)
2. Make the exploit executable and execute it
3. Give permissions to the commands su and busybox
4. There you go
All the credits for the autor of the post on IBM forum
I hope this help you with your question
[1]
PHP:
www_ibm_com/developerworks/mydeveloperworks/blogs/coolwinding/entry/how_to_root_defy_on_linux1
Click to expand...
Click to collapse
pardon my poor english,I just want to know how dose it work, for example : rageagainstthecage's Working principle,not how to use "rageagainstthecage" to grant root access,thank you !!
The principle of how it works is very simple, the rageinthecage exploit just forks proccesses until the proccessor hits the max, then the system will kill the olders apps, because you are using adb and running psneuter, the system will kill the adb shell, and here is the magic, when you restart the adb shell it start with root rights, to prevent that, inmediatly adb starts, the system calls setuid function, but because the proccesses list is full, the explot prevents the setuid call, allowing you to maintain the root rights, and in that point, you push Superuser.apk to allow the root access to the apps, changin before the permissions to the su binary allowing you to call that binary with a less rights user, that is the idea beyond the exploit!, wish that help you!
Sorry for the bad english
LeonardoJegigzem said:
The principle of how it works is very simple, the rageinthecage exploit just forks proccesses until the proccessor hits the max, then the system will kill the olders apps, because you are using adb and running psneuter, the system will kill the adb shell, and here is the magic, when you restart the adb shell it start with root rights, to prevent that, inmediatly adb starts, the system calls setuid function, but because the proccesses list is full, the explot prevents the setuid call, allowing you to maintain the root rights, and in that point, you push Superuser.apk to allow the root access to the apps, changin before the permissions to the su binary allowing you to call that binary with a less rights user, that is the idea beyond the exploit!, wish that help you!
Sorry for the bad english
Click to expand...
Click to collapse
Great info, thanks for sharing this with us I was wondering the same
I can root this phone. No problem. I can then remount /system (or and other mount) as read-write and make changes. HOWEVER, I cannot get any other programs to recognize the device as rooted. I have su over-permissioned to 777 (I have it permissioned to root.shell).
What have I overlooked?
Did you install superuser app?
Sent from my GT-P1000 using Tapatalk 2
Yes, I installed superuser. Then when I try to install something like busybox, it does not prompt to provide root privileges. It then fails to install. The whole thing is antithetical to the Linux model/sudo due to the lack of a login I suppose.
eyeconic said:
Yes, I installed superuser. Then when I try to install something like busybox, it does not prompt to provide root privileges. It then fails to install. The whole thing is antithetical to the Linux model/sudo due to the lack of a login I suppose.
Click to expand...
Click to collapse
SU needs chmod 4775 doesn't it? You have the binary inserted but it doesn't have the authority to execute as root.
mezkalz said:
SU needs chmod 4775 doesn't it? You have the binary inserted but it doesn't have the authority to execute as root.
Click to expand...
Click to collapse
I forgot that this isn't full-blown Linux. Of course you are correct and thank you. The leading (setuid) digit is necessary because we are permitting an unprivileged program with a pseudo-UID access to root-owned executables.
So I'll update randomly...
boot.img and recovery.img -> https://drive.google.com/file/d/0B5QYBzdG6RuyZy1TSHc2VDVhY2M/view?usp=sharing
temp root:
Code:
adb push root /data/local/tmp
adb push wpoff /data/local/tmp
adb push fbunlock /data/local/tmp
adb push recovery.img /data/local/tmp
adb push boot.img /data/local/tmp
adb shell
$ [COLOR="Red"]chmod 755 /data/local/tmp/root[/COLOR]
$ [COLOR="Red"]chmod 755 /data/local/tmp/wpoff[/COLOR]
$ [COLOR="Red"]chmod 755 /data/local/tmp/fbunlock[/COLOR]
$ /data/local/tmp/root
...
#
defeat WP:
Code:
# /data/local/tmp/wpoff --unprotect-all
check WP status(optional):
Code:
# /data/local/tmp/wpoff --dump
If you see it's all zeroes there it means good, or if there are many 5555 it means NG.
unlock bootloader:
Code:
# /data/local/tmp/fbunlock
install TWRP and patched boot:
Code:
# dd if=/data/local/tmp/recovery.img of=/dev/block/platform/msm_sdcc.1/by-name/recovery
# dd if=/data/local/tmp/boot.img of=/dev/block/platform/msm_sdcc.1/by-name/boot
install SuperSU:
Code:
FLASH SUPERSU LIKE OLD DAYS
Why patch boot?
Cos MIYABI stops ptrace, some apps depends on it won't work properly.
Chinese here:
禁止转载到国内论坛,禁止用于商业用途。日版不会有的。
Note:
a. Remember to rename recovery.00X.zip to recovery.zip.00X before unzipping!
b. If you don't flash boot.img before install SuperSU, you will end up in boot loop. To restore, delete /system/xbin/daemonsu.
Attachments will be uploaded soon.
Hi tewilove, many thanks for publishing this. Amazing work! And a big time saver
tewilove tnx allot !!
hey some one know how can i put su inside in system and then to use SuperSU ?
thank you a lot
thanks but i can not use root app and super su can not install bin su
thank you for your help
tewilove said:
Tested with a 306SH with SW version S4081.
How to:
https://youtu.be/UJs7ruckGgc
This is v1, since the shell code has to be improved yet(WIP).
It only obtains temp root with kernel context. The left things are changing to init context, disable mmc_protect_part, disable miyabi LSM.
There might be v2, which solves all above, if I have time.
And it also works with many other devices.
For example, 305SH, MI4C, SH-01G.
If it keeps crashing, it should be my hard coded offsets.
PS: Please don't reshare this thread.
PS: Chinese: 请不要转载到贴吧,论坛,谢谢。
Click to expand...
Click to collapse
thank you for your help 谢谢某因幡分享
Please I'd like to know how you did that.could you be more clear, a step by step maybe?
Sent from my D6616 using XDA Free mobile app
salmanaman said:
Please I'd like to know how you did that.could you be more clear, a step by step maybe?
Sent from my D6616 using XDA Free mobile app
Click to expand...
Click to collapse
you can watch the video that tewilove make for us .. but we need to wait when some one unlock protect bcs after you restart phone root will disappear..
tewilove said:
Tested with a 306SH with SW version S4081.
Click to expand...
Click to collapse
How can I know that I got the temporary root? Is this step in the input ID?
all step working on my 305sh like youtube video but supersu not working and root checker say me no rooted
soudara said:
all step working on my 305sh like youtube video but supersu not working and root checker say me no rooted
Click to expand...
Click to collapse
yes we know about this .. i try to remount system ( with this command : busybox mount -o remount,rw /system) to get permission but my device is restart when i try .. maybe its from this write protection that @tewilove tell us .. if he can tell us how we can install su in system if its possible for now .. ?
ok so for the moment is useless ?
soudara said:
all step working on my 305sh like youtube video but supersu not working and root checker say me no rooted
Click to expand...
Click to collapse
me too?maybe just kernel root??
---------- Post added at 12:48 PM ---------- Previous post was at 12:31 PM ----------
loonbg said:
yes we know about this .. i try to remount system ( with this command : busybox mount -o remount,rw /system) to get permission but my device is restart when i try .. maybe its from this write protection that tewilove tell us .. if he can tell us how we can install su in system if its possible for now .. ?
Click to expand...
Click to collapse
yea?rootxplore and xposed said no root?
I don't think that folks are understanding what "temp" root means. This solution allows you to achieve root for the current shell session. This does not install the additional binaries to allow other applications to use root access.
With that being said, I am wondering if we can use this temporary elevated access to correct the vulnerability outlined in CVE-2015-1474 affecting /system/lib/libui.so that Sharp has neglected to address in previous OTA updates. The only "corrected" libui.so that I have been able to locate was compiled for v5.0.1 so I am afraid that file would not be compatible with this earlier version of Android on the 306SH. I am not really savvy with in depth programming to be able to fully investigate this and develop a viable solution... anyone who would be able to point me in the right direction would receive many thanks. :banghead:
My apologies if this should have been posted in a separate thread.
awesom! it worked in my 306sh with root permission acquired in shell.
can you use root app and install super su ?
Write protection is keeping us from remounting /system as rw. This prevents us from doing anything that would have any type of impact on the current situation. I want to experiment with attempting to mount partitions with the device powered off... but my device is encrypted so I am unable to access the shell with device off until I perform a factory reset. I am planning on doing that tonight so hopefully I will be able to report back with more information soon.
Sent from my 306SH
soudara said:
can you use root app and install super su ?
Click to expand...
Click to collapse
No. We are working on it though.
On another note, I can't get this temp root to work.
Video of what happens is linked. (too large to attach)
https://mega.co.nz/#!blNTjbhS!p2ljioY_43xlWkpu3EWpj8LvfMVP5eushZT23KLPASk
TechInMD said:
Write protection is keeping us from remounting /system as rw.
Click to expand...
Click to collapse
So I assume, from the quoted text, you have tried mounting /system as rw while in the temp root shell session?
Yes. I tried using the mount command both directly from the root shell prompt plus I tried using busybox to mount also. There seem to be slight variations between them. Also, not sure if it is relevant but I attempted it both through adb and in terminal on the device. I can get to the root prompt but not further.
Sent from my 306SH
I have a nvidia shield tv with full android 6.
adb root and and adb remount is working, so I have root access on shell level.
Also I have /system/xbin/su which goes into root if I do not use "adb root".
But root for apps does not work. No app gets root access, RootChecker says "no".
I installed Superuser.apk but this did not help.
What is missing?
I see that this:
java.io.IOException: Error running exec(). Command: [su] Working Directory: null Environment: null
Caused by: java.io.IOException: Permission denied
I saw that RootChecker tells me "SELinux enforcing", is this the problem?
I do not want to download any ready-made root miracle and flash the whole device.
Since I have adb root, I can adb push everything.
Just flash su.zip and all will be fine.
I don't need SuperSU. I want to root my device i.e. that apps can execute su.
I have /system/xbin/su but it seems that apps cannot use it.
SuperSU is required to give root access to apps, even with full Android. You will need to flash the zip file from TWRP recovery.
How does SuperSU work?
As far as I understand, there is a /system/xbin/su which is called by apps wanting root access.
This su binary then starts the app to verify access. Right?
Not sure, but I think that su is just for adb and maybe system apps.
On my system I have "adb root" access. But apps do not have root access, I do not have supersu or su.