Related
Okay, so I've noticed that this rooting method is a little unconventional. It works through a compromised Fota.pkg which has setuid on /system/bin/sh as root. This is not a very safe, as any application that runs sh will gain root access to your system. Scary... :S Anyway, in order to fix this we need to take a few steps.
It is important that you do these in order, otherwise you may lose root access
Install a proper SU with whitelist
1. Download http://bit.ly/aWgALL
2. Unzip the system folder.
3.
Code:
adb shell mount -o remount,rw -t yaffs2 /dev/block/mtdblock2 /system
adb push system/bin/su /sdcard/su
adb push system/app/Superuser.apk /sdcard/Superuser.apk
adb shell dd if=/sdcard/su of=/system/bin/su
adb shell dd if=/sdcard/Superuser.apk of=/system/app/Superuser.apk
adb shell chmod 6777 /system/bin/su
adb shell chmod 644 /system/app/Superuser.apk
4. Reboot your phone.
Fix sh to not setuid to root
1.
Code:
adb shell mount -o remount,rw -t yaffs2 /dev/block/mtdblock2 /system
adb shell chmod 0755 /system/bin/sh
Properly install busybox
1. Here, it's easier to look for the busybox installer app from the market and then install from there. If you did everything correctly, then after you hit install in the busybox app a prompt will come up asking you to allow the app to have root. Hit allow.
You're done!
this might be stupid questions, i know. But where should I unzip the system folder that mentioned to? And where to type those command?
chai_archer said:
this might be stupid questions, i know. But where should I unzip the system folder that mentioned to? And where to type those command?
Click to expand...
Click to collapse
If you followed the root guide you can put it in the step 4 folder.
Then hit windows key + r and in the box type CMD
A console window comes up.
in the console window type cd <path.to.your.step.4.folder>
then go from there.
zephyrix said:
Properly install busybox
1. Here, it's easier to look for the busybox app from the market and then install from there. If you did everything correctly, then after you hit install in the busybox app a prompt will come up asking you to allow the app to have root. Hit allow.
You're done!
Click to expand...
Click to collapse
i did everything as mentioned but it dint ask me for permission wen installin busybox is it because i had it installed sometime before runnin this guide?
yea i knw im a noob after all
bcool15 said:
i did everything as mentioned but it dint ask me for permission wen installin busybox is it because i had it installed sometime before runnin this guide?
yea i knw im a noob after all
Click to expand...
Click to collapse
yep.
if you check the superuser app it should already be there.
zephyrix said:
yep.
if you check the superuser app it should already be there.
Click to expand...
Click to collapse
all i see in superuser app is titanium backup pro
that's strange. does busybox report that it's installed?
zephyrix said:
that's strange. does busybox report that it's installed?
Click to expand...
Click to collapse
nope it doesnt
well i tried all this and now i lost my root. Did EXACTLY what's written. Anyway to reverse this and get my root back?
unknown13x said:
well i tried all this and now i lost my root. Did EXACTLY what's written. Anyway to reverse this and get my root back?
Click to expand...
Click to collapse
i think i lost mine too but to reactivate there is command or prolly i just messed up summmwhere n redid my whole root with v3 update
bcool15 said:
i think i lost mine too but to reactivate there is command or prolly i just messed up summmwhere n redid my whole root with v3 update
Click to expand...
Click to collapse
use "su" to get root access... allow when the Superuser Whitelist notification pops up.
it worked for me....followed the steps, after i downloaded the busybox app i opened it and a box popped up "Superuser Request", it had discription of the busybox app and then asked whether to allow or deny the request....i then checked the superuser app and was able to see the busybox app in thr....
can anyone confirm if these steps were added in the new root method? please
bcool15 said:
can anyone confirm if these steps were added in the new root method? please
Click to expand...
Click to collapse
I'd like to know that too, I mean, in 2v2 do we still need to do the whitelist thing?
root in adb
I tried this on the last root (ROOT_F2v2) and I lost root in adb..
I still had regular root
I had to revert it back with "chmod 6777 /system/bin/sh" to get adb do admin task again.. (I use adb regularly)
Does anyone know how to secure sh and still have root in adb?
Regards.
th4r said:
I tried this on the last root (ROOT_F2v2) and I lost root in adb..
I still had regular root
I had to revert it back with "chmod 6777 /system/bin/sh" to get adb do admin task again.. (I use adb regularly)
Does anyone know how to secure sh and still have root in adb?
Regards.
Click to expand...
Click to collapse
adb shell su
And after superuser popup add "unknown application" to the whitelist.
Chillest said:
adb shell su
And after superuser popup add "unknown application" to the whitelist.
Click to expand...
Click to collapse
Yes that give me root in adb shell but adb is still running unprivileged.
I believe it's because we can't patch the bootloader yet, so we still have getprop ro.secure 1. :'(
I did a little script to toggle setuid on /system/bin/sh when I'm doing root stuff from adb
Sent from my rooted X10i
I have installed this to protect the system.
The only concern I have is i cannot run for example my cleaning script.
If i type into cmd ;
"adb shell su" it comes up with a # and freezes. If i type in
"adb shell<enter>
su" it works fine. and i can paste all the commands in line by line.
If i do either in a bat or cmd file it crashes. How do i run scripts as su
Here are the answers....
bcool15 said:
can anyone confirm if these steps were added in the new root method? please
Click to expand...
Click to collapse
No they were not. The reason is that many of the rooting steps rely on a setuid "sh"
gfgodoy said:
I'd like to know that too, I mean, in 2v2 do we still need to do the whitelist thing?
Click to expand...
Click to collapse
Yes
Chillest said:
adb shell su
And after superuser popup add "unknown application" to the whitelist.
Click to expand...
Click to collapse
So what? The uid for the shell application launched after invoking "adb shell" is not going to match any of the installed applications anyways. The thing is that Superuser.apk installs a mechanism by which the user (human) can detect when an application is requesting root access. Based upon the nature of the application you may or may not want to grant root access. That is the whole point.
th4r said:
Yes that give me root in adb shell but adb is still running unprivileged.
I believe it's because we can't patch the bootloader yet, so we still have getprop ro.secure 1. :'(
I did a little script to toggle setuid on /system/bin/sh when I'm doing root stuff from adb
Sent from my rooted X10i
Click to expand...
Click to collapse
Oh yeah? I just use "su" whenever I want root access... and I didnt have to write any scripts to enable/disable it.
k1ckn1ck said:
I have installed this to protect the system.
The only concern I have is i cannot run for example my cleaning script.
If i type into cmd ;
"adb shell su" it comes up with a # and freezes. If i type in
"adb shell<enter>
su" it works fine. and i can paste all the commands in line by line.
If i do either in a bat or cmd file it crashes. How do i run scripts as su
Click to expand...
Click to collapse
Then you shouldn't be rooting in the first place. Take my advice, lay off the rooting. It definitely doesn't have anything that will be of advantage to you.
j4mm3r said:
Then you shouldn't be rooting in the first place. Take my advice, lay off the rooting. It definitely doesn't have anything that will be of advantage to you.
Click to expand...
Click to collapse
easy now, it's a fair question, would be nice to be able to run cleaning scripts on a protected system. no need to be a prick
in answer to the question though, once the batch starts adb shell, it won't continue till that process ends
I did some googling for some comandline tools that might allow sending keystrokes to a process, but nothing easy appeared, looks like your only option is to use a linux friendly notepad to create some shell scripts you can execute from the sdcard. i.e. on device
su
chmod 755 /sdcard/myscript.sh
./sdcard/myscript.sh
easiest way to do scripts on a secured root IMO
i need to pull and push some system files in my phone for that i need to enter recovery mode in my xperia sola.please help to enter recovery mode.my phone is rooted.thanks in advance :good:
dviraj00 said:
i need to pull and push some system files in my phone for that i need to enter recovery mode in my xperia sola.please help to enter recovery mode.my phone is rooted.thanks in advance :good:
Click to expand...
Click to collapse
I think you dont need to put your device to recovery mode. Just use adb shell
to pull: (no need superuser privileges)
ex: format: adb pull [location of the file in the device] [to where the file is save locally]
adb pull /system/xbin/su c:
Click to expand...
Click to collapse
to push: (need su) since you rooted then:
adb shell
su
mount -o remount,rw /dev/block/stl9 /system
chmod 777 /system/app
then exit from devices, go to your command prompt and type:
adb push <local> <remote>
Click to expand...
Click to collapse
Hope it helps
capsule46 said:
I think you dont need to put your device to recovery mode. Just use adb shell
to pull: (no need superuser privileges)
to push: (need su) since you rooted then:
Hope it helps
Click to expand...
Click to collapse
thank you mate bt i am just a noob and dont know how to use adb shell.can u tell me plzz.this will save my relationship,plz mate
Hi, sorry for late reply
I assume you have installed your device driver properly
Then install android sdk: go to developer.android.com/sdk
Follow the step to install it. If you done it properly,you will find adb command in folder installation name platform-tools
Use it in command prompt. You can type adb /? to learn its capability.
Or you just go frok my post earlier
Hope it helps
Sent from my GT-N7100 using Tapatalk 2
I want Terminal Emulator to run the following every time I boot up:
adb shell
su
cat /sys/devices/virtual/sensors/proximity_sensor/prox_cal
is it possible to create a file or app that automatically runs that?
Alternatively, if someone can find a way for me to call without the screen shutting off I would appreciate it.
I recently rooted and flashed a custom ROM, and there's no option to disable proximity during calls.
Tsukihi said:
I want Terminal Emulator to run the following every time I boot up:
adb shell
su
cat /sys/devices/virtual/sensors/proximity_sensor/prox_cal
is it possible to create a file or app that automatically runs that?
Click to expand...
Click to collapse
Yes. You can write shell scripts. I meant .sh files if I'm not wrong.
Sent from my H30-U10 using Tapatalk 2
Q&A for [GUIDE] New Root Method for LG Devices
Some developers prefer that questions remain separate from their main development thread to help keep things organized. Placing your question within this thread will increase its chances of being answered by a member of the community or by the developer.
Before posting, please use the forum search and read through the discussion thread for [GUIDE] New Root Method for LG Devices. If you can't find an answer, post it here, being sure to give as much information as possible (firmware version, steps to reproduce, logcat if available) so that you can get help.
Thanks for understanding and for helping to keep XDA neat and tidy!
Help
Unjustified Dev said:
Unlocking boot loader if possible
Open a command prompt in LG_Root
Copy fastboot.exe into LG_Root folder found in the attached zip
1.) Start an ADB shell
Code:
adb.exe shell
2.) In ADB shell ask for root permission (Grant shell access via the SuperSU pop-up)
Code:
su
3.) Dump the LAF partition to sdcard (We want to be able to restore Download mode)
Code:
dd if=/dev/block/platform/msm_sdcc.1/by-name/laf of=/sdcard/laf.img
4.) Remove LAF partition
Code:
dd if=/dev/zero of=/dev/block/platform/msm_sdcc.1/by-name/laf
5.) To exit ADB shell, type "exit" twice in shell
6.) Store the image on our PC
Code:
adb.exe pull /sdcard/laf.img
7.) Go into download mode (It will fail due to the empty LAF partition and will fall back to fastboot)
Detect if the device is connected (Wait for any drivers to install)
Code:
fastboot.exe devices
To unlock the boot loader
Code:
fastboot.exe oem unlock
You may choose to keep fastboot or you can put LAF partition back on for download mode
Code:
fastboot.exe flash laf laf.img
Click to expand...
Click to collapse
When I try to open Send_Command it doesnt open. I have COM 3
Cawos said:
When I try to open Send_Command it doesnt open. I have COM 3
Click to expand...
Click to collapse
More details please. Are you in download mode? Do you have drivers installed? What's the output of the command
Send_Command.exe \\.\COM3
Unjustified Dev said:
More details please. Are you in download mode? Do you have drivers installed? What's the output of the command
Send_Command.exe \\.\COM3
Click to expand...
Click to collapse
Alright so first of all I dont really know all this stuff about android and what not. Yes I am in download mode, and yes I did everything. When I open it, it just closes right away. I also have the other cmd window still open btw Forget what I said, when I put in the command it says
SPECIAL COMMAND : ENTER,LEAVE
Cawos said:
Alright so first of all I dont really know all this stuff about android and what not. Yes I am in download mode, and yes I did everything. When I open it, it just closes right away. I also have the other cmd window still open btw Forget what I said, when I put in the command it says
SPECIAL COMMAND : ENTER,LEAVE
Click to expand...
Click to collapse
That's what it's suppose to say and you should see a # symbol
when you see the # symbol
copy and paste
Code:
sh /data/local/tmp/lg_root.sh dummy 1 /data/local/tmp/UPDATE-SuperSU-v2.46.zip /data/local/tmp/busybox
it will look like #sh /data/local/tmp/lg_root.sh dummy 1 /data/local/tmp/UPDATE-SuperSU-v2.46.zip /data/local/tmp/busybox
press enter and your good to go.
Unjustified Dev said:
That's what it's suppose to say and you should see a # symbol
when you see the # symbol
copy and paste
Code:
sh /data/local/tmp/lg_root.sh dummy 1 /data/local/tmp/UPDATE-SuperSU-v2.46.zip /data/local/tmp/busybox
it will look like #sh /data/local/tmp/lg_root.sh dummy 1 /data/local/tmp/UPDATE-SuperSU-v2.46.zip /data/local/tmp/busybox
press enter and your good to go.
Click to expand...
Click to collapse
Thanks! But dont I have to download super user or something like that?
Cawos said:
Thanks! But dont I have to download super user or something like that?
Click to expand...
Click to collapse
It's in the folder you've been working in the whole time. The script you just ran took care of everything. When you boot your device you will have supersu installed.
I get to the rooting script part and once I hit enter it tells me that only SuperSU was installed. Can anybody give me some advice to what it is I'm doing wrong?
UnifiedDev37 said:
I get to the rooting script part and once I hit enter it tells me that only SuperSU was installed. Can anybody give me some advice to what it is I'm doing wrong?
Click to expand...
Click to collapse
Could you post a screen shot I need to know exactly what you mean.
Unjustified Dev said:
Could you post a screen shot I need to know exactly what you mean.
Click to expand...
Click to collapse
I must've forgotten to add the image, my bad
UnifiedDev37 said:
I must've forgotten to add the image, my bad
Click to expand...
Click to collapse
That's the correct output , but it looks like you need to push files again. It should work the second time around.
Can this work for the att model?
Sent from my LG-D850 using XDA Free mobile app
southern87 said:
Can this work for the att model?
Sent from my LG-D850 using XDA Free mobile app
Click to expand...
Click to collapse
Let me know, there's no risk in trying it. If it worked for Verizon I would count on it working for AT&T
Unjustified Dev said:
That's the correct output , but it looks like you need to push files again. It should work the second time around.
Click to expand...
Click to collapse
Just tried it again, same output but when I open root checker it tells me that my device doesn't have proper root privileges
Unjustified Dev said:
Let me know, there's no risk in trying it. If it worked for Verizon I would count on it working for AT&T
Click to expand...
Click to collapse
Do i need to have kk or lp installed?
Sent from my LG-D850 using XDA Free mobile app
southern87 said:
Do i need to have kk or lp installed?
Sent from my LG-D850 using XDA Free mobile app
Click to expand...
Click to collapse
Works on both
UnifiedDev37 said:
Just tried it again, same output but when I open root checker it tells me that my device doesn't have proper root privileges
Click to expand...
Click to collapse
Maybe your not copying the full command correctly
when you start Send_Command.exe
copy this you should have 3 files
ls -l /data/local/tmp
if they exist copy and paste
sh /data/local/tmp/lg_root.sh dummy 1 /data/local/tmp/UPDATE-SuperSU-v2.46.zip /data/local/tmp/busybox
Unjustified Dev said:
Maybe your not copying the full command correctly
when you start Send_Command.exe
copy this you should have 3 files
ls -l /data/local/tmp
if they exist copy and paste
sh /data/local/tmp/lg_root.sh dummy 1 /data/local/tmp/UPDATE-SuperSU-v2.46.zip /data/local/tmp/busybox
Click to expand...
Click to collapse
I ran ls -l /data/local/tmp and the three files were there but when I copied and pasted sh /data/local/tmp/lg_root.sh dummy 1 /data/local/tmp/UPDATE-SuperSU-v2.46.zip /data/local/tmp/busybox it gives same output and still no root
UnifiedDev37 said:
I ran ls -l /data/local/tmp and the three files were there but when I copied and pasted sh /data/local/tmp/lg_root.sh dummy 1 /data/local/tmp/UPDATE-SuperSU-v2.46.zip /data/local/tmp/busybox it gives same output and still no root
Click to expand...
Click to collapse
Have you tried exiting download mode and starting over?
Unjustified Dev said:
Have you tried exiting download mode and starting over?
Click to expand...
Click to collapse
I've tried that multiple times
I'm trying to make an AOSP ROM, and while doing so, I now have a dysfunctional bootloader. If your tablet is rooted, please duplicate the boot.img from your system and share it with me. Would very much appreciate.
Instructions:
Use CMD and paste these 2 lines:
adb shell "dd if=/dev/block/platform/soc.0/by-name/boot of=/sdcard/boot.img"
adb pull /sdcard/boot.img
Then from ADB directory, upload to somewhere easily accessible.
Does it matter if we have updated to 7.0 or not? I'm rooted and have updated to 7.0 and would be happy to help.
That would actually be a good idea. The ROM is supposed to be 7.0.0 anyways.
Running the first command comes up as " no such file or directory"
Do you already have ADB?
mr_verystock said:
Do you already have ADB?
Click to expand...
Click to collapse
Yep. I do adb devices to make sure it recognizes the tablet and all is good there.
Maybe so I'm the same page i just open up ADB as normal : open the command prompt in my platform tools. I paste the first line in : adb shell "dd if=/dev/block/platform/soc.0/by-name/boot of=/sdcard/boot.img" I get no file or directory.
Unable to get the dumb file:
adb shell "dd if=/dev/block/platform/soc.0/by-name/boot of=/sdcard/boot.img"
dd: /dev/block/platform/soc.0/by-name/boot: No such file or directory
Edit: does a backup from the recovery could make the task done ? I backup the boot from the TWRP and I get a file of 32Mb with the name: boot.emmc.win
adb shell
cd /dev/block/platform
ls
And tell me the output. I appreciate your help!
mr_verystock said:
adb shell
cd /dev/block/platform
ls
And tell me the output. I appreciate your help!
Click to expand...
Click to collapse
Nothing, it returns an empty result
Unusual... Normally there's soc.0 or msm_sdcc.1.
mr_verystock said:
Unusual... Normally there's soc.0 or msm_sdcc.1.
Click to expand...
Click to collapse
That command never worked for me on this tablet. Yes the default kernels is 32mb.
You can get it from twrp backup as .win and then rename it (if it is not compressed) or use AUT or SuperR's kitchen to obtain it.
Another method would be flashifire>backup.
Im still on MM so I can not help you.
Try these: https://drive.google.com/file/d/0Bz54O_w1LEYpQ1k0aDVHX29NbkE/view?usp=sharing
the rooted files I grabbed from TWRP backup, should be idential to the ones get using dd method.
the stock files I extracted from stock kdz file using WindowsLGFirmwareExtract-1.2.6.1-Release