Related
HOW-TO Root the Slide
(MAC OSX FLAVORED) KAPOWWW!!!!
&
Android SDK on Mac
STEP 1.
Download Android SDK from here.
STEP 2.
Unzip it. Place the folder it creates in your Documents folder and rename it AndroidSDK or SDK. (Something Easy)
SUCCESS!!! Android SDK Installed… //WTF!!??!!
STEP 3.
Download This Package > Slide Root.zip
Place the Contents of "Slide Root.zip" into your Android SDK Tools folder.
(These five files need to be placed DIRECTLY into the AndroidSDK/tools/ folder)
STEP 4.
RENAME Loop.bat to Loop.sh, then right click, open with TEXTEDIT.
Delete it’s contents and replace it with
#!/bin/bash
while [ 1 ]
do
adb devices
done
Save and Close the File.
STEP 5.
On your Slide, GO TO Settings > Application > Development and turn on USB Debugging.
This should save you headaches.
NOW… Power Off the Slide
STEP 6.
OPEN Terminal
(APPLE + SPACE and type Terminal, press enter.)
Now, CD to the SDK/Tools Directory.
It should be where we left it.
/Users/YOURUSERNAME/Documents/AndroidSDK/tools/
Terminal SHOULD open with it already in your USERNAME
Type cd Documents/AndroidSDK/tools/
STEP 7.
Power On the Slide into the Bootloader by Holding Down ( Volume Down + Power Button )
STEP 8.
NOW run your loop file (the one we made earlier)
The Terminal should be all queued up to the Tools folder.
Type in ./loop.sh
(The Terminal should be blowing up with List of Devices Attached over and over)
STEP 9.
Once your loop is running, select Recovery from the bootloader menu.
(Volume UP & DOWN to change selection and POWER to Select)
STEP 10.
When recovery loads, you should Have an Offline Device.
The Slide’s screen will have a picture of a Phone and RED triangle around a !
(Don’t freak out, this is a good thing.)
Hit Ctrl + C to stop your script & see.
If this doesn't happen, Power Off and try again from STEP 7.
STEP 11.
Un-plug your USB cable from your Slide & Plug it back in for it to Detect ADB Correctly!!!
IMPORTANTE!!!
At this point you can adb devices to see if it detects your device and that it is in recovery mode.
Type into Terminal ./adb devices
If it says recovery you are golden and move onto STEP 12 to kick the habit.
If not, rinse and repeat from STEP 7.
STEP 12.
Select Update.zip from the menu. (This will fail, but we already know that! Select it anyway).
STEP 13.
Type into Terminal
./adb push ota.zip /sdcard/update.zip
STEP 14.
Type into Terminal
./adb push slideroot.zip /sdcard
STEP 15.
MUY IMPORTANTE!!!
Have this Command ready in your Terminal before applying update.zip again!!
./adb push update.zip /sdcard
STEP 16.
On your Slide, Hit run update.zip
As soon as you see A Little Bar appear behind the text
Push ENTER to execute the Terminal command
(./adb push update.zip /sdcard )
STEP 17.
If successful, you should see Clockwork Recovery.
If unsuccessful, repeat steps 13-16.
STEP 18.
In Clockworkmod Recovery,
Go to the Partitions menu and Mount System
(It should be at the top and the only one not mounted.)
STEP 19.
Go one level back & select install any zip from sdcard.
Select slideroot.zip & apply update from zip
(This will finish the Root process).
STEP 20.
Reboot your phone & wait for it to load completely.
To confirm that your slide is connected as a device use the command ./adb devices
If this works, you will see it as a device. Your prompt will say something like:
$ ./adb devices
List of devices attached
HT05YUP12710 device
STEP 21.
./adb install Superuser.apk
(If it says it cannot locate directories, make sure you can find your device
using ./adb devices… If things still don't work, my best advice is to start over)
STEP 22.
After Superuser is installed try to use adb to shell to your device.
Type in Terminal
./adb shell
you will get a $
Then type su
On the Slide, Superuser should pop-up asking if you give permission, do so.
In Terminal, your $ should turn into a #. If so, you have root. WOOT!!!
Original SHOUT OUTS!!!
Special Thanks to:
Paul O'Brien:
Koushik K. Dutta:
&
The Guys using the Incredible OTA Spoofing Method
&
ChiefzReloaded for Huge amount of Suggestion & Brain Storming.
But most of all, you should thank eugene373 for rooting the slide and not sleeping for two days.
His original post is here.
sk8rbebop said:
STEP 14.
Type into Terminal
./adb push slideroot.zip
Click to expand...
Click to collapse
should it not be:
./adb push slideroot.zip /sdcard
Also...
sk8rbebop said:
STEP 15.
VERY IMPORTANTE!!!
Click to expand...
Click to collapse
Should be:
MUY IMPORTANTE!!!
I don't understand the need for a separate post when the only difference between osx and windows is that osx uses a shell script and windows a batch file and osx is discussed in the post about rooting.
nerdcorerising said:
I don't understand the need for a separate post when the only difference between osx and windows is that osx uses a shell script and windows a batch file and osx is discussed in the post about rooting.
Click to expand...
Click to collapse
Five different people asked for it so they got it.
Thanks!
Thanks a bunch for the tutorial! We really do appreciate it. I just had a couple questions about 2 of the steps.
STEP 6.
OPEN Terminal
(APPLE + SPACE and type Terminal, press enter.)
Now, CD to the SDK/Tools Directory.
It should be where we left it.
/Users/YOURUSERNAME/Documents/AndroidSDK/tools/
Terminal SHOULD open with it already in your USERNAME
Type cd Documents/AndroidSDK/tools/
I got lost where it says "Now, CD to the SDK/Tools Directory." I do not really know what the CD means and what I should be typing into Terminal?
Also should my phone already be plugged in to my Mac?
Please let me know and thanks!
Thanks a bunch for this tutorial. I am about to try to ROOT, it should go over smoothly. Now from the ROOT what else have you guys been doing to you're Slide? I know Cyanogen has not said much, that is who I used for my myTouch 3G and my G1.
Click to expand...
Click to collapse
I flashed the Eng Build, then SlideMEROOT2 and then the new radio (you need this). Just follow the how-to's already posted, but remember to type ./ before the commands in Terminal.
Ex. ./adb devices Instead of adb devices.
There were a couple people who were trying to keep their original stock rom, but slidemeroot2 is basically the original rom. Plus, someone posted the original stock backup, so flash away.
-------------------------------------
Sent via the XDA Tapatalk App
this is wrong
#!/bin/bash
while [ 1 ]
do
adb devices
done
it should be
#!/bin/bash
while [ 1 ]
do
./adb devices
done
shadowleo85 said:
this is wrong
#!/bin/bash
while [ 1 ]
do
adb devices
done
it should be
#!/bin/bash
while [ 1 ]
do
./adb devices
done
Click to expand...
Click to collapse
It's no more "wrong" than your code...
The first assumes that you've configured your shell to link the "adb" command to the adb "app" in the sdk/tools directory. Your code assumes that you will be activating the script while "within" that very directory.
The code, IMHO, should read:
Code:
...
[PATH TO SDK/TOOLS/]adb devices
...
And the OS X user should be instructed to insert their own path.
HebrewToYou said:
It's no more "wrong" than your code...
The first assumes that you've configured your shell to link the "adb" command to the adb "app" in the sdk/tools directory. Your code assumes that you will be activating the script while "within" that very directory.
The code, IMHO, should read:
Code:
...
[PATH TO SDK/TOOLS/]adb devices
...
And the OS X user should be instructed to insert their own path.
Click to expand...
Click to collapse
WRONG the code running in the shell is to continuously run adb devices... which to do so correctly would have to be implemented with ./ in front to run correctly on a mac... dont try to correct what is right i will school u
and seeing as he clearly instructs u to place those apps within the tools folder and "cd" to it... means that the user should have those commands ready at hand which is included in the folder...
shadowleo85 said:
this is wrong
#!/bin/bash
while [ 1 ]
do
adb devices
done
it should be
#!/bin/bash
while [ 1 ]
do
./adb devices
done
Click to expand...
Click to collapse
Ur right.. that is the right way..
also for those of u having problems with the loop step where it never sticks... try a different memory card... i was having problems with the stock card... so i tried a different card and it worked perfectly... with no problems
shadowleo85 said:
and seeing as he clearly instructs u to place those apps within the tools folder and "cd" to it... means that the user should have those commands ready at hand which is included in the folder...
Click to expand...
Click to collapse
LOL. Okay, tough guy.
The fact is that the active directory in your terminal is irrelevant to the actual rooting process. If you want to argue about it, have at it. I really don't care.
Yes, in terminal you must type ./adb devices, but within the .sh you can just issue adb devices and it works just fine. It is because you are issuing a command from within a script and OS X understands you better when you use them.
As for the memory card trick everyone is perpetuating, tis but a superstition and whatever floats your boat, while you attempt to get adb to stick. When I rooted mine, it took five to ten tries. Rooting my girlfriend's, on the other hand, took nearly 15-20 min for it to catch.
sk8rbebop said:
Yes, in terminal you must type ./adb devices, but within the .sh you can just issue adb devices and it works just fine. It is because you are issuing a command from within a script and OS X understands you better when you use them.
As for the memory card trick everyone is perpetuating, tis but a superstition and whatever floats your boat, while you attempt to get adb to stick. When I rooted mine, it took five to ten tries. Rooting my girlfriend's, on the other hand, took nearly 15-20 min for it to catch.
Click to expand...
Click to collapse
within the shell command command it has to be ./adb devices or it fails at command line 4 which is the problem i was having until i changed it in the shell and it worked... along with a few others...
and as far as the memory card thats the issue... i tried 5 different memory cards one always worked the others never stuck... it may have something to do with the way the memory card is coded... my 16gb mem card out my hd2 is the only one that worked... not really a superstition
shadowleo85 said:
within the shell command command it has to be ./adb devices or it fails at command line 4 which is the problem i was having until i changed it in the shell and it worked... along with a few others...
and as far as the memory card thats the issue... i tried 5 different memory cards one always worked the others never stuck... it may have something to do with the way the memory card is coded... my 16gb mem card out my hd2 is the only one that worked... not really a superstition
Click to expand...
Click to collapse
The memory card has nothing to do with the rooting process whatsoever. With that said, a lot of the memory cards shipping with the slides are misformated. The first thing I did was backup my card, swap it out with a class 10 16 GB card and set up a 1GB ext4 partition. Then I copied the files back to the FAT partition and all was well.
HebrewToYou said:
The memory card has nothing to do with the rooting process whatsoever. With that said, a lot of the memory cards shipping with the slides are misformated. The first thing I did was backup my card, swap it out with a class 10 16 GB card and set up a 1GB ext4 partition. Then I copied the files back to the FAT partition and all was well.
Click to expand...
Click to collapse
yet with all the cards i tested which are formatted correctly and running perfectly on all my devices... and even tried useing my class 6 8gig with is partitioned for my og mytouch didnt work... dude stop trying to correct me i got this... worry bout ya own lil world
shadowleo85 said:
yet with all the cards i tested which are formatted correctly and running perfectly on all my devices... and even tried useing my class 6 8gig with is partitioned for my og mytouch didnt work... dude stop trying to correct me i got this... worry bout ya own lil world
Click to expand...
Click to collapse
Oy vey. Seriously? The rooting process is a hit or miss operation. Your sdcard doesn't even come into play for a second. You could probably remove the darn thing and be successful.
Please, for heaven's sake, just listen to sk8rbebop, myself or any of the numerous other people saying in no uncertain terms that the sdcard issue is a myth. Don't perpetuate something that is entirely unrooted in reality.
Sheesh...
HebrewToYou said:
Oy vey. Seriously? The rooting process is a hit or miss operation. Your sdcard doesn't even come into play for a second. You could probably remove the darn thing and be successful.
Please, for heaven's sake, just listen to sk8rbebop, myself or any of the numerous other people saying in no uncertain terms that the sdcard issue is a myth. Don't perpetuate something that is entirely unrooted in reality.
Sheesh...
Click to expand...
Click to collapse
how can it be unrooted in reality when in reality it works and im proving that... its mighty funny that it doesnt stick unless this specific memory card is in my device... and u stating that it doesnt come into play is wrong... when u load ur phone into bootloader it does check ur "memory card" for an nbh image which is where i believe the problem lies... it accesses ur memory card just like the og mytouch did to locate a gold card... dont argue with me when it is just another work around that just may work seeing as IM PROVING THAT IT DOES INDEED WORK
shadowleo85 said:
how can it be unrooted in reality when in reality it works and im proving that... its mighty funny that it doesnt stick unless this specific memory card is in my device... and u stating that it doesnt come into play is wrong... when u load ur phone into bootloader it does check ur "memory card" for an nbh image which is where i believe the problem lies... it accesses ur memory card just like the og mytouch did to locate a gold card... dont argue with me when it is just another work around that just may work seeing as IM PROVING THAT IT DOES INDEED WORK
Click to expand...
Click to collapse
Oy vey. Fine, believe what you want. What's *actually* helping you root the device is sticking gum on your nose, turning your baseball cap backwards, rubbing your lucky rabbit foot and reciting the pledge of allegiance. You just haven't realized it yet.
Stay crunchy.
HebrewToYou said:
Oy vey. Fine, believe what you want. What's *actually* helping you root the device is sticking gum on your nose, turning your baseball cap backwards, rubbing your lucky rabbit foot and reciting the pledge of allegiance. You just haven't realized it yet.
Stay crunchy.
Click to expand...
Click to collapse
dude wtf is ur problem... if it can possibly help someone whose having the issue y r u having such an issue with it
Hello everyone!
You may or may not know me, however I have secretly been working behind the scenes with ChiefzReloaded to learn how Android works. Together we have been trying to develop new ways to root the Slide, primarily because we both landed in a sticky situation that left us both without root and without a way to revert to root.
After many long hours of trying to restore my phone, I have now ported the exploid exploit to the MyTouch Slide! This means that you can gain root on any version of the Slide, INCLUDING the latest OTA! However, this isn't necessarily "easy" as in the One-Click Root program, but there are reasons for this. While Android is running we cannot write to /system and even if we force Linux to let us, the NAND protection will prevent Linux from completing the write!
To get started, please see the bottom of this post for the link and download it. You will want to download it to your computer and not your phone's SD card. Also, you will need the tools from the Android SDK. I would suggest extracting the file from my zip at the bottom of this page into the Android SDK's tools directory.
Extract the zip
Make sure your phone is in USB debugging mode AND you are in "Charge Only" mode.
Connect your phone to your computer.
Make sure you're in the same directory as where exploid is extracted before continuing to the next step.
Issue the following command: adb push exploid /sqlite_stmt_journals. Note: It MUST be in that directory - NO exceptions.
Run: adb shell
Run: cd /sqlite_stmt_journals
Run: chmod 0755 exploid
Run: ./exploid
Toggle your phone's Wifi (on or off, however you wish to do that).
Now (again) run: ./exploid (if prompted for a password enter: secretlol)
The next line should now begin with a pound (#) - if not, then something isn't setup right. Make sure to follow the directions verbatim. If you suspect you did follow them correctly, please reply to this post letting me know.
You should now be root! At this point you can do many things, but if you're looking to flash a custom ROM, continue to these instructions:
[NEW 10/18/2010:]
Steps 1-12 are intended to get you the ability to flash mtd0.img (which previously required using the SimpleRoot method) by gaining root inside of Android. By following the instructions in the rest of this section, it will allow you to flash a ROM or S-OFF your device:
The files you need are at: http://forum.xda-developers.com/showthread.php?t=703076- download both files linked in there (ESPRIMG.zip and SlideEng-package.zip)
Extract the contents of SlideEng-package.zip to a place of your choosing on your computer.
Place the entire (unextracted) ESPRIMG.zip on your SDcard.
Now push the files 'flash_image' and 'mtd0.img' that you just extracted from SlideEng-package.zip to /data/local using 'adb push'. (Noob? Instead of using 'adb push', install Droid Explorer and, using that utility, copy the 'flash_image' and 'mtd0.img' files to /data/local on your Slide)
Now I'm going to assume your phone is at root prompt (#) using steps 1-12. So now do (without typing the '#' symbols in front of both lines - they're just there to remind you that you need to be at a '#' prompt):
Code:
# cd /data/local
# chmod 04755 flash_image
# ./flash_image misc mtd0.img
Before you reboot make sure that the ESPRIMG.zip is on your SDcard!
Now turn off the phone.
Then press Volume-Down + Power.
The phone will power on and after about 5 minutes of verifying ESPRIMG.zip it will ask you if you want to flash it.
Press Volume-Up for 'YES' and wait until it finishes (ABSOLUTELY DO NOT POWER DOWN WHILE IT'S STILL FLASHING!!!).
Now when you go into recovery it should allow you to 'Apply update.zip from sdcard' (booting into Clockwork). If you don't have the Clockwork update.zip, here it is: http://www.4shared.com/file/OTRU7T3y/update_2.html (rename to update.zip after downloading since it's currently update_2.zip, then place it on your sdcard).
[/NEW 10/18/2010]
[NEW 12/30/2010]
Optional: Now that you're rooted you might want to disable all flash memory protections so you can permanently flash Clockworkmod (recovery - no more using an update.zip!) as well as other random things. Check here for details: http://forum.xda-developers.com/showthread.php?t=798168
[/NEW 12/30/2010]
CREDIT GOES TO:
[*] ChiefzReloaded! (For helping me learn the intricacies of Android and patiently answering all of my questions)
[*] 743C (For developing the original exploit)
Source code: (Yes, it's hackish. I was just trying to figure out why the system kept rebooting and haven't cleaned up the code since) download
DOWNLOAD:
http://www.4shared.com/file/CZsxSq-f/exploid.html
DONATE:
(Anything helps!)
(Some people may wonder why this is special compared to the One Click Root application. What's important is that One Click Root doesn't work on Slides running production/retail software, likely the same problem I had to fix to get exploid to work in my version.)
Thats whats up!!
If you be trollin then YOU BES TRAWLLIN
But if not then good job nb!
Sent from my T-Mobile myTouch 3G Slide using XDA App
Can you provide the source? No offense, but I tend not to run homebrew C programs that I didn't compile myself.
Thanks for all the work!
falken98 said:
Can you provide the source? No offense, but I tend not to run homebrew C programs that I didn't compile myself.
Thanks for all the work!
Click to expand...
Click to collapse
Sure, I was getting around to that - and I understand your concern. I'll post it in a second.
falken98 said:
Can you provide the source? No offense, but I tend not to run homebrew C programs that I didn't compile myself.
Thanks for all the work!
Click to expand...
Click to collapse
You think nb is distributing a virus disguised as a root method?
Waaaaaat
Sent from my T-Mobile myTouch 3G Slide using XDA App
r0man said:
You think nb is distributing a virus disguised as a root method?
Waaaaaat
Click to expand...
Click to collapse
It is a bit funny, but I do understand his concern. I've posted the source code into the original post. Compiling it should result in the same hash as the binary I posted.
Good to see this I suggested this in another thread glad to see it in use thanks a bunch
nbetcher said:
It is a bit funny, but I do understand his concern. I've posted the source code into the original post. Compiling it should result in the same hash as the binary I posted.
Click to expand...
Click to collapse
Ill take a look at it when I get home.
ilostchild said:
Good to see this I suggested this in another thread glad to see it in use thanks a bunch
Click to expand...
Click to collapse
I actually had to do a lot of work on it. It doesn't quite work the same as the original exploid simply because the original exploid crashes the entire system and reboots. This causes the rootshell to never be committed to NAND and thus you get no where. I had to keep playing with things until I found a different method that works. It took several hours of me being upset with it, but watched the latest Burn Notice, came back to it, and BAM I had a stroke of genius.
where is rootshell? i can't exicute rootshell nor can i "cp" any files from sdcard however i do have a # instead of a $
Armyjon88 said:
where is rootshell? i can't exicute rootshell nor can i "cp" any files from sdcard however i do have a # instead of a $
Click to expand...
Click to collapse
Ignore that portion of the instructions provided by the program. As I stated, this is not intended for non-developers at this point. The # is your indication that you're running as root.
I am headed to work, but I don't usually have much going on there - I will be setting up a much cleaner system/environment for non-developers to work with and perma-root their phones with over the next few hours. Stay tuned!
Sweet
Sent from my T-Mobile myTouch 3G Slide using XDA App
having # and running as root as stated before u can actually follow with eng and then custom recovery and ur choice's rom..pls correct me if im wrong..thanx
statuzz said:
having # and running as root as stated before u can actually follow with eng and then custom recovery and ur choice's rom..pls correct me if im wrong..thanx
Click to expand...
Click to collapse
i'm also wondering the same thing, because i got the exploid working, and i have the # in the shell, but when i go to follow the instructions to flash the eng-release, i can't cd to any different dirs, nor can i push any files to the phone. i have the ESPRIMG.zip copied to my sdcard, so could i just reboot into recovery and flash the nbh from there? any help is appreciated.
nbetcher said:
Ignore that portion of the instructions provided by the program. As I stated, this is not intended for non-developers at this point. The # is your indication that you're running as root.
I am headed to work, but I don't usually have much going on there - I will be setting up a much cleaner system/environment for non-developers to work with and perma-root their phones with over the next few hours. Stay tuned!
Click to expand...
Click to collapse
Let me know if you want to work together on some kind of one-click root app for the Slide. If the commands work through the terminal on the phone itself rather than via adb, I could probably make this into an app already, but since you're working on a more non-developer-friendly version, I'll just wait until that's out
televate said:
i'm also wondering the same thing, because i got the exploid working, and i have the # in the shell, but when i go to follow the instructions to flash the eng-release, i can't cd to any different dirs, nor can i push any files to the phone. i have the ESPRIMG.zip copied to my sdcard, so could i just reboot into recovery and flash the nbh from there? any help is appreciated.
Click to expand...
Click to collapse
I'm delaying the release of my non-developer program for another couple hours.
As far as what you said above, all you need to do after gaining the # prompt is (in a separate window):
adb push flash_image /data/local
adb push mtd0.img /data/local
(switch back to your # adb shell, then type
cd /data/local
chmod 04755 flash_image
./flash_image misc mtd0.img
Then reboot and apply the ESPRIMG.zip. All of these files are found on the same post that I referenced in my OP. These instructions are all in that same page.
televate said:
i'm also wondering the same thing, because i got the exploid working, and i have the # in the shell, but when i go to follow the instructions to flash the eng-release, i can't cd to any different dirs, nor can i push any files to the phone. i have the ESPRIMG.zip copied to my sdcard, so could i just reboot into recovery and flash the nbh from there? any help is appreciated.
Click to expand...
Click to collapse
Im also stuck since im not sure if you can update to eng from the ota..But first i want to personally thank the OP & CR for providing this.
This would be great for a One Click method
this would be nice to work into a one click root!
And This did work for me!
Does this root method gets /system moumted when android running?In short do we finaly get metamorph and root explorer working?
Greeting,
It was heard that rooting T-01D are similar as F-05D.
I found a website regarding rooting F-05D, but I dont read Japanese, just want to know if anyone have tried the enclosed method to root T-01D?
or could anybody do the translation, since the terms become quite strange after using the online translators
The following link is ref. of rooting F-05D:
ttp://ayati.cocolog-nifty.com/blog/2012/01/f-05droot-1d0b.html
(should be "http" rather than "ttp")
The source code of T-01D have been provided also, but I have no idea how to use it and root the machine:
ttp://spf.fmworld.net/oss/t-01d/data/download.html
(should be "http" rather than "ttp")
Thank you very much in advance?
Update of 4/4
the following t-01d rooting procedures is provided by Magimaster
Hello.
I am sending this pm regarding the translation for flashing the Fujitsu f-05d sold by Docomo in Japan. I cannot reply in the development section due to my low post count.
My phone is an f-05d. I do not have a t-01d but, according to the original rooting guide for the f-05d, the users are reporting success in rooting the t-01d as well.
I will not really translate for you. Rather, I will explain what I did to root my f-05d.
Here is a rough summary of the steps I followed:
For starters, you need to make sure that adb recognizes your phone when connected to the PC via USB. This means that you need to install the Android SDK and the USB driver for your t-01d by Fujitsu.
I had trouble getting adb to recognize my phone, as Window$ insisted in recognizing it as an USB drive. What I did, among other things, was:
In the phone settings, go to Applications > Development and check USB Debigging and Stay awake.
Install the Google USB Driver package, in the extras section of the Android SDK Manager.
With the phone connected to the PC, go to Window$ device manager > Universal Serial Bus Controllers and uninstall (use the delete key from your the keyboard) every mass storage device that appeared when my phone was connected. Disconnect and reconnect the usb cable.
Only until I did this final step was my phone recognized and listed as Android Phone > Android Composite ADB Interface in the device manager. If your device is not recognized, you just cannot continue. Look for help about this, or else you cannot move on with this method of rooting.
Confirm that your phone is recognized as Android Phone > Android Composite ADB Interface in the Window$ device manager. Do not continue until it is.
From the Android SDK manager, install the package android sdk platform-tools.
You need download F05Droot.zip from the original blog page your linked before. I will not link to the file directly, but you should have no problem finding it. Extract the files within into the program directory \Android\android-sdk\platform-tools (this is my path).
You need to download a replacement for the file lsm_disabler.ko that is inside the F05Droot.zip. Get it from here and extract it an replace the one inside the platform-tools directory.
By the way, this platform-tools directory is the one that has the adb executable file. Just a heads up.
You need to download su. I cannot tell you where to get it. I just do not know where I got mine from, but was easy so go for it When you have it, extract it and put it in the platform-tools directory.
Confirm that the platform-tools directory includes these files:
Code:
adb.exe
AdbWinApi.dll
AdbWinUsbApi.dll
su
lsm_disabler.ko
f05dsu.bat
There will be more, but these are the ones needed for this to work.
Now, get ready to root. Connect your phone to the PC.
Go to your phone settings > setting my body > step/activity counter app > pedometer use and confirm it is checked on.
In the platform-tools directory, look for f05dsu.bat and run it. A DOS window will open. This is the funny part. Unless you are doing this from a Japanese version of Window$, or from a Window$ with Japanese locale active, you will see a lot of strange symbols instead of Japanese characters... which would be the same for almost anyone anyway Regardless, you will see a prompt to Press any key to continue . . .. At this point, you do not need to do anything on your phone, other than visually checking that the check mark on the pedometer is set.
On the DOS window press any key, your will see more garbage and another prompt to press any key. This is the important part. See if you can find among all those symbols this pattern: OFF/ON. If you do see it, it means we are on track.
Now that you were able to see the OFF/ON, go to your phone and uncheck the pedometer (OFF) and check it again (ON).
In the DOS window, press any key. Your phone will reboot. The message in the DOS window says that you must wait for the phone to boot up and for Window$ to recognize your usb connection to the phone.
When/if your phone is recognized by Window$, go to the DOS window and press any key.
Again, press any key and your phone will reboot.
The DOS window has a message indicating that you must now install superuser and busybox. When your phone reboots, go to the android market and install from there when you have the time.
You can now close the DOS window because, unless there was any error, you are now rooted, my friend
From the market, install a terminal, or an app that includes a terminal. I use Rom Toolbox because it has a terminal and scripts to mount the /system as rw.
Open whatever terminal you chose and, at the $ prompt type su
If new prompt is #, type soff
You will need to run these commands every time before trying to mount /system as rw.
That is all. I hope you can root your phone.
Just a petition, post this message in the forums, as it may help others who have similar difficulties. It sure could have helped me if someone had done before me.
Have a nice one and please forgive my English.
Click to expand...
Click to collapse
update 15/4
On 13/4 finally i got my phone rooted
I have to run f05droot.bat instead of f05dsu.bat
After I have run the f05dsu.bat, for the steps, no error popout.
then I open the terminal type su, it reply me "permission denied".
I know it is not successful, after several run, the situation still the same.
after that have checked the contents of f05droot.bat and f05dsu.bat.
They are very similar but the f05droot.bat will push the superuser and busybox into the device at the same time.
(so I added those files in the directory \Android\android-sdk\platform-tools )
Therefore, i tried that and its works finally.
I feel really exciting at that moment.
I hope this post can help they T-01d user to root the phone.
personally I really like this phone ^~^
the su file is also important
Anyone try it? Does it work?
I have got the source code from its web
But I dont know how to use that and lead me to root the machine
ttp://spf.fmworld.net/oss/t-01d/data/download.html
Can you post a review of this device?
redcarrot said:
Greeting,
It was heard that rooting T-01D are similar as F-05D.
I found a website regarding rooting F-05D, but I dont read Japanese, just want to know if anyone have tried the enclosed method to root T-01D?
or could anybody do the translation, since the terms become quite strange after using the online translators
The following link is ref. of rooting F-05D:
ttp://ayati.cocolog-nifty.com/blog/2012/01/f-05droot-1d0b.html
(should be "http" rather than "ttp")
The source code of T-01D have been provided also, but I have no idea how to use it and root the machine:
ttp://spf.fmworld.net/oss/t-01d/data/download.html
(should be "http" rather than "ttp")
Thank you very much in advance?
Click to expand...
Click to collapse
If you have time, can you please post a mini review of the device? I wanted to buy one too and I'm quite excited reading your review!
Thanks and more power!
Here is the mini review
Screen color is perfect except black and accurate. Speed is good in comparing with SGS2. Battery life is similar to SGS2. Form factor is better than SGS2. Camera is outstanding, thanks to the 1.3MP camera. Waterproofing design is what I like. The bad is upgrading is only possible in Japan. Digital TV is useless. Sound level is a bit low.
personally i like this phone very much especially the outlook.
my personal review is the following:
1. same as above the screen is perfect
2. the camera is also excellent
3. while you have a phone call, it change mode automatically depends on the environment
4. if i switch off all the data things, this phone can stand more than one day
(so i wont blame the battery, because I think we use too many network related stuffs)
5. i have to admit that the firmware is not quite stable (fortunately the phone can be upgrade to 4.0 after july)
for the rooting process, it seems like someone has success:
(i think that is temp root)
search "T-01D 軟解, tofu-keitai" in google (that is chinese unfortunately)
redcarrot said:
Greeting,
It was heard that rooting T-01D are similar as F-05D.
I found a website regarding rooting F-05D, but I dont read Japanese, just want to know if anyone have tried the enclosed method to root T-01D?
or could anybody do the translation, since the terms become quite strange after using the online translators
The following link is ref. of rooting F-05D:
ttp://ayati.cocolog-nifty.com/blog/2012/01/f-05droot-1d0b.html
(should be "http" rather than "ttp")
The source code of T-01D have been provided also, but I have no idea how to use it and root the machine:
ttp://spf.fmworld.net/oss/t-01d/data/download.html
(should be "http" rather than "ttp")
Thank you very much in advance?
Update of 4/4
the following t-01d rooting procedures is provided by Magimaster
Click to expand...
Click to collapse
It really work!~
I rooted my T-01D with this method!
And it's permanent root!!
Many thanks!~
hi HaoyuWen,
i have followed the steps, when i type su in the terminal simulator, it comes out segmentation fault su, do you have any idea.
I use titanium backup to check and it said my t-01d is not rooted.
for the pedometer on/off things, do i need to press the home key and go back to the pedometer to do the switch?
Thank you very much in advance
HaoyuWen said:
It really work!~
I rooted my T-01D with this method!
And it's permanent root!!
Many thanks!~
Click to expand...
Click to collapse
So both F-05D and T-01D can use this ?
yes, but i havnt got that work yet.
just want to know when I get the device rooted, will the device screen shows the device is rooted?
finally i got my phone rooted
you have to run f05droot.bat instead of f05dsu.bat
the su file is also important
redcarrot said:
yes, but i havnt got that work yet.
just want to know when I get the device rooted, will the device screen shows the device is rooted?
Click to expand...
Click to collapse
You can install a root checker to see
^ Please update it on the front page
Gonna get mine soon, so excited to hear this
wth_is_life said:
You can install a root checker to see
^ Please update it on the front page
Gonna get mine soon, so excited to hear this
Click to expand...
Click to collapse
I think I brick my T-01D. Don' know why, I do exactly the same what I have been told here... Now It ends up infinite boot loop
Anybody help me please?
Hey there everyone, sadly this guide isn't working for me. Everything in the guide goes smoothly and I do exactly what is listed but after my phone reboots the final time I still have no root access. I run f05droot.bat instead of f05dsu.bat like the user said but to no avail, I even ran f05dsu.bat and still nothing.
Anyone else have trouble? Maybe it is because I am on a certain FW? I am on 2.3.5
Baseband Version C_L1_M23
Kernel version: 2.6.35.7 [email protected] #1
and Build number is V43R41C
Just wondering as I really want root to disable all of these RAM-hogging default applications.
Bump? Anyone?
As far as I know, this rooting method cannot be done on FW V43R41C.
Sent from my SC-01D using Tapatalk 2
kinchung said:
As far as I know, this rooting method cannot be done on FW V43R41C.
Sent from my SC-01D using Tapatalk 2
Click to expand...
Click to collapse
Aw Thanks for the notice, of course it's my firmware. Any idea about ICS? It was supposed to come out in July but yeah..
I don't know about ICS for t-01d. My sc-01d has been already upgraded to ICS, the performance is improved a lot. sh-01d also gets ICS today.
Sent from my SC-01D using Tapatalk 2
kinchung said:
I don't know about ICS for t-01d. My sc-01d has been already upgraded to ICS, the performance is improved a lot. sh-01d also gets ICS today.
Sent from my SC-01D using Tapatalk 2
Click to expand...
Click to collapse
I see, I read about the T-01D (among many others) getting updated from articles like this: http://forums.hardwarezone.com.sg/e.../docomo-update-ics-4-0-18-models-3662812.html
I'm sure the T-01D would perform pretty awesome and maybe pre-installed software would not be as big a deal as it is now. Maybe since your SH-01D is getting updated, T-01D isn't far behind. The only thing I have to see is if I can update out of Japan.
I don't have sh-01d but galaxy tab 10.1 sc-01d instead. My t-01d also upgraded to V43R41C last month during visiting Japan. Upgrade of t-01d may not be possible outside Japan as Software Update cannot be executed without docomo sim and network.
Sent from my SC-01D using Tapatalk 2
I have just updated my Prime and I did not have rooted it with ICS. Is possible to root JB without previous rooting?
No. You must back up root using OTA Rootkeeper in order to regain root in JB. There is no known exploit for JB yet.
without restoring root with ota rootkeeper, try http://matthill.eu/mobile/root-trans...lybean-update/ and follow the instructions, follow the links for the files you need
tonesy said:
without restoring root with ota rootkeeper, try http://matthill.eu/mobile/root-trans...lybean-update/ and follow the instructions, follow the links for the files you need
Click to expand...
Click to collapse
lol, must be a joke.... dead link.
I have been actively pursuing this. Without bootloader unlock i dont beleive so.
If you Unlock the Bootloader or already have an Unlocked Bootloader, you can get root.
I haven't seen any exploits posted for the Prime in JB yet, so this may be your only way for now.
hx4700 Killer said:
lol, must be a joke.... dead link.
I have been actively pursuing this. Without bootloader unlock i dont beleive so.
Click to expand...
Click to collapse
He posted a bad link but doesnt work if you have no root access at all. This is just a "regain root if you have partial root" guide:
http://matthill.eu/?s=jelly+bean
Thread moved
Thread moved. This is clearly belonging into Q&A. Please post in correct Sub-Forum.
peace
jotha - forum moderator
Does any one know if one person with development capabilty is trying to find a way to root JB ?
I talked to bin4ry about his root method in hopes of working with him on modifications for the prime but he is telling me his mod is making the change he is exploiting according to what I am seeing but possibly ASUS disabled the emulator mode in this version of the OS. This is what would give you root access via ADB so changes can be made.
I couldnt get out of him what exactly his "restore timing exploit" is but I understand everthing after that
Outside of anything coming up I would say if you must have it now and don't mind voiding your warranty then use the unlocker tool and follow one of many guides on here to do it from an unlocked device.
Perhaps we can turn this thread into, or possibly start a new one about the different things people(devs and/or the technically savy) are finding in the quest for an exploit...
We could start with a list of what is known. Of particular interest would be the differences between the complete stock (me btw), was rooted but lost it, was rooted and kept it, and of course anybody who has managed to root it by messing around but not taken notes along the way.
here's what I have found.
from the PC, creating an adb shell allows me to ls /data/local/tmp/ but from a tablet's terminal emulator (shell?) I cant.
Typing id from both it becomes obvious why
From adb shell I get
Code:
uid=2000(shell) gid=2000(shell) groups=1003(graphics),1004(input),1007(log),1009
(mount),1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),3002(net_bt)
,3003(inet),3006(net_bw_stats)
from the tablet I get
Code:
uid=10126(u0_a126) gid=10126(u0_a126) groups=1015(sdcard_rw), 1028(sdcard_r),
3003(inet)
I was getting excited last night (burnt the midnight oil) trying what I thought might be a possible exploit with an android supplied command called "run-as". Its limitaions became obvious when I looked at the source code for it. You need an application pakage that is debugable and it cd's to its directory to run the command and a bunch of other things, so I compiled it on C4droid using just the main functions setresuid() and setresgid() but they both failed no matter what value was plugged into them based on UID and GID found here
http://forum.xda-developers.com/showthread.php?t=442557
I have yet to exhaust this avenue. I might be able to create an empty package and sign it as a system app, make it debugable and see what that yeilds but its looking like a convoluted process, espicially considering that run as may not work as intended on prime's JB
PS I want to state that I know precious little about linux and even less about the android layer above it...
Just as an FYI the way bin4rys tool is supposed to work is an exploit in which it makes a symlink to /data/local.prop and injects ro.kernel.qemu=1 in to local.prop then reboots.
This is supposed to put the device in emulator mode and when you connect with adb shell you get a root shell prompt. All the rest is fairly straightforward/standard. Remount file system as RW, install SU and superuser.apk with their permissions set properly in the proper places then break the symlink to local.prop and reboot.
What would help a lot is if someone who is already rooted can make the attempt, set qemu = 1 in the relinked local.prop then adb shell connect to see if you get a root prompt. Trying to confirm that emulator mode is enabled and you get root access as shell to see if this is even worth pursuing.
I would just use the unlocker tool but I am 2 weeks in to ownership of a new unit.
yes I have seen that typing adb root gives the message
Code:
adbd cannot run as root in production builds
it would indeed be interesting to see if changing "qemu" flags it as a non-production build. My sgs is rooted with CM10 nightlies might try toggling the value on that and see what adb says
Run-as
abazz said:
I was getting excited last night (burnt the midnight oil) trying what I thought might be a possible exploit with an android supplied command called "run-as". Its limitaions became obvious when I looked at the source code for it. You need an application pakage that is debugable and it cd's to its directory to run the command and a bunch of other things, so I compiled it on C4droid using just the main functions setresuid() and setresgid() but they both failed no matter what value was plugged into them based on UID and GID found here
http://forum.xda-developers.com/showthread.php?t=442557
Click to expand...
Click to collapse
Yes. I noticed the permissions on that file as well. I'm not an android person, so I don't know how that end works, but the permissions do look correct (setuid root, and runnable as group shell [which we get via adb, but not locally on terminal].
Based on the little bit that I have read, it seems that it may be getting the permissions assigned to the apk and running the command line with those permissions.
If that is correct, then running it via something with c4droid probably won't work, as it's permissions are whatever group it (c4droid?) was assigned at install.
So, how do does one / can one specify that the package is supposed to be root (uid 0). I'd guess (from a standard UNIX security perspective) that you can't just push arbitrary apps to the machine with 'run me as root' permissions. Otherwise, this would be a completely non-issue. But, is there a package which is pre-installed that we can exploit the permissions of to do this? I don't know yet.
Also, if my readings / assumptions were correct above, we probably don't want to do a setreuid(), but rather call bash/busybox as the 'command' issued in the name of the apk (since it would then run as root, or the uid of the package). Either that, or a system command(s) to chown/chmod the su binary that we can upload via adb (but which comes in as shell.shell).
Did you find the source for run-as somewhere? It would be interesting to look at to see if such a thing is possible. Failing that, it would be interesting to see if there were any sorts of buffer overflows that could be run against it. I've never tried such on arm7, but I've done it under UNIX on x86 and Sparc.
Thanks
Schemm
elschemm said:
Yes. I noticed the permissions on that file as well. I'm not an android person, so I don't know how that end works, but the permissions do look correct (setuid root, and runnable as group shell [which we get via adb, but not locally on terminal].
Based on the little bit that I have read, it seems that it may be getting the permissions assigned to the apk and running the command line with those permissions.
If that is correct, then running it via something with c4droid probably won't work, as it's permissions are whatever group it (c4droid?) was assigned at install.
Click to expand...
Click to collapse
Yes you are correct. setresuid() function will not give you permissions greater than the process its running in
So, how do does one / can one specify that the package is supposed to be root (uid 0). I'd guess (from a standard UNIX security perspective) that you can't just push arbitrary apps to the machine with 'run me as root' permissions. Otherwise, this would be a completely non-issue. But, is there a package which is pre-installed that we can exploit the permissions of to do this? I don't know yet.
Click to expand...
Click to collapse
Its worse than that, the package also has to be debuggable
There is some info out there on how to sing a package with the appropriate system permissions so it would be interesting to actually do this and see what, if anything can be done.
I downloaded the asus unlock package and passed it through the apk tool to see what it does, as it obviously would need root access. As root access is all i require the code it shows is irrelevant really, its the fact that it gains root access with its signature and also the uid that is set in the manifest android.sharedUserID="adroid.uid.system". This and, most importantly android.permission.MOUNT_UNMOUNT_FILESYSTEMS. WIthoput these things we cant change anything in the directories we need
Also, if my readings / assumptions were correct above, we probably don't want to do a setreuid(), but rather call bash/busybox as the 'command' issued in the name of the apk (since it would then run as root, or the uid of the package). Either that, or a system command(s) to chown/chmod the su binary that we can upload via adb (but which comes in as shell.shell).
Click to expand...
Click to collapse
Yes thats what we would do from the run-as command. What I was attempting to see was if I could get a root uid by creating a c program that uses the setresuid() function call thereby bypassing the need to have an appropriate package installed. As it didn't work I'm having dounts whether it would work even if the right package was there. run-as did make reference to package.h which I haven't looked at, so unless there are some system parameters that package.c extracts from the apk I dont really see how this will work...
Did you find the source for run-as somewhere? It would be interesting to look at to see if such a thing is possible. Failing that, it would be interesting to see if there were any sorts of buffer overflows that could be run against it. I've never tried such on arm7, but I've done it under UNIX on x86 and Sparc.
Thanks
Schemm
Click to expand...
Click to collapse
Yeah found the source here
I also searched for linux exploits, there are massive lists of them, most of them patched by now but I assume the linux base in JB would be somewhat different to whats getting around on X86 systems
On anather note I have tried bin4ry's "root many" method , using the restore timing exploit but had no luck.
HX... I looked through the scripts and all the misc files in bin4ry's zip package and could not find anything remotely indicating an injection of the qemu value. It make a symbolic link to the build.prop in com.android.settings...../file99, which was succesfull after pressing restore but thats about it. perhaps I should fire up ubuntu and try the linux script instead of the windows .bat file
Interestingly, this guys root method for the Razr M makes use of Run-as if you look at the batch file.
He is essentially doing a "fake package" install then runs an exe that is some sort of exploit. Finally he uses run-as against what I have to assume is the bug report feature of the droid and asks you to trigger a bug report with a button sequence.
So it seems he is getting something that has root privileges (bug report) to do something that grants SU and also implimenting run-as
http://forum.xda-developers.com/showthread.php?p=32889627#post32889627
I fear that remained a few developers interested in finding a way to root transformer prime with jelly bean, because all of them had tablet already rooted with ics and managed in mantaining rooting across upgrade.
OK, I just got an Amazon Fire HD 6 for free from a friend brand new so I figured this would be a great thing to learn rooting android and other things. No cost = no loss if I screw it all up.
Basically my goal is jut to root it to get it to be more like a regular old android tablet and not to have all the Amazon crap constantly running in the background sending all my info to Amazon every minute of every day. From reading here this seems possible. Please tell me if It's not.
Background:
I know quite a bit about PCs running Windows since 3.0 and have dabbled with Linux and Apache off and on over the years but I am by no means an expert. Advanced amateur might be better.
The tablet is running Fire OS 5.1.2. I don't know what it had when I first turned it on but I had no idea what I was going to do with it so I let it update itself until it got to the current 5.1.2.
I tried reading some of the tutorials but they seem way over my head as they seem to assume a knowledge of certain acronyms that I am not yet familiar with.
This is what I think I know so far. Please tell me if I'm wrong...
1. It is not possible to root 5.1.2. I probably should have left it at whatever it was when I got it which was probably 4.5.x.
2. Because of #1 above the only way for me to root this is to downgrade to 4.5.x.
Do I have that right so far? Because if I don't have at least that right then I am way off, so let's start there.
My goal would be for this thread to become a real "how to root your HD 6" for real total newbs like me. Step by step on what to download, from where, what is a TWRP what do you use it for, what is an ADB and what do you use it for, from turning the thing on to ending up with a nicely rooted tablet.
In case anyone else wants to know what happened and how I accomplished all, the answers are in page 6 of this topic ...
http://forum.xda-developers.com/fire-hd/help/help-thread-question-noob-friendly-t3206776
Here is a full tutorial in one place...
First off these instructions are for the Amazon Fire HD 6 gen4 running Fire OS 5.1.2 only. Will it work on other things? Who knows. Will it work on another of the exact same tablet? I have no idea. Would it work on this same tablet if I had to do it over again? Could be ... but then again, ya never know. So proceed at your own risk. All I know is that it worked for me here today on this particular tablet at this time and I hope I never have to do it again.
All of these instructions can be found at the following link at about page 6 of that topic.
http://forum.xda-developers.com/fire-hd/help/help-thread-question-noob-friendly-t3206776/page6
1: First I installed the USB driver from Amazon at the following link:
https://developer.amazon.com/appsan...etting-up-your-kindle-fire-tablet-for-testing
and then I downloaded the ADB SDK tools from links from this tutorial:
http://www.howtogeek.com/125769/how...roid-debug-bridge-utility/?PageSpeed=noscript
After enabling USB debugging on the device I had ADB ability.
2. Downloaded the Kingroot version 4.8.5 apk from here and ran it:
http://forum.xda-developers.com/android/apps-games/one-click-root-tool-android-2-x-5-0-t3107461
Let it go to town doing it's thing. Afterwards it claimed success and said that I was rooted.
3. Ran the following commands given by DoLooper from above xda post to disable OTA update:
Open a CMD window from folder with adb.exe by right clicking in that folder and holding down the shift key. Then run these commands one at a time:
adb -d shell "su -c 'pm disable com.amazon.otaverifier'"
adb -d shell "su -c 'pm disable com.amazon.device.software.ota'"
adb -d shell "su -c 'pm disable com.settings.systemupdates'"
Tried to rename OTA file from DoLooper instructions using Simple Explorer with root priviledges (not ES) - fail - does not seem to want to rename the file for some reason.
So at this point I was successfully rooted. But I basically had a virus running on my tablet called Kingroot . I checked using another app and I saw that it was constantly connected to China. Bad? I don't know but certainly does not making me feel all warm and fuzzy so next step was to get rid of Kingroot. Problem is that if you uninstall it it sets you back to unrooted default. So ... read on.
4. Installed Terminal Emulator for Android from http://www.apkmirror.com/
6. Uploaded the 4 files from the zip file from wolfdroid from second link in sd_shadow post in that same topic. Can be found here:
http://www.w0lfdroid.com/2015/05/How-to-Remove-Replace-KingUser-KingRoot-with-SuperSU.html
7. ran the 2 commands from wolfdroid website using terminal emulator.
This removed Kingroot and left me rooted. Then I found an updated version of SuperSU and updated it too. So now I have a tablet that is rooted and I can install apps that require root access. Also I was able to uninstall some Amazon apps, disable others and basically stop it from phoning home.
BTW, I didn't recommend disabling com.settings.systemupdates. They do this on the 2015 Fires, but I have not used it on either the 2014s or 2015.
Yes, I apologize. You are correct. You did not suggest that one. That one I did get from the other topic. However, I did it and I don't see any negative effects so far.
But you know more than I so is there any reason you could see toward not doing that one?