[Q] Possible way in? - HTC EVO 3D

Cache cleaners need root access to do their thing. Any way to slip something in the stock (settings, I think) apk when it makes the call for /system access? I follow the "progress" threads, but it's like reading a foreign language to me for the most part. I appreciate the work the devs do, just throwing out a layman's idea trying to help the cause.

ducky1131 said:
Cache cleaners need root access to do their thing. Any way to slip something in the stock (settings, I think) apk when it makes the call for /system access? I follow the "progress" threads, but it's like reading a foreign language to me for the most part. I appreciate the work the devs do, just throwing out a layman's idea trying to help the cause.
Click to expand...
Click to collapse
essentially the way htc has locked down this phone is two fold. one, no root access. two, no write access to the internal /system partition.
the fr3vo root exploit allows us root access, but does not allow us write access to the internal memory.
currently, the issue of obtaining root access has been resolved by fr3vo, but the issue of gaining write access to the internal memory has not been resolved as is a bit more complex.
on a side note, to follow some of the logic behind your suggestion:
in order to modify any apk on /system, we would need write access to /system. in some android phones, like many samsung models, there is no write protection lock on the device. once you're able to obtain root access, you can remount /system as read-write and write away as you please. unfortunately, this htc device has been locked down through a write protection mechanism over the internal memory which prevents even root users from writing to /system. running an .apk with system permissions, would essentially be a similar form to having root access through the shell as fr3vo currently grants us.
hope that makes more sense than the foreign language the progress threads appear as!

Related

[Q] How does "Android Root" works ?

Hello XDA-Forum users,
I ask you a question: How does Android Root works ?
I mean, for example, How does it works in Nexus One ?
This would be an understanding question to know more about how I get root from my Phone (Nexus One, for example) from scratch, from sources.
upupupupupup
Rooting basics:
http://lifehacker.com/5342237/five-great-reasons-to-root-your-android-phone
For details on how to do it on your device, Google or use the forum search. Lots of rooting information that is device dependent out there.
It basically gives your phone permission to do almost anything. It is similar to giving a user in Windows Administrator rights. It is called super user. You can do many things such as removing unwanted apps and overclocking.
This is not what I mean, I asks for an explaining in which the question is "How the root is possible? What active the root ?" Probably a kernel exploit, or stuff like that, to understand the underground passage to take it, from an hack view.
So, How works a root utility (such SuperOneClick) to set gid to 0 ?
Valid question, I am also interested in learning this.
In other words, if I were to perform the rooting manually, where can I find such info?
And some of the question is why su must be in some diredctories, and can't be run from /data/local/tmp for example?
Someone can enlighten us?
diego.stamigni said:
Someone can enlighten us?
Click to expand...
Click to collapse
The general approach is taking advantage of bugs in the android OS
The process works something like this
User crafts some special data that contains a "payload" (the script/executable that we want to run)
User runs a system process that has root privileges and gets it to open the special data
The bug causes the system process to get confused by the data, and ends up running the embedded script
The embedded script runs with the same privileges as the system process, and thus can stuff that normal users aren't allowed to do (e.g. installs the SU app)
Commonly, things such as buffer overflows are used
So after gaining root access, which apps can run as root?
Or the user becomes root(as in desktop), and can run all types of apps?
Can root app(run as root) access everything?? Or app permission still applies?
Is it that system exploit is always used to run root apps?
can someone explain in technical details? not how to root.
are rooting programs open source??
What is the root procedure
Bayint Naung said:
So after gaining root access, which apps can run as root?
Or the user becomes root(as in desktop), and can run all types of apps?
Can root app(run as root) access everything?? Or app permission still applies?
Is it that system exploit is always used to run root apps?
can someone explain in technical details? not how to root.
are rooting programs open source??
Click to expand...
Click to collapse
Hi guys!
I have the same question and after searching and asking find this!
it is good!!
hope it works!
http://stackoverflow.com/questions/...hat-are-the-pre-requisites-for-it-to-work-wha
also look at the suggestedpages at the right of this page!

[Q] Incorporate apps directly into ROMS

*Mods, please move if in wrong thread*
I am developing a ROM for a major company, but I have a few questions, probably for very advanced developers...
1. Is it possible to develop an app, and incorporate it directly into a rom, almost as if it were a setting? So, instead of the user clicking on the app, can I make it as a built in function of the ROM?
2. Since I'm developing for a company, is there any way to disable installing any other app, even from the market?
3. Also, is there any way possible, to have a centralized "server" for the rom, to see where all of the devices are (gps), and be able to update the rom from the server?? Kind of my own OTA updates..
How would I go about this? Where to begin?
Any help would be appreciated, Thank you in advance
Yes, it's all possible, but with the caveat that a user who knows what he's doing will be able to reverse you changes. If you can get a root shell via adb, you can remove the package installer and install your own applications by remounting the system filesystem read/write with
Code:
mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
at that point it's just a matter of moving the APK to /system/app/ . Reboot immediately afterwards to avoid any trouble.
#3 is a bit harder since remounting isn't something you want to do while the user is handling the device (it can cause all kinds of weird behavior).... but it's possible. At the very least you should only remount when an update is actually applied and restart immediately afterwards.
Of course, if your users know how to handle ADB, it will all fall to pieces as they will be able to do exactly what you're doing. Setting a password for root might work... but it's as likely to trash the device since Android assumes that it's run by root and if the underlying Linux system should suddenly ask for a root password during boot there won't be any UI to actually enter the password.

Root access

Hello,
I only want to install some apps from the market (setcpu, market enabler and root explorer,...) that requiers root access.
So what do I have to do? Is it enough if I just unlock my bootloader with the tool on htcdev.com?
Which way of rooting my device would you recommend me?
I use an evo 3d gsm (eu version).
thx for the help
Honestly I go with the root posted here in xda, my friend rooted with the HTC method and has had some wierd stuff going on ( no roaming or 3g) I've had my phone rooted with the method given here on xda and haven't got any problems.
MettlerNikola said:
Hello,
I only want to install some apps from the market (setcpu, market enabler and root explorer,...) that requiers root access.
So what do I have to do? Is it enough if I just unlock my bootloader with the tool on htcdev.com?
Which way of rooting my device would you recommend me?
I use an evo 3d gsm (eu version).
thx for the help
Click to expand...
Click to collapse
The main limitation to modifying anything on our device is the internal memory write protection HTC has installed.
There is a temporary method, which will work on previous system software versions to get root acccess, traditional out of bounds exploit, fre3vo.
This will have to be run after each boot to get root access as it does not unlock the internal memory write protection, hence the term temporary root.
In order to unlock the internal memory write protection, so our modifications to the system persist past reboot, we have to run of two unlock methods, revolutionary or htc.
Personally, I ran revolutionary and will probably still continue to do so as it unlocks more of the internal memory more of the time.
If you're looking to follow the *official* route, you'll probably want to use the HTC method. This method is semi new and I haven't personally used it. I only speak from experienced gained through others posting their experiences. If I leave something out, I'm sure somebody will correct me.
The official htc dev method should unlock the write protection at least while in the bootloader and fastboot mode where you can flash a custom recovery and/or custom kernel. Once you have a custom recovery loaded, you can boot into recovery mode, where the internal memory write protection on the /system partition is disabled and make changes to the system, i.e. install an su binary or Superuser.apk (has its own su binary) to provide root access to Android applications.
After you've installed either the su binary, or the Superuser.apk, my application called Root Check is free in the android market and the advanced mode will provide all the details either confirming a proper installation or highlighting the area with issues.
I'm sure there is a guide around here .. I probably should have linked to it rather than write out the process ... lol
Hope that helps and best of luck!
Assuming you have the 1.5 HBoot? If so I dont really know anything about that...I wouldnt use HTCs method.
If you have an Hboot before 1.5 just use unrevolked.
S-Off does not mean you have root BTW it just means you can flash stuff. Once you have S-Off you have to flash super user to get root access.

semi noob question

alright so i know what rooting is , my understanding is that before rooting i won't have administrative access to parts of the file system i think that means that
i'll only have access to "/mnt/sdcard" and not to "/"
after rooting i'll have full access to the entire filesystem
i know why manufacutures dont want people playing around in there ,my understanding - many things break easily deleting something or changing some permison can "f" it up
i've been with android for 1 year and roughly 6 months ,been through an x10 a DHD
other various devices currently on the Mopho so im not a complete nub
i know how to root ,you install this ,push this ,do this , that etc
my question is how is the root part blocked and how is root acheived i dont mean how to root a certain device, i mean how do the exploits do what do they change ?
J35US said:
alright so i know what rooting is , my understanding is that before rooting i won't have administrative access to parts of the file system i think that means that
i'll only have access to "/mnt/sdcard" and not to "/"
after rooting i'll have full access to the entire filesystem
i know why manufacutures dont want people playing around in there ,my understanding - many things break easily deleting something or changing some permison can "f" it up
i've been with android for 1 year and roughly 6 months ,been through an x10 a DHD
other various devices currently on the Mopho so im not a complete nub
i know how to root ,you install this ,push this ,do this , that etc
my question is how is the root part blocked and how is root acheived i dont mean how to root a certain device, i mean how do the exploits do what do they change ?
Click to expand...
Click to collapse
Basically, the root section is blocked since it is set to r/o which normal user permissions cannot change. Rooting exploits change the system permissions and pushes the su binary in to give you superuser access which will then allow you full access to the system.
J35US said:
alright so i know what rooting is , my understanding is that before rooting i won't have administrative access to parts of the file system i think that means that
i'll only have access to "/mnt/sdcard" and not to "/"
after rooting i'll have full access to the entire filesystem
i know why manufacutures dont want people playing around in there ,my understanding - many things break easily deleting something or changing some permison can "f" it up
i've been with android for 1 year and roughly 6 months ,been through an x10 a DHD
other various devices currently on the Mopho so im not a complete nub
i know how to root ,you install this ,push this ,do this , that etc
my question is how is the root part blocked and how is root acheived i dont mean how to root a certain device, i mean how do the exploits do what do they change ?
Click to expand...
Click to collapse
as far as I know, Stock rom's don't have a root function implemented at all.
to get root access, people use exploits to change permissions of the folders to gain access to the System partition, and then the SU (superuser) binaries are put into /system/xbin , and then install the superuser.apk (to make use of the su binary)
EDIT:
Damn ninjas
so rooting is basically changing a few permisions of folders that i wont normally have access to in order to put the SU binary into the fore mentioned path
just re itarating to make sure i understand
additionally if i won't normally have access to these folders then how do they change the permissions <-- maybe pushing it but ask an you shall receive
J35US said:
so rooting is basically changing a few permisions of folders that i wont normally have access to in order to put the SU binary into the fore mentioned path
just re itarating to make sure i understand
additionally if i won't normally have access to these folders then how do they change the permissions <-- maybe pushing it but ask an you shall receive
Click to expand...
Click to collapse
You could say it like that but it grants you far more access and unlocks many possibilities making you the superuser. Rooting uses exploits which bypass these set permissions.

[Q] SD CARD fix (KitKat or higher)

I have a question, and if possible the answer should be as wide as possible to work on as many systems as possible. While I am not fully conversed in Android functions, syntax, and interfaces, I have been programing various computers since the mid 80's and have applied rooting/jailbreaking methods to several systems (if it functions like a computer, I want my Admin rights, much thanks to each and all authors of these). I know that someone somewhere out there may have asked and already found a solution to this very annoying problem.
Thanks to the Google's decision to increase security in the Android OSes (KitKat and higher) by removing write access to the SD Card (as I call it a very 'bonehead' and brute force decision), most of the older apps do not work properly anymore with the user added SD Cards and most are not being updated with some form of support (create a folder on SD Card). The solution for most persons is to root the system then either run an app that corrects the problem or install a new LRAM image (Lockable RAM: 'unlock' the RAM and overwrite its data with a new image then re-lock it. I don't like the term 'ROM' for this as it has been incorrectly used since the late 80's). I have found at least 2 file managers that say they have a (in-app) solution, but these solutions don't extend to all of your other apps (ie "Root Explorer" or "B1" solution doesn't help your File server/uTorrent/Photo Gallery app).
But what of the owners that for one reason or another can't root their system (unable to root, not authorized or allowed to root, etc.) but want/need to have write access to the user added cards (mainly because their internal storage is just too small)? Example, in my case my personal phone has several apps that require it to remain in an unrooted state for certain work related programs (security issues).
So here is my question:
Is it possible, on an unrooted and stock LRAM android device, using ADB to PULL the "platform.xml" file, add the line '<group gid=”media_rw” />' to it, then PUSH the edited file back to the android device?
I realize this may require entering (various name versions) Recovery or Update mode which is specific to each device (I think Samsung calls their ODIN). But I think the ADB commands and computer side instructions should be the same. So if it is possible, please list all ADB instructions (I know the text editor used will depend on the PC/MAC OS used).
Thank you one and all that give any advice or assistance.
Well it looks like there have been a lot of lookers since I first posted this but still no reply by anyone that knows Android OS inside and out. Most of you are probably thinking "tl:dr" to all of it.
I know there has to be a way to update/upgrade system files that doesn't require rooting or a way to find the manufacturer's or cellular vender's access path or password.

Categories

Resources