Related
short story:
There is no passwd command in my system bin, so I am unable to change the (or effectively, add a) root password.
longer story:
So, as soon as I got my HTC Droid Eris, I installed that root 2.1 leak from HTC. After going through several Terminal applications, I found one that didn't force close every time I tried to use it. I was about to log into root with "su" but I didn't know the root password. I tried Googling around, but I found nothing relevant. I then proceeded to try entering the "su" command anyway and to my surprise, their was NO ROOT PASSWORD. I've been panicking for the last two days trying to find a way to get the passwd command into my bin, but it doesn't look like it's going to work. I've even done some crazy things like try to copy the passwd command from my openSUSE box into the bin (Yes, I understand that it probably wouldn't have been compatible, but it's worth a shot). After doing some research, I learned that the /system/bin directory is read-only. That explains why I kept getting device cross-over errors whenever I tried moving the command from my SD card into the internal memory. Also, I found where the HTC devs installed the "su" command in the leaked 2.1root. It's in the /system/xbin directory.
Does anyone have a solution to this? I'm worried about hackers and being rickroll'd by some idiot's worm. I've been keeping my 3G mobile network off and only using secured Wi-fi to access the Internet
Umm, why are you trying to change the root password? Also when you do su in a shell our shouldn't ask you for a password. The risk of getting hacked are almost zero because the hackers have bigger targets to go after such as the iphone or motorola droid.
Sent from my Eris using the XDA mobile application powered by Tapatalk
This command will mount system as writeable
Code:
mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
Use one of the custom roms with SuperUser.apk (all of them) for security. We don't have passwords for shells on android.
Hi,
Sorry for my English; I'm French people.
I have an HTC Tattoo with HCDR ROM 1.7 since one year. But with the patched market i can't have the new version of the market. I read lot of topic about the subject in this forum and the Frandroid forum but I not found a running issues.
Have you got a solution for my probem ?
Thaks a lot,
Florian
florianlyon
Dude, hey! I ran into same problem.
Here you go: http://forum.xda-developers.com/showthread.php?t=723255&page=66
read last messages in the thread, especially my posts
Hey !
Thanks for you answer. I have already read this posts but it's not work for me !
If you have successfully fix this problem please leave me the procedure and shell command.
Follow the URL and download original market:
http://www.mediafire.com/file/wrw9tdzhveoqvgh/Vendingtrue.apk
Then reboot your phone to recovery.
Start cmd in windows.
Go to C:\rtattoo folder (i presume u use 1-click root-rec too).
If necessary mount your phone's system partition as RW:
Code:
adb shell mount -o remount,rw system
And the main command u have to run here is:
Code:
adb push Vendingtrue.apk /system/app/Vending.apk
note: of course it's implied that Vendingtrue.apk should be in the same directory as adb or locate it in a different way if u want.
If push command executes successfully just restart your phone, if not - then, naturally, do some work around. U may even try running it under loaded Android, it may do the trick too (for example, once when i tried installing hosts file it worked).
The main idea, as u might have already guessed , is to replace Vending.apk. Then it will autoupdate itself at the first time u launch it.
Hope it helps, good luck, dude!
I have try this procedure when Android running but it was impossible to push the new Vending.apk even with the system partition mounted.
But in Recovery mode I could push the new apk.
But when I launch the market it not auto update and when I run
Code:
adb pull /system/app/Vending.apk
The Vending.apk size is 1158ko, as the vendingtrue.apk size is 1146ko.
So I conclude that the replacement was not performed.
Have you got a solution ?
Thanks a lot
Dude !
I retry and it's work !
My system partition was not mount correctly.
I launched the following command with my tattoo in recovery mode :
Code:
adb shell
mount /dev/block/mtdblock3 /system -o rw
ctrl+c (or exit)
adb push Vendingtrue.apk /system/app/Vending.apk
I reboot my tattoo and launch :
Code:
adb pull /system/app/Vending.apk
The size is 1146ko (YES my APK has successfully replace).
I ran the market, 5 minute after, it was up to date.
thank you very much for your precious help !
the new market is rubbish...too bug...too slow...get the old market...I have download the old market I can ensure you it's better than new
I have your ICS root ready, how about we call it TPSparkyRoot. I based my research on code written by Dan Rosenberg (similar to what jchase did with NachoRoot in the fact that chown/chmod follows symlinks even when set during startup), here is a link to that research http://vulnfactory.org/blog/2011/08/25/rooting-the-droid-3/
**UPDATE**
Android's source has been patched so that future OEMs can not leave this hole open by accident.
https://android-review.googlesource.com/#/c/36035/
**UPDATE**
This method has been shown to work on the HTC One X see forum
http://forum.xda-developers.com/showthread.php?t=1644167
Theoretically this should work on Honeycomb versions of the Prime as well, since the Honeycomb update is where I found the flaw that is being exploited. I have confirmed this works on my Prime.
**UPDATE**
This exploit does not currently work for the latest ICS update released (v9.4.2.11 on 1/18/2012). You can use OTA Rootkeeper to backup your root prior to updating using OTA, which I have confirmed to work on my device, (this may not work if you push the update manually).
https://market.android.com/details?id=org.projectvoodoo.otarootkeeper
For the devs out there, it does not to honor the ro.kernel.qemu=1 setting within the local.prop because it is already set to blank by that point by the build.prop
You must have your Prime set up to use adb and your adb location contained in your path variable (windows) or unzip the files from my zip into that directory before running.
**UPDATED**
If you are have issues getting adb working, make sure asus sync is not running, if it is then kill it.
adb shell mv /data/local/tmp /data/local/tmp.bak
adb shell ln -s /data /data/local/tmp
adb reboot
adb shell rm /data/local.prop > nul
adb shell "echo \"ro.kernel.qemu=1\" > /data/local.prop"
adb reboot
adb shell id
//IF ID IS 0/root THEN CONTINUE, ELSE START OVER>
adb remount
adb push su /system/xbin/su
adb shell chown 0.0 /system/xbin/su
adb shell chmod 06755 /system/xbin/su
//UNDO EVERYTHING EXCEPT su
adb shell rm /data/local.prop
adb shell rm /data/local/tmp
adb shell mv /data/local/tmp.bak /data/local/tmp
adb reboot
**UPDATE** As jchase stated "If your device "bootloops" don't stress, just follow through with the commands as it "loops" ro.kernel.qemu can do funky stuff." I did notice this in my rooting but just assumed it was normal as this is my first use of adb.
**UPDATE2**
If you get a permissions error on the call
adb shell "echo \"ro.kernel.qemu=1\" > /data/local.prop"
then you may try
adb shell rm /data/local.prop
And then try the echo command again. This may be due to having rooted prior without cleaning up properly. Thanks to Franky_402 for this piece of info.
I have updated the batch file to include this step, it should still be fine for those who are not having the issue as well.
I have attached a zip file containing the su and a bat file for a more automated process (just pauses when during reboots, don’t hit go until it’s done rebooting). Or, you can run the commands manually and get the su file from the origin http://downloads.androidsu.com/superuser/su-bin-3.0.3.2-efghi-signed.zip
Finally, install Superuser to make it all work https://market.android.com/details?id=com.noshufou.android.su
**UPDATE** UNROOT
There are multiple was to unroot now that you have root access already (all you need to do is remove the su file; so you could potential skip all the steps before the remount and just add the local.prop manually using a file manager and then reboot).
The one most similar way to how you rooted would be to follow all of the steps above, but replace these 3 lines
adb push su /system/xbin/su
adb shell chown 0.0 /system/xbin/su
adb shell chmod 06755 /system/xbin/su
with this line
adb shell rm /system/xbin/su
This will remove the actual root, but it would leave behind any apps that you have given root access to or any files that those apps changed themselves (i.e. RootKeeper backs up the su file and the backup would need to be removed). If you had anything like this you would need to clean up that first before unrooting because it is a dead giveaway that it was rooted.
Viperboy should be releasing his tool shortly that utilizes this method, if you would like a one click process that installs apps along with it (superuser, busybox). I’m guessing it installed them to the root apps directory so these also would need to be removed when unrooting as well (i.e. if you root using his new tool you should unroot using it as well).
**UPDATED** Remove PayPal link in favor of link over there <-
Yes, as it says, I went from the same base exploit that was shown by Dan and was the base for jchase as well.
The commands more than likely are but the exploit must be different or Jcases rot would still be working... Thanks OP!!!
EDIT: He didn't "ask" for donations just gave a link since he doesn't have the donate button <<over there
Not mine at all, props to this guy! Send him some bones.
Yes, thanks, I did not realize that there was a donate button as I am still learning this forum.
This root is confirmed!
If your device "bootloops" don't stress, just follow through with the commands as it "loops" ro.kernel.qemu can do funky stuff.
Good ****.
sparkym3 said:
Yes, thanks, I did not realize that there was a donate button as I am still learning this forum.
Click to expand...
Click to collapse
Yeah it's in the User Control Panel on the top of the forum
"Reported" your thread to a mod, so he can move it to the dev section
And welcome to XDA Don't let the trolls take your love for android
jcase said:
This root is confirmed!
If your device "bootloops" don't stress, just follow through with the commands as it "loops" ro.kernel.qemu can do funky stuff.
Good ****.
Click to expand...
Click to collapse
OP, maybe put that in the OP, so users don't panic
Moved to development.
Holly smoke, it works....
jcase said:
Not mine at all, props to this guy! Send him some bones.
Click to expand...
Click to collapse
As the main man says. Give credit when due. It's not his. and give the guy props and if you wish to donate donate.
This is why this android community is crap. because everyone trolls. If it was jcases he'd release it. not someone else. and im sure as hell he wouldnt be saying these things 'like give the guy some bones'
rhcp0112345 said:
As the main man says. Give credit when due. It's not his. and give the guy props and if you wish to donate donate.
This is why this android community is crap. because everyone trolls. If it was jcases he'd release it. not someone else. and im sure as hell he wouldnt be saying these things 'like give the guy some bones'
Click to expand...
Click to collapse
Biggem isnt really a troll, he's obv just got out of the wrong side of the bed ... i'm sure he'll take that back.
Danny-B- said:
Biggem isnt really a troll, he's obv just got out of the wrong side of the bed ... i'm sure he'll take that back.
Click to expand...
Click to collapse
Also nothing wrong with asking for donations.
YOU ROCK. donations to you and jcase after payday
You would all post this WHILE I'm at work, have my prime with me, but not my charger! lol. I'll DEFINITELY check it out when I get home.
disturb3d1 said:
You would all post this WHILE I'm at work, have my prime with me, but not my charger! lol. I'll DEFINITELY check it out when I get home.
Click to expand...
Click to collapse
Dude mine should be here in 9 hrs
I might do an unboxing vid using my photon
Wait a minute, chainfire is paying attention to the thread, that only means good things. Please tell me your gonna dev some for this device
Sent from my SGH-T959 using XDA App
not going good for me I'm on ubuntu with working adb. copied su to home directory and running all commands from there. when i get to, adb shell "echo \"ro.kernel.qemu=1\" > /data/local.prop", i get, /system/bin/sh: cannot create /data/local.prop: Permission denied. So i never get the right id to continue. Anyways please help. thankx
Any chance in the future this can be converted to an apk to install on Prime or a One-click method, per se?
So I was having the issue with the settings menu force closing after I rooted the device.
This morning I've done a factory data reset, gone to turn the tablet on, and I'm not getting "The application OLS (process com.sony.nfx.app.ols) has stopped unexpectedly. Please try again.
Can't access the device, tried another factory data reset, can't flash a firmware as I can't access the device.
Not very happy at all.
But any ideas please?
**I can get into the settings menu and when I press the home button is when I get the OLS force close, so I assume it's the home launcher, I did remove it when my device was working.....
I can't access device storage either, even when my device is on - or ADB, but I can access an SD Card through the boot menu.
Well factory reseting doesn't restore anything you deleted from system, but wipe anything else you installed.. so there's the big problem.
On my tab, I can force a boot loop by holding volume down when booting (hold vol down for what seems like an eternity/till you are satisfied that it is boot looping).
ADB seems to work here, so you could potentially push a different launcher apk and get it going that way.
Thanks for the response Dan,
What I can do is start the device, there's no launcher there, but inbetween the force closes I can get into the settings, there's no force closes when I'm in there.
I connect the USB, ADB Devices and it shows, I can pull from the /system but not push.
As soon as I type ADB Shell, then the commands, it tells me "error: device not found"
Exit out of ADB Shell, ADB Devices again, and it's there - but ADB Devices when inside ADB Shell shows nothing.
I've tried all of the OTA packages in the other thread and nothing - I'm at a bit of a loss, i doubt Sony would work with me on this one, so It looks like I've got £349 of paper weight. Any ideas on the ADB? At least then I could push a launcher in.
The issue clearly is becuase there's no launcher.
I remove the default launcher from the /system/app folder and install ADW, the factory reset obviously removed it, hence there's no launcher...
What if the APK for ADW was made into an update.zip?
Would it flash when I hold down power + volume+, Update System from zip?
bummer
Not really sure what can be done if you deleted them from the system and the reset does not reinstall them.
Perhaps someone who has rooted can send them to you, but not sure how that would work.
I'll get in touch with Sony tomorrow, now I know that this is my own fault, but under the warranty they are still abliged to fix it, I certainly won't be rooting it again, thats for sure.
I hope they will help me if I'm honest?
Did you have a look at if ADB works for you in the forced boot loop state I mentioned? It could possibly do some extras from there that you can't otherwise.
Also just try sending a third party launcher in so it's doesn't have to go to system, perhaps it will let you write the file then. And hopefully auto - detect it upon booting .
Tried it Dan, if I attempt ADB Install launcher.apk, it starts installation then;
[1] Killed pm install /data....
I'm getting permission denied in every ADB command when in the Boot Loop.
Thanks anyway - I've emailed them, and been totally honest about what I've done.
I could swear all day - I've fixed it, my tablets working again, what a bloody relief. Thanks ADB!
I tried to duplicate your problem with adb :-
Typed ADB Devices - reports attached device OK
Typed ADB Shell - prompt changes to $
Typed ls - shows root of tablet
Typed cd system - changed to system directory
Then ls again then cd app then ls again - shows all system apps
I then typed ADB devices again and lost the connection to the tablet
It would seem that on my tablet at least that typing ADB devices whilst within the ADB shell breaks the connection with the tablet
Thanks for testing it praed0r, I'm pleased to know that it's not just me that had that issue.
It may be of use to someone, but what I did was mount the /system partition as rw using busybox.
Code:
adb shell
su
busybox mount -o rw,remount -t yaffs2 /dev/block/mtdblock3 /system
From there I removed the app that kept forceclosing, in this case it was OLS (or something like that)
I then mounted the /data drive with;
Code:
busybox mount -o rw,remount -t yaffs2 /dev/block/mtdblock3 /data
Then using cp instead of ADB Push,
Code:
cp /sdcard2/golauncher.apk /system/app/golauncher.apk
Rebooted the device and it all worked fine, GoLauncher booted as my default launcher.
For some reason it didn't like adb push, and would give me permission errors, but mounting as busybox fixed it all....
I changed the build.prop so that it would system update, it indeed does, but all STOCK apps (Sony apps) force close, it could be becuase of the framework.jar from the other thread, so I'll try and source one from a kind individual. Then I'll do the update and my system will be OK.
I'd consider myself very lucky this time, lesson learnt not to tweak with things.
I'll stick to the build.prop/local.prop tweaks for now
Any idea why the system apps aren't working, i've retraced my steps to before it happened, the only notable thing that would have an affect was changing the framework.jar?
Dear users,
I read multiple threads throughout internet and couldn't find working solution. My lg with kitkat 4.4.2 had lagged so I removed battery. After this phone is boot-looping with startup animation forever.
I can explore files with adb shell when phone is in recovery mode but don't have access to dalvik-cache. Command "su rm -rf /system/data/dalvik-cache" gives "permission denied nor "adb backup -all" cause "unlock your device and confirm...".
I cannot root phone by copying SuperSu files into /system/app. The command "su cp.. " gives no answer and later when exploring /app there's no SuperSu program.
I was trying to explore through sudo nautilus on Ubuntu during using one of rooting tutorial but the phone just disappears in the list of mounted devices.
I have important data like phone contacts, messages and some pictures inside phone memory. I didn't backup all of them formerly.
Any ideas?
likkufri said:
Dear users,
I read multiple threads throughout internet and couldn't find working solution. My lg with kitkat 4.4.2 had lagged so I removed battery. After this phone is boot-looping with startup animation forever.
I can explore files with adb shell when phone is in recovery mode but don't have access to dalvik-cache. Command "su rm -rf /system/data/dalvik-cache" gives "permission denied nor "adb backup -all" cause "unlock your device and confirm...".
I cannot root phone by copying SuperSu files into /system/app. The command "su cp.. " gives no answer and later when exploring /app there's no SuperSu program.
I was trying to explore through sudo nautilus on Ubuntu during using one of rooting tutorial but the phone just disappears in the list of mounted devices.
I have important data like phone contacts, messages and some pictures inside phone memory. I didn't backup all of them formerly.
Any ideas?
Click to expand...
Click to collapse
Could you elaborate on "disappears?" Usually if something is present and suddenly disappears in lubuntu, that means the connection was broken (either physically or by software, such as when switching drivers by running a command). Anyway, have you tried letting it sit for a day or something? I figure the reason it "lags" might potentially affect booting time.
It's also helpful to know what data you want out of it. Some things need root, some things don't need root. If all you want is file X in user space, I imagine that'd be infinitely easier than trying to get a random bootloader setting.