Better Mobile App

[ROOT] NachoRoot - Honeycomb

For IceCream Sandwich
Please see http://forum.xda-developers.com/showthread.php?t=1439429 instead.
Honeycomb and ICS users:
Download, install and setup OTA Rootkeeper. Not optional if you want to keep root after OTAs.
https://market.android.com/details?id=org.projectvoodoo.otarootkeeper
Special thanks to -viperboy- for putting his Prime on the line during testing, and Hawkysoft for convincing me to look in the first place.
*Donations*
Are 100% optional. If you want to, take your pick, paypal to your left, apps below, or find a nice charity.
https://market.android.com/details?id=net.andirc.jcasedonate
https://market.android.com/developer?pub=Cunning+Logic
Release and Downloads :
http://download.cunninglogic.com/nachoroot.bin
http://download.cunninglogic.com/su
http://www.androidpolice.com/2012/0...nsformer-prime-even-with-the-newest-firmware/
This is the support thread, feel free to ask questions here. Please do not redistribute my exploit.
adb push nachoroot.bin /data/local/
adb shell chmod 777 /data/local/nachoroot.bin
adb shell /data/local/nachoroot.bin --stage1
adb reboot
<wait for boot>
adb shell /data/local/nachoroot.bin --stage2
adb reboot
<wait for boot>
adb shell id
<if id is 0 / root then continue, else start over>
adb remount
adb push su /system/xbin/su
adb shell chown 0.0 /system/xbin/su
adb shell chmod 06755 /system/xbin/su
adb shell /data/local/nachoroot.bin --undo
adb reboot
Go install superuser from market:
https://market.android.com/details?id=com.noshufou.android.su

Thanks jcase.
I used all my thanks for today so you will get one when I get some more

adb shell chmod 06755 /system/xbi/su <--typo
adb shell chmod 06755 /system/xbin/su

wow that release was quicker than I tought... my prime arrives tomorrow.. after unboxing this is the first step...

Cannot wait until Thursday to try this out!

Good stuff. Can't wait for my replacement to come in.

Thanks! quick question. Will this be converted into an apk or app for one-click type method? for people with no immediate access to PC. since I've gotten my Ipad then now Prime, I haven't ever had a need to use my almost 10yr. old PC..lol. its slow as molasses. that's why I jailbroke my Ipad so i wouldn't need to connect to PC for iTunes for media n stuff.
just asking

demandarin said:
Thanks! quick question. Will this be converted into an apk or app for one-click type method? for people with no immediate access to PC. since I've gotten my Ipad then now Prime, I haven't ever had a need to use my almost 10yr. old PC..lol. its slow as molasses. that's why I jailbroke my Ipad so i wouldn't need to connect to PC for iTunes for media n stuff.
just asking
Click to expand...
Click to collapse
Not possible at this time, will investigate root via app once I have a prime in hand, no guarantees however.

demandarin said:
Thanks! quick question. Will this be converted into an apk or app for one-click type method? for people with no immediate access to PC. since I've gotten my Ipad then now Prime, I haven't ever had a need to use my almost 10yr. old PC..lol. its slow as molasses. that's why I jailbroke my Ipad so i wouldn't need to connect to PC for iTunes for media n stuff.
just asking
Click to expand...
Click to collapse
Don't really need a "fast" computer for ADB lol. It just needs a USB port.

demandarin said:
Thanks! quick question. Will this be converted into an apk or app for one-click type method? for people with no immediate access to PC. since I've gotten my Ipad then now Prime, I haven't ever had a need to use my almost 10yr. old PC..lol. its slow as molasses. that's why I jailbroke my Ipad so i wouldn't need to connect to PC for iTunes for media n stuff.
just asking
Click to expand...
Click to collapse
+ 1 that would be awesome but ifyou can't no big deal
Edit just saw Jcase answer will not be rooting yet but thank you anyways good job you are a hero

jcase said:
Not possible at this time, will investigate root via app once I have a prime in hand, no guarantees however.
Click to expand...
Click to collapse
sounds good enough. thanks again. no big deal. just wondering.
RussianMenace said:
Don't really need a "fast" computer for ADB lol. It just needs a USB port.
Click to expand...
Click to collapse
if you knew how long it took for my PC to boot up and open an app, you'd ask also.. It does have usb ports, its not that old..lmao. its all good. still deciding if I want to give it a shot now or wait till after ICS.

Very nice work. Is there any way to revert this root?
For everybody considering doing this, do note that ICS is scheduled to release 12 January. Trying to update/upgrade a rooted/hacked tablet MIGHT BRICK your Prime.
So it could be wise for the majority of users to wait untill ICS before trying to root.

JCreations said:
Very nice work. Is there any way to revert this root?
For everybody considering doing this, do note that ICS is scheduled to release 12 January. Trying to update/upgrade a rooted/hacked tablet MIGHT BRICK your Prime.
So it could be wise for the majority of users to wait untill ICS before trying to root.
Click to expand...
Click to collapse
mount system, delete su
Why would it brick if they just installed su (really dont know, would like to look into preventing it)

Process went flawlessly. Thank you jcase.
I must say the build.prop and standard gps.conf are decidedly empty, weird.

FREAKING AWESOME WORK!!! Thank you Jcase...Worked like a charm no hicups or glitches...we are now one step closer to Recoveries and Roms...
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}

Doktaphex said:
Proces went flawlessly, I must say the build.prop and standard gps.conf are decidedly empty, weird.
Click to expand...
Click to collapse
odd, NachoRoot doesn't write to system so im guessing thats normal?

jcase said:
odd, NachoRoot doesn't write to system so im guessing thats normal?
Click to expand...
Click to collapse
That's entirely my point. It just seems odd that they're so empty (maybe not so much gps.conf).

jcase said:
mount system, delete su
Why would it brick if they just installed su (really dont know, would like to look into preventing it)
Click to expand...
Click to collapse
I'm not that into programming/rooting, therefor my emphasis on might. For the majority of users it might be just safer to wait those 9 days until ICS.

jcase said:
mount system, delete su
Why would it brick if they just installed su (really dont know, would like to look into preventing it)
Click to expand...
Click to collapse
JCreations said:
I'm not that into programming/rooting, therefor my emphasis on might. For the majority of users it might be just safer to wait those 9 days until ICS.
Click to expand...
Click to collapse
Since ASUS uses BLOBs for updates, it will most likely just over-write the system folder anyway. No more 'SU', but also no brick!

MarkF001 said:
Since ASUS uses BLOBs for updates, it will most likely just over-write the system folder anyway. No more 'SU', but also no brick!
Click to expand...
Click to collapse
Then I don't see the concern, re-run the root

[Q] ROOT exploit GT-A9500 Android 4.2.0 MT6589-C920-EN-V08

Greetings,
I have bought one cheep smartphone from china for my sister (the last two quite expensive smartphones stopped working after "diving and free falling course" . So I decied to buy for her some cheeper device. It is an Android and it looks like an samsung, but it is this phone http://www.antelife.com/htm-a9500-s...tft-screen-256mb-256mb-dual-camera-white.html .
After Avast installation a found in the system app which has root rights (It is not possible to uninstall it), which was marked as an Trojan ( Android: Agent-AXY [Trj] ). It is probably UI app, which imitate Samsung UI ( CooeeUI launcher (version iLoongS4vHD2.1.0.10.11138.130628 ).
I tried to root it using framaroot (On my phone framaroot was working well), but app displayed a notice with message "It is probably not possible to root this device with framaroot" or something like that and the app closed itself.
I found one other sw on this page (here http://forum.xda-developers.com/showthread.php?t=2403230&page=3 ), but I'm worry to try it after reading the last post because of malware infection risk (I really don't want to send somewhere to China IMEI and whatever else...).
Here I write some details about SW and HW of the phone:
Model: GT-A9500
Core version: GT-A9500 Quad-Core ( :fingers-crossed: )
Software version: MT6589-C920-EN-V08
Hardware version: C920-V1.02
Could I ask somebody for help? Is there any exploit for this phone or any other possibility to root it? I would need kick this china apps off this phone.

trojan removing
Is there any way to remove infected UI launcher without root rights?

I may be able to help you get it rooted. Search play store for SRT Appscanner and install it. Then run app and see if either bug listed says vulnerable.
Sent from my SAMSUNG-SGH-I337 using xda app-developers app

Ok. Thank's a lot. I'll do it on thursday. I have no access to the device now (because the owner is away).

kybrex said:
Is there any way to remove infected UI launcher without root rights?
Click to expand...
Click to collapse
I have sucsefully rooted this phone but the phone is a pos hands down it sucks I am in USA and it states it'll work with USA services but it does not it also is only a single core phone all specs are a lie
Sent from my SGH-T959 using XDA Premium 4 mobile app

Klown80: Bug 8219321, 9950697 are not fixed. Is it possible to root the device via this vulnerabilities?
Hopsin4444: I know that this device has not Quad-Core CPU. And in Europe works quite well. How did you root this device? Could you send me any link, where can I download exploit for rooting this phone?

kybrex said:
Klown80: Bug 8219321, 9950697 are not fixed. Is it possible to root the device via this vulnerabilities?
Hopsin4444: I know that this device has not Quad-Core CPU. And in Europe works quite well. How did you root this device? Could you send me any link, where can I download exploit for rooting this phone?
Click to expand...
Click to collapse
Yes it is most likely possible then. Go here:
http://forum.xda-developers.com/showthread.php?t=2442491
It is directions for rooting the Sero 7 Lite but the directions will work for your device. (Except for part in beginning about accepting any updates, you can ignore that part)

Klown80 said:
Yes it is most likely possible then. Go here:
http://forum.xda-developers.com/showthread.php?t=2442491
It is directions for rooting the Sero 7 Lite but the directions will work for your device. (Except for part in beginning about accepting any updates, you can ignore that part)
Click to expand...
Click to collapse
This is what i used as well worked great
http://forum.xda-developers.com/showthread.php?t=2442491
Sent from my LG-P769 using XDA Premium 4 mobile app

Trying Cydia Impactor
I successfully installed SnapPea and connected the phone to my computer with Win 7. Then I started Cydia Impactor - after selecting "drop ... SU" and pressing the start button I see "Testing #9950697". It is quite long time and nothing happend (about 10 mintes) How long should it take? Shall I wait more time?

kybrex said:
I successfully installed SnapPea and connected the phone to my computer with Win 7. Then I started Cydia Impactor - after selecting "drop ... SU" and pressing the start button I see "Testing #9950697". It is quite long time and nothing happend (about 10 mintes) How long should it take? Shall I wait more time?
Click to expand...
Click to collapse
Open a command prompt in the folder you have ADB.exe in and check to see if ADB is seeing your device. ( do this by opening the folder adb.exe is located in then press and hold shift key and right click on the white space at bottom of folder, then select "open command prompt here". Type:
adb devices
in to the black command prompt and hit enter, see if it shows a device listed under Devices attached.) It shouldnt take more than a minute to complete so I would say make sure USB debugging is on and make sure the PC can see the phone via adb since that is what Impactor uses to root the phone (like lost other root exploits too actually)
Also - you need to leave Snap pea window open for adb to work, I dont know why but even though it installs adb driver for you, you need to leave the snap pea window open or it wont see phone in adb.
Hope this helps!

USB debugging is checked and I leave Snap pea window open. If I try to close it, connection with the phone get lost and Cydia Impactor display an error message. If I leave the Snad pea open, C Impactor works, but after more than 10 minutes I see still only Testing #.... Is there some chance to root this chineese **** od should I use it as an hammer?

kybrex said:
USB debugging is checked and I leave Snap pea window open. If I try to close it, connection with the phone get lost and Cydia Impactor display an error message. If I leave the Snad pea open, C Impactor works, but after more than 10 minutes I see still only Testing #.... Is there some chance to root this chineese **** od should I use it as an hammer?
Click to expand...
Click to collapse
Impactor should work. I would say it is a connection issue. Did the device show up under devices attached when you ran adb devices command?
If you still have trouble getting it to work, you can try this method:
http://forum.xda-developers.com/showpost.php?p=43163569&postcount=7

Klown80 said:
Impactor should work. I would say it is a connection issue. Did the device show up under devices attached when you ran adb devices command?
If you still have trouble getting it to work, you can try this method:
http://forum.xda-developers.com/showpost.php?p=43163569&postcount=7
Click to expand...
Click to collapse
E:\adt-bundle-windows-x86_64-20130729\sdk\platform-tools>adb devices
List of devices attached
19761202 device
This is output from cmd adb devices. It means, that the phone is connected? No other device is connected, so I expected, that the number 19761202 represents the phone I want to root. But the C Impactor still do nothing. I check HW manager in Win 7 and I see ADT drivers OK, but phone drivers looks strange, but Snap Pea is working. I don't understand...
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}

Klown80 said:
If you still have trouble getting it to work, you can try this method:
http://forum.xda-developers.com/showpost.php?p=43163569&postcount=7
Click to expand...
Click to collapse
VRoot cannot connect this device too. After a few minutes it displays red cross and green button for rooting is grey. ****...

kybrex said:
VRoot cannot connect this device too. After a few minutes it displays red cross and green button for rooting is grey. ****...
Click to expand...
Click to collapse
Phones a terd sell it
Sent from my SGH-T999 using XDA Premium 4 mobile app

[Q] Llama Root Access

Hi
Ever since I rooted my GS3 I9300 I have been getting the following error message on a regular basis" "Error-Llama could not get root access in time. Check your SU settings"
Any clues on what I need to do to allow Llama to do its thing in real time?.

What root ??

Warthog01 said:
Hi
Ever since I rooted my GS3 I9300 I have been getting the following error message on a regular basis" "Error-Llama could not get root access in time. Check your SU settings"
Any clues on what I need to do to allow Llama to do its thing in real time?.
Click to expand...
Click to collapse
Does LIama shown as root-granted in superSU app?
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Sent from my GT-I9300 using Tapatalk

JJEgan said:
What root ??
Click to expand...
Click to collapse
Sorry--I'm a bit of a root newbie. Don't understand the question--I rooted a few months ago--no problems other than the Llama stumble.

LLama Root access
amirTor said:
Does LIama shown as root-granted in superSU app?
Sent from my GT-I9300 using Tapatalk
Click to expand...
Click to collapse
AmirTor
Not specifically (as in your screenshot). How do I add it?
BTW there are numerous instances of Llama in the SU log??

Warthog01 said:
AmirTor
Not specifically (as in your screenshot). How do I add it?
BTW there are numerous instances of Llama in the SU log??
Click to expand...
Click to collapse
I think that @JJEgan meant- what tool did you use in order to root your device (CF-autoRoot, etc)
Anyway- is there a running app which uses root permissions other than Llama? If true- try to clean superSU log, reboot and see if Llama gets recognized by SuperSU.
if false- try to check other root apps, and if the issue stays the same- try to reflash root using newest CF-autoRoot (otherwise- reinstall Llama)
Sent from my GT-I9300 using Tapatalk

amirTor said:
I think that @JJEgan meant- what tool did you use in order to root your device (CF-autoRoot, etc)
Anyway- is there a running app which uses root permissions other than Llama? If true- try to clean superSU log, reboot and see if Llama gets recognized by SuperSU.
if false- try to check other root apps, and if the issue stays the same- try to reflash root using newest CF-autoRoot (otherwise- reinstall Llama)
Sent from my GT-I9300 using Tapatalk
Click to expand...
Click to collapse
OK, thanks. I've cleaned the log and rebooted. I think SU recognizes Llama--from the way the error message is worded it appears it doesn't recognize it quickly enough to trigger the action.

JJEgan said:
What root ??
Click to expand...
Click to collapse
Ahh, AmirTor set me straight. I'm sure it was CF-autoRoot

Warthog01 said:
OK, thanks. I've cleaned the log and rebooted. I think SU recognizes Llama--from the way the error message is worded it appears it doesn't recognize it quickly enough to trigger the action.
Click to expand...
Click to collapse
Look in settings I think you can extend the time it takes for SU to recognize apps gaining root access...I'm using a rom with SU inbuilt and you can change the length of time it takes to detect not sure if the app version as that feature?

tallman43 said:
Look in settings I think you can extend the time it takes for SU to recognize apps gaining root access...I'm using a rom with SU inbuilt and you can change the length of time it takes to detect not sure if the app version as that feature?
Click to expand...
Click to collapse
Thanks, Tallman
There's nothing that specifically refers to extending recognition times, but there are a couple that might apply: Re-authentication, enable during boot, Trust system user, etc--I'll give 'em a try.

Was this issue ever resolved? I'm getting the same problem.

LLama Root access
No, never resolved and I'm still getting the message.

Warthog01 said:
No, never resolved and I'm still getting the message.
Click to expand...
Click to collapse
I ran Llama fine on 4.2.2 stock for a year or so. When I switched to 4.4.2 WanamLite (stock less Knox) I started getting the message. I got SuperSU pro to enable logging.
My morning action turns airplane mode off, turns sync on, turns wifi on, then runs a bunch of things like facebook, email, etc to sync. I get the exclamation mark and the message at the top of the thread when this runs, or when the similar evening action runs. I'm getting the following log entries when it goes out of airplane mode (in approx these colors). Nothing in supersu says anything about delays.
1.
settings put global airplane_mode_on 0
exit
Warning: App_process has text relocations. This is wasting memory and is a security risk. Please fix.
2.
am broadcast
a android.intent.action.AIRPLANE_MODE -e llama.sender llama -e state false
exit
Warning: App_process has text relocations. This is wasting memory and is a security risk. Please fix.
Boradcasting: Intent (etc).
Broadcast completed: result=0

Ok, I have a solution or workaround, but not a full explanation.
It seems permissions and such have changed between 4.2.2 and 4.4.2 and Llama isn't compatible, or maybe it's just not possible. The trick is to use the secure settings app, and enable the System+ Module inside it. I think I also made Secure Settings a device admin, just in case, but unsure if that's required. Then go to the compatible apps tab and click llama help for instructions.
Basically, in Llama, instead of using the built in airplane mode commands you add an action "locale plugin", then choose "secure settings", "root actions", then "airplane mode". That lets you turn it on, off, or toggle.
If you purchase secure settings pro (about $1.50, in-app purchase via google play) you get access to a shutdown and reboot command. I can't find any other way to do this - even via a shell where you can usually do it the shutdown/reboot commands don't seem to be there.
Sorted!

Same problem here with a Moto X with root and it shows up as having root access in SuperSu.

atomb said:
Same problem here with a Moto X with root and it shows up as having root access in SuperSu.
Click to expand...
Click to collapse
Did you read the solution, one post up from yours on page 2?

commandonz said:
Ok, I have a solution or workaround, but not a full explanation.
It seems permissions and such have changed between 4.2.2 and 4.4.2 and Llama isn't compatible, or maybe it's just not possible. The trick is to use the secure settings app, and enable the System+ Module inside it. I think I also made Secure Settings a device admin, just in case, but unsure if that's required. Then go to the compatible apps tab and click llama help for instructions.
Basically, in Llama, instead of using the built in airplane mode commands you add an action "locale plugin", then choose "secure settings", "root actions", then "airplane mode". That lets you turn it on, off, or toggle.
If you purchase secure settings pro (about $1.50, in-app purchase via google play) you get access to a shutdown and reboot command. I can't find any other way to do this - even via a shell where you can usually do it the shutdown/reboot commands don't seem to be there.
Sorted!
Click to expand...
Click to collapse
Thanks for this solution. Works perfect !
$1.50 is really cheap for that nice app

burnout said:
Thanks for this solution. Works perfect !
Click to expand...
Click to collapse
Hit thanks if it helped

[Mod] Unlock Verizon Hidden Menu

-All credit for this method belongs to @xdabbeb from this thread: http://forum.xda-developers.com/showthread.php?t=2467302 All I did was gather the necessary elements and test to see if this would work on the G3 as it did on the G2.
-Please thank him for the great work he has done for finding and executing this method originally for the Verizon G2.
-Another shout out to @rickleasa for extracting and providing the hiddenmenu.apk from the AT&T G3 rom.
So Verizon as usual has hidden some features from the stock lg rom that other variants have access to, in this case the hidden menu that is typically accessed via a code entered into the dialer. This method will unlock this option for us - though you will not be able to access it via the dialer (well, not that I know of...yet), its accessed through adb or terminal.
Step 1: Download the hiddenmenu.apk at the link at the bottom of the post. The apk is unaltered (not deodexed) from the AT&T build. The Odex file is not needed.
Step 2: Manually past the apk into system/app and set permissions to rw-r-r- using your preferred root file manager, then reboot.
Step 3: From adb: (assuming you have adb set up and operational) type adb shell (then enter), su (then enter), and enter the command, or from terminal: type su (then hit enter) to gain root, then enter the command (press enter after entering or pasting the command). Command here:
am start -a android.intent.action.MAIN -n com.lge.hiddenmenu/com.lge.hiddenmenu.HiddenMenu
-The hidden menu will then open up and your good to start breaking your phone as you see fit!!
-The most common use for this is to fix Knock-on if you ever break it (Flashing international ports has a tendency to break hardware functions). This is done by accessing the hidden menu and going to HW Device Test/Touch Test/Touch Firmware Upgrade. Wait 10 seconds after updating to see if the fix worked.
-You can do lots of damage in there so be careful!! There's also many other fun things to do as well.
If someone finds a dial code that will execute this menu after the apk is installed, please post it :good:
Updated Codes: Verizon Hidden Enable/Disable menu: ##3328873 + send + 000000

Here's what you'll get:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}

##PROGRAM985, Call, Enter "000000" for code opens vzw field test. Still poking around for LG menu.
OG RAZR XT912 got 4.4 before S4!

anyway to tell band 4 from this menu?

This can also be run from Android Terminal Emulator on the phone. I stuffed the "am..." line into a file called "hiddenmenu", put that in /system/bin/
-Launch Terminal Emulator
-su
-hiddenmenu
Hidden Menu will launch
Back in Terminal Emulator:
-exit
-exit
The above may also need busybox -- not sure, as I had already installed that app.

markfm said:
This can also be run from Android Terminal Emulator on the phone. I stuffed the "am..." line into a file called "hiddenmenu", put that in /system/bin/
-Launch Terminal Emulator
-su
-hiddenmenu
Hidden Menu will launch
Back in Terminal Emulator:
-exit
-exit
The above may also need busybox -- not sure, as I had already installed that app.
Click to expand...
Click to collapse
Cool shortcut... Still hoping someone cracks the dialer entry.

Is there any other way to block OTA's other then this menu?

Anyone figure out how to turn off OTA using HiddenMenu on VZW?
There is a "Wi-Fi setting -LG" section, however when I select "OTA Setting" it throws an error, resets to the main menu page.
Alternately, I'm thinking perhaps use Titanium Backup to freeze "System updates 1_13_10_0"?
(Edit: I also froze keychain, as I've seen doing that mentioned several times. This could be good, bad, or indifferent, but i's what I've tried.)

markfm said:
Anyone figure out how to turn off OTA using HiddenMenu on VZW?
There is a "Wi-Fi setting -LG" section, however when I select "OTA Setting" it throws an error, resets to the main menu page.
Alternately, I'm thinking perhaps use Titanium Backup to freeze "System updates 1_13_10_0"?
Click to expand...
Click to collapse
I was thinking TiBu myself. Haven't tried it yet. Froze all the other bloat
LG G3 flies faster than a G6
OG RAZR XT912 got 4.4 before S4

If ##LGSERVICEMENU doesn't work, then it's possible they changed it...Or more likely it's blocked again and will require a framework mod. If that's the case let me know.

xdabbeb said:
If ##LGSERVICEMENU doesn't work, then it's possible they changed it...Or more likely it's blocked again and will require a framework mod. If that's the case let me know.
Click to expand...
Click to collapse
It does not, neither do any variations of the newly found sprint codes, or the standard other varients codes.

The HiddenMenu apk works for some items that appear, others crash the app. For example, on my phone BT_TEST says that Settings has stopped, then returns to the main menu, while Device_Test kills HiddenMenu, though doesn't do anything bad. Progress

So with this, is it possible to stop OTAs yet? Or people are still poking around to find the right combo?

HiddenMenu would likely be a "No" for stopping VZW OTA, since you can't actually get to that setting.
Freezing System updates (and maybe keychain?) will likely work, though I'm waiting for someone more experienced to chime in.

markfm said:
HiddenMenu would likely be a "No" for stopping VZW OTA, since you can't actually get to that setting.
Freezing System updates (and maybe keychain?) will likely work, though I'm waiting for someone more experienced to chime in.
Click to expand...
Click to collapse
Yes, freezing system updates will stop any ota from auto installing, but will also stop any ota notification (you won't know if one is available). LG handles OTA's differently from other manufacturers where you can disable the action of installing an ota separately from being notified of one. Also, on the g2 (and I assume the g3), you had to manually allow the ota to install, it wouldn't do it on its own, but why risk it? Freeze it, and I'm sure you'll still know when there's an ota here on xda immediately.

Doesnt uninstalling bloat also break ota? Could have swore that was the case with one of my older phones

Annoyingduck -- is freezing keychain also good/needed, or is freezing "system updates" probably enough? Thanks!
(Having fun poking at HiddenMenu, interesting things in there.)

markfm said:
Annoyingduck -- is freezing keychain also good/needed, or is freezing "system updates" probably enough? Thanks!
(Having fun poking at HiddenMenu, interesting things in there.)
Click to expand...
Click to collapse
It shouldn't be needed, but all bets are still off because of the many changes Verizon made. I'm comparing the international build and soon one of the other us carrier builds to find out what else big red has pulled. I can tell you with certainty that we are missing some "stock" apks and possibly some sync items that may or may have not been removed to allow some of verizons new cr-apps! That new Verizon messaging app may be the scariest thing I've seen from Verizon in a while... Who knows who's on the other end of that!
I still can't figure out what is hiding the weather app even though it's technically installed. Using a nova shortcut gives you access to it as a temp fix.

annoyingduck said:
-All credit for this method belongs to @xdabbeb from this thread: http://forum.xda-developers.com/showthread.php?t=2467302 All I did was gather the necessary elements and test to see if this would work on the G3 as it did on the G2.
-Please thank him for the great work he has done for finding and executing this method originally for the Verizon G2.
-Another shout out to @rickleasa for extracting and providing the hiddenmenu.apk from the AT&T G3 rom.
So Verizon as usual has hidden some features from the stock lg rom that other variants have access to, in this case the hidden menu that is typically accessed via a code entered into the dialer. This method will unlock this option for us - though you will not be able to access it via the dialer (well, not that I know of...yet), its accessed through adb or terminal.
Step 1: Download the hiddenmenu.apk here: https://mega.co.nz/#!yUgmBRZK!Fy3Iq5_vvdTVpsY9dNXz00Yxv9qH1k8Q-LrTKFVFcGM or at the link at the bottom of the post. The apk is unaltered (not deodexed) from the AT&T build. The Odex file is not needed.
Step 2: Manually past the apk into system/app and set permissions to rw-r-r- using your preferred root file manager, then reboot.
Step 3: From adb: (assuming you have adb set up and operational) type adb shell (then enter), su (then enter), and enter the command, or from terminal: type su (then hit enter) to gain root, then enter the command (press enter after entering or pasting the command). Command here:
am start -a android.intent.action.MAIN -n com.lge.hiddenmenu/com.lge.hiddenmenu.HiddenMenu
-The hidden menu will then open up and your good to start breaking your phone as you see fit!!
-The most common use for this is to fix Knock-on if you ever break it (Flashing international ports has a tendency to break hardware functions). This is done by accessing the hidden menu and going to HW Device Test/Touch Test/Touch Firmware Upgrade. Wait 10 seconds after updating to see if the fix worked.
-You can do lots of damage in there so be careful!! There's also many other fun things to do as well.
If someone finds a dial code that will execute this menu after the apk is installed, please post it :good:
Click to expand...
Click to collapse
Hey Duck- will I be able to access the LG built in Call Reject with this method? So annoying that Verizon has removed it!
Thank you for the reply
Scoob

scooby-snack said:
Hey Duck- will I be able to access the LG built in Call Reject with this method? So annoying that Verizon has removed it!
Thank you for the reply
Scoob
Click to expand...
Click to collapse
Not that I've found. Seems to have been removed from the framework from what I can tell - unless again, it's hidden

How to root the Amazon Fire TV 2 box running latest software version 5.2.6.8

I can confirm that this process works on Update v5.2.6.8. Any other version beyond that your mileage may vary. "ADB debugging" and "Apps from Unknown Sources" should be enabled. I would like to thank the following members because without their resources this walkthrough wouldn't have been possible: @diplomatic for the exploit, @el7145 for leaving a cookie crumb trail of clues within his comments in this thread which I had to follow like the yellow brick road in order to repeat his success, @rbox for the custom recovery and pre-rooted image, and @AFTVnews.com because if it hadn't been for your article I probably would've never gotten my AFTV device rooted in time before the 5.2.6.9 OTA update. Oh, I almost forgot... and thanks @Chainfire for SuperSU . And also @teamfresno for the advice.
ACHIEVING TEMPORARY ROOT PERMISSIONS
1. Download and install ADB on your PC.
2. Download "mtk-su_r4.zip" and extract "arm64" folder in ADB install directory (C:\adb).
3. Run command below:
Code:
adb connect 192.168.0.XX
(IP address of your Fire TV device)
4. Transfer mtk-su to your /data/local/tmp folder:
Code:
adb push C:/adb/arm64/mtk-su /data/local/tmp/
5. Open an adb shell:
Code:
adb shell
6. Change to your tmp directory:
Code:
cd /data/local/tmp
7. Add executable permissions to the binary:
Code:
chmod 755 mtk-su
8. Run the exploit:
Code:
./mtk-su
NOTE – The following line should display:
New UID/GID: 0/e
9. Ensure that mtk-su succeeded in setting selinux to permissive by typing the following command:
Code:
getenforce
INSTALLING TWRP & SLOANE
1. Download rbox's TWRP custom recovery and the latest pre-rooted ROM from your PC and copy it to the root of a USB stick [or microSD card].
2. Connect the USB stick [or microSD] to your AFTV2.
3. Change to USB Storage directory:
Code:
cd /storage/usbotg/
NOTE – If recovery is on microSD
Code:
cd /storage/sdcard1
4. Run the zip file. This will automatically run SU:
Code:
sh /storage/usbotg/firetv2_recovery_v7.zip
If recovery is on microSD
Code:
sh /storage/sdcard1/firetv2_recovery_v7.zip
NOTE – It should print out a following lines:
Extracting unzip...
Remounting /system read-write...
Extracting...
Remounting /system read-only...
5. Reboot to Recovery:
Ctrl+C (closes out previously ran script)
Code:
adb reboot recovery
6. Your AFTV2 should reboot to a black screen displaying the Amazon logo, followed by a prompt stating that the device will automatically restart, but if not to unplug then re-plug the power source. It will not automatically restart, but DO NOT unplug the device yet.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
7. If you copied the recovery and ROM onto a USB stick then you will need to disconnect it from the AFTV2, and connect a USB hub with at least 2 ports to the AFTV2, and connect both a USB keyboard and the USB stick to the hub at this time. If you copied the recovery and ROM onto a microSD then connect a keyboard to the empty USB port at this time.
8. Now unplug then re-plug the power source and you will be presented with the TWRP splash screen.
9. At the boot menu, press the RIGHT arrow key on the USB keyboard to boot into TWRP recovery.
NOTE – whatever you do DON'T let your AFTV2 idle for too long on the initial recovery boot menu screen or it will time out thus restarting, requiring you to repeat the prior steps.
10. Use the arrow keys to select the "Install" in TWRP.
11. "Select Storage", and choose the location where you stored the pre-rooted ROM.
12. Select "Swipe to Confirm Flash" to start the installation.
13. Select "Reboot System" once the file has finished installing in order to restart the AFTV2.
For those feeling a little adventurous/ambitious then feel free to follow this guide created by @g422 as he discuses where to go from here by delving into other avenues to truly tap into the power of your AFTV2 such as what's "Xposed" and the benefits it offers for rooting your device, and also how to backup your current Fire OS install using TWRP.
Also shouts out to @PhoenixMark who created a guide for Mac users based on my write-up as how to enable root here.

This will work if we have a bricked device stuck on the Amazon logo?

Thanks for this! can't wait till I get home and finish the process with your guide. Other guides had my head spinning. Achieved temp root but no mention of pushing super su.

Oh wow, looks like that exploit spread like wildfire!!
Wonder if anybody will see if this works for the firestickv2 (I don't trust myself to crack the case of mine open lol)

b0ricuaguerrero said:
Thanks for this! can't wait till I get home and finish the process with your guide. Other guides had my head spinning. Achieved temp root but no mention of pushing super su.
Click to expand...
Click to collapse
Worked like a charm on my fire tv 2, but I did notice voice control seems to be broken after achieving permanent root.
Anyone else experienced this????

Thank you for putting this guide together! Also thanks to @rbox for twrp and the rom!Finally got root on my Fire TV 2!
Sent from my SM-G9650 using Tapatalk

worked flawlessly on Amazon fire tv 2, the only thing i would say about the instruction for me was that usbotg was not recognised I only had sdcard0 (int storage) sdcard1 (sd card) apart from that great job thank you
ps there was an update waiting to install from amazon which i blocked, perhaps they are patching already

JUSTINMARMER said:
This will work if we have a bricked device stuck on the Amazon logo?
Click to expand...
Click to collapse
Idk. I think we're pretty much in the same boat now: https://forum.xda-developers.com/showpost.php?p=79063299&postcount=197

Delete... duplicate comment

b0ricuaguerrero said:
Thanks for this! can't wait till I get home and finish the process with your guide. Other guides had my head spinning. Achieved temp root but no mention of pushing super su.
Click to expand...
Click to collapse
Not a problem. Just giving back where I can

b0ricuaguerrero said:
Worked like a charm on my fire tv 2, but I did notice voice control seems to be broken after achieving permanent root.
Anyone else experienced this????
Click to expand...
Click to collapse
I don't use voice activation, voice assistants, etc. as a preference. I'm just paranoid like that

huffmybrd said:
Oh wow, looks like that exploit spread like wildfire!!
Wonder if anybody will see if this works for the firestickv2 (I don't trust myself to crack the case of mine open lol)
Click to expand...
Click to collapse
It's worth looking into. Since I currently own one as well I'll see a/b performing these same instructions and post my findings at some point in time.

salsoul said:
worked flawlessly on Amazon fire tv 2, the only thing i would say about the instruction for me was that usbotg was not recognised I only had sdcard0 (int storage) sdcard1 (sd card) apart from that great job thank you
ps there was an update waiting to install from amazon which i blocked, perhaps they are patching already
Click to expand...
Click to collapse
I tried both ways, with the microSD and USB so I know it works if you followed what was stated in the instructions to the T... I know that when I attempted the USB option the first time, I had forgot to plug the USB stick in which made it show up as USB (0) which is only logical explanation I can think of for what happened to you.

Krog18 said:
Thank you for putting this guide together! Also thanks to @rbox for twrp and the rom!Finally got root on my Fire TV 2!View attachment 4718781
Sent from my SM-G9650 using Tapatalk
Click to expand...
Click to collapse
Not a problem, glad I could help

This is fantastic work!!!
Do you know if root can be 'hidden' to Netflix app won't block it's use?

n8wwd said:
This is fantastic work!!!
Do you know if root can be 'hidden' to Netflix app won't block it's use?
Click to expand...
Click to collapse
Thanks, and unfortunately, no. SuperSU is the component that enables root which can be detected by apps that disengage user functionality when they discover root is enabled. I attempted to install Magisk v18.1 to counteract this side effect, but failed miserably w/ the end result to the point that my AFTV2 does a constant boot loop as recounted here. Magisk would be the only option I'm aware of to make root 'hidden', but it's not worth it at the cost of turning your device into a boot looping paper weight.

True. Nothing like having a 'brick on a rope' so to speak. That's not a 'deal breaker' as I subscribe to IPTV services that out performs it anyway. Do you know if Hulu does the same as Netflix? The missus may take exception if it killed that...
---------- Post added at 12:22 AM ---------- Previous post was at 12:20 AM ----------
I guess the main reason I'd want root access is to take all of the preloaded apps off for room, as well as have the ability to use the external storage within apps.
---------- Post added at 12:48 AM ---------- Previous post was at 12:22 AM ----------
well...I answered my own question..seems Hulu doesn't like it either...*sigh* Time to search for a box that can hide root so my wife won't blow a gasket....

Wait, we can't use Netflix if we are rooted? Yikes.

I've had no trouble with Netflix yet since I rooted this yesterday, but of course ymmv.
Sent from my SM-G9650 using Tapatalk
---------- Post added at 08:36 AM ---------- Previous post was at 07:44 AM ----------
urbanman2004 said:
Thanks, and unfortunately, no. SuperSU is the component that enables root which can be detected by apps that disengage user functionality when they discover root is enabled. I attempted to install Magisk v18.1 to counteract this side effect, but failed miserably w/ the end result to the point that my AFTV2 does a constant boot loop as recounted here. Magisk would be the only option I'm aware of to make root 'hidden', but it's not worth it at the cost of turning your device into a boot looping paper weight.
Click to expand...
Click to collapse
Damn, sorry to hear that. I imagine what happened is the result of magisk patching the kernel on a locked bootloader. I hope you're able to get it fixed. Good luck to you!
Sent from my SM-G9650 using Tapatalk

Krog18 said:
Damn, sorry to hear that. I imagine what happened is the result of magisk patching the kernel on a locked bootloader. I hope you're able to get it fixed. Good luck to you!
Sent from my SM-G9650 using Tapatalk
Click to expand...
Click to collapse
Thanks. You never know, somebody smart enough might actually come up with a tool capable of relieving my device from its eternal boot loop hell