Better Mobile App

Enabling Fota DEBUG_ENTRY in newer builds

NOTE: DO NOT DO THIS UNLESS YOU KNOW WHAT YOU ARE DOING, YOU CAN EASILY SCREW UP YOUR SYSTEM, AND THIS WON'T HELP YOU.
BACKUP FIRST, AND MAKE SURE YOU HAVE A SETUID SH AS ROOT SO YOU CAN RECOVER FROM BACKUPS IF NECESSARY.
First you have to re-sign framework-res.apk using testkeys. This will allow you to use testkeys for system uid packages.
Next step is to re-sign all other apks that use shared uid system.
That is: bootinfo, Fota, GoogleCheckin, GoogleSubscribedFeedsProvider, NetworkLocation, ServiceMenu, Settings, SettingsProvider, VpnServices
Next you have to re-sign all apks that use the platform key, which turns out to be the shared uid phone - these require implicit permissions from the platform like DEVICE_POWER:
TelephonyProvider, Stk, semc-backup-rachael, Phone
Finally, I think GoogleEnhancedSearch also needs it or something otherwise a settings menu will fc.
The nice part about re-signing is that you don't actually need to deodex the files.
One important thing is that in the new versions, the fota.action.DEBUG_ENTRY is actually disabled, and moreover, requires special permissions that aren't granted. This is where re-signing comes in.
Now, you need to deodex fota.apk, modify the manifest to remove permissions required for DEBUG_ENTRY, and finally, force enable the debug menu:
In com/sonyericsson/android/fota/common/fotaview/FotaDebugEntry.smali,
find "debug UI is not available!"
a few lines above, there is if-nez v0 :cond_0
change it to if-eqz v0 :cond_0
This forces it to enable the debug menu.
Now we re-smali the Fota.apk, re-sign, then push it on to the phone along with the rest of the modified packages.
Repush all the files to the phone and it's done

problem !
baksmali gives an error at fota.apk
can you post your deodex scrypt

Why is this required?

TechGuru_x10 said:
Why is this required?
Click to expand...
Click to collapse
So that you won't have to keep re-flashing the older firmware to root (and keep re-installing stuff afterwards), and it should save time in repairing your firmware if you mess system files up.
It should also allow us to upgrade to newer firmwares from the current one, so we don't have to lose all of our apps/settings when rooting our phones again with a newer firmware.
Is this right guys? Anyway, thanks and good luck!

jerpelea said:
problem !
baksmali gives an error at fota.apk
can you post your deodex scrypt
Click to expand...
Click to collapse
You need to add the classpath by deodexing everything in the framework folder and including it.

zephyrix said:
You need to add the classpath by deodexing everything in the framework folder and including it.
Click to expand...
Click to collapse
oki
will try
thanks
found my error
i was using smali1.2.2 tested with 1.2.3 and is working

jerpelea said:
oki
will try
thanks
found my error
i was using smali1.2.2 tested with 1.2.3 and is working
Click to expand...
Click to collapse
Could these steps be made into a script, to run everything at once? Or at least in sections?

Daneshm90's autodeodexer 2.3 modified by me for X10
http://hotfile.com/dl/53736770/16a1bc8/Deodexer_2_3_SE.rar.html

So eventually (with this) we can take a newer build and run this script thus allowing us to then run the files necessary for root?

what do you mean by newer builds like R2BA020

Sorry if Im being a noob but lets say I mess up a framework file and get stuck at the bootscreen. When I try to use adb to push my backup it says permission denied. Will this allow me to make the changes?

Well what I've done is use a modified adb which runs as root and replaces on boot. However, I believe you could use a setuid sh and achieve the same result.
i.e. cp /system/bin/sh /system/bin/rootsh
chmod 6755 /system/bin/rootsh
then you can push to a folder where you can normally write, and use rootsh and move it.

Great thanks, I'm going to wait until I have to try it...

[HOW-TO]Upgrade to 4.4.2 VRUFNC5 and keep root (for NC2 and MK2 devices) [05/13/2014]

Upgrade to VRUFNC5 and keep root from NC2/MK2
I'm not responsible for anything negative that may come from using this method, and it should be treated as a WIP
Directions
1. Download Upgrade_I545VRUFNC5_fromNC2_with_Root.zip,, and Odin3-v3.09.zip
2. Download I545VRUFNC5-Stock-Root-Deodex.zip or I545VRUFNC5-Stock-Root-Odex.zip and put it on your external sdcard make sure you have the AT&T Safestrap 3.72 for KK installed (get it here) also download the SuperSu zip from here and put in on your External SD Card as well just in case.
3. Reboot into Safestrap and delete all rom slots (except stock) and wipe data, cache, system, and dalvik-cache via SS's wipe menu
4. Install I545VRUFNC5-Stock-Root-Deodex.zip or I545VRUFNC5-Stock-Root-Odex.zip on the stock slot and install the SuperSu zip after (optional-just incase) Once the install completes don't reboot, use SS's reboot menu and reboot into Download mode
5. Extract the contents of Upgrade_I545VRUFNC5_fromNC2_with_Root.zip into a folder of your choice then launch Odin 3.09
6. In "AP" input AP_VZW_I545VRUFNC5_I545VZWFNC5_1151670_REV06_user_low_ship_MULTI_CERT.tar.md5 and in "CP" input CP_VZW_I545VRUFNC5_I545VZWFNC5_1151670_REV06_user_low_ship_MULTI_CERT.tar.md5 then click start. Let it reboot and you should be done! ---
-Additional notes:
*If it still doesnt boot up then try flashing the CSC_VZW_I545VRUFNC5_I545VZWFNC5_1151670_REV06_user_low_ship_MULTI_CERT.tar.md5 in Odin under the "CSC" slot, I incuded this file in the zip just incase.
I545VRUFNC5-Stock-Root-Deodex.zip
MD5: c9ac7a4e62679693f43ac0c150761269
Features:
-rooted
-busybox
-deodex
-init.d
-setup wizard now completes, no force closes at boot, fixed majority of reported issues
-Knox is present (SuperSu apk will ask you to disable it when launched)
-write to external sd is enabled
-tethering is enabled
-no apks have been deleted
-no aroma installer
-extended reboot menu added
- NC5-patch1.zip- This patch will add toggles, remove the init.d toggle script so that you can save your own customized order of toggles and will fix the lock screen security types issue.
I545VRUFNC5-Stock-Root-Odex.zip
MD5: 6a4013e4e15acfc9b45e16ad7aac6ddf
Features:
-rooted
-busybox
-odex
-Knox is present (SuperSu apk will ask you to disable it when launched)
-write to external sd is NOT enabled
-tethering is NOT enabled
-no alterations have been made aside from root and busybox being added
-no aroma installer
-NC5-patch1.zip- This patch will add toggles, remove the init.d toggle script so that you can save your own customized order of toggles and will fix the lock screen security types issue.
-zip to add tethering here
-zip to add write to external sd fix here
Video of the process for MK2 to NC2 (note you don't have to flash the BL tar) video was made courtesy of @Tomsgt
VIDEO
Video - Verizon Galaxy S4**KitKat (NC5) Upgrade**With Root&Tethering thanks to @Scottchy014
How to Downgrade back to 4.2 MK2
I want to address somethings...im uploaded a new version of this zip Downgrade_I545VRUEMK2_I545VZWEMK2_1937946_REV06_us er_low_ship_MULTI_CERT.zip
that should get rid of the inital fail error and hopefully prevent some from getting the status 7 error
If your phone says and/or gives the "Kies emergency firmware" message, that doesn't mean you've bricked, it just means a flash didnt succeed all the the way through. Most of the time this is at the cache step. You might also get the "failed to mount /preload error". None of this means you're bricked. most of the time you can recover by following these steps in this order:
1. Flash I545VRUEMK2_Downgrade.tar.md5 --> Should no longer fail at cache; I accidentally included it in the first tar I uploaded but when i noticed the error I didn't think to much of it because i knew that step 3 would take care of it. Anyways no longer an issue.
2. Then reboot into download mode immediately after step one and flash flash I545VRUEMK2_System.tar.md5 --> should have no errors here, if you do try again. At this point, the phone should boot back into MK2, if it doesn't, then proceed to reboot into normal recovery and wipe data/factory reset. Next boot into download mode and go on to step 3.
3. Finally flash the I545VRUEMK2_cache.tar.md5 --> as long as you didn't deviate from the steps that I just listed then this should pass in Odin. The device should not give the /preload error after this step. If you do get an error then factory data reset in recovery then flash the zip from step 1 followed by the zip from this step (step 3) again , that is flash the cache tar.md5 again.
4. I was going to type something about Wifi...but this issue drives me crazy...(...its not a issue, learn adb) You need to use bypasslkm. Flash the NC2 hlos for sound to work and use bypasslkm for wifi
Code:
su
cd /data/local/tmp
chmod 755 bypasslkm
./bypasslkm
cd /system/lib/modules
rmmod dhd.ko
insmod dhd.ko
The status 7 failed to mount /preload error and why it happens:
Lets take a minute to go over why this happens and what it means. First what is /preload anyways? Well lets take a look at how it gets mounted, consider mount points below:
mount("ext4", "EMMC", "/dev/block/platform/msm_sdcc.1/by-name/system", "/system");
mount("ext4", "EMMC", "/dev/block/platform/msm_sdcc.1/by-name/hidden", "/preload");
Click to expand...
Click to collapse
We can infer from the point arguements that /preload is the mount point for the "hidden" partition. Well then what is this "hidden" partition then you ask? Well hidden contains some useless crap Samsung uses to verify integrity of the system partition when in recovery
So the idea is to wipe data/factory reset in recovery followed by making sure to flash hidden.img.ext4 prior to cache.img.ext4. I think my inclusion of cache.img.ext4 on accident in the first tar is the root of the cause so ive uploaded a new one that doesnt contain it so it wont fail at step 1.
So essentially you cant flash a a full-wipe or no-wipe Odin tar to go back. You have to use a custom made Odin tar. Also for people getting the status 7 error where /preload fails to mount after flashing cache the solution is to boot into stock recovery and factory data reset followed by flashing hidden.img.ext4 via Odin or Heimdall.
Click to expand...
Click to collapse
Credits:
@Hashcode
@bajasur
@BeansTown106
@jeboo
@ted77usa
@muniz_ri
@rebel1699
@Maribou
@sextape
@Chainfire
@ryanbg
@jrkruse
@sbreen94
Changelog:
05/13/2014 - added odex stock root rom

Thanks. .. already downloaded all the files. . Will try in the morning. ..When I wake up. . And thanks again
Sent from my SCH-I545 using XDA Premium 4 mobile app

Will give this a whirl sometime after I get home at 3. Double Thanks!
Sent from my SCH-I545 using xda premium

My next phone will be whatever phone Surge goes with lol you're awesome at this stuff good work man
Sent from my SCH-I545 using Xparent Blue Tapatalk 2

Awesome stuff man, thanks! Quick question, will this prevent me from updating to the final release, or will I be able to Odin to it?

RyaNov1333 said:
Awesome stuff man, thanks! Quick question, will this prevent me from updating to the final release, or will I be able to Odin to it?
Click to expand...
Click to collapse
Even though the leak says "noship", from looking at the files this seems like it might actually turn out to be the OTA. Even if its not, you'll still be able to take the OTA provided you flash the VRUNFC2 leak Odin tar first.
Sent from my SCH-I545 using XDA Premium 4 mobile app

So I'm taking it you have to have safestrap to do this method. No way to root without safestrap?
Sent from my SCH-I545 using xda app-developers app

this is freakin awesome! thanks man for your hard work!
i have a quick question. if the flash should happen to not work right- would i still be able to use it unrooted on the nc2 or do i have to downgrade back to mk2

Thanks for the guide! Before I do anything, as I'm carefully looking through the instructions, I seem to be missing the part where the file: jfltevzw-FN2-modules.zip is used? Can you point me to that part, I might just be stupid and overlooking it :cyclops:

Do I also install the jfltevzw-FN2-modules.zip file thru Safestrap?
You mentioned to download this file and then it is not talked about again.

blueboymj said:
Do I also install the jfltevzw-FN2-modules.zip file thru Safestrap?
You mentioned to download this file and then it is not talked about again.
Click to expand...
Click to collapse
Lol :laugh: That's the very thing I just asked in the post before yours. The file is listed in the OP but there is no mention as to when in the process to flash it

Hmm. Stuck on a Verizon splash screen.

lazer9 said:
Thanks for the guide! Before I do anything, as I'm carefully looking through the instructions, I seem to be missing the part where the file: jfltevzw-FN2-modules.zip is used? Can you point me to that part, I might just be stupid and overlooking it :cyclops:
Click to expand...
Click to collapse
blueboymj said:
Do I also install the jfltevzw-FN2-modules.zip file thru Safestrap?
You mentioned to download this file and then it is not talked about again.
Click to expand...
Click to collapse
Well I guess I didnt have to use it, but its useful to have it handy anyways
Sent from my SCH-I545 using XDA Premium 4 mobile app

Haha guess I hadn't refreshed my page and saw that Lazer
Thanks for getting back to us so quickly Surge.

Surge1223 said:
Well I guess I didnt have to use them, but its useful to have handy anyways
Sent from my SCH-I545 using XDA Premium 4 mobile app
Click to expand...
Click to collapse
Thanks for the quick reply @Surge1223
So if I understand you correctly, the module mentioned would be used later once up and running if we didn't have wifi or something and could then re-enter SS and flash it once the whole process is completed? Oden, ATT SS installed, ect...

I see we have aosp browser. Is that in the leak build our was that thrown in there.
Sent from my SCH-I545 using Tapatalk

Anyone report success with this yet? While I'm confident I know what I'm doing, I'm scared to be the first, lol :laugh:

Well, crap. I'm stuck in the Verizon splash screen for the down grade as well. Safestrap is no longer showing either so I can't try to flash anything. Ideas?

I got it up and running. Is running smooth. I get an Android error on boot but that it's it
Sent from my SCH-I545 using Tapatalk

lazer9 said:
Anyone report success with this yet? While I'm confident I know what I'm doing, I'm scared to be the first, lol :laugh:
Click to expand...
Click to collapse
Looks like the post above yours might have worked.
I seem to be the first case of failure.

[MOD] Add Init.d Support T230/NU

i have been messing with init.d for rooted/stock rom t230/nu and i have come up with a modified version of this >> http://forum.xda-developers.com/showthread.php?t=1912504
INSTRUCTIONS:
Flash the attacthed zip in twrp and reboot...
HOW DO I KNOW IF IT WORKED?
in root browser goto /data/local/tmp/ and if there is a file 'init.d_log_test.txt' and inside is written the date, it worked.
if the file is not present something went wrong? please let me know if it went wrong for you an i will fix it..
dont forget to hit thanks and also credit the @jamesst20 in the above link...​

Ill give it a go.
Sent from my SM-T230NU

BookCase said:
Ill give it a go.
Sent from my SM-T230NU
Click to expand...
Click to collapse
let me know how it goes as i have only tested on my device... thnx

This will work.....I have it baked into my ROM.
One thing....I'd rename the install-recovery.sh to install-recovery-2.sh as that will break root. SU daemon is called by install-recovery.sh on boot. just a heads up.

g_ding84 said:
This will work.....I have it baked into my ROM.
One thing....I'd rename the install-recovery.sh to install-recovery-2.sh as that will break root. SU daemon is called by install-recovery.sh on boot. just a heads up.
Click to expand...
Click to collapse
i am building a rom at the moment and could not get my head round why it was breaking root lol... cheers dude..

Inside 4ndroid said:
i am building a rom at the moment and could not get my head round why it was breaking root lol... cheers dude..
Click to expand...
Click to collapse
Let me if your still having trouble with root afterwards.

g_ding84 said:
Let me if your still having trouble with root afterwards.
Click to expand...
Click to collapse
oh and in your rom it seems we cant update the su binary and have to flash an updated binary seperetely from within recovery.. i found a work around and now when i flash my rom it says binary needs updating an now in my rom the normal method works and alakasm success
if you need me to explain further pm me an i will go through how i managed it..

In the rom that you're working on is based on CyanogenMod or this stock?
on the other hand just flash this file in Stock T230XXU0ANK3'll see that this is

If you want to enable init.d, you simply install busybox from playstore and download universal init.d, and verify ...
checks in the system / etc / init.d contained in the file 00test & 08setperm :good:
working on my phone 4 tab 7 "T231 :fingers-crossed: :fingers-crossed:
sorry for my bad english

riotaruna said:
If you want to enable init.d, you simply install busybox from playstore and download universal init.d, and verify ...
checks in the system / etc / init.d contained in the file 00test & 08setperm :good:
working on my phone 4 tab 7 "T231 :fingers-crossed: :fingers-crossed:
sorry for my bad english
Click to expand...
Click to collapse
or you could just simply flash the file file in the OP takes alot less time an is simple an staight forward lol..

File is gone

[ROM][ROOT][STOCK][TINKER-EDITION][5.1.1] Galaxy Tab A 7.0 2016 SM-T280/T285

Samsung Galaxy Tab A 7.0 LTE/WIFI 2016 TINKER EDITION ROM (DEOXED/ROOT/XPOSED)
============================================
Update 01/04/2017
-----------------------
Tinker Edition V5.1 is now out.
* Re-added Samsung stock camera and gallery
* revert back to stock vold to fix issues people are having with micro sdcards
Now available for the SM-T285, SM-T280 to follow
Update 10/29/2016
------------------------
TWRP for the SM-T285 here
Early Build of TWRP for the T285 (see post by @ashyx will update this if an official version is released. The T280 version should be available not far behind I believe
Update 09/21/2016
-----------------------
V5 now out (root, deodexed, xposed) for the SM-T280/T285, still working on the SM-T280
Update 09/20/2016
------------------------
Turns out this device is not as locked as we all thought it too be. See thread below for my ordeal and more details:
http://forum.xda-developers.com/galaxy-tab-a/help/resources-samsung-galaxy-tab-7-0-2016-t3431022
Modifications:
===========
* Based on LMY47V.T285XXU0APCN
* Stock Boot and Recovery (Not much choice since the bootloader is locked)
* Busybox
* Hijacked Vold (using CM 12.1 sources) to run shell scripts stored in /data/scripts/vold.init
* Removed Touchwiz launcher and redundant samsung apps (Hancom office, Kidzone), replaced with Trebuchet
* Enabled r/w to the external SD Card
* Dolby Atmos mod (09/11/2016) (thanks to @Nando14sunny)
* Deodexed/Xposed (09/13/2016) (thanks to @wanam and @rovo89)
* soft linked /etc/hosts to /data/scripts/hosts and can be edited using adb shell (09/13/2016) (thanks to @venomrat)
* V5: root chainfire's SuperSu 2.78 (09/21/2016) (thanks to @Chainfire)
* stock boot animation
Special thanks also to @ashyx for initially taking a look at this device , I haven't given up on rooting this device yet.
Special thanks to @klemen241 for helping me try out the SM-T280 build
Haven't done extensive testing on Xposed modules, but the pokemon go iv mod/hacked worked and that was good enough for me (Before pokemon Go was patched). If you use this ROM feedback is highly appreciated
NOTES: To be safe, perform a cache wipe using recovery. I didn't need to do this personally but I haven't tested all use cases
NOTES: Since this rom is deodexed, the first boot will take quite a while, so please be patient .
NOTES: if you are coming from V2 and are using the mount_ext4 apps2sd scripts please update it for additional support for the V3 ROM HERE:
https://github.com/jedld/smt285_data_scripts
NOTES: (09/13/2016) Unfortunately, the V3 build fails the Google SafetyNet check, will be a problem if you play Pokemon Go
Other Notes: Removed support for zygote.init scripts in V3 as I am now using the app_process32_xposed binary, will work to get this back soon. I haven't had a need for zygote scripts though. The vold.init scripts shoud still work as before if you are using the apps2sd script
Installation Instructions:
Odin or Heimdall Required. I you are coming from the Stock Rom please wipe/factory reset to be sure. If you are upgrading from V1 or V2 you are not required to wipe unless there are problems. If you are upgrading to V3 cache wipe is recommended using recovery.
--FLASH AT YOUR OWN RISK--
1. Make sure to backup of your data and have a copy of your stock Rom in case something goes wrong.
2. Make sure your device is OEM unlocked. (Enable Developer settings and Enable the OEM unlock settings)
3. Extract ZIP file below and flash the tar.md5 file using ODIN, for details on this kindly look for instructions in the xda site.
4. For Heimdall you can use 7zip to extract the system.img from the tar.md5 and just flash the system.img itself.
Choose the appropriate download for the model (wifi only T280/ lte T285) that you have:
WIFI ONLY Download (SM-T280)
==========================
Link (V5 Deodexed, Rooted and Xposed):
https://mega.nz/#!0Jdg0a4D!XWLES1BwCPrkBlUzqNhRfRi_91LOdawYHydQ_scV2dI
Link (V3 Deodexed and Xposed - with special thanks to wanam with his custom Xposed build (86.0), and credits also to rovo89):
Download from Mega (v3 09/13/2016)
LTE Version Downloads (SM-T285)
===========================
Link (V5.1 Deodexed, Rooted and Xposed):
https://mega.nz/#!ZFFTFKYZ!NAeajNUjIgYI7zOslpWoJ2AeJ-NCKG0Ut8Buz_6eCgU
Link (V3 Deodexed and Xposed - with special thanks to wanam with his custom Xposed build (86.0), and credits also to rovo89):
Download from Mega (v3 09/13/2016)
Link (Original V2 odexed version):
Download from Mega (V2 09/11/2016)
If you have suggestions, send me a PM.
Other Notes (So people don't have to ask):
* I've tried to run superuser daemonsu, but unfortunately the sepolicy scopes for vold and zygote are too narrow in this device for supersu to use despite being root. In theory a version of daemonsu can be made specifically to run on this device with a somewhat castrated functionality though I don't have access to the source code to figure it out. Navigating the sepolicy landmine is hard.
WIFI ISSUES
=========
There are reports of wifi problems with the latest build due to wrong permissions with dhcp hooks, if so you can do the following (big thanks to @_mone):
Using adb shell:
Code:
su
mount -o rw,remount,rw /system
chmod 755 /system/etc/dhcpcd/dhcpcd-run-hooks
mount -o ro,remount,ro /system
/system is readonly by default, which is why you need the remount commands. Reboot your device after just to make sure.

Hi,
The mount_ext4_sdcard.sh script moves all apps to SD card on reboot?
Edit: did not read till the end. System apps are not move.

venomrat said:
Hi,
The mount_ext4_sdcard.sh script moves all apps to SD card on reboot?
Edit: did not read till the end. System apps are not move.
Click to expand...
Click to collapse
It won't by default for safety purposes, however you are welcome to edit the script and try to move them all

jedld said:
It won't by default for safety purposes, however you are welcome to edit the script and try to move them all
Click to expand...
Click to collapse
Thanks for your hard work. It's a pity this device is not as popular as their other models or more people would have already signed the petition.
I regret not doing more research before buying this tablet.

Hello there
At first i want to thank you for your hard work so far
Then i've got a question,
I just built this Tablet (LTE version) in my car. Now i'm on to configure it with Tasker to "act more like a car radio". It was really hard, because of the non rooted device.. But i did it so far
I used a sound mod, called Dolby Atmos (i think it's from lenovo?) on allmost every of my rooted devices to improve its sound.
I'm wondering if it would be possible that you could build in this mod inside a rom for me?
Normally i flash it as a zip file via a custom recovery so it's in the system files. but maybe you could edit it in there before the rom get flashed via odin? I could give you the zip, if u dont find it. It would be really nice!
Greetings from germany

Nando14sunny said:
Hello there
At first i want to thank you for your hard work so far
Then i've got a question,
I just built this Tablet (LTE version) in my car. Now i'm on to configure it with Tasker to "act more like a car radio". It was really hard, because of the non rooted device.. But i did it so far
I used a sound mod, called Dolby Atmos (i think it's from lenovo?) on allmost every of my rooted devices to improve its sound.
I'm wondering if it would be possible that you could build in this mod inside a rom for me?
Normally i flash it as a zip file via a custom recovery so it's in the system files. but maybe you could edit it in there before the rom get flashed via odin? I could give you the zip, if u dont find it. It would be really nice!
Greetings from germany
Click to expand...
Click to collapse
we could try, could you point me to a rom that has the specified libraries for Dolby?

Thank you, for the fast answer!
Here is the flashable zip of the Dolby Atmos, mod i used successfully on my other devices:
Mega
Greetings

Nando14sunny said:
Thank you, for the fast answer!
Here is the flashable zip of the Dolby Atmos, mod i used successfully on my other devices:
Mega
Greetings
Click to expand...
Click to collapse
Ok, wish granted, updated the ROM to include Dolby ATMOs, just redownload the ROM from the link in the main post.

jedld said:
Ok, wish granted, updated the ROM to include Dolby ATMOs, just redownload the ROM from the link in the main post.
Click to expand...
Click to collapse
Wow thank you! I'll test it right now
Edit:
It works like a charm! You really improved my devie with it!

Hi,
If it's not too troublesome, perhaps the next version can symlink the host file to a r/w folder so that ads can be blocked.
Thanks.

venomrat said:
Hi,
If it's not too troublesome, perhaps the next version can symlink the host file to a r/w folder so that ads can be blocked.
Thanks.
Click to expand...
Click to collapse
Possible, though the only r/w partition is data and cache, and it may potentially cause problems when you suddenly try to do a wipe. I'm working on deodexing and porting xposed framework for now. Either that if you've got some IP addresses that need to be blocked I can create an edition that has those entries. I'll see what I can do though there might be away to do it without breaking factory reset/wipe cache.

jedld said:
Possible, though the only r/w partition is data and cache, and it may potentially cause problems when you suddenly try to do a wipe. I'm working on deodexing and porting xposed framework for now. Either that if you've got some IP addresses that need to be blocked I can create an edition that has those entries. I'll see what I can do though there might be away to do it without breaking factory reset/wipe cache.
Click to expand...
Click to collapse
No hurry. I can wait. What you are doing now is more important. :good:

venomrat said:
No hurry. I can wait. What you are doing now is more important. :good:
Click to expand...
Click to collapse
Wish Granted. As a bonus, the latest version of the ROM is now deodexed and Xposed, please refer to the main post for the updates.
Feedback is appreciated.

How can i change the dpi?
Sent from my SM-T285 using XDA-Developers mobile app

corzradio said:
How can i change the dpi?
Sent from my SM-T285 using XDA-Developers mobile app
Click to expand...
Click to collapse
May need to modify build.prop, you may do this yourself here:
http://forum.xda-developers.com/galaxy-tab-a/how-to/guide-samsung-galaxy-tab-7-0-sm-t285-t3438296
Also there may be an Xposed framework modules that do that. Not sure though since I'm ok with the stock DPI

jedld said:
Wish Granted. As a bonus, the latest version of the ROM is now deodexed and Xposed, please refer to the main post for the updates.
Feedback is appreciated.
Click to expand...
Click to collapse
Thanks. Will need to find time to re-flash this weekend.

Regarding xposed have you actually tested any other modules that need root?
I already built a rom with xposed but it was all but useless because pretty much all the modules I use need root.

most of those I tried don't need root so far (youtube adaway, pokemon go iv). Haven't tried those that need root but I suppose those wouldn't work.

I use app settings and it works for dpi change, and you are welcome. I am glad to test stuff, its fun haha. If anyone has questions about t280 you can ask me

how can i boost the volume? since its not rooted i cant find the mixer.xml

Use Janus vulnerability to get root access?

Hello,
let's assume I have a super-secure Android phone that's known for not being rootable. Let's also assume, I've successfully tried the Janus vulnerability and was able to replace the classes.dex of a system app with a slightly modified one.
As far as I understand it, using the Janus vulnerability, you can only replace the classes.dex but no resources. So whatever is in the classes.dex can only work with the resources already there.
Now the big question: Is there any classes.dex that doesn't depend on specific resources and that I could use to get e.g. a root shell?

I'll try to change a System app to gain higher rights, but i doubt this will be enough to write to system.
github.com/wegeneredv-de/CVE-2017-13156

Use Janus vulnerability to get root access ?
No, I think you can't really. It is maybe possible to root using this exploit by editing a system app because system apps have more rights than "normal" apps which are installed in /data partition. If you really want to use janus exploit to root your phone, try to find a privilege escalation exploit and edit an app to make it execute the exploit. But I think "normal" rooting methods are more efficients. You can install any app on your phone or update any apps, so you don't need Janus. Executing privilege escalation exploit is the only way to root your phone with no (not at 100% true, you can root your phone using recovery, but it is not the subject)
I hope I have helped you,
Have a n1ce day,
Luca
PS : Don't hesitate to thanks me

Yes, you can. You can edit the system upgrade app to make it install a special package (that should be signed by recovery) to root your phone I think.

lucahack said:
Yes, you can. You can edit the system upgrade app to make it install a special package (that should be signed by recovery) to root your phone I think.
Click to expand...
Click to collapse
There's no easier way? Something like copying a "su" binary to somewhere and setting a few filesystem permissions?

mbirth said:
There's no easier way? Something like copying a "su" binary to somewhere and setting a few filesystem permissions?
Click to expand...
Click to collapse
The easiest way is to flash supersu in a custom recovery to root. (link to supersu flashable : https://s3-us-west-2.amazonaws.com/supersu/download/zip/SuperSU-v2.82-201705271822.zip )

lucahack said:
Yes, you can. You can edit the system upgrade app to make it install a special package (that should be signed by recovery) to root your phone I think.
Click to expand...
Click to collapse
I've been looking into that for awhile. I thought it was possible using dirtycow also maybe.
How would a special package still be usable and signed by the recovery?
Wouldn't modification break the recovery signing?

Delgoth said:
I've been looking into that for awhile. I thought it was possible using dirtycow also maybe.
How would a special package still be usable and signed by the recovery?
Wouldn't modification break the recovery signing?
Click to expand...
Click to collapse
If you extract your ota certs from a valid OTA and sign the injected update.zip with those valid signatures it may be possible. That's the latest I've been looking into but the updater binaries are so complicated I don't know how it will work. I think the best option is smali edit within an app like testmode.apk on the K1 that can manipulate system properties and shared preferences. Once you can allow the properties to allow insecure adb or debuggable = true or secure = false you can do the rest of the work in adb. But BB probably has protections that will nullify on reboot.

jcrutchvt10 said:
If you extract your ota certs from a valid OTA and sign the injected update.zip with those valid signatures it may be possible. That's the latest I've been looking into but the updater binaries are so complicated I don't know how it will work. I think the best option is smali edit within an app like testmode.apk on the K1 that can manipulate system properties and shared preferences. Once you can allow the properties to allow insecure adb or debuggable = true or secure = false you can do the rest of the work in adb. But BB probably has protections that will nullify on reboot.
Click to expand...
Click to collapse
I have the Verizon test keys for the G925V 4CPI2 6.0.1, but my s6 edge is currently out of commission until I can find the signed bootloader binaries to upload to the device over the serial port. SDB and SDC are completely gone. I need to inject the data, but don't know the map of the sboot.bin
I had the same idea though. I'm glad I wasn't the only one. It got lost in the cracks because of other projects going on. I saw some malware one time that would install itself by piggybacking on the ota system update process, when you scheduled the update to occur five minutes from the current time. And that process I do believe relied on using a modified CSC or Cache once the process started.