Hi,
some days ago i brought a new Prestigio Tablet. There was no Root Tool available for this tablet and i did a lot of searching to find a way to achieve root rights.
Today I found a way and want to share my results with you.
The solution is similar to the one described in this Post.
The main difference is the file system of the system image.
In the PMP5080B Rom the system.img is in cramfs and the wendal script unpacks this image onto disk.
The system.img in the PMP5097C is ext3 so you can mount the image directly on a Linux system and copy the Superuser binaries and set the rights with chmod.
copy /B su system\bin\
copy /B Superuser.apk system\app\
chmod -R 0777 system/*
chmod 6755 system/bin/su
chmod 6755 system/app/Superuser.apk
Click to expand...
Click to collapse
after you did this and copied the modified image back into the Temp/Image folder you can use the script to pack the ROM back together.
Now you can flash the new ROM on the usual way like described in the manual.
Hope this helps
Please can you upload the patched image file ..
THX a lot
Here you are:
https://www.dropbox.com/s/lwa1d0v6lotuhwi/rootrom.zip
teddybt said:
Here you are:
https://www.dropbox.com/s/lwa1d0v6lotuhwi/rootrom.zip
Click to expand...
Click to collapse
thx .. i have install the rom but i have no root .....
I checked the uploaded Rom.
The owner of the Superuser files was not root.
Hope this will fix the issue.
Link: https://www.dropbox.com/s/lwa1d0v6lotuhwi/rootrom.zip
Thx Thx Thx... Rooted pmp 5097 now... Your the Best... 1000 Thx
OMG thank you so much for this! I have been waiting a long time for this. You are awesome!
You don't happen to know how to install clockworkmod if its possible do u? Cheers.
Sent from CrazyD's Galaxy II via XDA Android App
Is there any link for this?
I have 1.06 on my tablet and I would like to root it.
I have 1.06 also.
Is there a way to root it?
I found 1.06 root version on a RU site.
This version has 512 MB for apps and later on 1GB for apps ver. should be available.
iJohnny said:
I found 1.06 root version[/URL] on a RU site.
This version has 512 MB for apps and later on 1GB for apps ver. should be available.
Click to expand...
Click to collapse
I installed this onto my 5097 and it hasn't seemed to give me root access at all have i missed something?
smithaz1212 said:
I installed this onto my 5097 and it hasn't seemed to give me root access at all have i missed something?
Click to expand...
Click to collapse
Same problem here
I dont suppose anyone has had any progress with the russian firmware which was posted earlier, still cant seem to gain root access through it for some reason. It might possibly be the same problem as was detailed before in that the owner of the superuser is not root? although i have noticed that there is no superuser app on this firmware, any ideas anyone?
Ok found a firmware that seems to be rooted and is working 100% on my device only small issue is that it is for another tablet (eFun M1005) which seems to be the exact same tablet just rebranded for sale in asia possibly. Anyway:
h t t p ://narod.ru/disk/48873776001.bacdb0ce2f72ba9a6bd089bf055f247a/M1005HN_20120419_V1.0.3_OS4.0_mod_v2.7z.html
As i said is working fine on my tablet and seems to have no problems but i have only tested it for ~1 hour
1.06 root
I found 1.06 root version on a RU site.
This version has 512 MB for apps and later on 1GB for apps ver. should be available.
Click to expand...
Click to collapse
Its no root
I made rooted version of latest v.1.0.6 firmware. But as a new user, I cannot post link
Thanks to daddycruel for posting my link in next post.
Here is the link for download, thank's to gregyk!
http://www.sendspace.com/file/ignk4l
mount
Hi,
I've just downloaded official and rooted 1.0.6 img and I wanted to look into it before flashing. For some reason
Code:
mount -t ext3 -o loop ASBSM1005HN_20120802_V1.0.6.img /mnt
on my box doesn't work (wrong superblock). Did they changed fs or I'm doing something wrong?
BTW thanks for sharing the rom.
Ficik said:
Hi,
I've just downloaded official and rooted 1.0.6 img and I wanted to look into it before flashing. For some reason
Code:
mount -t ext3 -o loop ASBSM1005HN_20120802_V1.0.6.img /mnt
on my box doesn't work (wrong superblock). Did they changed fs or I'm doing something wrong?
BTW thanks for sharing the rom.
Click to expand...
Click to collapse
You must extract firmware file with Wendal RK29xx Image Tools and then you get images (.img) that you can mount in linux (system.img, etc ..).
I rooted like this: extracted firmware with wendal, than mounted system.img in linux - copied "su" and "superuser.apk" and set right permissions to this files. Than packed firmware back together also with wendal tools.
Today I had to send my 5097 for repair ... it won't turn on no more normally. I had to press few times reset, then power and if that didn't work - sometimes it started when I connected it to PC. I tried several different firmwares, but same situation with all.
Anyone heard of or had similar problems?
Related
.....................
Rootshell file on the cooking 2.1/2.2 thread
Click here for the file.
To flash to 1.6
Go Here
Legen...wait for it...darryy!!
Awesome i saw ur post in the dev thread made my day!
Two questions 1) you mentioned in the dev thread it was restarting quite often is that fixed?
2)is there any means to flash it in internal memory?
muzik_demon said:
Legen...wait for it...darryy!!
Awesome i saw ur post in the dev thread made my day!
Two questions 1) you mentioned in the dev thread it was restarting quite often is that fixed?
2)is there any means to flash it in internal memory?
Click to expand...
Click to collapse
1. Yes, thats fixed, it works fast and stable ! (there's one big problem - sdcard is not properly seen for camera/music), still testing it ..
2. Yes, it will be possible to flash into internal memory later.
1) For the first problem i recommend throwing a pm to zdzihu- he has employed the same technique to get dual boot in x10 and his rom is able to access sdcard for camera/music but we cant mount sdcard
2) If flashing into internal memory is straightforward then i recommend it since it will solve all the above problems
Looking forward to testing
(where can i get x8.img and data.img? or are you gonna release it in some time?)
Well done pulpoff2, I will test this solution, when I gone back home from work. Thanks
thank you . i am downloading the flies .
pulpoff2 said:
So far so good!
I started a new thread cause other one is filled up with junk.
Following my weekend theory, I finally managed to boot 2.1 on X8 with root.
I will post the files shortly.
The process is quite complicated for now, but early testers are welcome.
So, to start u need :
1. Flash 1.6 and root it
2. Copy busybox and rootshell to /system/bin
3. chmod 4755 /system/bin/rootshell
4. copy chargemon.txt into /system/bin/chargemon
5. chmod 777 /system/bin/chargemon
6. copy data.img and x8.img to SDCARD root directory
7. Flash 2.1 KERNEL ONLY (put 2.1 firmware files, remove system.sin and userdata.sin from firmware directory, than flash)
8. reboot your new 2.1 pre-rooted X8 !
Wasted weekend .. was it worth the hassle guys?
Cheers!
Here are the files you need to boot :
pulpX8.rar
ext.rar contains e2fsck to check .img for errors before booting, if you will not install these, booting should work anyway.
P.S. this is a very early stage solution now, wait until I make it clean, or try it if you are a flash maniac
Click to expand...
Click to collapse
how to find rootshell?
isaac12 said:
how to find rootshell?
Click to expand...
Click to collapse
Its on the cooking 2.1/2.2 thread
Click here for the file.
To flash to 1.6
Go Here
thanks... flash only kernel.sin without amss.sin amss_fs.sin cache.sin fota0.sin fota1.sin simlock.ta and update.xml?
isaac12 said:
thanks... flash only kernel.sin without amss.sin amss_fs.sin cache.sin fota0.sin fota1.sin simlock.ta and update.xml?
Click to expand...
Click to collapse
No, do as I wrote in first post, move 2.1 files over 1.6 files, than just remove system and userdata and flash than..
This just keeps getting better and better
Sent from my E15i using XDA App
pulpoff2 said:
No, do as I wrote in first post, move 2.1 files over 1.6 files, than just remove system and userdata and flash than..
Click to expand...
Click to collapse
I'm flashing all files without system and userdata .phone booting only sonyericsson logo. overwrite files and delete user data and system?
pulpoff2 said:
So far so good!
I started a new thread cause other one is filled up with junk.
Following my weekend theory, I finally managed to boot 2.1 on X8 with root.
I will post the files shortly.
The process is quite complicated for now, but early testers are welcome.
So, to start u need :
1. Flash 1.6 and root it
2. Copy busybox and rootshell to /system/bin
3. chmod 4755 /system/bin/rootshell
4. copy chargemon.txt into /system/bin/chargemon
5. chmod 777 /system/bin/chargemon
6. copy data.img and x8.img to SDCARD root directory
7. Flash 2.1 KERNEL ONLY (put 2.1 firmware files, remove system.sin and userdata.sin from firmware directory, than flash)
8. reboot your new 2.1 pre-rooted X8 !
Wasted weekend .. was it worth the hassle guys?
If the answer is yes and you would like me to spend some time and make this perfect, don't forget the "donate" button.
Cheers!
Here are the files you need to boot :
pulpX8.rar
Firmware 2.1 (rus)
Firmware 1.6 (uk)
ext.rar contains e2fsck to check .img for errors before booting, if you will not install these, booting should work anyway.
P.S. this is a very early stage solution now, wait until I make it clean, or try it if you are a flash maniac
UPDATE
The system.img now comes with LauncherPro and other goodies, some vaporware removed and GingerBread (2.3) black theme !!!
Donation count : $0
Click to expand...
Click to collapse
may be superuser.apk put inside of your firmware?
dviktor said:
may be superuser.apk put inside of your firmware?
Click to expand...
Click to collapse
It is inside the x8.img, as well as su and rootshell and busybox.
So if phone gets stuck on boot, connect adb and u can get root in console and fix problems.
and if i am right understand all running files be booted from sd card? and if it's unmount the phone will be still work? or it will be freezing or rebooting? and may be then we can start 2.3 on expiria x8?
dviktor said:
and if i am right understand all running files be booted from sd card? and if it's unmount the phone will be still work? or it will be freezing or rebooting?
Click to expand...
Click to collapse
/system and /data are mounted from x8.img and data.img from Sdcard.
This is good to debug problems, without need to reflash the phone every time.
Once we have the Xrecovery for X8, it will be easy to replace/update files like on X10i.
Without sdcard, you will have 2.1 kernel with 1.6 system, it will get stuck on boot, but adb shell will work (with root!), so you can investigate/fix problems/put new /system files.
pulpoff2 said:
/system and /data are mounted from x8.img and data.img from Sdcard.
This is good to debug problems, without need to reflash the phone every time.
Once we have the Xrecovery for X8, it will be easy to replace/update files like on X10i.
Without sdcard, you will have 2.1 kernel with 1.6 system, it will get stuck on boot, but adb shell will work (with root!), so you can investigate/fix problems/put new /system files.
Click to expand...
Click to collapse
I'm flashing all files without system and userdata .phone booting only sonyericsson logo. overwrite 1.6 files and delete user data and system?. how to long wait for booting phone?
pulpoff2 said:
/system and /data are mounted from x8.img and data.img from Sdcard.
This is good to debug problems, without need to reflash the phone every time.
Once we have the Xrecovery for X8, it will be easy to replace/update files like on X10i.
Without sdcard, you will have 2.1 kernel with 1.6 system, it will get stuck on boot, but adb shell will work (with root!), so you can investigate/fix problems/put new /system files.
Click to expand...
Click to collapse
so, if i take a normal files with undeleted (clean) from system/app, and copy it in phone with root, i can delete x8.img and data.img from sd card? i am just a curator of 4pda (russian) thread by X8 phone. becouse i ask you about everything
Well... I am a new guy, I am happy that the root was released, however, I don't know about the post, so is there a detailed version with pictures please?
Regards
Sent from my E15i using XDA App
how to set chmod in windows vista?
J Ok so in my never ending struggle against the Evil Eclair/T-Mo/HTC NAND Protection and the Futility of Trying to flash a ROM With the "Supposed AndRoot QuIck Root Method" As well as a fine point from Nbetcher that the Engineering build must be flashed because Android has NAND protection while running. I have devised my own "No PC ROOT Method!!!"
Required Files (Tested For MT3G SLIDE Latest OTA Unrooted Stock)
1.Download Androot From Location of Choosing (I'm Using Version 1.6.2)
2.Download ESPRIMG.zip (ENG build)
3.Download SlideEng-Package.zip
4.Download Custom Rom Of Your Choosing(Mine Is CM 6.1.1 Stable)
5.Download Android Terminal Emulator(From Market)
6.Download Root Explorer Android (Requires Root) (From Market Or Some Place Online)
7.Download File Explorer (Dev:Adao Team)(From Android Market)
8.Download Latest Clockwork Recovery(I Used 2.5.0.1)
*Updated* 1/09/2011 (Thanks to dbzfanatic for links)
dbzfanatic said:
Universal Androot http://forum.xda-developers.com/attachment.php?attachmentid=391774&d=1283202114
ESPRIMG.zip www.4shared.com/file/OsmF_ZD7/ESPRIMG.html
SlideEng-Package.zip http://www.4shared.com/file/sz0VO2TL/SlideEng-package.html
Cyanogen 6.1.1 Stable http://mirror.teamdouche.net/get/espresso/update-cm-6.1.1-Slide-signed.zip
Clockwork Recovery (may be old but will work) http://www.4shared.com/file/KzYHr4U_/update.html
Now people can stop *****ing about links. Everything else can be found on the android market.
Click to expand...
Click to collapse
Please Note I Am NOT The DEV Behind these Apps nor am I Resposible For Any Damages You May Incur To Your Device or Warranty by using this Method! Also Before anyone says I repped someone off remeber I accidentally discovered this using 2 failed methods because they essentially cancel each other out.(The Latter Nbetchers works just not after the AndRoot One)!!!
So...
1st Download/Install all needed files from market( File Manager Android Terminal Emulator)
2nd Download all zip images, Recoveries, Roms, apps from phone browser Directly To SD ROOT(Google em until I get links up on Dev Forum)
3rd. Unzip SlideEng-Package.zip To Root using File Manager or Other Zip Program for android(Andro-Zip Works Well)
4th Change Name of Clockwork to Update.zip(Case Sensative)
5th Install AndRoot And Run Root Me With Install Su & Temp Root/Unroot After Reboot Selected(Or Else You Will Boot Loop)
6th Install And Run Root Explorer then Copy and paste flash_img and mtd0.img to /data/local on android device by multi-select copy then RM R/W in program in upper left on data local folder.
7th IMPORTANT!!! Long Press and hold each copied file and set permissions to allow read and write on both user and the lowest option (I Think Dev or system)
8th Run Android Terminal Emulator and type the following commands verbatim spaces included Pressing enter after each line($ n # will be there provided you follwed all steps if not go back to androot and root again):
$ su
# cd /data/local
# chmod 04755 flash_image
# ./flash_image misc mtd0.img
Now power off and reboot using VOL-DOWN + POWER
It'll reboot into the HBoot Screen and ask if you want to Check ESPRIMG.zip after Verifying it will ask you to flash Select Yes (VOL-UP) And Wait DO NOT POWER DOWN OR TAKE OUT BATTERY!!!
Once its Completed it will ask you to Reboot select no Instead and Go To Recovery
Now Select APPLY Update.zip to flash CLOCKWORK RECOVERY YAY!!! :-D Now We Can Flash a Custom Rom With Root and Even Go As Far As S-OFF!!! But Please Be Sure Its Already On Your Micro SD...
Select Wipe Data Factory Reset by Scrolling with VOL- UP/DOWN or Track Pad and Use Power/Trackpad TO Select.
Now Use Install Zip from SD Card to Install Custom Rom(Flash GApps Second if downloaded and desired if using CM Mod 6.1.1) Now Reboot And Enjoy!!! If you Wanna Flash Anything Else Use Rom Manager From Market and Som Custom Roms to Boot into Clockwork!!! Thanks to all the Devs and their tools and immense knowledge for Making this Possible! Thanks To All The ROM Chefs Too!!!
DeezyFn'Baby said:
6th Install And Run Root Explorer then Copy and paste flash_img and mtd0.img to /data/local on android device by multi-select copy then RM R/W in program in upper left on data local folder
Click to expand...
Click to collapse
Edit:nvm, ill try it when i get my replacement slide.
I don't think the slide needs S-OFF to write to data but I do think it needs root beforehand, or at least shell root.
just to make it easier to anyone flashing this, i would put links to DL's of those files. first thing i noticed when i read. put me off to this method.
btw, this is me trying to help, not ripping on you
dbzfanatic said:
I don't think the slide needs S-OFF to write to data but I do think it needs root beforehand, or at least shell root.
Click to expand...
Click to collapse
I don't think so? If /data couldn't be written to without root or s-off, how would people install apps who never rooted their phones? Where is the system data stored and modified? /data is fully modifiable I'm pretty sure.
I'm willing to admit I could be wrong on that but I thought apps were installed in /data because it was the system calling the package installer not the user.
dbzfanatic said:
I'm willing to admit I could be wrong on that but I thought apps were installed in /data because it was the system calling the package installer not the user.
Click to expand...
Click to collapse
In terms of read/write permissions, the system has the same permissions as the user. The system can't write to /system if the user can't, and vice versa. /data and /cache have no nand protection
MusicMan374 said:
In terms of read/write permissions, the system has the same permissions as the user. The system can't write to /system if the user can't, and vice versa. /data and /cache have no nand protection
Click to expand...
Click to collapse
In the post I did add if I had the time I would post links if not ill do it later to whomever above stated their statement. If you don't want to "Try" it don't and don't comment. It was an accident I found it and I have since replicated my process on 3 slides and it works. The Reason it does is because gaining temporary root inside android even without gaining full being blocked by nand or S-Off can be can be used to modify the permissions of system files while the memory is running tho not the actual NAND itself which I believe S-OFF does... So when I said 6th mount the drive as R/W in root explorer there is an option to remount the drive R/W to allow you to long press the items in that folder and change their permissions then I said unmount to save the permission fix that's what the Temp Root Gained from AndRoot Does.... Now I'm gonna try and update my Original post with links for people who want an esier time doing this like I would have liked and for the. Sarcastic ones so then you can just press the Thumbs Up button ok?
DeezyFn'Baby said:
In the post I did add if I had the time I would post links if not ill do it later to whomever above stated their statement. If you don't want to "Try" it don't and don't comment. It was an accident I found it and I have since replicated my process on 3 slides and it works. The Reason it does is because gaining temporary root inside android even without gaining full being blocked by nand or S-Off can be can be used to modify the permissions of system files while the memory is running tho not the actual NAND itself which I believe S-OFF does... So when I said 6th mount the drive as R/W in root explorer there is an option to remount the drive R/W to allow you to long press the items in that folder and change their permissions then I said unmount to save the permission fix that's what the Temp Root Gained from AndRoot Does.... Now I'm gonna try and update my Original post with links for people who want an esier time doing this like I would have liked and for the. Sarcastic ones so then you can just press the Thumbs Up button ok?
Click to expand...
Click to collapse
Your instructions don't have anything to do with /system I don't know what you are babbling about. I'm not disproving your root method, I was just trying to explain that /data is not nand protected. /system IS nand protected, and without s-off or a r/w overlay you wouldn't even be able to modify the permissions of files in /system, but since your root method has to do with /data it works.
MusicMan374 said:
Your instructions don't have anything to do with /system I don't know what you are babbling about. I'm not disproving your root method, I was just trying to explain that /data is not nand protected. /system IS nand protected, and without s-off or a r/w overlay you wouldn't even be able to modify the permissions of files in /system, but since your root method has to do with /data it works.
Click to expand...
Click to collapse
I'm not babbling I was referring to the first reply but ur probably right about the sys files as I didn't mess with them. But I did obtain root anway all of the files can easily be found by doing a search on the XDA forums and ill add the links when I get to a pc doing this from the android browser is painful...
DeezyFn'Baby said:
I'm not babbling I was referring to the first reply but ur probably right about the sys files as I didn't mess with them. But I did obtain root anway all of the files can easily be found by doing a search on the XDA forums and ill add the links when I get to a pc doing this from the android browser is painful...
Click to expand...
Click to collapse
Yeah, that's why you don't need s off for this to work, which others were saying
Sent from my T-Mobile myTouch 3G Slide
Thanks for posting this method! It worked flawlessly! Had the files and rooted it in about a half hour. Thanks again for this nice work around!
Sent from my ROOTED myTouch 3G Slide using the XDA App
This would make it easier for new folks if you had links next to the items needed for this... you can't just tell others they need this and that with at least a link on where to find it or download it... like having me find a treasure chest without clues or a map just saying haha. good guide though and yes I did read you'll be adding links soon =p
Agreed links would help but if people google the files he mentioned they are all easy to find. Even new folks know how to google =D
Sent from my ROOTED myTouch 3G Slide using the XDA App
Universal Androot http://forum.xda-developers.com/attachment.php?attachmentid=391774&d=1283202114
ESPRIMG.zip www.4shared.com/file/OsmF_ZD7/ESPRIMG.html
SlideEng-Package.zip http://www.4shared.com/file/sz0VO2TL/SlideEng-package.html
Cyanogen 6.1.1 Stable http://mirror.teamdouche.net/get/espresso/update-cm-6.1.1-Slide-signed.zip
Clockwork Recovery (may be old but will work) http://www.4shared.com/file/KzYHr4U_/update.html
Now people can stop *****ing about links. Everything else can be found on the android market.
dbzfanatic said:
Universal Androot http://forum.xda-developers.com/attachment.php?attachmentid=391774&d=1283202114
ESPRIMG.zip www.4shared.com/file/OsmF_ZD7/ESPRIMG.html
SlideEng-Package.zip http://www.4shared.com/file/sz0VO2TL/SlideEng-package.html
Cyanogen 6.1.1 Stable http://mirror.teamdouche.net/get/espresso/update-cm-6.1.1-Slide-signed.zip
Clockwork Recovery (may be old but will work) http://www.4shared.com/file/KzYHr4U_/update.html
Now people can stop *****ing about links. Everything else can be found on the android market.
Click to expand...
Click to collapse
The only thing about 4shared is that it doesn't work right on the stock HTC web browser, since javascript is kinda glitchy on that one. Works fine on froyo/cm6.1.1 with the aosp browser, but for a TRUE pcless method you need direct or mediafire links I think.
I post links because everyone *****es and yet someone still *****es. Those aren't my uploads, I simply posted them so people would stop *****ing. I personally haven't had issues with 4shared even with the stock browser back before I rooted my phone. If you want to reupload them to another hosting site be my guest but like I said, they aren't my uploads.
Stop whining
Here are some direct links for those who complain about the 4Share site.
Oh, and Ill put a gapps link up in thar too. It has the new market, and it works as long as you don't install anything until it finishes restoring. At least it did for me.
That Clockwork link is broken. I'm just sayin' :3
ESPRIMG.zip: http://db.tt/kEvPIyu
SlideEng-package: http://db.tt/n57yN2a
Gapps: http://db.tt/L0SNLhj
EDIT: Clockwork on next page.
supermario12312 said:
Here are some direct links for those who complain about the 4Share site.
Oh, and Ill put a gapps link up in thar too. It has the new market, and it works as long as you don't install anything until it finishes restoring. At least it did for me.
That Clockwork link is broken. I'm just sayin' :3
ESPRIMG.zip: http://db.tt/kEvPIyu
SlideEng-package: http://db.tt/n57yN2a
Gapps: http://db.tt/L0SNLhj
Click to expand...
Click to collapse
thank you for that, not only if that direct link better there mate.. but man the download speed is better ahaha... I already have root but I'm rooting a friends phone ;P then soon a warranty exchange phone for me.
Once I reach recovery... it just sits there with no options or anything...
Here are some OTA firmware updates which were decrypted, they are fully working and can be installed using the original recovery
Huge thanks to Condi who actually made this possible.
You can check which region/product you have by looking at your build.prop:
Code:
ro.build.description=nbx03_010-user 3.2.1 THMAS0042 0042.004 release-keys
Please look at the next post to see what those numbers mean.
Full OTA:
signed_nbx03_007-ota-0042.017_decrypted.zip
Incremental OTA:
incremental_nbx03_001 0042.001
It would be very helpful, if you would describe the version exactly.
From which country, which version and with or without 3G.
Otherwise it is a risk to flash a "unknown" version.
We should also collect a "region code translation table"
I would like to start with:
Region Code:
001 = USA
007 = Germany
015 = Austria
016 = Poland
Version Code:
0042.017 = 3.2.1R2
11000.014 = 3.2
I have two different versions downloaded:
signed-nbx03_007-ota-0042.017.zip
signed-nbx03_007-ota-11000.014.zip
My device:
Sony Tablet S - 16GB - no 3G - Model: SGPT111DE/S
Could someone explain how we can decrypt a firmware version?
obicom, check PM
Yes, more details needed, we cannot do a blind update.
Sent from my U8800 using Tapatalk
Actually my post was intended to be used by developers, there are some interesting technical information in the update.
I'll try to upload more firmwares once i have time and try to put a list like obicom suggested
uploading full last ota from pl region, for developing purpose, will be ready in ~18min.
signed-nbx03_016-ota-0042.004_decrypted.zip
Great work! Is there anyway you can create an update.zip to replace the /system/sbin, /system/bin, and /system/xbin with the stock or prerooted files?
I ask this because, I tried creating one, but I still get the signature verification failed error.
I have tried signing it with a few different methods, but still failing.
I'm trying to root the device and when I do, I get permission denied with every buysbox command, ie chmod, insmod, etc...
In addittion, I tried running just the update, and that failed because it is the same as my current version. I would think you could just change the update version inbedded in this package...
Great work guys!
Can i ask how to decrypt the zip files?
I want to decrypt my OTA zip too.
Thanks!
Br
norberto
@Condi:
If I take a look into the posted fw .. I am a little bit astonished.
I found three different region.prop files:
one for Austria
one for Switzerland
one for Poland
Does it mean this is the fw file for this three countries?
Do you know what the last three digits of the file name mean?
for Poland 004 and in Germany 017?
Mabay a hint for the included kernel version? (Build)
condi said:
uploading full last ota from pl region, for developing purpose, will be ready in ~18min.
signed-nbx03_016-ota-0042.004_decrypted.zip
Click to expand...
Click to collapse
Is this for wifi or 3g version? Or maybe desn't matter. I ask because I have SGPT111PL/S and the last ota I got 3 days ago was:
signed-nbx03_015-ota-0042.002.zip
obicom said:
@Condi:
If I take a look into the posted fw .. I am a little bit astonished.
I found three different region.prop files:
one for Austria
one for Switzerland
one for Poland
Does it mean this is the fw file for this three countries?
Do you know what the last three digits of the file name mean?
for Poland 004 and in Germany 017?
Mabay a hint for the included kernel version? (Build)
Click to expand...
Click to collapse
The file on my austrian SGPT111AT/S is named "signed_nbx03_015-ota-0042.002.zip"
@Condi & skoperst
Do you know how I can extract the system.img and hidden.img file ?
Do you know what part of our OS is 'hidden' in the hidden.img file?
Is it the kernel image?
Where did you get the 'signed_nbx03_007-ota-0042.017_decrypted.zip' file?
From my point of view, it is exactly "my" firmware file from Germany.
Could you confirm that?
obicom said:
@Condi & skoperst
Do you know how I can extract the system.img and hidden.img file ?
Do you know what part of our OS is 'hidden' in the hidden.img file?
Is it the kernel image?
Where did you get the 'signed_nbx03_007-ota-0042.017_decrypted.zip' file?
From my point of view, it is exactly "my" firmware file from Germany.
Could you confirm that?
Click to expand...
Click to collapse
Yes its your firmware.
system.img is just ext4 partition while hidden.img is not yet fully understood.
My guess its some sort of encrypted package for kernel/recovery/bootloader, maybe more then just one.
But if system.img is a dd image of the system partition, I would guess that 'OTA RootKeeper' cannot work in this case. From my understanding the ota update would overwrite the /system/, system/xbin and /system/bin. Is this correct?
-- Edit --
I found the following string in the 'updater-script':
assert(package_extract_file("system.img", "/dev/block/mmcblk0p3"));
Click to expand...
Click to collapse
so I guess it is not a dd image .. any idea how I can extract such a file?
img's
The img files can be mounted with rw access this way :
cd /media
mkdir tablet_system
mkdir tablet_hidden
mount -o loop -t ext4 system.img /media/tablet_system
mount -o loop -t sysfs hidden.img /media/tablet_hidden
Maybe a way to build pre-rooted roms if the stock recovery accepts uncrypted zips or if we are able to re-encrypt a modified one ?
I'll be very pleased to try something but i need a decrypted french OTA update...
Nesquick95 said:
The img files can be mounted with rw access this way :
cd /media
mkdir tablet_system
mkdir tablet_hidden
mount -o loop -t ext4 system.img /media/tablet_system
mount -o loop -t sysfs hidden.img /media/tablet_hidden
Maybe a way to build pre-rooted roms if the stock recovery accepts uncrypted zips or if we are able to re-encrypt a modified one ?
I'll be very pleased to try something but i need a decrypted french OTA update...
Click to expand...
Click to collapse
Get one using this method:
http://forum.xda-developers.com/showthread.php?t=1511825
@sebarkh
I guess he need a decrypted one .. not only an encrypted ota update.
@Nesquick95
Thanks for the advice. Try to send Condi and/or skoperst your build.prop and region.zip. Maybe they can download an encrypted french version for you.
So, the question is HOW to decrypt.
img's
Some further informations :
My tablet isn't actually rootable because of an unlucky OTA update that leads me from kernel 8 to kernel 10.
I'm trying to find a way to gain root again but i'm not experienced in hacking...
The simple idea is to add the ro.kernel.qemu = 1 in the local.prop of a decrypted firmware and flash it with recovery to gain root with ADB, then push the busybox, su and superuser.apk in the right places.
I've mounted Condi's decrypted firmware with the mount commands given in my last post. Unfortunatly, i've not found the exact image of the tablet's file systems that I expected to.
I'll try to understand how it works anyway.
I join the "ls" of the two img file, if someone wants to take a look.
I also join my build.prop + region.zip if someone (Condi ?) can get a french OTA update and upload it somewhere for me.
Nesquick95 said:
Some further informations :
My tablet isn't actually rootable because of an unlucky OTA update that leads me from kernel 8 to kernel 10.
I'm trying to find a way to gain root again but i'm not experienced in hacking...
The simple idea is to add the ro.kernel.qemu = 1 in the local.prop of a decrypted firmware and flash it with recovery to gain root with ADB, then push the busybox, su and superuser.apk in the right places.
I've mounted Condi's decrypted firmware with the mount commands given in my last post. Unfortunatly, i've not found the exact image of the tablet's file systems that I expected to.
I'll try to understand how it works anyway.
I join the "ls" of the two img file, if someone wants to take a look.
I also join my build.prop + region.zip if someone (Condi ?) can get a french OTA update and upload it somewhere for me.
Click to expand...
Click to collapse
I will start from the end. About getting ota update - ask skoperst - he is an expert in this Second thing - it will not work.
Encryption of update zip is one thing, signature - signing is another thing. You will edit anything in zip - signature failed.
To understand how flash works you don't need your region decrypted ota zip.
Its very hard to get final decrypted update. Two of available - one incremental,
and one full - are fully sufficent to 'understand how it works'
br
condi
I've got a cheap Chinese tablet (WM8850-MID) running Android 4.0.3 based on WonderMedia 8850 processor.
It's not rooted.
Here's what i found:
/system/xbin/su is present:
-rwsr-xr-x 1 0 0 68528 May 14 11:07 su
But I can't run su in a terminal:
su uid 10064 not allowed to su
Using adb.exe I have the same problem with uid 2000.
There is a script /system/etc/init.sh which is called a boot time, but If I modify and push it via adb it won't execute (lost execute permission)
adb reboot-bootloader does reboot the device, but it does not stay in bootloader mode and just go straight to Android.
I'm not sure where to go from here. Is there a way to root that device ?
Try ./adb root to run as root.
Use oneclickroot.
Daniel120201 said:
Try ./adb root to run as root.
Use oneclickroot.
Click to expand...
Click to collapse
I forgot to mention "adb root" says I'm already root.
If I copy files with adb push, the owner is root, but If I use "adb shell" I'm user uid 2000.
This is a new tablet, but I'll give oneclick a try anyway. Thanks.
I've just tried SuperOneClick 2.3.1.0. It says it's already rooted because it can find /system/xbin/su, but I continued anyway. It can copy busybox (temp) but cannot change the permissions and it stops there.
Try resetting your tablet and if the su binary is stil there remove it. After resetting retry with superoneclick.
Sent from my MID7C using xda app-developers app
Daniel120201 said:
Try resetting your tablet and if the su binary is stil there remove it. After resetting retry with superoneclick.
Sent from my MID7C using xda app-developers app
Click to expand...
Click to collapse
Thanks, but how do I delete it since I don't have the permissions? In case it's possible, is it safe to remove the su binary? I have no way to recover my firmware...
Use ./adb root to remove it because you will be root.After removing it reset your tablet to factory settings. It is safe because the su binary is not part of the os.
Then try rooting with oneclickroot.
Hope it works for you.
i also bought wm8850 tablet in china..can you teach me how to root in detailed its my first android device....i dont understand the other terms u are using....
Hi jallaine12gil,
I think that you should first try to root with oneclickroot. Post if it worked or not. Oneclickroot is a rooting program for android devices.
download the firmware. then find the android4.0.tgz file open it with 7zip, add the su file to system/bin folder and system/xbin manually.... then put the superuser.apk in the system/app folder then save changes.... then flash firmware from sdcard
if camera is in the top centre of the wm8850 tablet: in txt file
if camera is in top right of the wm8850 tablet: in txt file
download the firmware. then find the android4.0.tgz file open it with 7zip, add the su file to system/bin folder and system/xbin manually.... then put the superuser.apk in the system/app folder then save changes.... then flash firmware from sdcard
Attachment is the links to firmwares
Hi i was brick my 8850 ekenw70 flashing this
WM8850_MID7_PuZhi_W01_8223_FT5206_W70_WMC1579
i was buy it here:
http://www.aliexpres...holesalers.html
can sugest something to debrick??
All what i have is one black screen, i try to reflash but no luck.
WM8850 RootBurner
How root the WM8850 tablet without firmware update :RootBurner on "nanospic.ro/?p=327" !
cnxsoft said:
I've just tried SuperOneClick 2.3.1.0. It says it's already rooted because it can find /system/xbin/su, but I continued anyway. It can copy busybox (temp) but cannot change the permissions and it stops there.
Click to expand...
Click to collapse
Hi friends,
I also used this device...any results ??...working or not ?..pls help guys..
Br
Zaki..
ellisondavid said:
download the firmware. then find the android4.0.tgz file open it with 7zip, add the su file to system/bin folder and system/xbin manually.... then put the superuser.apk in the system/app folder then save changes.... then flash firmware from sdcard
Attachment is the links to firmwares
Click to expand...
Click to collapse
Hi, friend
How to put manually ?? file read only!...any MOD..pls help..
RootBurner
basodiodoh said:
Hi, friend
How to put manually ?? file read only!...any MOD..pls help..
Click to expand...
Click to collapse
Hi!
why not use RootBurner for WM8850? The rooting procces is similary to firmware update!
Extract the archive into sd card and insert into tablet and Power ON!
ellisondavid said:
download the firmware. then find the android4.0.tgz file open it with 7zip, add the su file to system/bin folder and system/xbin manually.... then put the superuser.apk in the system/app folder then save changes.... then flash firmware from sdcard
Attachment is the links to firmwares
Click to expand...
Click to collapse
Hi, friend..this firmware compatible for version below??
Model Number : WM8850-mid
Build number : 4.0.3 ICS Ver. 1.2.0-20120824.044231
* camera - top right hand side*
Thanks.
How to get adb working on the wm8850?
Hi, sorry to interject with something semi-unrelated, but how did you guys get adb working with the wm8850? I've added the vendor id to the ~/.android/adb_usb.ini on mac, but adb still can't find the device. I used 0x0ea0, is this what you guys used?
Any advice would be great!
have the same tablet
i have the same tablet WM8850-mid ihave my rooted but i dont know haw to flash roms and what should i use CWM recovery version for this tablet pls help me thanks...
thank you XDA pls help..
how to root ??
MarionSabido said:
i have the same tablet WM8850-mid ihave my rooted but i dont know haw to flash roms and what should i use CWM recovery version for this tablet pls help me thanks...
thank you XDA pls help..
Click to expand...
Click to collapse
Hi, friend
Sorry, how do you root??
I am wondering if anyone knows of a way to take the latest ota zip for the Xperia S, decrypt it, edit the version, repack it, then be able to flash it. Right now it will not let me flash over the current version r5 because it is the same version. I am stuck on the blue wave animation perpetually after screwing up my services.jar. I have no adb access and my only hope is to flash in recovery or wait until the next update comes out...
I was told by a Sony tech yesterday the Jelly Bean update for the Xperia S will not be until January...
EDIT: There is a way to fool the recovery. Does anyone have a modified r5 ota for the Xperia edited for a higher incremented version they could share?
bjanice44 said:
I am wondering if anyone knows of a way to take the latest ota zip for the Xperia S, decrypt it, edit the version, repack it, then be able to flash it. Right now it will not let me flash over the current version r5 because it is the same version. I am stuck on the blue wave animation perpetually after screwing up my services.jar. I have no adb access and my only hope is to flash in recovery or wait until the next update comes out...
I was told by a Sony tech yesterday the Jelly Bean update for the Xperia S will not be until January...
EDIT: There is a way to fool the recovery. Does anyone have a modified r5 ota for the Xperia edited for a higher incremented version they could share?
Click to expand...
Click to collapse
If it is the same as Sony Tab S then you would need to disable the signature check to flash a modded update. To add to the bad news, that is no longer able to work with new recovery (that came with r5, for older tab anyway)
Any chance you can take it in under warrantly?? They may not be able to tell that you messed with it
stifilz said:
If it is the same as Sony Tab S then you would need to disable the signature check to flash a modded update. To add to the bad news, that is no longer able to work with new recovery (that came with r5, for older tab anyway)
Any chance you can take it in under warrantly?? They may not be able to tell that you messed with it
Click to expand...
Click to collapse
Thanks for the response. Yeah I guess I am going to have to send it in or .. the other option is to wait for another update, but not knowing when that will be sucks. The Sony tech told me yesterday (when I called to find out my options..and I can send it in) that the Jelly Bean update is coming in January..So the question is will Sony have another update to ICS before then. Perhaps..
bjanice44 said:
Thanks for the response. Yeah I guess I am going to have to send it in or .. the other option is to wait for another update, but not knowing when that will be sucks. The Sony tech told me yesterday (when I called to find out my options..and I can send it in) that the Jelly Bean update is coming in January..So the question is will Sony have another update to ICS before then. Perhaps..
Click to expand...
Click to collapse
The funny thing is that I know which file is corrupted in the system. Its the services.jar. If only there was a way for me to replace that file....It would boot.
bjanice44 said:
The funny thing is that I know which file is corrupted in the system. Its the services.jar. If only there was a way for me to replace that file....It would boot.
Click to expand...
Click to collapse
Yeh guttered. Can you check if you can get adb shell in recovery??? I know it is late now but this is why the AIO tool changes the incremental to a lower one... So we can flash same update if it turns to custard
stifilz said:
Yeh guttered. Can you check if you can get adb shell in recovery??? I know it is late now but this is why the AIO tool changes the incremental to a lower one... So we can flash same update if it turns to custard
Click to expand...
Click to collapse
No ADB shell. I guess I'll send it in. Watch.. 2 days after I send it in there will be an update..
bjanice44 said:
No ADB shell. I guess I'll send it in. Watch.. 2 days after I send it in there will be an update..
Click to expand...
Click to collapse
Lol. That would be awesome
stifilz said:
If it is the same as Sony Tab S then you would need to disable the signature check to flash a modded update. To add to the bad news, that is no longer able to work with new recovery (that came with r5, for older tab anyway)
Any chance you can take it in under warrantly?? They may not be able to tell that you messed with it
Click to expand...
Click to collapse
stifilz is there really no other way we can revert back to the old Recovery? I mean like finding someone who is still on HC 3.2? and asking him to prepare the needed stuffs like the decrypt one? sorry but im really desperate on fixing the issue my tab is experiencing. and can we still hope for an updated AIO tool that might even work with the latest recovery mode?
mawnstermew said:
stifilz is there really no other way we can revert back to the old Recovery? I mean like finding someone who is still on HC 3.2? and asking him to prepare the needed stuffs like the decrypt one? sorry but im really desperate on fixing the issue my tab is experiencing. and can we still hope for an updated AIO tool that might even work with the latest recovery mode?
Click to expand...
Click to collapse
I have tried to flash 11000 (3.2), 0035(3.2.1), 0042(3.2.1R2), ICS, R1A and NONE of these change the recovery back, i also tied NZ and US files, I was lucky enough to locate US files and had the NZ files saved to my PC. I have looked into AIO tool and read through the code, it runs a certain command in adb shell in recovery (WHICH WE NO LONGER HAVE GRR) so it can not be done ATM.
Maybe there is some file we can change on the tab to enable shell in adb again. From memory shell does not work with non-root devices and when we root we can use adb shell. (Can someone verify this, bad memory lol)
Anyway there could be something I am missing, well hoping anyway
You know you can change the incremental in vendor/vendor.prop to a lower one to flash an OLDER OTA.... Right??
Stifilz
stifilz said:
I have tried to flash 11000 (3.2), 0035(3.2.1), 0042(3.2.1R2), ICS, R1A and NONE of these change the recovery back, i also tied NZ and US files, I was lucky enough to locate US files and had the NZ files saved to my PC. I have looked into AIO tool and read through the code, it runs a certain command in adb shell in recovery (WHICH WE NO LONGER HAVE GRR) so it can not be done ATM.
Maybe there is some file we can change on the tab to enable shell in adb again. From memory shell does not work with non-root devices and when we root we can use adb shell. (Can someone verify this, bad memory lol)
Anyway there could be something I am missing, well hoping anyway
You know you can change the incremental in vendor/vendor.prop to a lower one to flash an OLDER OTA.... Right??
Stifilz
Click to expand...
Click to collapse
-.- sadly i dont know how to change such things. can you please tell me how to do it? ive been looking for ways to downgrade to HC but iim getting prohibit basebrand or SKU version or something like that
mawnstermew said:
-.- sadly i dont know how to change such things. can you please tell me how to do it? ive been looking for ways to downgrade to HC but iim getting prohibit basebrand or SKU version or something like that
Click to expand...
Click to collapse
Use AIO tool. Tweaks and mods then install rescue backdoor
Or
Download root explorer or similar. Open riot exolorer and navigate to vendor folder.
Long click vendor.prop and then select edit with text editor
Change the number to a lower one. Take of the last digit will do.
Click three dots for options and save
All done flash what you like
stifilz said:
Use AIO tool. Tweaks and mods then install rescue backdoor
Or
Download root explorer or similar. Open riot exolorer and navigate to vendor folder.
Long click vendor.prop and then select edit with text editor
Change the number to a lower one. Take of the last digit will do.
Click three dots for options and save
All done flash what you like
Click to expand...
Click to collapse
That one needs a rooted tablet right? Im having troubles rootig my tab even with b4narys script. If I choose to downgrade to 3.2 what no should I chane the las t two digits to?
mawnstermew said:
That one needs a rooted tablet right? Im having troubles rootig my tab even with b4narys script. If I choose to downgrade to 3.2 what no should I chane the las t two digits to?
Click to expand...
Click to collapse
Needs root yes. Just delete the last digit
stifilz said:
Needs root yes. Just delete the last digit
Click to expand...
Click to collapse
thanks! BTW im still able to flash to ICS updates right? BTW im not able to install pre rooted ics if i try to reflash to lower versions due to the inability of AIO tool to decrypt?
From AIO you can decrypt and flash anything lol. Except if you have the r5 recovery it wont work at all
i tried with B4nary's script again but all im getting is the terminal emulator. did you do something with the backupandrestore.apk? cuz i tried installing it and im getting forced close everytime i try to open it.
BTW im on r5 so i wont be able to downgrade? im still stuck at rooting it
mawnstermew said:
i tried with B4nary's script again but all im getting is the terminal emulator. did you do something with the backupandrestore.apk? cuz i tried installing it and im getting forced close everytime i try to open it.
BTW im on r5 so i wont be able to downgrade? im still stuck at rooting it
Click to expand...
Click to collapse
You are typing in /data/local/tmp/onload.sh and then /data/local/tmp/onload2.sh????
You can change incremental after root and flash a ICS or R1A or even HC if you have the file
Stifilz
stifilz said:
You are typing in /data/local/tmp/onload.sh and then /data/local/tmp/onload2.sh????
You can change incremental after root and flash a ICS or R1A or even HC if you have the file
Stifilz
Click to expand...
Click to collapse
i just followed the instrucions stated here http://forum.xda-developers.com/showthread.php?t=1886460 i used the normal mode to unlock but then im getting the on the "mount: permission denied and then i tried using special mode to root and finally after everything was done all that was installed in my tablet is a terminal emulator, some applications were lost in the process such as my avast anti virus and play store.
stifilz said:
You are typing in /data/local/tmp/onload.sh and then /data/local/tmp/onload2.sh????
You can change incremental after root and flash a ICS or R1A or even HC if you have the file
Stifilz
Click to expand...
Click to collapse
[email protected]:/ $ export PATH=/data/local/bin:$PATH
[email protected]:/ $ /data/local/tmp/onload.sh
Unable to chmod /data: Operation not permitted
Unable to chmod /data/local/tmp/mkdevsh: Operation not permitted
failed on 'property' - Permission denied
mkdir failed for property, File exists
link failed Permission denied
link failed Permission denied
rm failed for property, Permission denied
failed on 'property.org' - Permission denied
255|[email protected]:/ $ data/local/tmp/onload2.sh
Unable to chmod /data: Operation not permitted
Unable to chmod /data/local/tmp/remount.sh: Operation not permitted
failed on 'property' - Permission denied
mkdir failed for property, File exists
link failed Permission denied
link failed Permission denied
rm failed for property, Permission denied
failed on 'property.org' - Permission denied
255|[email protected]:/ $
btw stifilz, can you share to me your edited bin4ry's script? the one with the re-signed vpnfaker? it tried signing it but it still doesnt work saying something about the vpnfaker. I think there was something wrong with the way i signed it. it might work if i try to use the one you made.
mawnstermew said:
[email protected]:/ $ export PATH=/data/local/bin:$PATH
[email protected]:/ $ /data/local/tmp/onload.sh
Unable to chmod /data: Operation not permitted
Unable to chmod /data/local/tmp/mkdevsh: Operation not permitted
failed on 'property' - Permission denied
mkdir failed for property, File exists
link failed Permission denied
link failed Permission denied
rm failed for property, Permission denied
failed on 'property.org' - Permission denied
255|[email protected]:/ $ data/local/tmp/onload2.sh
Unable to chmod /data: Operation not permitted
Unable to chmod /data/local/tmp/remount.sh: Operation not permitted
failed on 'property' - Permission denied
mkdir failed for property, File exists
link failed Permission denied
link failed Permission denied
rm failed for property, Permission denied
failed on 'property.org' - Permission denied
255|[email protected]:/ $
btw stifilz, can you share to me your edited bin4ry's script? the one with the re-signed vpnfaker? it tried signing it but it still doesnt work saying something about the vpnfaker. I think there was something wrong with the way i signed it. it might work if i try to use the one you made.
Click to expand...
Click to collapse
Ok doubt it will work but it is attached. I have zipped it up to add as attachment.
Please unzip it and then replace the file (of same name) in the 'stuff' directory of bin4ry's tool.
Good luck once again