Hello,
When I run adb shell, it reports back with a "$,"even though I do have root. I'm running JoeyKrim Stock With Root ROM. Odexed...
I do have superuser installed with the latest binary, and latest official busybox. Terminal emulator even detects that I have root.
Basically everything works as it should, except adb. Anybody know what's going on?
Rydah805 said:
Hello,
When I run adb shell, it reports back with a "$,"even though I do have root. I'm running JoeyKrim Stock With Root ROM. Odexed...
I do have superuser installed with the latest binary, and latest official busybox. Terminal emulator even detects that I have root.
Basically everything works as it should, except adb. Anybody know what's going on?
Click to expand...
Click to collapse
When you type adb shell, does it immediately report back with a $, or does it pause for a few and then report back with a $? If it pauses for a few seconds, look down at your phone during that time. You may be being prompted with the super user request prompt, where you need to hit allow. I'm not sure why you need to do this sometimes, but I've had it happen before. If you don't look at the phone and hit 'allow', then it times out and doesn't give you root access. So type 'adb shell', check out your phone and see if your prompted, if so allow it, and you should be good. If that is not the case, then I'm unsure what could be causing it.
k2buckley said:
When you type adb shell, does it immediately report back with a $, or does it pause for a few and then report back with a $? If it pauses for a few seconds, look down at your phone during that time. You may be being prompted with the super user request prompt, where you need to hit allow. I'm not sure why you need to do this sometimes, but I've had it happen before. If you don't look at the phone and hit 'allow', then it times out and doesn't give you root access. So type 'adb shell', check out your phone and see if your prompted, if so allow it, and you should be good. If that is not the case, then I'm unsure what could be causing it.
Click to expand...
Click to collapse
Thanks, I'll test that out. I have a pin set on superuser. Maybe that's the issue.
Just checked, and it does it right away, and does not prompt... Sigh...
Rydah805 said:
Just checked, and it does it right away, and does not prompt... Sigh...
Click to expand...
Click to collapse
Very strange. I'm not sure. Has it happened on all roms, or just the one you're currently on?
Sent from my PG86100 using Tapatalk
Rydah805 said:
Just checked, and it does it right away, and does not prompt... Sigh...
Click to expand...
Click to collapse
The first time you type su from adb shell, Superuser will display a prompt on the screen to accept or deny the request. If you don't accept the request, in adb shell it will display, "Permission denied".
On the Superuser prompt, if you select deny, when typing su in adb shell the result will always be "Permission denied" until going into the Superuser app and changing "Unknown" to Allow. Not sure why the Superuser app labels adb shell as "Unknown".
Another option, inside the Superuser app, on the Settings tab, at the very bottom there is an option, update su binary. Sometimes using this update feature will resolve permission/installation issues with the su binary.
If you wanted to verify the installation of both Superuser and root as having been done properly, my free app Root Check from the market works well. Advanced Mode should provide all the details we'd need to troubleshoot further.
Hope that helps and appreciate your support!
joeykrim said:
The first time you type su from adb shell, Superuser will display a prompt on the screen to accept or deny the request. If you don't accept the request, in adb shell it will display, "Permission denied".
On the Superuser prompt, if you select deny, when typing su in adb shell the result will always be "Permission denied" until going into the Superuser app and changing "Unknown" to Allow. Not sure why the Superuser app labels adb shell as "Unknown".
Another option, inside the Superuser app, on the Settings tab, at the very bottom there is an option, update su binary. Sometimes using this update feature will resolve permission/installation issues with the su binary.
If you wanted to verify the installation of both Superuser and root as having been done properly, my free app Root Check from the market works well. Advanced Mode should provide all the details we'd need to troubleshoot further.
Hope that helps and appreciate your support!
Click to expand...
Click to collapse
Yep that does work on his rom the "type su" thing and thanks for your root check app Joey it's been super useful in trying to figure out stuff lately on the photon.... really appreciate all your contributions
joeykrim said:
The first time you type su from adb shell, Superuser will display a prompt on the screen to accept or deny the request. If you don't accept the request, in adb shell it will display, "Permission denied".
On the Superuser prompt, if you select deny, when typing su in adb shell the result will always be "Permission denied" until going into the Superuser app and changing "Unknown" to Allow. Not sure why the Superuser app labels adb shell as "Unknown".
Hope that helps and appreciate your support!
Click to expand...
Click to collapse
Got it! Thanks! Any idea why I had to do that with your rom though? On others, I didn't need to type Su and grant it. (Doesn't bother me though.)
Rydah805 said:
Got it! Thanks! Any idea why I had to do that with your rom though? On others, I didn't need to type Su and grant it. (Doesn't bother me though.)
Click to expand...
Click to collapse
Short answer: Since Superuser.apk is another developer's software, I didn't include it in my ROM as I didn't have his permission. I provide the superuser apk market link in my ROM OP for users. Instead of packaging Superuser apk, I used the su binary provided in AOSP as its source code is public and publically available for android usage.
Long answer: There is a free version of Superuser available thru the market and figured that would be the best way to load the Superuser apk. From personal experience as an android developer, when an app is provided with a ROM, it doesn't appear in the developer's market statistics and essentially is "off the radar". Which makes it more difficult to track which devices have loaded the software, which versions of android, etc and makes it more difficult to prioritize software upgrades to the application.
Hope I was able to explain and it helps!
joeykrim said:
Short answer: Since Superuser.apk is another developer's software, I didn't include it in my ROM as I didn't have his permission. I provide the superuser apk market link in my ROM OP for users. Instead of packaging Superuser apk, I used the su binary provided in AOSP as its source code is public and publically available for android usage.
Long answer: There is a free version of Superuser available thru the market and figured that would be the best way to load the Superuser apk. From personal experience as an android developer, when an app is provided with a ROM, it doesn't appear in the developer's market statistics and essentially is "off the radar". Which makes it more difficult to track which devices have loaded the software, which versions of android, etc and makes it more difficult to prioritize software upgrades to the application.
Hope I was able to explain and it helps!
Click to expand...
Click to collapse
Gotcha, I'm not complaining, just wondering why. I've always loved your roms over any others. Any way I can easily set it to use the superuser app binary over aosp binary?
ADB starting with root depends on the ro.secure property; if you type "getprop ro.secure" it should show either 0 meaning ADB keeps root or 1 meaning you have to use su for root. Just about all custom kernels/ROMs use unsecured boot.imgs but you can always change it yourself by modifying the default.prop file packed in the boot.img.
This is also what people are referring to when they say the kernel/boot.img/rom is secured or unsecured.
Rydah805 said:
Got it! Thanks! Any idea why I had to do that with your rom though? On others, I didn't need to type Su and grant it. (Doesn't bother me though.)
Click to expand...
Click to collapse
xHausx said:
ADB starting with root depends on the ro.secure property; if you type "getprop ro.secure" it should show either 0 meaning ADB keeps root or 1 meaning you have to use su for root. Just about all custom kernels/ROMs use unsecured boot.imgs but you can always change it yourself by modifying the default.prop file packed in the boot.img.
This is also what people are referring to when they say the kernel/boot.img/rom is secured or unsecured.
Click to expand...
Click to collapse
Rydah805 said:
Gotcha, I'm not complaining, just wondering why. I've always loved your roms over any others. Any way I can easily set it to use the superuser app binary over aosp binary?
Click to expand...
Click to collapse
Ah! Your question in the first quote above could be intrepreted two different ways. I provided one answer for one intrepretation and Haus provided the other answer for a different intrepretation!
I'll try and bring both together. There are two primary ways to access the shell interface on an android device.
1) Via adb shell. When typing adb shell and it opens the connection to the device, by android standard, it drops you to a shell with non root access reflected with the $ prompt. As Haus articulated above, this can be modified in the /default.prop file inside the ramdisk of the boot.img file. There are two options, have adb shell drop to root access or have adb shell drop to non root access. Many custom kernels modify this option so the user drops to root access.
In my kernel I'm using a non-modified stock kernel so it drops to non root access. I prefer to have to type su, once in the shell, to elevate to root access. Mainly because most functions I perform in adb shell I don't want root access for.
2) Via terminal emulator/connectbot. When accessing the shell directly on the device thru one of the common android applications, these generally open up a standard "sh" or non root shell. Then by typing "su" the user can elevate to root access (if the device has the su binary, etc.).
There are two main options for how to handle the "su" command inside a shell on the android device.
1) Superuser.apk - this application provides its own su binary, which hooks into the android application. Whenever su is called, the Superuser application is therefore called and allows the user to accept/deny root access requests.
2) su binary - from aosp or busybox. this is a version of the su binary more common to android developers in aosp, or the busybox version is more common to a generic linux version. the aosp version of su will grant any user/application root access. the busybox version will grant any user/application root access but does rely on an /etc/passwd and /etc/group file for permissions.
To answer your previous question, why you haven't had to type su on other custom ROMs, as Haus explained, they probably modified adb shell access in the /defult.prop file to automatically elevate adb shell to root priviledges.
To answer your last question regarding Superuser.apk and aosp su. Once you install the Superuser.apk file and it properly installs its own version of the su binary, it has now overwrite the previous aosp su binary. Superuser will now control all root access requests. Once you grant an application, adb shell, titantium backup, root explorer, or whatever application root access with Superuser, it will not prompt again and will handle every future request with the default action (grant/deny) provided.
Hope the extra details help!
Thanks, wasn't trying to be a pest. Just curious. The info in this thread is a nice thing to know.
Hi there,
I have a Rockchip RK3188 Tablet with Android 4.2.2, which I need to root ON DEVICE. Actually, the device was already rooted (using a Laptop via the adb bridge), so I already have busybox installed and I have one of my own apps in /system/app. However I managed to delete the su program (yeah great!) and therefore don't have root access any more. I know I can easily root the device again if I connect it to my laptop again, but that is not possible, because the device is at my parent's place and I can't go over there any time soon.
Therefore I want to root the device just with an app. Actually I would only need to copy su to /system/xbin.
These are the things I already tried (without success):
Framaroot (doesn't work, because framaroot does not support Rockchip tablets)
Writing my own app, which contains su in the assets and using this su for temporary root
Using adb (on the device) for a local connection (adb connect localhost), because if I connect from my PC I automatically have root (doesn't work because Android 4.2.2 has increased security on adb)
Start telnetd via busybox and then execute my commands via nc (doesn't work, because I can't start telnetd in a way that it ends up with a root shell)
Any other ideas?
My last idea is, that I could maybe gain temporary root access with the app I already have in /system/app. Basically this would be similar to the Master Key Exploit, except that I do not have to fiddle around with the apk and instead install it normally. However I don't know how to continue from that point. I know, I have special permissions if I have an app in /system/app, but which permissions are that? And how can I use those permissions to make /system writeable (and copy my su file there)?
Thank you for your help,
Tobias
ToBe_HH said:
Hi there,
I have a Rockchip RK3188 Tablet with Android 4.2.2, which I need to root ON DEVICE. Actually, the device was already rooted (using a Laptop via the adb bridge), so I already have busybox installed and I have one of my own apps in /system/app. However I managed to delete the su program (yeah great!) and therefore don't have root access any more. I know I can easily root the device again if I connect it to my laptop again, but that is not possible, because the device is at my parent's place and I can't go over there any time soon.
Therefore I want to root the device just with an app. Actually I would only need to copy su to /system/xbin.
These are the things I already tried (without success):
Framaroot (doesn't work, because framaroot does not support Rockchip tablets)
Writing my own app, which contains su in the assets and using this su for temporary root
Using adb (on the device) for a local connection (adb connect localhost), because if I connect from my PC I automatically have root (doesn't work because Android 4.2.2 has increased security on adb)
Start telnetd via busybox and then execute my commands via nc (doesn't work, because I can't start telnetd in a way that it ends up with a root shell)
Any other ideas?
My last idea is, that I could maybe gain temporary root access with the app I already have in /system/app. Basically this would be similar to the Master Key Exploit, except that I do not have to fiddle around with the apk and instead install it normally. However I don't know how to continue from that point. I know, I have special permissions if I have an app in /system/app, but which permissions are that? And how can I use those permissions to make /system writeable (and copy my su file there)?
Thank you for your help,
Tobias
Click to expand...
Click to collapse
are you rooted check with root checker if yes(as you alredy said)
install super su or super user to gain root acces controls
but iam not sure from your question you are rooted or not or are you trying to root
P.S deleting super su will not unroot you
sangalaxy said:
are you rooted check with root checker if yes(as you alredy said)
install super su or super user to gain root acces controls
but iam not sure from your question you are rooted or not or are you trying to root
P.S deleting super su will not unroot you
Click to expand...
Click to collapse
Root checker says: "Sorry! This device does not have proper root access."
Right now, I am NOT rooted. So the device WAS rooted and then /system/xbin/su was deleted. Meaning: everything else is in place (SuperUser, Busybox, etc.) but I cannot execute anything as root, because I cannot switch the user to root (what su does). Although I am not really unrooted, I cannot do anything any more. So basically I would like to re-root my device.
The goal is to get fully rooted again.
ToBe_HH said:
Root checker says: "Sorry! This device does not have proper root access."
Right now, I am NOT rooted. So the device WAS rooted and then /system/xbin/su was deleted. Meaning: everything else is in place (SuperUser, Busybox, etc.) but I cannot execute anything as root, because I cannot switch the user to root (what su does). Although I am not really unrooted, I cannot do anything any more. So basically I would like to re-root my device.
The goal is to get fully rooted again.
Click to expand...
Click to collapse
I don't think you can root without any pc
If your phone has recovery just flash the root files :thumbup:
Sent from my Xperia Live with Walkman using xda app-developers app
ToBe_HH said:
Root checker says: "Sorry! This device does not have proper root access."
Right now, I am NOT rooted. So the device WAS rooted and then /system/xbin/su was deleted. Meaning: everything else is in place (SuperUser, Busybox, etc.) but I cannot execute anything as root, because I cannot switch the user to root (what su does). Although I am not really unrooted, I cannot do anything any more. So basically I would like to re-root my device.
The goal is to get fully rooted again.
Click to expand...
Click to collapse
Have you tried looking in /system/bin/su instead of /system/xbin/su
Yep, you read that right and I'm not trolling. THE ZMAX IS ROOTED!!
Discaimer and N00Bproof warning:
We have root, yes, but that doesn't mean get hasty. At the moment, there are partition images (system, boot and recovery) in my and other users' possession (free of access to all), but we don't have a working recovery at the moment and this process involves deleting the stock recovery (it will make sense later). So, if you screw up and get root-happy, there's no way to recover until we get a recovery and a custom rom, and even then you might be screwed because we don't have access to the bootloader to use fastboot. Things may change, but root-use with caution.
Also, once you root, DO NOT TAKE ETAs from T-Mo and ZTE!!!!!!! Now that we have root, we can capture the OTA and make it root-friendly. To make a long story short, the updater-script (thing that tells your recovery where and how to flash stuff) has a list of stuff it has to... well... flash. If you, for example, delete the stock ZTE Music app, and the ETA replaces the app with a new version, it's going to stop (because the script requires a REPLACEMENT and not a PLACEMENT, computers don't have the best common sense), then it will interrupt and you will likely be bricked. This shouldn't be a problem because you don't have a recovery to begin with, but I'm not taking chances here.
NOW! Let's Root. This is a long process, so don't expect to do anything for a good 10-20 minutes.
FIRST: KINGROOT
This is one of those things where your mileage may very, there have been many different ways to get KingRoot (not King"O"Root, two different apps) to work, but this one was the one that worked for me. I'll also place alternate KingRoot methods in the second post if you wanna try those. Just for the sake of knowledge, this was run on a T-Mobile ZTE ZMAX, Android 4.4.2, build 22. I don't know if it makes a difference that I factor reset my phone before doing another round of root attempts (not this one specifically, maybe a couple hours worth of attempts).
Credits to @fire3element for this method.
1) Download KingRoot APK from here (the first one with the image of the phone if you are on the desktop site).
2) Install KingRoot and run it. It will restart the phone, and it will fail (or, if you have some Android God luck, it may succeed), this is supposed to happen.
3) Clear KingRoots cache and data (in that order) and power off the phone (not reboot). Then, power it back on again.
4) Now this is where things get... well complicated for this part. You are going to need to load your RAM with a bunch of processor heavy stuff. The person that made this method used CounterSpy and Final Fantasy Type-0 in the PPSSPP v1.0.1-411 emulator, but for those of you that don't have access to that, get creative and load up. Here is what I had running (all at the same time, mind you).
Note: Force Stop Task Manager in the app settings first or it will purge to free memory automatically and this won't work.
1. Next Launcher Lite
2. Apex Launcher
3. Nova Launcher
4. Cheetah Launcher
5. CM Launcher
6. Mi Launcher
7. 25 tabs on Google Chrome (No joke)
8. Both Temple Runs
9. Fruit Ninja
10. Google Play Store
11. Google Now
12. Google Play
13. Amazon
14. Google Play Music
Mine was definitely a bit extreme but I knew all of this stuff would guarantee a good memory hogging.
5) Run all of your apps at the same time. The TL;DR for this is that apparently it's some exploit that the app uses as a buffer overflow. Now, go to settings and Force Stop KingRoot. Then Run it again. If it works, you should go from 0 to 100 real quick (no pun intended). It shouldn't progess slowly or reboot the phone to do this, but your journey does not stop here.
Click to expand...
Click to collapse
If you did it correctly, the screen from a successful root will have a green checkmark. Run RootChecker to verify root status.
SECOND: PERMA-ROOT
Now you need to permanently root the phone. This method was all @jcase, and simplified by another user. I encourage you to read JCase's original G+ post to learn something, as this guy is the master of exploits, and we are on XDA to learn.
Credits to @xtremeasure for the simplification of JCase's process.
1) Plug phone into computer...
2) Open cmd type "adb shell" (without quotes, moving forward, type all commands without quotes). This will open a terminal for the phone.
3) While in ADB Shell, type "su" to gain root shell privileges
4) Type "getprop ro.build.fingerprint"
Output for that command should be...
zte/P892T57/draconis:4.4.2/KVT49L/20140804.141306.18686:user/release-keys (the part with P892T57 may be different depending on what model ZMAX You have). If you haven't updated that number will be different, this ok, just replace the number in the next command with whatever your output is.
5) type "setprop persist.sys.k P892T57"
6) type "getprop persist.sys.k" and your output should be your build number
7) type "cd /dev/block/platform/msm_sdcc.1/by-name/" to change directories so that we can back up your recovery image (remember I said something about that?) and set the boot to our recovery partition.
8) type "dd if=recovery of=/sdcard/recovery.img" to backup the recovery image.
9) type "dd if=boot of=recovery" to set recovery as boot. Another TL;DR is that this disables the write protection set by the stock recovery, allowing you to write to the system. It will mount the /system partition upon boot.
DELETE KINGUSER NOW
10) type "reboot recovery" and restart your phone. YOU MUST RESTART WITH THIS COMMAND!!!!! It will boot straight into Android, this is good, that means you haven't screwed up anything.
11) Reopene the adb shell (using "adb shell") in your command prompt or terminal (for OSX and Linux) and type "Id". If your output is "uid=0(root) gid=0(root) context=u:r:shell:s0" then It worked...
12) Remount system as writable "mount -o rw,remount /system"
13) Manual install for supersu you can get that here: http://download.chainfire.eu/supersu
14) Type "exit" into the terminal/command and it should drop you back to your normal cmd...unzip the su zip anywhere you want in your cmd switch to that directory...
14B) I advise taking the "su" binary and "install-recovery.sh" file from the superSU folder you downloaded and putting them in the same place (on the desktop or wherever your adb.exe is if you didn't set $PATH on your computer). su can be found in the "arm" folder and install-recovery.sh can be found in the "common" folder. It is important to note that where ever your files are, you will have to type that path (if it isn't in the same directory as your adb). So, as an example, I put mine on the desktop, so I have to type "adb push ~/Desktop/su /data/local/tmp/su". If you do not know how to do that, then stop what you are doing and research it, as that's just too much to explain.
15) "adb push su /data/local/tmp/su"
16) "adb push install-recovery.sh /data/local/tmp"
17) Reenter adb shell with "adb shell"
18) Make sure system is mounted writable with "mount -o remount,rw /system"
19) Move the so files into place with these commands
"cat /data/local/tmp/su > /system/xbin/su"
"cat /data/local/tmp/su > /system/xbin/daemonsu"
"cat /data/local/tmp/install-recovery.sh > /system/etc/install-recovery.sh"
20) Give them all permissions
"chmod 755 /system/xbin/su"
"chmod 755 /system/xbin/daemonsu"
"chmod 755 /system/etc/install-recovery.sh"
21) Reboot your phone to complete install with "reboot"
22) After rebooting go into the play store and install the supersu app. It's going to tell you the su binary is out of date to fix that we need to open the adb shell on our pc again with "adb shell"
23) Reboot into recovery (you're really rebooting the system with r/w privileges) using "reboot recovery"
24) Once rebooted open the app and update your binaries one finished reboot add your done 100% perm rooted
Click to expand...
Click to collapse
Now, you are rooted! If you did everything right, you should be good. Now people are going to ask, "Is there a script for this?" The short answer is No, don't hold your breath for something immediate. There was a user that said he would be happy to make one for the second half, but the writing, testing and verification of success alone on that will take some time, as the wrong line of code can make you end up with a good old fashioned paperweight. I can verify Xposed works fine, Viper4Android works fine, and if you try to delete system apps, they will just reinstall themselves (I recommend using "System App Remover (ROOT)" on the play store, as it will actually tell you which apps are and aren't safe to install. If you have any questions, after searching of course, feel free to ask. If I can't answer, some freaking body can lol.
CREDITS:
@tech_yeet for showing us the KingRoot
@jcase for his amazing work
@xtremeasure for his method
@fire3element for his method
@the zMAX Community for staying dedicated when the going got tough, it's been a long road. Here's to custom roms and a TWRP recovery!
Please share this with others, as there is a big community of people begging for this info, let's share the love . If I forgot to credit you, let me know and I'll fix that!
ADDITIONAL INFORMATION
If you by some chance flash the TWRP Recovery Image (found in post 2), and would like to revert back to root ability (being able to write to system). Please follow the steps below:
1. cd /dev/block/platform/msm_sdcc.1/by-name
2. su
3. dd if=/sdcard/recovery.img of=recovery
4. reboot recovery
Please make sure you have the recovery in your sdcard root folder.
Alternate Root Methods and ZTE Custom ROMs/Kernels/etc
If the above first part doesn't work for you, you can find alternative root methods
Alternate Method 1 HERE
Alternate Method 2 HERE
As I see more added, I'll add them here.
CUSTOM STUFF
TWRP Image for ZTE ZMAX
Q&A/Other [UDPATED MAY 13, 2015 @ 5:45PM]
If A question is asked and you feel like it needs to be here, please tag or DM me with the Q AND THE A so that I can do so.
OTHER:
Original Discussion Thread for the ZTE ZMAX
Please see fire3element's post on what each screen in the KingRoot app means
WHAT THE SCREENS MEAN IN THE APP
That's a whole lot to swallow but I'm glad to see y'all can finally get rooted. Definitely not a method for noobs or the faint of heart but its a HUUUGE step in the right direction. Thanks to everyone responsible for this.
Hroark13 has TWRP - http://androidforums.com/threads/zte-zmax-twrp.918537/
mingolianbeef said:
Yep, you read that right and I'm not trolling. THE ZMAX IS ROOTED!!
Discaimer and N00Bproof warning:
We have root, yes, but that doesn't mean get hasty. At the moment, there are partition images (system, boot and recovery) in my and other users' possession (free of access to all), but we don't have a working recovery at the moment and this process involves deleting the stock recovery (it will make sense later). So, if you screw up and get root-happy, there's no way to recover until we get a recovery and a custom rom, and even then you might be screwed because we don't have access to the bootloader to use fastboot. Things may change, but root-use with caution.
Also, once you root, DO NOT TAKE ETAs from T-Mo and ZTE!!!!!!! Now that we have root, we can capture the OTA and make it root-friendly. To make a long story short, the updater-script (thing that tells your recovery where and how to flash stuff) has a list of stuff it has to... well... flash. If you, for example, delete the stock ZTE Music app, and the ETA replaces the app with a new version, it's going to stop (because the script requires a REPLACEMENT and not a PLACEMENT, computers don't have the best common sense), then it will interrupt and you will likely be bricked. This shouldn't be a problem because you don't have a recovery to begin with, but I'm not taking chances here.
NOW! Let's Root. This is a long process, so don't expect to do anything for a good 10-20 minutes.
FIRST: KINGROOT
This is one of those things where your mileage may very, there have been many different ways to get KingRoot (not King"O"Root, two different apps) to work, but this one was the one that worked for me. I'll also place alternate KingRoot methods in the second post if you wanna try those. Just for the sake of knowledge, this was run on a T-Mobile ZTE ZMAX, Android 4.4.2, build 22. I don't know if it makes a difference that I factor reset my phone before doing another round of root attempts (not this one specifically, maybe a couple hours worth of attempts).
Credits to @fire3element for this method.
If you did it correctly, the screen from a successful root will have a blue envelope with a checkmark. Run RootChecker to verify root status.
SECOND: PERMA-ROOT
Now you need to permanently root the phone. This method was all @jcase, and simplified by another user. I encourage you to read JCase's original G+ post to learn something, as this guy is the master of exploits, and we are on XDA to learn.
Credits to @xtremeasure for the simplification of JCase's process.
Now, you are rooted! If you did everything right, you should be good. Now people are going to ask, "Is there a script for this?" The short answer is No, don't hold your breath for something immediate. There was a user that said he would be happy to make one for the second half, but the writing, testing and verification of success alone on that will take some time, as the wrong line of code can make you end up with a good old fashioned paperweight. I can verify Xposed works fine, Viper4Android works fine, and if you try to delete system apps, they will just reinstall themselves (I recommend using "System App Remover (ROOT)" on the play store, as it will actually tell you which apps are and aren't safe to install. If you have any questions, after searching of course, feel free to ask. If I can't answer, some freaking body can lol.
CREDITS:
@tech_yeet for showing us the KingRoot
@jcase for his amazing work
@xtremeasure for his method
@fire3element for his method
@the zMAX Community for staying dedicated when the going got tough, it's been a long road. Here's to custom roms and a TWRP recovery!
Please share this with others, as there is a big community of people begging for this info, let's share the love . If I forgot to credit you, let me know and I'll fix that!
Click to expand...
Click to collapse
I have followed EVERYTHING step by step over and over again, and yet i still cant get this to work.
Basically, everything is fine up until reboot recovery.
it goes into android, but i dont start off as root, i start off as if i wasnt rooted, and i always have to do "su" to gain privledges.
afterwards, mount -o remount,rw /system/ does work but i cant write to it still for some reason.
has anyone else gotten this!? have any of you got a clue how to fix?
Here is some more info for those of you wondering what the KingRoot app is doing.
Screenshots will follow.
Text ABOVE the screenshot is for the image directly under it.
Let's begin -------------->
FIRST SCREEN WHEN YOU OPEN KINGROOT
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
SECOND SCREEN
- CLICK BUTTON TO BEGIN ROOT -
ROOTING IN PROGRESS...
ROOT FAILURE
[Blue Button]: SUBMIT (submits the error report to KingRoot devs)
ROOT FAILURE
ROOT FAILURE
NO DATA CONNECTION (WiFi or cellular singnal required)
[Blue Button]: ANDROID SETTINGS MENU
SUCCESSFUL ROOT
IF YOU SEE THIS MESSAGE POP UP DURING ROOTING, JUST LEAVE IT ALONE. LET THE ROOT FINISH
SUCCESSFUL ROOT
[trash can]: [...]: [...]:
SUCCESSFUL ROOT
[Blue Button]: PURIFICATION (I believe this is similar to fixing permissions)
- CLICK IT AND LET IT RUN -
^ from clicking blue button above ^
PURIFICATION PROCESS
xIP- said:
I have followed EVERYTHING step by step over and over again, and yet i still cant get this to work.
Basically, everything is fine up until reboot recovery.
it goes into android, but i dont start off as root, i start off as if i wasnt rooted, and i always have to do "su" to gain privledges.
afterwards, mount -o remount,rw /system/ does work but i cant write to it still for some reason.
has anyone else gotten this!? have any of you got a clue how to fix?
Click to expand...
Click to collapse
Should just be mount -o remount,rw /system
No extra slash
Sent from my Z970 using XDA Free mobile app
---------- Post added at 04:40 PM ---------- Previous post was at 04:36 PM ----------
I would the recovery image restore commands added.. If people feel the need to recover and try again they should run these
cd /dev/block/platform/msm_sdcc.1/by-name
su
dd if=/sdcard/recovery.img of=recovery
reboot recovery
*edited to remove a potentially harmful commands per jcase's advice*
Sent from my Z970 using XDA Free mobile app
xtremeasure said:
Should just be mount -o remount,rw /system
No extra slash
Sent from my Z970 using XDA Free mobile app
---------- Post added at 04:40 PM ---------- Previous post was at 04:36 PM ----------
I would the recovery image restore commands added.. If people feel the need to recover and try again they should run these
cd /dev/block/platform/msm_sdcc.1/by-name
su
dd if=boot of=boot
dd if=/sdcard/recovery.img of=recovery
reboot recovery
Sent from my Z970 using XDA Free mobile app
Click to expand...
Click to collapse
even with just one slash I still have a problem
Sent from my Z970 using XDA Free mobile app
Ok, so I am about to flash back the stock recovery from my backup and see if I can go through all these steps again to figure out what is going wrong.
I have a theory as to where and why KingUser is locking down SU in xbin. After I restore stock recovery, I will then Factory Reset and attempt to log my progress.
Stay tuned and I will try to report back later today. Hopefully with more insight on this problem.
@xIP-
Are you talking about pushing "su" , "daemonsu" , and "install-recovery.sh" files to /system ?
Keeps saying permission denied?
If that is the case, you can not. KingUser has a lock on system and is already in place as SU in /system/xbin
You will most likely need to factory reset and try again.
---------- Post added at 12:57 PM ---------- Previous post was at 12:37 PM ----------
UPDATE UPDATE!!!
Do not run the dd if=boot of=boot command
Could brick your device. As per Jcase warning. Wait for more info
fire3element said:
Ok, so I am about to flash back the stock recovery from my backup and see if I can go through all these steps again to figure out what is going wrong.
I have a theory as to where and why KingUser is locking down SU in xbin. After I restore stock recovery, I will then Factory Reset and attempt to log my progress.
Stay tuned and I will try to report back later today. Hopefully with more insight on this problem.
@xIP-
Are you talking about pushing "su" , "daemonsu" , and "install-recovery.sh" files to /system ?
Keeps saying permission denied?
If that is the case, you can not. KingUser has a lock on system and is already in place as SU in /system/xbin
You will most likely need to factory reset and try again.
---------- Post added at 12:57 PM ---------- Previous post was at 12:37 PM ----------
UPDATE UPDATE!!!
Do not run the dd if=boot of=boot command
Could brick your device. As per Jcase warning. Wait for more info
Click to expand...
Click to collapse
Remember remove kinguser after you run the dd commands but before you reboot recovery...
Sent from my Z970 using XDA Free mobile app
xtremeasure said:
Remember remove kinguser after you run the dd commands but before you reboot recovery...
Click to expand...
Click to collapse
Just so this is clear... full Root uninstall through the KingUser app, or just uninstall it through android app settings menu.
^ In case someone else has the same question ^
fire3element said:
Just so this is clear... full Root uninstall through the KingUser app, or just uninstall it through android app settings menu.
^ In case someone else has the same question ^
Click to expand...
Click to collapse
I would do a full root uninstall....
The backdoor keeps root for adb so installing the new su shouldn't be an issue
Sent from my Z970 using XDA Free mobile app
Got it. Will report back after this headache is done. *slams head on desk*
I just read the boot flash advice, I am not going to do it because I know that's a stupid idea, but if it does in fact let us flash boot.IMG, omg overclocking, custom kernels, full read write, awesome recovery, dual boot custom Roms with custom kernels here we come.
Unlocked boot.IMG
Can you Ya hoooouoo
And subscribed.
Sent from my Z970
[email protected]:/ # id
uid=0(root) gid=0(root) context=u:r:init:s0
fire3element said:
Ok, so I am about to flash back the stock recovery from my backup and see if I can go through all these steps again to figure out what is going wrong.
I have a theory as to where and why KingUser is locking down SU in xbin. After I restore stock recovery, I will then Factory Reset and attempt to log my progress.
Stay tuned and I will try to report back later today. Hopefully with more insight on this problem.
@xIP-
Are you talking about pushing "su" , "daemonsu" , and "install-recovery.sh" files to /system ?
Keeps saying permission denied?
If that is the case, you can not. KingUser has a lock on system and is already in place as SU in /system/xbin
You will most likely need to factory reset and try again.
---------- Post added at 12:57 PM ---------- Previous post was at 12:37 PM ----------
UPDATE UPDATE!!!
Do not run the dd if=boot of=boot command
Could brick your device. As per Jcase warning. Wait for more info
Click to expand...
Click to collapse
Is there anyway to do it without a factory reset? Could I just remove kinguser? or it must be factory reset? and will I have to reroot with factory reset?
Sent from my Z970 using XDA Free mobile app
Sorry guys, kinda been running around all day, have a lot of catching up to do I see. I'll fix the thread with updated information that people have so generously contributed!
DroidisLINUX said:
I just read the boot flash advice, I am not going to do it because I know that's a stupid idea, but if it does in fact let us flash boot.IMG, omg overclocking, custom kernels, full read write, awesome recovery, dual boot custom Roms with custom kernels here we come.
Unlocked boot.IMG
Can you Ya hoooouoo
And subscribed.
Sent from my Z970
[email protected]:/ # id
uid=0(root) gid=0(root) context=u:r:init:s0
Click to expand...
Click to collapse
I know right!!! First hurdle... done... second hurdle, bootloader with no fastboot lmao...
a bit unclear on this
are we actually rebooting into recovery or its supposed to go straight back into the phone
i was never able to get into recovery
10) type "reboot recovery" and restart your phone. YOU MUST RESTART WITH THIS COMMAND!!!!! It will boot straight into Android, this is good, that means you haven't screwed up anything.
"cat /data/local/tmp/su > /system/xbin/su"
"cat /data/local/tmp/install-recovery.sh > /system/etc/install-recovery.sh"
getting permission denied when running this.
"chmod 755 /system/xbin/su"
"chmod 755 /system/etc/install-recovery.sh"
as well as operation denied or something along those lines. any help would be nice. also and running id on adb. its showing.
uid=0(root) gid=0(root) context=u:r:init:s0
rather than
uid=0(root) gid=0(root) context=u:r:shell:s0
xIP- said:
I have followed EVERYTHING step by step over and over again, and yet i still cant get this to work.
Basically, everything is fine up until reboot recovery.
it goes into android, but i dont start off as root, i start off as if i wasnt rooted, and i always have to do "su" to gain privledges.
afterwards, mount -o remount,rw /system/ does work but i cant write to it still for some reason.
has anyone else gotten this!? have any of you got a clue how to fix?
Click to expand...
Click to collapse
You have to exit adb shell to push files to /data/local/tmp, which does not require root. That was a major exploit in earlier android versions, as people would push scripts to /data/local/tmp without root, run the exploit in the directory, and it would root. That was patched of course, but that directory can be accessed without root. Once you use "reboot recovery" to reboot, then just plug your phone back up and type "adb shell" to which the phone should respond with a "#" instead of a "$". If you have the $, you are not root and need to go back. If you do, just be patient with it and make sure you are not just copying and pasting (I know this can be the root of the issue at times with command, just type it out). It should work, the second half is the easy part lol.
I have Termux and SuperSU installed on an android 8 old console, I am able to use su in terminal, when su command is executed, SU manager pops a window for permission, if I accept, terminal user goes into su. I installed tsu package, and when I try to run any command with sudo <command>, this error shows:
Code:
/data/data/com.termux/files/usr/bin/sudo: line 304: /sbin/su: No such file or directory
No superuser binary detected.
Are you rooted?
I noticed the su binary file is under the termux app location, /data/data/com.termux/files/usr/bin/su. And I checked the sudo script under /data/data/com.termux/files/usr/bin/sudo, all su related path reference are pointing to /sbin/su, knowing that I can try to modify the script to point to the su binary under termux path, or try to make /sbin/ writable and copy su file there.
But this way seems very sketchy, I haven't try those yet, just want to know is this the right way to deal with this problem?
Here are some extra info, in case they are relevant.
1. The device is a Xiaomi MI 5, gemini, running an official MIUI rom dev ver, bootloader unlocked, rooted before. But this issue seems more of general root and app problem so I posted here...
2. I flashed a Floppy kernel for Oreo, according to author's post, root is expected to be deleted, user should install root after kernel flashed, that is what I did.
3. After 2, adb root stops to work, not giving any error, but su won't be activated when adb shell is opened, but I am able to run su in the shell, permission window will pop on phone, after granted, it's su in PC terminal. This su is under /su/bin/su
4. Usually Miui has it's own security center where I can manage root permission, but after 2, it just shows bootloader is not unlocked, and apparently it shows it's unlocked when I try to unlock it again in fastboot.
I'm thinking...may be the default su (the one i get when i use MIUI's root manager) is under /sbin/su, that's why tsu is referring to that path, and adb root would referring to it as well, but it's not there now, because SuperSU is installing su at /su/bin/su? Not sure if this theory is right...
Any ideas? Thanks!
You may try tsu. It is working for me.
Please, give it a try:
GitHub - cswl/tsu: Gain root shell on Termux.
Gain root shell on Termux. Contribute to cswl/tsu development by creating an account on GitHub.
github.com
VD171 said:
You may try tsu. It is working for me.
Please, give it a try:
GitHub - cswl/tsu: Gain root shell on Termux.
Gain root shell on Termux. Contribute to cswl/tsu development by creating an account on GitHub.
github.com
Click to expand...
Click to collapse
Can I get some help.....
Here is rest