New Method:
Download Flashtool from here:
http://forum.xda-developers.com/showthread.php?t=920746
And follow the instructions!
Regards
Bin4ry
bin4ry you su binary is incorrect and the exe are don't func sometime
i've atached a zip with a running su binary and without the exe
you need to to the manual way but it's verry easy.
you can use bin4ry first part of her manual but in the second he has make some Mistakes. please type in the secon part:
adb shell
-> # cd /data/local/tmp
-> # mount -o remount,rw -t yaffs2 /dev/block/mtdblock0 /system
-> # cat su > /system/bin/su
-> # cat superuser.apk > /system/app/superuser.apk
-> # chmod 06777 /system/bin/su
-> # chmod 777 /system/app/superuser.apk
-> # reboot
after rebooting you have root
wolfilein said:
maybe you should post the manual way without windows
for example mac or linux too
Click to expand...
Click to collapse
Done
Regards
Bin4ry
perfect
only Max should be Mac
Thank you, bin4ry! I will try it as soon as I get my x8, which should be tomorrow.
DerEineDa said:
Thank you, bin4ry! I will try it as soon as I get my x8, which should be tomorrow.
Click to expand...
Click to collapse
Here is a confirmation that it works
http://ip208-100-42-21.static.xda-developers.com/showpost.php?p=8672403&postcount=29
Regards
Bin4ry
Bin4ry said:
Here is a confirmation that it works
Click to expand...
Click to collapse
It does not work for me, unfortunately, this is what I get:
Killing ADB Server...
OK
Starting ADB Server...
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
OK
Waiting for device...
OK
Pushing rageagainstthecage...
351 KB/s (5392 bytes in 0.015s)
OK
chmod rageagainstthecage...
OK
Running rageagainstthecage...
ROOTED
Getting mount path...
/dev/block/mtdblock0
OK
Remounting system with read-write access...
OK
Pushing su...
949 KB/s (26264 bytes in 0.027s)
OK
Pushing superuser.apk...
1279 KB/s (196521 bytes in 0.150s)
OK
chmod su...
OK
Remounting system with read-only access...
OK
Device was not rooted!
FAILED
uhh
try the manually way
but it seems that even if that all wil work
the su binary is incorrect so you become an error after typi ng su
Exactly...
I'm not sure which su binary to use?
Current says this:
$ su
link_image[1665]: 2263 could not load needed library 'libbinder.so' for 'su' (load_library[1011]: Library 'libbinder.so' not found)CANNOT LINK EXECUTABLE
use the one in this zip file:
http://www.mediafire.com/file/73e29s1dwp3fdhu/exploid_x10mini.zip
wolfilein said:
use the one in this zip file:
Click to expand...
Click to collapse
Yes!!!
Now it's rooted
Thanks a million m8!
@all please read post 2
Or use this:
SuperOneClick V1.5 with new SU and SuperUser.apk
Corrected first post. Sorry for errors
It's work, thank you very much guys.
Yes, it works perfectly. Thank you!
how to unroot it in case I want to send for warranty?
to unroot just remove the su and the superuser.apk with rootexplorer or with adb.
Regards
Bin4ry
Is it normal that the root is only temporarely? When I restart the device, I have to run "SuperOneClick.exe" again before I can do "su" on adb shell.
thanks
i just rooted my x8...
thank you guys....
now that its rooted, i tried for wifi tethering...
it is showing "no netfilter"
Is there anyway to overcome this problem......
Related
i'm totally new to this so please bare with me.
have a HTC HERO
model: T-mobile G2 Touch
Firmware 1.5
Baseband
63.18.55.06u_6.35.04.25
Kernal 2.6.27-a5504199
Buil 1.76.110.6 146733 cl#47214 release-keys
Software 1.0.0.A6288
i downloaded android-sdk_r04-windows.zip
& followed the SDK vid setup: http://theunlockr.com/2009/10/06/how-to-set-up-adb-usb-drivers-for-android-devices/
i've got my device attached & the serial No has come up
now after entering this command > adb push asroot2 /data/local/ > i get an error as listed below ? help please what have i done wrong .
C:\AndroidSDK\tools>adb push asroot2 /data/local/
cannot start 'asroot2' : No such file or directory
C:\AndroidSDK\tools>
C:\AndroidSDK\tools>adb push asroot2 /data/local/
cannot start 'asroot2' : No such file or directory
C:\AndroidSDK\tools>adb shell chmod 0755 /data/local/asroot2
Unable to chmod /data/local/asroot2: No such file or directory
C:\AndroidSDK\tools>adb shell
$ /data/local/asroot2 /system/bin/sh
/data/local/asroot2 /system/bin/sh
/data/local/asroot2: not found
$ mount -o remount,rw -t yaffs2 /dev/block/mtbblock3 /system
mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
mount: Operation not permitted
$ cat sh > su
cat sh > su
cannot create su: read-only file system
$chmod 4775 su
chmod 4775 su
Unable to chmod su: No such file or directory
$
anyone with some help it 11:30PM here i'm hoping to get this done before i go to work @ 5AM
what your computer is trying to tell you is that it can not find the file "asroot2". make sure it is in the same directory where you try to execute the command, or give it an absolute path like this:
C:\AndroidSDK\tools>adb push c:\whatever\asroot2 /data/local/
kendong2 said:
what your computer is trying to tell you is that it can not find the file "asroot2". make sure it is in the same directory where you try to execute the command, or give it an absolute path like this:
C:\AndroidSDK\tools>adb push c:\whatever\asroot2 /data/local/
Click to expand...
Click to collapse
ok thanks
i'll have another go
mind telling us the result?
all done
after chmod 4775 su (then hit enter)
do i do anything else to save ? or just unplug the USB all done ?
kendong2 said:
mind telling us the result?
Click to expand...
Click to collapse
it helps if i do this
1. Download the following file and then unzip
it.
AsRoot2
2. Take the unzipped file and save it into the Tools folder of your AndroidSDK.
after chmod 4775 su (then hit enter)
do i do anything else to save ? or just unplug the USB all done ?
how to obtain asroot2
hi i was wondering how to get a hold to the asroot2 file so i can contiue the steps to root properly
lilfizz said:
hi i was wondering how to get a hold to the asroot2 file so i can contiue the steps to root properly
Click to expand...
Click to collapse
it amazes me every time: in two weeks it is 2010, and yet there are so many people out there not being able to use a search engine...
EDIT: Great news! We have an on-device one-click root again!
Simply download VISIONary from (edit: used to be in the Market) Modaco. I tried it on FRG83 stock. It works. No ADB, no external computer required, no fuss. Thanks to the developers!
EDIT again: Sorry, the FRG83D build no longer works with VISIONary - BUT - the overall rageagainstthecage method still works via ADB. I also hear that SuperOneClick works but it requires a Windows machine.
----
Ok it's been established that Universal Androot / exploid / freenexus no longer works on FRG33/FRG83 etc. And it's been established that "rageagainstthecage" does still work. So far I'm not aware of a one-click method to implement the latter exploit.
So I'm starting this thread to centralize everyone's experiences. I don't personally need these instructions but other folks apparently do. I've quoted a rooting guide in post #2. If you think any refinements are necessary or you have a better way of writing it out, please feel free to add to this thread.
Thanks to efrant for pointing the way to this guide. Based on comments below, I'm quoting another revised version.
hmanxx said:
Hi OP,
You may want to edit your post #2, I have inserted the mounting commands in the thread i posted previously. this will help novice users to get thing right out of box without figuring why permission denied.
I have just tried out the additional mounting steps..things are working fine..
Tidy up step by step rooting
1) Getting rageagainstthecage-arm5.bin
http://stealth.openwall.net/xSports/RageAgainstTheCage.tgz
2) Getting Superuser.apk, busybox,su
http://forum.xda-developers.com/showthread.php?t=736271
Or
Find yourself..there are many floating around.
3) Rooting Process (Installing custom Recovery rom section is deleted to simplify illustration
Reference:http://forum.xda-developers.com/showpost.php?p=8120790&postcount=250
Code:
F:\ADB>adb push rageagainstthecage-arm5.bin /data/local/tmp/rageagainstthecage
263 KB/s (5392 bytes in 0.020s)
F:\ADB>adb shell chmod 700 /data/local/tmp/rageagainstthecage
F:\ADB>adb shell
$ cd /data/local/tmp
cd /data/local/tmp
$ ./rageagainstthecage
./rageagainstthecage
[*] CVE-2010-EASY Android local root exploit (C) 2010 by 743C
[*] checking NPROC limit ...
[+] RLIMIT_NPROC={3084, 3084}
[*] Searching for adb ...
[+] Found adb as PID 64
[*] Spawning children. Dont type anything and wait for reset!
[*]
[*] If you like what we are doing you can send us PayPal money to
[*] 7-4-3-C[at]web.de so we can compensate time, effort and HW costs.
[*] If you are a company and feel like you profit from our work,
[*] we also accept donations > 1000 USD!
[*]
[*] adb connection will be reset. restart adb server on desktop and re-login.
$
F:\ADB>adb kill-server
F:\ADB>adb start-server
* daemon not running. starting it now *
* daemon started successfully *
F:\ADB>adb shell
#mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
Follow the following steps to install Superuser.apk, busybox,su
F:\ADB>adb shell
# cd /data/local/tmp
cd /data/local/tmp
# ./busybox cp busybox /system/bin
./busybox cp busybox /system/bin
# chmod 4755 /system/bin/busybox
chmod 4755 /system/bin/busybox
# busybox cp Superuser.apk /system/app
busybox cp Superuser.apk /system/app
# busybox cp su /system/bin
busybox cp su /system/bin
# chmod 4755 /system/bin/su
chmod 4755 /system/bin/su
# exit
exit
F:\ADB>adb shell
# su
su
#mount -o remount,ro -t yaffs2 /dev/block/mtdblock3 /system
# exit
exit
Click to expand...
Click to collapse
And below are the previous contents of this post, prior to editing.
-------------
Many respondents on this thread have indicated that the instructions don't work the first time. If you get to the step where you are supposed to get a root shell (#) but you instead get a non-root shell ($), start from the top and try the exploit once or twice more. Apparently if you are persistent it will work.
I'm also told these instructions are missing adb remount before the steps where you push busybox, su and so forth.
hmanxx said:
Tidy up step by step rooting
1) Getting rageagainstthecage-arm5.bin
http://stealth.openwall.net/xSports/RageAgainstTheCage.tgz
2) Getting Superuser.apk, busybox,su
http://forum.xda-developers.com/showthread.php?t=736271
Or
Find yourself..there are many floating around.
3) Rooting Process (Installing custom Recovery rom section is deleted to simplify illustration
Reference:http://forum.xda-developers.com/showpost.php?p=8120790&postcount=250
Code:
F:\ADB>adb push rageagainstthecage-arm5.bin /data/local/tmp/rageagainstthecage
263 KB/s (5392 bytes in 0.020s)
F:\ADB>adb shell chmod 700 /data/local/tmp/rageagainstthecage
F:\ADB>adb shell
$ cd /data/local/tmp
cd /data/local/tmp
$ ./rageagainstthecage
./rageagainstthecage
[*] CVE-2010-EASY Android local root exploit (C) 2010 by 743C
[*] checking NPROC limit ...
[+] RLIMIT_NPROC={3084, 3084}
[*] Searching for adb ...
[+] Found adb as PID 64
[*] Spawning children. Dont type anything and wait for reset!
[*]
[*] If you like what we are doing you can send us PayPal money to
[*] 7-4-3-C[at]web.de so we can compensate time, effort and HW costs.
[*] If you are a company and feel like you profit from our work,
[*] we also accept donations > 1000 USD!
[*]
[*] adb connection will be reset. restart adb server on desktop and re-login.
$
F:\ADB>adb kill-server
F:\ADB>adb start-server
* daemon not running. starting it now *
* daemon started successfully *
F:\ADB>adb shell
#
Follow the following steps to install Superuser.apk, busybox,su
F:\ADB>adb shell
# cd /data/local/tmp
cd /data/local/tmp
# ./busybox cp busybox /system/bin
./busybox cp busybox /system/bin
# chmod 4755 /system/bin/busybox
chmod 4755 /system/bin/busybox
# busybox cp Superuser.apk /system/app
busybox cp Superuser.apk /system/app
# busybox cp su /system/bin
busybox cp su /system/bin
# chmod 4755 /system/bin/su
chmod 4755 /system/bin/su
# exit
exit
F:\ADB>adb shell
# su
su
# exit
exit
Click to expand...
Click to collapse
I too am interested in this info. Looking forward to any info provided....
There is detailed step-by-step info in many threads as to how to use the rageagainstthecage exploit to root your device, e.g.: http://forum.xda-developers.com/showpost.php?p=8300203&postcount=55
Why start a new thread?
efrant said:
There is detailed step-by-step info in many threads as to how to use the rageagainstthecage exploit to root your device, e.g.: http://forum.xda-developers.com/showpost.php?p=8300203&postcount=55
Why start a new thread?
Click to expand...
Click to collapse
Actually that's perfect, thanks.
I started a new thread because the step-by-step info is buried in other threads and many folks post questions asking about it because they can't find said guides. I figured if I could start a new thread with a proper title, it would be located more easily.
All the info is located in Nexus One Wiki, under "Guides" / "Rooting". Direct link to the post with complete data. So I still don't see any need for the post, that will be buried in forum depths. My signature..
But since you posted it, and it's more detailed - I'll change the link to point to it.
[edit 2] The Wiki is damn slow after the forum crash...
[edit 3] It refuses to accept the submit, complaining about "session data loss". Time to complain to admins..
Heh well if the Wiki is crashy at the moment, all the more reason to have a redundant post here.
If you look back to the linked posts, I was the one who suggested which instructions for ali3nfr3ak to follow after a successful push of rageagainstthecage, and then ali3nfr3ak reported success on FRG33, and then hmanxx seems to have stripped out the irrelevant/unnecessary lines. So it's teamwork =)
One thing I'm not sure of - I see the original "exploid"/"freenexus" instructions included a cleanup by removing /system/bin/rootshell. Should something similar be done after rageagainstthecage to clean up?
@ cmstlst This is a good idea, because when I did this I had like 3 different pages open as all the information was spread everywhere, hopefully this will make it easier for everyone to follow, good one
I used the steps posted here to restore root access to a Nexus One which had been previously rooted with 1-click. It was running stock FRF91. It was a fairly smooth process, especially since the update to FRG83 did not delete my Superuser.apk, su, or busybox files. The permissions had just been turned down, so with the RageAgainstTheCage exploit active, I was able to change the permissions as indicated and was off and running.
The only gotcha I ran into was that I had to mount the /system partition read/write before I could set permissions on the files there. After the exploit was active and I had shelled back into the phone via ADB, I issued the command
mount -o remount,rw -t yaffs2 /dev/block/mtdblock4 /system
for the read/write mount and was then able to turn up the permissions. And, in the interests of completeness, to mount /system read-only again afterward:
mount -o remount,ro -t yaffs2 /dev/block/mtdblock4 /system
Thanks much for consolidating the procedure where it was easy to find.
anyway to re-lock the Bootloader
highvista said:
The only gotcha I ran into was that I had to mount the /system partition read/write before I could set permissions on the files there. After the exploit was active and I had shelled back into the phone via ADB, I issued the command
mount -o remount,rw -t yaffs2 /dev/block/mtdblock4 /system
Click to expand...
Click to collapse
It's mtdblock3, not mtdblock4, though for some reason the mount worked for me even on 6. But in any case, much better and easier done using ADB command:
adb remount
Finally the Wiki is also back to work, the "Rooting FRG83" link is updated to point to this thread.
Here, the rageagainstthecage didn't work.
I followed these steps:
F:\ADB>adb push rageagainstthecage-arm5.bin /data/local/tmp/rageagainstthecage
263 KB/s (5392 bytes in 0.020s)
F:\ADB>adb shell chmod 700 /data/local/tmp/rageagainstthecage
F:\ADB>adb shell
$ cd /data/local/tmp
cd /data/local/tmp
$ ./rageagainstthecage
./rageagainstthecage[*] CVE-2010-EASY Android local root exploit (C) 2010 by 743C[*] checking NPROC limit ...
[+] RLIMIT_NPROC={3084, 3084}[*] Searching for adb ...
[+] Found adb as PID 64[*] Spawning children. Dont type anything and wait for reset![*][*] If you like what we are doing you can send us PayPal money to[*] 7-4-3-C[at]web.de so we can compensate time, effort and HW costs.[*] If you are a company and feel like you profit from our work,[*] we also accept donations > 1000 USD![*][*] adb connection will be reset. restart adb server on desktop and re-login.
$
F:\ADB>adb kill-server
F:\ADB>adb start-server
* daemon not running. starting it now *
* daemon started successfully *
F:\ADB>adb shell
#
Click to expand...
Click to collapse
But, I didn't get root shell (#), when I typed "adb shell" I still got ($).
I'm in FRG83, Android 2.2.1.
Any ideas?
cmstlist said:
Thanks to efrant for pointing the way to this guide.
Click to expand...
Click to collapse
Thank you for posting this. It was a big help. I lost my root after 2.2.1 and this worked great. I did have to execute the .bin file 3 times. The first time, I got $, and the second time as well. It was only on the 3rd execute that I got the # prompt. I read that others had the same problem, that it only worked after a few times.
highvista said:
I used the steps posted here to restore root access to a Nexus One which had been previously rooted with 1-click. It was running stock FRF91. It was a fairly smooth process, especially since the update to FRG83 did not delete my Superuser.apk, su, or busybox files. The permissions had just been turned down, so with the RageAgainstTheCage exploit active, I was able to change the permissions as indicated and was off and running.
The only gotcha I ran into was that I had to mount the /system partition read/write before I could set permissions on the files there. After the exploit was active and I had shelled back into the phone via ADB, I issued the command
mount -o remount,rw -t yaffs2 /dev/block/mtdblock4 /system
for the read/write mount and was then able to turn up the permissions. And, in the interests of completeness, to mount /system read-only again afterward:
mount -o remount,ro -t yaffs2 /dev/block/mtdblock4 /system
Thanks much for consolidating the procedure where it was easy to find.
Click to expand...
Click to collapse
Thank you for this. I was in the same situation and I was not able to set the premissions. Then I saw your post. I am not a Linux/Unix guy, so it was step-by-step for me. Curiously, why is it necessary to change the premission for su, busybox, etc.?
Thanks guys.
Atento said:
Here, the rageagainstthecage didn't work.
I followed these steps:
But, I didn't get root shell (#), when I typed "adb shell" I still got ($).
I'm in FRG83, Android 2.2.1.
Any ideas?
Click to expand...
Click to collapse
I had this, too. Like the above poster said, I got # after several tries. However something went wrong midway through the other steps from efrant, and I went back and lost #, only had $.
Also looking for ideas.
Xel'Naga said:
I had this, too. Like the above poster said, I got # after several tries. However something went wrong midway through the other steps from efrant, and I went back and lost #, only had $.
Also looking for ideas.
Click to expand...
Click to collapse
I would try the process over again from the beginning. Once you get the #, follow highvista's information to mount the file system as RW, and do the chmods. After you are done, re-mount as RO.
snovvman said:
I would try the process over again from the beginning. Once you get the #, follow highvista's information to mount the file system as RW, and do the chmods. After you are done, re-mount as RO.
Click to expand...
Click to collapse
Yup, had to reboot the device and try again about four times and then it finally all stuck. Now rooted on 2.2.1.
snovvman said:
Thank you for posting this. It was a big help. I lost my root after 2.2.1 and this worked great. I did have to execute the .bin file 3 times. The first time, I got $, and the second time as well. It was only on the 3rd execute that I got the # prompt. I read that others had the same problem, that it only worked after a few times.
Thank you for this. I was in the same situation and I was not able to set the premissions. Then I saw your post. I am not a Linux/Unix guy, so it was step-by-step for me. Curiously, why is it necessary to change the premission for su, busybox, etc.?
Thanks guys.
Click to expand...
Click to collapse
Thanks for your replies! I'm rooted now.
Thanks for all!!!
Hi OP,
You may want to edit your post #2, I have inserted the mounting commands in the thread i posted previously. this will help novice users to get thing right out of box without figuring why permission denied.
I have just tried out the additional mounting steps..things are working fine..
Tidy up step by step rooting
1) Getting rageagainstthecage-arm5.bin
http://stealth.openwall.net/xSports/...nstTheCage.tgz
2) Getting Superuser.apk, busybox,su
http://forum.xda-developers.com/showthread.php?t=736271
Or
Find yourself..there are many floating around.
3) Rooting Process (Installing custom Recovery rom section is deleted to simplify illustration
Reference:http://forum.xda-developers.com/show...&postcount=250
Code:
F:\ADB>adb push rageagainstthecage-arm5.bin /data/local/tmp/rageagainstthecage
263 KB/s (5392 bytes in 0.020s)
F:\ADB>adb shell chmod 700 /data/local/tmp/rageagainstthecage
F:\ADB>adb shell
$ cd /data/local/tmp
cd /data/local/tmp
$ ./rageagainstthecage
./rageagainstthecage[*] CVE-2010-EASY Android local root exploit (C) 2010 by 743C[*] checking NPROC limit ...
[+] RLIMIT_NPROC={3084, 3084}[*] Searching for adb ...
[+] Found adb as PID 64[*] Spawning children. Dont type anything and wait for reset![*][*] If you like what we are doing you can send us PayPal money to[*] 7-4-3-C[at]web.de so we can compensate time, effort and HW costs.[*] If you are a company and feel like you profit from our work,[*] we also accept donations > 1000 USD![*][*] adb connection will be reset. restart adb server on desktop and re-login.
$
F:\ADB>adb kill-server
F:\ADB>adb start-server
* daemon not running. starting it now *
* daemon started successfully *
F:\ADB>adb shell
#mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
Follow the following steps to install Superuser.apk, busybox,su
F:\ADB>adb shell
# cd /data/local/tmp
cd /data/local/tmp
# ./busybox cp busybox /system/bin
./busybox cp busybox /system/bin
# chmod 4755 /system/bin/busybox
chmod 4755 /system/bin/busybox
# busybox cp Superuser.apk /system/app
busybox cp Superuser.apk /system/app
# busybox cp su /system/bin
busybox cp su /system/bin
# chmod 4755 /system/bin/su
chmod 4755 /system/bin/su
# exit
exit
F:\ADB>adb shell
# su
su
#mount -o remount,ro -t yaffs2 /dev/block/mtdblock3 /system
# exit
exit
Thanks, I'll fix it up when I'm at a desktop computer again and less occupied by the Masters thesis I'm defending in just over 2 weeks
Sent from my Nexus One using XDA App
hehe oh noes. I gave the cage file a go 3 times, failed, so I got pissed and unlocked the bootloader, then now I read about the remounting of the file system.. didn't think about that.
well.. now I can't undo the unlocking :/
HELP ME, I've lost root!
I ran the X10root v 1.0.8 although i already had root and now i lost root. (X10i 2.1 nordic)
If i try to root it again with the SuperOneClick thing i get the following:
Killing ADB Server...
OK
Starting ADB Server...
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
OK
Waiting for device...
OK
Pushing rageagainstthecage...
526 KB/s (5392 bytes in 0.010s)
OK
chmod rageagainstthecage...
OK
Running rageagainstthecage...
ROOTED
Getting mount path...
/dev/block/mtdblock2
OK
Remounting system with read-write access...
OK
Pushing su...
failed to copy 'su' to '/system/bin/su': Permission denied
OK
Pushing superuser.apk...
2628 KB/s (196521 bytes in 0.073s)
OK
chmod su...
OK
Remounting system with read-only access...
OK
Device was not rooted!
FAILED
Click to expand...
Click to collapse
Please, help me.
EDIT:
Maybe this is also relevant: (adb shell)
# su
su
reloc_library[1245]: 3654 cannot locate '_ZNK7android6Parcel15setDataPositionEj'...CANNOT LINK EXECUTABLE
#
Click to expand...
Click to collapse
2.1 or 1.6?
X10i 2.1 nordic
theeedy said:
X10i 2.1 nordic
Click to expand...
Click to collapse
Factory reset....
:/
Sent from my X10i using XDA App
Try again - http://forum.xda-developers.com/showthread.php?t=824788
I tried it already around 10 times.
EDIT: I had to reflash the firmware -.-
** This is completely unsupported!!!!!!! **
ALL credit goes to saurik for the root method, Jason A. Donenfeld (zx2c4) for finding the exploit, alpharevx for finding the offsets and initial confirmation on the Transformer Prime and viperboy for finding it and posting it in his thread. I did not research, find, or develop this root method!
Mods, if I've done anything wrong, please feel free to remove this thread.
You will need to know how to use ADB commands, otherwise, use viperMOD PrimeTime!!!!!!!!!!!!!!!!!!!!!!!!.
Downloads:
mempodroid binary
su binary
Root:
adb push mempodroid /data/local
adb push su /data/local
adb shell
chmod 777 /data/local/mempodroid
/data/local/mempodroid 0xd9ec 0xaf47 sh
** You should now be in a remote shell session with root (indicated by #)
mount -o remount,rw -t ext4 /dev/block/mmcblk0p1 /system
** IF you have previously rooted your Prime, run the following two commands. They may throw an error that the file a file was not found.
rm /system/bin/su
rm /system/xbin/su
cat /data/local/su > /system/xbin/su
chown 0.0 /system/xbin/su
chmod 06755 /system/xbin/su
rm /data/local/mempodroid
rm /data/local/su
exit
exit
adb reboot
After your Transformer Prime comes up, install Superuser from android market.
HOPEFULLY everyone has learned their lesson and will also install Voodoo Rootkeeper as well!!!!!!!!!!!!!!!!!!!! R
Enjoi!!!!!!!!!!!!!!!
** Feb 21 2012 Edit **
Works on 9.4.2.14
** Feb 09 2012 Edit **
Works on 9.4.2.13
** Jan 25 2012 Edit **
Changed the mount command - thanks viperboy!
Added steps to possibly resolve issues with previously rooted systems
Changed a few steps to be a little bit easier.
**Jan 24 2012 Edit **
Some people are reporting issues with this method. I suspect this is due to previously having root or other altered files. A method that has worked for some is to update to 9.4.2.11.1 and then following the above procedures. Please note, this firmware release is unofficial and at this time THERE IS NO DOWNGRADE PATH.
i keep getting permission denied after
adb shell /data/local/mempodroid 0xd9ec 0xaf47 mount -o remount,rw '' /system
i missed a chmod step, add it just now.
run:
adb shell chmod 777 /data/local/mempodroid
and then pick up right where you left off.
as i am not root nor superuser .. i don't even get access
/ $ cd data
~ $ ls
ls: can't open '.': Permission denied
after this command
adb shell /data/local/mempodroid 0xd9ec 0xaf47 sh
i got [email protected]:/ # but i cant type anything else in the dos windows after it.. can you explain further please
insane111 said:
after this command
adb shell /data/local/mempodroid 0xd9ec 0xaf47 sh
i got [email protected]:/ # but i cant type anything else in the dos windows after it.. can you explain further please
Click to expand...
Click to collapse
click on the window, you should be able to continue typing
/mnt/sdcard/Download $ adb push su /data/local
error: device not found
for some odd reason i cant type anything else after on that window..
after shell with root, i get the #, but i can't type anything afterwards. do i just repeat the process over?
edit: question was already asked, tried clicking on window, doesn't work.
insane111 said:
for some odd reason i cant type anything else after on that window..
Click to expand...
Click to collapse
updating!
10 char
toby77jo said:
/mnt/sdcard/Download $ adb push su /data/local
error: device not found
Click to expand...
Click to collapse
no offense, you may want to just wait for the one click root.
Tairen said:
after shell with root, i get the #, but i can't type anything afterwards. do i just repeat the process over?
edit: question was already asked, tried clicking on window, doesn't work.
Click to expand...
Click to collapse
updated, should be working now.
hehe that is fine .. not offended
se1000 said:
updated, should be working now.
Click to expand...
Click to collapse
thank you very much sir.. it work...
insane111 said:
thank you very much sir.. it work...
Click to expand...
Click to collapse
NICE!!!!!!!!!!!!!!!!!!!!
hmm did everything on your post, and rebooted. already had SU so i just opened up an app that requires root (titanium backup) and it says it wasn't able to attain root?
edit: confirmed with root checker that i still don't have root
Tairen said:
hmm did everything on your post, and rebooted. already had SU so i just opened up an app that requires root (titanium backup) and it says it wasn't able to attain root?
edit: confirmed with root checker that i still don't have root
Click to expand...
Click to collapse
Try re-installing superuser? When I was rooted before, sometimes superuser wouldn't prompt me for SU on occasion too.
se1000 said:
Try re-installing superuser? When I was rooted before, sometimes superuser wouldn't prompt me for SU on occasion too.
Click to expand...
Click to collapse
ahh i see the problem..
cat /data/local/su > /system/xbin/su
sh: cannot create /system/xbin/su: Read-only file system
how do i proceed?
Tairen said:
ahh i see the problem..
cat /data/local/su > /system/xbin/su
sh: cannot create /system/xbin/su: Read-only file system
how do i proceed?
Click to expand...
Click to collapse
Looks like something went wrong on the first mempodroid command. Go back and start from the begining just in case. Shouldn't hurt anything.
se1000 said:
Looks like something went wrong on the first mempodroid command. Go back and start from the begining just in case. Shouldn't hurt anything.
Click to expand...
Click to collapse
Sounds good, will try again and update!
I have rooted my hdx8.9, and then I reroot it. Now I have some problem, I want to root my hdx again, but Ican't root it again, I have pushed the 4 files, but it didn't continue. It shows
Waiting for device ...
Pushing files ...
push: .\scripts\superuser/superuser.sh -> /data/local/tmp/superuser.sh
push: .\scripts\superuser/Superuser.apk -> /data/local/tmp/Superuser.apk
push: .\scripts\superuser/su -> /data/local/tmp/su
push: .\scripts\superuser/exploit -> /data/local/tmp/exploit
4 files pushed. 0 files skipped.
3401 KB/s (2845659 bytes in 0.817s)
/system/bin/sh: chmod: not found
/system/bin/sh: chmod: not found
Running the exploit ...
/system/bin/sh: /data/local/tmp/exploit: can't execute: Permission denied
Check the output. Does it looks fine?
What can I do, I want to full restore to stock rom to fix some proble as the post 'http://forum.xda-developers.com/showthread.php?t=2582773' says, but it
need your device rooted first.
Thanks.
Show us the script body you're pushing.
If you're using some ready scripts I assume the name of it is superuser.sh
CrashThump said:
Show us the script body you're pushing.
If you're using some ready scripts I assume the name of it is superuser.sh
Click to expand...
Click to collapse
I use the tool from the post “[ROOT] Rooting tutorial - hdx 8.9" 14.3.1.0” http://http://forum.xda-developers.com/showthread.php?t=2545957
@sdcardsd, Did you tried to use expression '/system/bin/toolbox chmod' instead of '/system/bin/chmod' in rootme.sh? For me it seems that you've lost the symlink. This may be caused by some busybox installation and removal.
CrashThump said:
@sdcardsd, Did you tried to use expression '/system/bin/toolbox chmod' instead of '/system/bin/chmod' in rootme.sh? For me it seems that you've lost the symlink. This may be caused by some busybox installation and removal.
Click to expand...
Click to collapse
I don't know whether I use these expression '/system/bin/toolbox chmod' instead of '/system/bin/chmod' in rootme.sh, I only use the tools to root my kindle. But I really installed busybox and then removal it by recovery to the factory reset after I reroot my device. Then I have some problem on my kindle, I think the system files be destoryed, so I want to full restore the original ROM, but I can't root my device again. And if it is caused by losing the symlink, how to fix it ? Thanks.
@sdcardsd, then make a suggested replace
CrashThump said:
@sdcardsd, then make a suggested replace
Click to expand...
Click to collapse
The only way is to replace my device? But it is very inconvenient for me, I'am not in America.
15 8556535
@sdcardsd, just replace '/system/bin/chmod' by '/system/bin/toolbox chmod' in 'rootme.sh' file.
CrashThump said:
@sdcardsd, just replace '/system/bin/chmod' by '/system/bin/toolbox chmod' in 'rootme.sh' file.
Click to expand...
Click to collapse
#!/system/bin/sh
/system/bin/mount -o remount,rw /system
/system/bin/cat /data/local/tmp/su > /system/xbin/su
/system/bin/chown 0.0 /system/xbin/su
/system/bin/chmod 06755 /system/xbin/su
your mean I modify the rootme.sh into
#!/system/bin/sh
/system/bin/mount -o remount,rw /system
/system/bin/cat /data/local/tmp/su > /system/xbin/su
/system/bin/chown 0.0 /system/xbin/su
/system/bin/toolbox chmod 06755 /system/xbin/su
CrashThump said:
@sdcardsd, just replace '/system/bin/chmod' by '/system/bin/toolbox chmod' in 'rootme.sh' file.
Click to expand...
Click to collapse
I have replace the rootme.sh into
/system/bin/sh
/system/bin/mount -o remount,rw /system
/system/bin/cat /data/local/tmp/su > /system/xbin/su
/system/bin/chown 0.0 /system/xbin/su
/system/bin/toolbox chmod 06755 /system/xbin/su
but it didn't work
the display is
======================================================================
======================================================================
Welcome to Kindle Root Utility (Faznx92 version)
Special Thanks to:
jcase
fi01
======================================================================
======================================================================
WARNING THIS WORKS ONLY WITH KINDLE HDX 8.9" version 14.3.1.0
======================================================================
======================================================================
Please connect Device with enabled USB-Debugging to your Computer!
Device connected. Pushing files...
680 KB/s (104564 bytes in 0.150s)
1 KB/s (196 bytes in 0.168s)
2024 KB/s (507888 bytes in 0.245s)
Changing permissions...
/system/bin/sh: chmod: not found
/system/bin/sh: chmod: not found
Executing Exploit (could take some minutes, be patient!)
Hit ENTER to continue
/system/bin/sh: /data/local/tmp/exploit: can't execute: Permission denied
Type "su" to check for root!
/system/bin/sh: /system/etc/mkshrc[8]: id: not found
@android:/ $
@android:/ $ su
su
/system/bin/sh: su: not found
127 @android:/ $
same for lines 24-25 of runme.bat
Code:
adb shell chmod 755 /data/local/tmp/rootme.sh
adb shell chmod 755 /data/local/tmp/exploit
change to
Code:
adb shell /system/bin/toolbox chmod 755 /data/local/tmp/rootme.sh
adb shell /system/bin/toolbox chmod 755 /data/local/tmp/exploit
CrashThump said:
same for lines 24-25 of runme.bat
Code:
adb shell chmod 755 /data/local/tmp/rootme.sh
adb shell chmod 755 /data/local/tmp/exploit
change to
Code:
adb shell /system/bin/toolbox chmod 755 /data/local/tmp/rootme.sh
adb shell /system/bin/toolbox chmod 755 /data/local/tmp/exploit
Click to expand...
Click to collapse
I replace the runme.bat
the display is changed, but it didn't work.
======================================================================
======================================================================
Welcome to Kindle Root Utility (Faznx92 version)
Special Thanks to:
jcase
fi01
======================================================================
======================================================================
WARNING THIS WORKS ONLY WITH KINDLE HDX 8.9" version 14.3.1.0
======================================================================
======================================================================
Please connect Device with enabled USB-Debugging to your Computer!
Device connected. Pushing files...
1041 KB/s (104564 bytes in 0.098s)
2 KB/s (196 bytes in 0.083s)
2128 KB/s (507888 bytes in 0.233s)
Changing permissions...
Executing Exploit (could take some minutes, be patient!)
Hit ENTER to continue
press any key to continue. . .
Device detected: KFAPWI (JDQ39)
Attempt acdb exploit...
KFAPWI (JDQ39) is not supported.
Attempt fj_hdcp exploit...
Attempt msm_cameraconfig exploit...
Detected kernel physical address at 0x00008000 form iomem
Attempt put_user exploit...
/data/local/tmp/rootme.sh[2]: /system/bin/mount: not found
/data/local/tmp/rootme.sh[3]: can't create /system/xbin/su: Read-only file syste
m
Unable to chown /system/xbin/su: No such file or directory
Unable to chmod /system/xbin/su: No such file or directory
press any key to continue. . .
Type "su" to check for root!
/system/bin/sh: /system/etc/mkshrc[8]: id: not found
@android:/ $ SU
SU
/system/bin/sh: SU: not found
127 @android:/ $
Hummmm. I'm looking into this but can't this week I'm super busy. I don't have the 8.9" I have the 7" so it is hard for me to test. I'm not sure if moving the rootme.sh was a good idea. I think the exploit code isn't finding it. You may need a rebuild of the exploit file. I say throw your question in here to see if someone can help. Still, just hope for the best.
@sdcardsd,
Code:
#!/system/bin/sh
/system/bin/toolbox mount -o remount,rw /system
/system/bin/toolbox cat /data/local/tmp/su > /system/xbin/su
/system/bin/toolbox chown 0.0 /system/xbin/su
/system/bin/toolbox chmod 6755 /system/xbin/su
/system/bin/toolbox ln -s /system/xbin/su /system/bin/su
CrashThump said:
@sdcardsd,
Code:
#!/system/bin/sh
/system/bin/toolbox mount -o remount,rw /system
/system/bin/toolbox cat /data/local/tmp/su > /system/xbin/su
/system/bin/toolbox chown 0.0 /system/xbin/su
/system/bin/toolbox chmod 6755 /system/xbin/su
/system/bin/toolbox ln -s /system/xbin/su /system/bin/su
Click to expand...
Click to collapse
I replace the rootme.sh into
#!/system/bin/sh
/system/bin/toolbox toolbox mount -o remount,rw /system
/system/bin/toolbox cat /data/local/tmp/su > /system/xbin/su
/system/bin/toolbox chown 0.0 /system/xbin/su
/system/bin/toolbox chmod 06755(or 6755) /system/xbin/su
/system/bin/toolbox ln -s /system/xbin/su /system/bin/su
but it didn't work
======================================================================
======================================================================
Welcome to Kindle Root Utility (Faznx92 version)
Special Thanks to:
jcase
fi01
======================================================================
======================================================================
WARNING THIS WORKS ONLY WITH KINDLE HDX 8.9" version 14.3.1.0
======================================================================
======================================================================
Please connect Device with enabled USB-Debugging to your Computer!
Device connected. Pushing files...
1215 KB/s (104564 bytes in 0.084s)
5 KB/s (284 bytes in 0.050s)
2194 KB/s (507888 bytes in 0.226s)
Changing permissions...
Executing Exploit (could take some minutes, be patient!)
Hit ENTER to continue
press any key to continue. . .
Device detected: KFAPWI (JDQ39)
Attempt acdb exploit...
KFAPWI (JDQ39) is not supported.
Attempt fj_hdcp exploit...
Attempt msm_cameraconfig exploit...
Detected kernel physical address at 0x00008000 form iomem
Attempt put_user exploit...
link failed File exists
press any key to continue. . .
Type "su" to check for root!
/system/bin/sh: /system/etc/mkshrc[8]: id: not found
@android:/ $ su
su
[email protected]:/ #
Faznx92 said:
Hummmm. I'm looking into this but can't this week I'm super busy. I don't have the 8.9" I have the 7" so it is hard for me to test. I'm not sure if moving the rootme.sh was a good idea. I think the exploit code isn't finding it. You may need a rebuild of the exploit file. I say throw your question in here to see if someone can help. Still, just hope for the best.
Click to expand...
Click to collapse
Thanks, I will wait for the good news.
@sdcardsd, what didn't work? you've got the su working. you've got the root.
CrashThump said:
@sdcardsd, what didn't work? you've got the su working. you've got the root.
Click to expand...
Click to collapse
I can rostore my device, thanks.
sdcardsd said:
But I didn't have the Superuser,and I can‘t edit the system file, such as the build.prop, it don't have the root right. and the root explorer also can't be opened.
Click to expand...
Click to collapse
this root exploit doesn't auto-install superuser (well it didn't for me), you either have to side-load it or get it through a store. Also if root explorer isn't working have you tried es file explorer? Additionally, you'll have to remount the system folder as rw before you can edit any system files. This can be done through adb shell with the command "mount -o rw,remount /system" after you use the su command. Just as a forewarning, be super careful when editing everything, the kindle is super sensitive to build.prop changes. I boot looped early on, so just as a warning.
S_transform said:
this root exploit doesn't auto-install superuser (well it didn't for me), you either have to side-load it or get it through a store. Also if root explorer isn't working have you tried es file explorer? Additionally, you'll have to remount the system folder as rw before you can edit any system files. This can be done through adb shell with the command "mount -o rw,remount /system" after you use the su command. Just as a forewarning, be super careful when editing everything, the kindle is super sensitive to build.prop changes. I boot looped early on, so just as a warning.
Click to expand...
Click to collapse
Thanks, I have full restore my device, and I think all is ok now.