** This is completely unsupported!!!!!!! **
ALL credit goes to saurik for the root method, Jason A. Donenfeld (zx2c4) for finding the exploit, alpharevx for finding the offsets and initial confirmation on the Transformer Prime and viperboy for finding it and posting it in his thread. I did not research, find, or develop this root method!
Mods, if I've done anything wrong, please feel free to remove this thread.
You will need to know how to use ADB commands, otherwise, use viperMOD PrimeTime!!!!!!!!!!!!!!!!!!!!!!!!.
Downloads:
mempodroid binary
su binary
Root:
adb push mempodroid /data/local
adb push su /data/local
adb shell
chmod 777 /data/local/mempodroid
/data/local/mempodroid 0xd9ec 0xaf47 sh
** You should now be in a remote shell session with root (indicated by #)
mount -o remount,rw -t ext4 /dev/block/mmcblk0p1 /system
** IF you have previously rooted your Prime, run the following two commands. They may throw an error that the file a file was not found.
rm /system/bin/su
rm /system/xbin/su
cat /data/local/su > /system/xbin/su
chown 0.0 /system/xbin/su
chmod 06755 /system/xbin/su
rm /data/local/mempodroid
rm /data/local/su
exit
exit
adb reboot
After your Transformer Prime comes up, install Superuser from android market.
HOPEFULLY everyone has learned their lesson and will also install Voodoo Rootkeeper as well!!!!!!!!!!!!!!!!!!!! R
Enjoi!!!!!!!!!!!!!!!
** Feb 21 2012 Edit **
Works on 9.4.2.14
** Feb 09 2012 Edit **
Works on 9.4.2.13
** Jan 25 2012 Edit **
Changed the mount command - thanks viperboy!
Added steps to possibly resolve issues with previously rooted systems
Changed a few steps to be a little bit easier.
**Jan 24 2012 Edit **
Some people are reporting issues with this method. I suspect this is due to previously having root or other altered files. A method that has worked for some is to update to 9.4.2.11.1 and then following the above procedures. Please note, this firmware release is unofficial and at this time THERE IS NO DOWNGRADE PATH.
i keep getting permission denied after
adb shell /data/local/mempodroid 0xd9ec 0xaf47 mount -o remount,rw '' /system
i missed a chmod step, add it just now.
run:
adb shell chmod 777 /data/local/mempodroid
and then pick up right where you left off.
as i am not root nor superuser .. i don't even get access
/ $ cd data
~ $ ls
ls: can't open '.': Permission denied
after this command
adb shell /data/local/mempodroid 0xd9ec 0xaf47 sh
i got [email protected]:/ # but i cant type anything else in the dos windows after it.. can you explain further please
insane111 said:
after this command
adb shell /data/local/mempodroid 0xd9ec 0xaf47 sh
i got [email protected]:/ # but i cant type anything else in the dos windows after it.. can you explain further please
Click to expand...
Click to collapse
click on the window, you should be able to continue typing
/mnt/sdcard/Download $ adb push su /data/local
error: device not found
for some odd reason i cant type anything else after on that window..
after shell with root, i get the #, but i can't type anything afterwards. do i just repeat the process over?
edit: question was already asked, tried clicking on window, doesn't work.
insane111 said:
for some odd reason i cant type anything else after on that window..
Click to expand...
Click to collapse
updating!
10 char
toby77jo said:
/mnt/sdcard/Download $ adb push su /data/local
error: device not found
Click to expand...
Click to collapse
no offense, you may want to just wait for the one click root.
Tairen said:
after shell with root, i get the #, but i can't type anything afterwards. do i just repeat the process over?
edit: question was already asked, tried clicking on window, doesn't work.
Click to expand...
Click to collapse
updated, should be working now.
hehe that is fine .. not offended
se1000 said:
updated, should be working now.
Click to expand...
Click to collapse
thank you very much sir.. it work...
insane111 said:
thank you very much sir.. it work...
Click to expand...
Click to collapse
NICE!!!!!!!!!!!!!!!!!!!!
hmm did everything on your post, and rebooted. already had SU so i just opened up an app that requires root (titanium backup) and it says it wasn't able to attain root?
edit: confirmed with root checker that i still don't have root
Tairen said:
hmm did everything on your post, and rebooted. already had SU so i just opened up an app that requires root (titanium backup) and it says it wasn't able to attain root?
edit: confirmed with root checker that i still don't have root
Click to expand...
Click to collapse
Try re-installing superuser? When I was rooted before, sometimes superuser wouldn't prompt me for SU on occasion too.
se1000 said:
Try re-installing superuser? When I was rooted before, sometimes superuser wouldn't prompt me for SU on occasion too.
Click to expand...
Click to collapse
ahh i see the problem..
cat /data/local/su > /system/xbin/su
sh: cannot create /system/xbin/su: Read-only file system
how do i proceed?
Tairen said:
ahh i see the problem..
cat /data/local/su > /system/xbin/su
sh: cannot create /system/xbin/su: Read-only file system
how do i proceed?
Click to expand...
Click to collapse
Looks like something went wrong on the first mempodroid command. Go back and start from the begining just in case. Shouldn't hurt anything.
se1000 said:
Looks like something went wrong on the first mempodroid command. Go back and start from the begining just in case. Shouldn't hurt anything.
Click to expand...
Click to collapse
Sounds good, will try again and update!
Related
going through the entire 1.5 to 2.1 root tutorial to a tee, but once i get to the recovery image, this happens (following is an entire copy/paste of what I went through, incase i did something wrong before i hit the point)
Code:
Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\Lemcott>cd C:\android-sdk-windows\tools
C:\android-sdk-windows\tools>adb shell mount -o rw,remount /dev/block/mtdblock3
/system
adb server is out of date. killing...
* daemon started successfully *
C:\android-sdk-windows\tools>adb shell mount -o rw,remount /dev/block/mtdblock3
/system
C:\android-sdk-windows\tools>adb push recovery.img /sdcard
1192 KB/s (3926016 bytes in 3.215s)
C:\android-sdk-windows\tools>adb push flash_image /system/bin/flash_image
448 KB/s (9640 bytes in 0.021s)
C:\android-sdk-windows\tools>adb shell flash_image recovery /sdcard/recovery.img
flash_image: permission denied
C:\android-sdk-windows\tools>
EDIT: I am a complete ass hat. nothing to see here, move a long. mods delete this if you please.
P.S. Everyone else: ALWAYS DOUBLE CHECK BEFORE POSTING FOR HELP. *ahem* now be on your way.
try programming thru fastboot. press call + vol down and select the fastboot option and use this command from the pc
fastboot flash recovery recovery.ing
Sent from my Evil Eris v1.1 using the XDA mobile application powered by Tapatalk
It looks like you forgot the step where you modify the flash_image's permissions
Code:
adb shell chmod 755 /system/bin/flash_image
I had the same thing but I just kept reentering
adb shell mount -o rw,remount /dev/block/mtdblock3 /system
adb push recovery.img /sdcard
adb push flash_image /system/bin
and after maybe 4 iterations it worked.
I have a very simular problem:
(moto droid with android 2.1)
$su
su
Permission denied
Click to expand...
Click to collapse
I have try to use chmod the file but it said permission denied on chmod... please help T_T
note this is rooted, of course, when i'm in the phone type su, it'll pop up ask for me to allow or not, allowed, everything seems fine, but when i try to modify files in /system/etc/wifi (trying to make it work for ad hoc) it said permission denied....(even in su???) I tried in adb and it's the same, very very frustrating, any help is appreciated, Thanks.
edit: here's what it looks like using chmod...
>adb shell chmod 755 /system
unable to chmod /system: Read-only file system
>
Click to expand...
Click to collapse
penthoy said:
I have a very simular problem:
(moto droid with android 2.1)
I have try to use chmod the file but it said permission denied on chmod... please help T_T
note this is rooted, of course, when i'm in the phone type su, it'll pop up ask for me to allow or not, allowed, everything seems fine, but when i try to modify files in /system/etc/wifi (trying to make it work for ad hoc) it said permission denied....(even in su???) I tried in adb and it's the same, very very frustrating, any help is appreciated, Thanks.
edit: here's what it looks like using chmod...
Click to expand...
Click to collapse
make it read/write
penthoy said:
I have a very simular problem:
(moto droid with android 2.1)
I have try to use chmod the file but it said permission denied on chmod... please help T_T
note this is rooted, of course, when i'm in the phone type su, it'll pop up ask for me to allow or not, allowed, everything seems fine, but when i try to modify files in /system/etc/wifi (trying to make it work for ad hoc) it said permission denied....(even in su???) I tried in adb and it's the same, very very frustrating, any help is appreciated, Thanks.
edit: here's what it looks like using chmod...
Click to expand...
Click to collapse
I wouldn't try to flash anything you find here to a Moto Droid.
This is for the HTC Droid Eris.
Otherwise, and if I'm misunderstanding you, good luck with your problem.
archmagus said:
It looks like you forgot the step where you modify the flash_image's permissions
Code:
adb shell chmod 755 /system/bin/flash_image
Click to expand...
Click to collapse
I've been bashing my head in ALL day trying to get past this and finally found this thread! This worked perfectly!
theboo7 said:
make it read/write
Click to expand...
Click to collapse
How should i make is read/write?????
i cant get it to work at all.. need help plz.
Hello Guys
why cant i mount that **** together, i have the root permission, but also i dont..somehow
Code:
Microsoft Windows [version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation. Alle rettigheder forbeholdes.
C:\Users\Rasmus H. G. Johnsen>d:
D:\>cd android\tools
D:\android\tools>adb devices
List of devices attached
HT9B7LG00092 device
D:\android\tools>adb shell mount -o rw,remount /dev/block/mtdbloc3 /system
mount: Operation not permitted
D:\android\tools>adb shell
$ ls
ls
sqlite_stmt_journals
cache
sdcard
etc
system
sys
sbin
proc
logo.rle
init.rc
init.goldfish.rc
init.bahamas.rc
init
default.prop
data
root
dev
$ exit
exit
Also if I go on and try to do this:
Code:
D:\android\tools>adb push flash_image /system/bin
failed to copy 'flash_image' to '/system/bin/flash_image': Read-only file system
I know that the flash_image fil and my recovery.img file is in this library and also on my sdcard, but I cant push the gotdamn flas_image file in the /system/bin catalog.
Can some one please help me ?
PS. I have the USB-debugging turned ON.
How do you know that you have root? Or, how did you gain root?
doogald said:
How do you know that you have root? Or, how did you gain root?
Click to expand...
Click to collapse
I have the app called androot from google market, ang i have run it to get root.
wfdi said:
I have the app called androot from google market, ang i have run it to get root.
Click to expand...
Click to collapse
I'm not aware of that app, and cannot find it in the market myself (do you have a link?)
However, one way to check for sure if you truly have root is run the adb command adb shell and, when you get a prompt, type the command "su". If it returns with a "#" prompt (rather than the "$" prompt that you are seeing), then you have root on the phone.
Most people these days root with either jcase's 1click root for eris: https://market.android.com/details?id=net.andirc.erisrooter or they use the procedure here: http://androidforums.com/eris-all-things-root/127861-universal-eris-root-dummies.html
You may be able to use the steps here as well, since you seem pretty comfortable with adb and have that working already: http://androidforums.com/eris-all-things-root/125436-detailed-leak-root-tutorial.html
Guys new I found another solution (tested on u8150)
First make sure that you are rooted first.
Open adb shell
Type in su.
Remount the system partition as read write.
Change the owner of system from root to system via chown root system
the exit the shell and push flash_image to system/
also push clockworkmodrecover.img into the system partion dont forget the last /.
then exit.
use a file manager, I used rootbrowser.apk without a memory card and installed recovery.
with rootbrowser copy flash_image to the bin directory.
don't forget to change the owner back to root to the system partition after you finish with rootexplorer or whatever u use even adb can work.
then the rest follows.
The above works only if your'e rooted and have adb.
Goodluck
haha am a genius Installing ROM +Recover without sdcard on u8150
all you have to do is:-
1. Make sure u have installed clockwork mode recovery on your device and have su binary.
2. Open adb with the device normally on.
3. Remount the data partition as read write using mount remount in adb .
4. use adb and push the cynogenmode.zip or any rom that fits into the data partition using
adb push romname.zip /data/
5. Reboot into clockworkmod recovery using the various options available.
6. This is what to do if you don't have a sdcard.
open adb with phone connected and run
adb shell
mount /data /sdcard
then go back to the main recovery menu and wipe dalvik cache only
then choose update from sdcard
flash your rom and tadaaa.
your'e done.
NB:CAUTION MAKE SURE TO FLASH A ROM THAT DOES NOT WRITE INTO THE DATA PARTION
THIS CAN BE DONE BY LOOKING FOR A FILE CALL UPDATE SCRIPT IN THE zip OF THE ROM U WANT TO INSTALL
Am going to make a post about this later.
Goodluck
Lol, 3 and a half year break between responses.
The problem with flash_image & dump_image is that it doesn't work on devices devices which use emmc (recent phones)and have
mmcblk0
and cat /proc/mtd won't work here either.
This means that you have to use dd to write to this devices.
I wonder how guys determine the partitions to use on such devices, and someone should hint as to what is going on since it seems manufacturers seriously don't want people to exploit their devices.
All credit goes to the orig guy who made the d2 exploit
If you feel the need to donate money then he deserves it [email protected]
I made an easier to follow tutorial over here with pics. Sorry but I am tired of going back and forth so just go there if you are having problems. If you can follow simple adb commands just follow the directions below
Download and Install Samsung Drivers
64bit:
http://www.wikifilez.com/root files/epic4g/usb_drivers_GalaxyS_x64.zip
32bit:
http://www.wikifilez.com/root files/epic4g/SAMSUNG_USB_Driver_for_Mobile_Phones_x86.exe
1 Click Root Method
http://forum.androidcentral.com/fascinate-roms-hacks/33899-how-root.html
Manual Method
cd C:\android-sdk\tools
adb push C:\fascinate\su /sdcard/su
adb push C:\fascinate\rage.bin /data/local/tmp/rage.bin
adb push C:\fascinate\busybox /sdcard/busybox
adb shell
cd /data/local/tmp
chmod 0755 rage.bin
./rage.bin
wait....
when it brings you back to your original shell in windows then follow these commands
adb shell (you should see # this time instead of $ this is exactly what we want)
mount -t rfs -o remount,rw /dev/block/stl9 /system
cd /system/xbin
cat /sdcard/su > su
cat /sdcard/busybox > busybox
chmod 4755 su
chmod 4755 busybox
exit
adb install C:\fascinate\Superuser.apk
This is permanent.
I just updated the files here with the latest su / superuser.apk / busybox
Also check out my tutorial to fix the memory/lag issues for this phone
http://forum.xda-developers.com/showthread.php?p=8086738#post8086738
Dirrk said:
All credit goes to the orig guy who made the d2 exploit
I feel naked without my droid lol this phone is so light
adb push su /sdcard/su
adb push rage.bin /data/local/tmp/rage.bin
adb push busybox /sdcard/busybox
adb shell
cd /data/local/tmp
chmod 0755 rage.bin
./rage.bin
wait....
when it brings you back to your original shell or windows cmd promt
adb shell
mount -t rfs -o remount,rw /dev/block/stl9 /system
cd /system/xbin
cat /sdcard/su > .
cat /scard/busybox > .
chmod 4755 su
chmod 4755 busybox
exit
adb install Superuser.apk
Please let me know if I posted something wrong.
Click to expand...
Click to collapse
does it stick after reboot?
Its supposed to be a temporary root so i doubt it will.
This works on any android phone up to 2.2. I have confirmed this works on my epic, so th same sould work here.
Sent from my SPH-D700 using XDA App
see below.
confirmed root.
Had to use Superuser.apk 2.3.6.1 and the su binary in the package, but the rest worked.. except for that cat command? Why would you cat binary files instead of copying them? (not complaining, just curious). I just adb pushed them to /system/xbin, and adb shell chmod'd them.
You also have a typo near the end "scard" instead of "sdcard".
You can also use mv or cp. I just happen to use cat because I used it the other day rooting my friends stock 2.2 droid. Which required me to use cat.
And yes this is permanent
Cool, i tried using rm -rf to get rid of a directory I created accidentally, and was getting some syntax errors, so I wasn't sure how compatibile the command line on android was to linux.
Glad it's pretty close. Being very familiar with linux makes this pretty easy to understand. Day 1 with an android device was pretty darn fun. I think I'm glad I went this direction.
I just followed this and used the same files I had from my Droid 2 (just updated the Superuser.apk from this sites thread for it) and works perfectly. Rebooted phone did "adb shell" and "su" and still have root, so it is permanent
side note: steps say "/system/xbin" and assume you meant "/system/bin" like Droid 2 was. That's where I put them and it worked.
cliffr39 said:
I just followed this and used the same files I had from my Droid 2 (just updated the Superuser.apk from this sites thread for it) and works perfectly. Rebooted phone did "adb shell" and "su" and still have root, so it is permanent
side note: steps say "/system/xbin" and assume you meant "/system/bin" like Droid 2 was. That's where I put them and it worked.
Click to expand...
Click to collapse
It works either way, both are executable system folders. Glad you it worked for you, hopefully we can get some roms cooking soon and play catch up to the other galaxy s phones
doesnt work for me, i get an error device not found
ive type adb devices - device not found. usb debugging on, usb conneced on port 5037
xirnibor said:
doesnt work for me, i get an error device not found
ive type adb devices - device not found. usb debugging on, usb conneced on port 5037
Click to expand...
Click to collapse
Your USB mode might be set wrong. Flip it to whatever it's not at, and try again.
i forgot this laptop didnt have the updated usb drivers from android sdk, downloading then will try again. i have tried so far with the sdcard mounted and unmounted, while in usb debugging mode. will post after updates
How long do you actually have to wait after the execting the rage.bin file?
itznfb said:
How long do you actually have to wait after the execting the rage.bin file?
Click to expand...
Click to collapse
I dunno, ~20-30 seconds? Assuming sound is enabled you should hear the same USB device connected/disconnected sounds.
If you want to be 100% sure just wait like 90 seconds. I'm pretty sure it killed my shell though, so if it does that, you're good to go.
ok, adb recognizes the device *see below, however when i type adb push su /sdcard/su i get cannot stat 'su': no such file or directory. ?
C:\downloads\android\android\tools>adb devices
List of devices attached
I500a2d0087a device
namebrandon said:
I dunno, ~20-30 seconds? Assuming sound is enabled you should hear the same USB device connected/disconnected sounds.
If you want to be 100% sure just wait like 90 seconds. I'm pretty sure it killed my shell though, so if it does that, you're good to go.
Click to expand...
Click to collapse
ok... running the rage.bin locked up my device twice but on the third try it worked. another fascinate rooted
xirnibor said:
ok, adb recognizes the device *see below, however when i type adb push su /sdcard/su i get cannot stat 'su': no such file or directory. ?
C:\downloads\android\android\tools>adb devices
List of devices attached
I500a2d0087a device
Click to expand...
Click to collapse
su is a file (for our purposes right here, anyway). Unless you explicity specify its path, it needs to be in the same directory you're running the adb command from.
If you installed the Android SDK per guidelines, adb should be in your PATH environment variable, and you should be able to execute it from any directory. If you didn't do that, then for the sake of simplicity, copy all the files referenced in the original steps to your working directory. From your post above, it appears that is c:\downloads\android\android\tools\
I got stuck at cat /sdcard/su > . Is that supposed to be > .? It won't let me enter that...There's not something else that's supposed to be there?
EDIT: I get the same error faspalma
I'm stuck at that point too. cat /sdcard/su > . returns "cannot create .: is a directory"
This will only work if you can access a root prompt (#) in adb shell! THIS WAS DONE AFTER DOING A WIPE FROM THE VOLUME DOWN MENU WHEN BOOTING THE PRIME! I do not know if this will work without the wipe, but it very well may. Maybe someone more knowledgeable can chime in here.
It may be possible to restore from a su-backup if you have a su binary still in /system/bin or xbin. Even if you can't access a root prompt (#) by just typing su, read starting at page 6. Places to look for a su-backup include /system/ /system/usr/we-need-root/ and /system/bin/
I have a batch script in the works that will determine if you can re-root and take the appropriate steps to do so if possible.
I had to do a voldown wipe after my update to JB. My prime would reboot after 5-10 seconds into the homescreen after boot. After wiping, I thought for sure my root was screwed until a new exploit was found.
I accessed my device through adb, and realized that I could invoke a root prompt using the su command at the $ prompt. Using ES file explorer, I could see su in /system/bin/ but no su-backup or superuser.apk in /system/app/.
I tried simply installing superuser from the market, but it did not work. The busybox installer would not work, either.
ATTACHED ARE THE EXACT THREE FILES I USED. I do not know if using different version will affect the process!
Here is what worked for me:
1. adb shell
2. su
(# - you should see this now! This will not work without this specific prompt!)
3. type 'exit' press enter, and then 'exit' again. You will now be back at the regular command prompt.
4. adb push C:\(location of attached files)\superuser.apk /data/local/tmp
5. adb push C:\(location of attached files)\su /data/local/tmp
6. adb push C:\(location of attached files)\busybox /data/local/tmp
7. Access the adb shell again, and type su
8. chmod 644 /data/local/tmp/superuser.apk
9. chmod 755 /data/local/tmp/busybox
10. chmod 6755 /data/local/tmp/su
11. mount -o remount,rw /system
12. dd if=/data/local/tmp/Superuser.apk of=/system/app/Superuser.apk
13. dd if=/data/local/tmp/busybox of=/system/bin/busybox
14. dd if=/data/local/tmp/busybox of=/system/xbin/busybox
14a. Chmod 755 /system/bin/busybox
14b. Chmod 755 /system/xbin/busybox
15. Reserved
16. busybox rm /system/bin/su
17. busybox cp /data/local/tmp/su /system/bin
18. type su once again to assure you still have access to the # prompt
18a. Chmod 644 /system/app/superuser.apk
18b. mount -o remount,ro /system
19. type exit, and exit again, returning to the regular windows command prompt.
20. type 'adb reboot' (without quotes)
NOTE - you will not need to install the superuser.apk app in the normal sense. It will be installed upon the reboot as a system app automatically!
21. Once your prime has rebooted, go download root checker basic or the like from the play store. Open it, and wait for your superuser prompt!
22. Get the busybox installer from the play store as well, and use that to get the newest version of busybox.
23. Get SuperSU from the market. It seems to be the safest method to keep root with JB...
ALSO! Make sure to keep a backup root with voodoo or super su after completing this guide! I have lost root (VERY WELL may have been my own fault... too much poking around) Anyway, better safe than sorry!!!
Thanks to daymz from the debugfs thread in development for the basic instructions of what needed to be done!! And also thanks to all before me who got us root in the first place!
I will answer questions to the best of my ability. I am not a developer and do not try to present myself as so... I can tinker with the best, and after losing root, I set out to see if I could figure it out!
Changes made as per tsmt971
I have fellow this method and it was failed at step 16 in my case because of the permission issue but I managed to make it move and regained the root. The details of the issue as below.
Step 16 failed because step 13, 14 which will copy busybox to /system/bin and /system/xbin with a wrong executive permission.
To correct in my case: after step 13, 14 follow those steps below:
- chmod 755 /system/bin/busybox
- chmod 755 /system/xbin/busybox
- skip step 15
- continue steps 16, 17, 18
- chmod 644 /system/app/Superuser.apk
- continue step 19, 20, 21, 22
Then you will get your root back, it worked in my case. Good luck guys.
To the OP, please verify and update those steps if necessary.
[email protected] said:
I have fellow this method and it was failed at step 16 in my case because of the permission issue but I managed to make it move and regained the root. The details of the issue as below.
Step 16 failed because step 13, 14 which will copy busybox to /system/bin and /system/xbin with a wrong executive permission.
To correct in my case: after step 13, 14 follow those steps below:
- chmod 755 /system/bin/busybox
- chmod 755 /system/xbin/busybox
- skip step 15
- continue steps 16, 17, 18
- chmod 644 /system/app/Superuser.apk
- continue step 19, 20, 21, 22
Then you will get your root back, it worked in my case. Good luck guys.
To the OP, please verify and update those steps if necessary.
Click to expand...
Click to collapse
Thanks! Confirmed...it was late
It helped me. THX!!
thenrz said:
This will only work if you can access a root prompt (#) in adb shell!
Click to expand...
Click to collapse
Can anyone help me get ADB back. It worked fine before the update but now I can't get it to recognise the device at all - just get the blank list and device not found when I am connected. The drivers look fine like before in Device Manager when I plug in (Asus Android Composite ADB Interface). I have switched USB Debugging on and do not have Asus Sync installed. Everything on the ADB side works with my phone OK.
I used Rootkeeper to restore root after upgrade though it now seems that was only partial. I did a factory reset to clear out a few gremlins. Now Rootkeeper has the Root permission granted box unchecked but the rest checked but I guess since it doesn't have root access anymore it won't do anything. I have tried uninstall and reinstall Superuser but it fails at updating the binary.
Any suggestions to get ADB back much appreciated .
thenrz said:
This will only work if you can access a root prompt (#) in adb shell! THIS WAS DONE AFTER DOING A WIPE FROM THE VOLUME DOWN MENU WHEN BOOTING THE PRIME! I do not know if this will work without the wipe, but it very well may. Maybe someone more knowledgeable can chime in here.
I had to do a voldown wipe after my update to JB. My prime would reboot after 5-10 seconds into the homescreen after boot. After wiping, I thought for sure my root was screwed until a new exploit was found.
I accessed my device through adb, and realized that I could invoke a root prompt using the su command at the $ prompt. Using ES file explorer, I could see su in /system/bin/ but no su-backup or superuser.apk in /system/app/.
I tried simply installing superuser from the market, but it did not work. The busybox installer would not work, either.
ATTACHED ARE THE EXACT THREE FILES I USED. I do not know if using different version will affect the process!
Here is what worked for me:
1. adb shell
2. su
(# - you should see this now! This will not work without this specific prompt!)
3. type 'exit' press enter, and then 'exit' again. You will now be back at the regular command prompt.
4. adb push C:\(location of attached files)\superuser.apk /data/local/tmp
5. adb push C:\(location of attached files)\su /data/local/tmp
6. adb push C:\(location of attached files)\busybox /data/local/tmp
7. Access the adb shell again, and type su
8. chmod 644 /data/local/tmp/superuser.apk
9. chmod 755 /data/local/tmp/busybox
10. chmod 6755 /data/local/tmp/su
11. mount -o remount,rw /system
12. dd if=/data/local/tmp/Superuser.apk of=/system/app/Superuser.apk
13. dd if=/data/local/tmp/busybox of=/system/bin/busybox
14. dd if=/data/local/tmp/busybox of=/system/xbin/busybox
14a. Chmod 755 /system/bin/busybox and /system/xbin/busybox
15. Reserved
16. busybox rm /system/bin/su
17. busybox cp /data/local/tmp/su /system/bin
18. type su once again to assure you still have access to the # prompt
18a. Chmod 644 /system/app/superuser.apk
19. type exit, and exit again, returning to the regular windows command prompt.
20. type 'adb reboot' (without quotes)
NOTE - you will not need to install the superuser.apk app in the normal sense. It will be installed upon the reboot as a system app automatically!
21. Once your prime has rebooted, go download root checker basic or the like from the play store. Open it, and wait for your superuser prompt!
22. Get the busybox installer from the play store as well, and use that to get the newest version of busybox.
Thanks to daymz from the debugfs thread in development for the basic instructions of what needed to be done!! And also thanks to all before me who got us root in the first place!
I will answer questions to the best of my ability. I am not a developer and do not try to present myself as so... I can tinker with the best, and after losing root, I set out to see if I could figure it out!
Changes made as per tsmt971
Click to expand...
Click to collapse
I accessed my device through adb, and invoked a root prompt using the su command at the $ prompt. Using ES file explorer, I saw su in /system/bin/ but no su-backup or superuser.apk in /system/app/. Followed the steps. After completing the steps, and rebooting, I have Superuser.apk in system/app, however with root checker, root not found!
Install busybox installer says that my device is rooted, but install failed.
No root for me
Edit: I got it. I am now rooted. Thanks for everyone's assistance!
RootKeeper says that I have:
- Superuser app installed (yes)
- Device rooted (no)
- Root permission granted (no)
- /system supports root protection (yes)
- Protected su copy available (yes)
However, I can't get true SU and the # prompt. When I enter shell and type 'su' I get:
1|[email protected]:/
So, I'm stuck at instruction #11 when I attempt to mount /system as rw.
Any ideas if I'm still eligible to root this baby?
work beautifully for me!! :good::good:
now have root after a wipe.
thanks for sharing mdpgc.
Failed Step
thenrz said:
This will only work if you can access a root prompt (#) in adb shell! THIS WAS DONE AFTER DOING A WIPE FROM THE VOLUME DOWN MENU WHEN BOOTING THE PRIME! I do not know if this will work without the wipe, but it very well may. Maybe someone more knowledgeable can chime in here.
I had to do a voldown wipe after my update to JB. My prime would reboot after 5-10 seconds into the homescreen after boot. After wiping, I thought for sure my root was screwed until a new exploit was found.
I accessed my device through adb, and realized that I could invoke a root prompt using the su command at the $ prompt. Using ES file explorer, I could see su in /system/bin/ but no su-backup or superuser.apk in /system/app/.
I tried simply installing superuser from the market, but it did not work. The busybox installer would not work, either.
ATTACHED ARE THE EXACT THREE FILES I USED. I do not know if using different version will affect the process!
Here is what worked for me:
1. adb shell
2. su
(# - you should see this now! This will not work without this specific prompt!)
3. type 'exit' press enter, and then 'exit' again. You will now be back at the regular command prompt.
4. adb push C:\(location of attached files)\superuser.apk /data/local/tmp
5. adb push C:\(location of attached files)\su /data/local/tmp
6. adb push C:\(location of attached files)\busybox /data/local/tmp
7. Access the adb shell again, and type su
8. chmod 644 /data/local/tmp/superuser.apk
9. chmod 755 /data/local/tmp/busybox
10. chmod 6755 /data/local/tmp/su
11. mount -o remount,rw /system
12. dd if=/data/local/tmp/Superuser.apk of=/system/app/Superuser.apk
13. dd if=/data/local/tmp/busybox of=/system/bin/busybox
14. dd if=/data/local/tmp/busybox of=/system/xbin/busybox
14a. Chmod 755 /system/bin/busybox and /system/xbin/busybox
15. Reserved
16. busybox rm /system/bin/su
17. busybox cp /data/local/tmp/su /system/bin
18. type su once again to assure you still have access to the # prompt
18a. Chmod 644 /system/app/superuser.apk
19. type exit, and exit again, returning to the regular windows command prompt.
20. type 'adb reboot' (without quotes)
NOTE - you will not need to install the superuser.apk app in the normal sense. It will be installed upon the reboot as a system app automatically!
21. Once your prime has rebooted, go download root checker basic or the like from the play store. Open it, and wait for your superuser prompt!
22. Get the busybox installer from the play store as well, and use that to get the newest version of busybox.
Thanks to daymz from the debugfs thread in development for the basic instructions of what needed to be done!! And also thanks to all before me who got us root in the first place!
I will answer questions to the best of my ability. I am not a developer and do not try to present myself as so... I can tinker with the best, and after losing root, I set out to see if I could figure it out!
Changes made as per tsmt971
Click to expand...
Click to collapse
I fail on step 11... (mount: Operation not permitted). Any suggestions?
tontorus said:
I fail on step 11... (mount: Operation not permitted). Any suggestions?
Click to expand...
Click to collapse
If your prompt isnt turning to the # symbol after SU you don't actually have root =/
hx4700 Killer said:
If your prompt isnt turning to the # symbol after SU you don't actually have root =/
Click to expand...
Click to collapse
Try the steps again. I know I had to do it several times before it was successful for me
I used these steps exactly
1. adb shell
2. su
(# - you should see this now! This will not work without this specific prompt!)
3. type 'exit' press enter, and then 'exit' again. You will now be back at the regular command prompt.
4. adb push C:\(location of attached files)\superuser.apk /data/local/tmp
5. adb push C:\(location of attached files)\su /data/local/tmp
6. adb push C:\(location of attached files)\busybox /data/local/tmp
7. Access the adb shell again, and type su
8. chmod 644 /data/local/tmp/superuser.apk
9. chmod 755 /data/local/tmp/busybox
10. chmod 6755 /data/local/tmp/su
11. mount -o remount,rw /system
12. dd if=/data/local/tmp/Superuser.apk of=/system/app/Superuser.apk
13. dd if=/data/local/tmp/busybox of=/system/bin/busybox
14. dd if=/data/local/tmp/busybox of=/system/xbin/busybox
15. chmod 755 /system/bin/busybox
16. chmod 755 /system/xbin/busybox
17. busybox rm /system/bin/su
18. busybox cp /data/local/tmp/su /system/bin
Type su once again to assure you still have access to the # prompt
19. chmod 644 /system/app/Superuser.apk
20. type exit, and exit again, returning to the regular windows command prompt.
21. type 'adb reboot' (without quotes)
NOTE - you will not need to install the superuser.apk app in the normal sense. It will be installed upon the reboot as a system app automatically!
22. Once your prime has rebooted, go download root checker basic or the like from the play store. Open it, and wait for your superuser prompt!
23. Get the busybox installer from the play store as well, and use that to get the newest version of busybox.
Are you suggesting that if I do a system wipe on my stock rom JB and run your commands I will eventually get root?
Hx4700, i got stuck doing a wipe after the update, and this worked for me. The wipe does not seem to remove su from /system/bin/ meaning we have a way back in through adb.
But, what if Voodoo didn't work before and you are unable to get su through adb in the first place? Are you suggesting that a wipe will resolve the blocked root access or did you have different circumstances?
hx4700 Killer said:
Are you suggesting that if I do a system wipe on my stock rom JB and run your commands I will eventually get root?
Click to expand...
Click to collapse
Anakin_SW said:
But, what if Voodoo didn't work before and you are unable to get su through adb in the first place? Are you suggesting that a wipe will resolve the blocked root access or did you have different circumstances?
Click to expand...
Click to collapse
If you cannot access a root prompt, then i do not believe it will work. Using a file explorer like es, does a su file exist in /system/bin? I had to wipe as i was bootlooping, and cant comment on how it pertains to how i was able to get root back!
thenrz said:
If you cannot access a root prompt, then i do not believe it will work. Using a file explorer like es, does a su file exist in /system/bin? I had to wipe as i was bootlooping, and cant comment on how it pertains to how i was able to get root back!
Click to expand...
Click to collapse
Yes, one does. Also su-backup in /system... Any feelings?
Hm, weird you cant get a root prompt through adb. From my experience, if su exists there, adb should be able to invoke a root prompt. Do you have any issue using adb push?
thenrz said:
Hm, weird you cant get a root prompt through adb. From my experience, if su exists there, adb should be able to invoke a root prompt. Do you have any issue using adb push?
Click to expand...
Click to collapse
Nope adb push works fine. But I can't mount /system rw, which is causing me the headache. Really wish I had known the voodoo update switched around things. I feel so foolish haha.
hx4700 Killer said:
If your prompt isnt turning to the # symbol after SU you don't actually have root =/
Click to expand...
Click to collapse
I figured that would be the problem... Should I root my device using the ICS method first or that wouldn't work any more?
tontorus said:
I figured that would be the problem... Should I root my device using the ICS method first or that wouldn't work any more?
Click to expand...
Click to collapse
Nothing is for me and many others.
I used clockworkmod recovery and the cwm-root-gtab2.zip package to root my Tab 2. su appears to be installed ok, and I can get root permissions by running it from an adb shell:
~ $ adb shell
[email protected]:/ $ id
uid=2000(shell) gid=2000(shell) groups=1003(graphics),1004(input),1007(log),1009(mount),1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),3002(net_bt),3003(inet),3006(net_bw_stats)
[email protected]:/ $ su
[email protected]:/ # id
uid=0(root) gid=0(root) groups=1003(graphics),1004(input),1007(log),1009(mount),1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),3002(net_bt),3003(inet),3006(net_bw_stats)
[email protected]:/ # ls -la /system/bin/su
-rwsr-sr-x root shell 22364 2008-08-01 12:00 su
[email protected]:/ #
So the su binary is present and has setuid bit set on its permissions. But if I run it from a SSH session, or via a terminal emulator on the Tab itself, I get permission error:
[email protected]:/ $ su
Permission denied
1|[email protected]:/ $
Various root checking apps report similar problems. What am I doing wrong? Other threads suggest steps to recreate the su binary with the correct 6755 permissions, but as far as I can see, everything is already as it should be permissions-wise.
Thanks.
Wrong section. This here is only for Tab 1.
same problem
hanspampel said:
Wrong section. This here is only for Tab 1.
Click to expand...
Click to collapse
I cannot find a better match for my situation than this. Any luck? Please link if your post was moved elsewhere.
jphilli85 said:
I cannot find a better match for my situation than this. Any luck? Please link if your post was moved elsewhere.
Click to expand...
Click to collapse
Well, given the description (even though the OP was for the Gtab 2), I'd try the full path to the su binary.
If "ls -l /system/bin/su shows
-rwsr-sr-x root shell 22364 2008-08-01 12:00 su
then I would try
$ /system/bin/su
and see if it works - there may be another "su" on your $PATH.
If that's not it, then check that your user account has execute permissions to /system and /system/bin
Hi all, i added some files into the system directory of my kindle fire hdx 7'.. when i restarted it is stuck in a boot loop on the animated Kindle Fire boot screen, i can ADB onto it, and i attempted to remove the files, but "ADB su" isn't working for me, and I'm unable to access the system directory over ADB... and i don't have custom recovery.
Any ideas on this one? is there a way of restoring the Kindle?
Thanks
osmorgan said:
Hi all, i added some files into the system directory of my kindle fire hdx 7'.. when i restarted it is stuck in a boot loop on the animated Kindle Fire boot screen, i can ADB onto it, and i attempted to remove the files, but "ADB su" isn't working for me, and I'm unable to access the system directory over ADB... and i don't have custom recovery.
Any ideas on this one? is there a way of restoring the Kindle?
Thanks
Click to expand...
Click to collapse
what you get on
Code:
adb shell
su
?
thanks for the reply. when i
adb shell
su
Click to expand...
Click to collapse
it returns to 1:[email protected] where it should show [email protected] any ideas?
osmorgan said:
thanks for the reply. when i
it returns to 1:[email protected] where it should show [email protected] any ideas?
Click to expand...
Click to collapse
after that use
Code:
mount -o rw,remount /system
if you wil get permission denied you need to do hard reset from recovery and try again
after that you could change files in /system
great, i will try this later.. any guides on doing a hard reset?? keeping in mind that i don't have custom recovery..
thanks again.
osmorgan said:
great, i will try this later.. any guides on doing a hard reset?? keeping in mind that i don't have custom recovery..
thanks again.
Click to expand...
Click to collapse
you could get into stock recovery by holding power+volume up
all of this suggesting that you are at 4.5.2 and rooted
for 3.2.X hard reset will delete su - file
You're a star. Thanks. I'll get onto this after work.
ONYXis said:
you could get into stock recovery by holding power+volume up
all of this suggesting that you are at 4.5.2 and rooted
for 3.2.X hard reset will delete su - file
Click to expand...
Click to collapse
No luck :/ was unable to mount, and hard reset via recovery still results in boot loop :/ any other ideas?
Could you post output?
and pls what is your firmware and root method?
Seems no way to recover(sorry
How do I provide the output? I was 4.5.2 and rooted with CVE
copy-paste output from cmd
like:
Code:
adb shell
su
....
ahh i see what you mean.. ive run s uagian after factory reset and its now giving me the root prompt! great! im just about to follow this guys steps
http://forum.xda-developers.com/showthread.php?t=2793253
thanks for your help.. i may be back.
any idea if this method works with stock recovery?
ONYXis said:
copy-paste output from cmd
like:
Code:
adb shell
su
....
Click to expand...
Click to collapse
nope.. that didnt work for me.. do you know how i can push a deb to reflash?
Pls post output to see that exactly doesn't work.
to use that manual you need to use 4.5.3 bin btw
I see, I was having permissions errors when pushing the file to the sdcard, I had mounted the data partition. I am unable to write anything as shell user, but fine as root. Any ideas?
Thanks
adb shell
[email protected]:/ $ su
[email protected]:/ # mount -o rw,remount /cache
[email protected]:/ # mkdir /cache/recovery
mkdir failed for /cache/recovery, File exists
[email protected]:/ # echo install /cache/kindleupdate.bin > /cache/recovery/openrecoveryscript
[email protected]:/ # chmod 0777 /cache/recovery/openrecoveryscript
[email protected]:/ # exit
[email protected]:/ $ exit
Mac-miniownloads $ adb push update-kindle-13.4.5.3_user_453011120.bin /cache/kindleupdate.bin
failed to copy 'update-kindle-13.4.5.3_user_453011120.bin' to '/cache/kindleupdate.bin': Permission denied
What do you think?
ONYXis said:
what you get on
Code:
adb shell
su
?
Click to expand...
Click to collapse
ONYXis said:
Pls post output to see that exactly doesn't work.
to use that manual you need to use 4.5.3 bin btw
Click to expand...
Click to collapse
osmorgan said:
Mac-miniownloads $ adb push update-kindle-13.4.5.3_user_453011120.bin /cache/kindleupdate.bin
failed to copy 'update-kindle-13.4.5.3_user_453011120.bin' to '/cache/kindleupdate.bin': Permission denied
What do you think?
Click to expand...
Click to collapse
You cant do this at that way
you need :
Code:
adb push update-kindle-13.4.5.3_user_453011120.bin /sdcard/update.zip
adb shell
su
mount -o remount,rw /cache
cd /sdcard
cp update.zip /cache
chmod 777 /cache
chmod 777 /cache/recovery
cd /cache/recovery
echo "--update_package=/cache/update.zip" > command
exit
exit
adb reboot recovery
thank you but i still get permissions issues -
failed to copy 'update-kindle-13.4.5.3_user_453011120.bin' to '/sdcard/update.zip': Permission denied
ONYXis said:
You cant do this at that way
you need :
Code:
adb push update-kindle-13.4.5.3_user_453011120.bin /sdcard/update.zip
adb shell
su
mount -o remount,rw /cache
cd /sdcard
cp update.zip /cache
chmod 777 /cache
chmod 777 /cache/recovery
cd /cache/recovery
echo "--update_package=/cache/update.zip" > command
exit
exit
adb reboot recovery
Click to expand...
Click to collapse
osmorgan said:
thank you but i still get permissions issues -
failed to copy 'update-kindle-13.4.5.3_user_453011120.bin' to '/sdcard/update.zip': Permission denied
Click to expand...
Click to collapse
Hmm....Strange. Are you see Fire as mtp device on you Pc (for Mac you need https://www.android.com/filetransfer/)?
If "yes" - try to copy update.zip manual into Fire's internal storage.