Mod Edit: Unstickied, placed link in wiki:http://forum.xda-developers.com/wiki/index.php?title=Nexus_One Thanks
This is an alternative approach of rooting the Nexus without touching the bootloader.
-no downgrade neccessary
-no battery modification neccessary
-no messing around with SD card slot
-you don't even have to open your phone...
Working and confirmed for ALL ROMs, including European Vodafone EPF30/FRF91, Korean FRF91, AT&T/T-Mo Stock including FRF91
-------
Credits:
-------
- The Android Exploid Crew:
http://c-skills.blogspot.com/2010/07/android-trickery.html
- Amon_RA
- cyanogen
-------
Notes:
-------
- The exploit wasn't found by me (see credits), I just implemented it as a proof of concept for the Nexus One
- Basically this method should work on all currently known ROM versions.
- I tested it on EPF30, Korean FRF91, Vodafone FRF91, US Stock FRF91.
- As usual when doing this kind of stuff: DO THIS AT YOUR OWN RISK.
- It could even work on other Android devices as long as their system partition is at
/dev/block/mtdblock3/ with yaffs2 file system and there is still some space left on the system partition (without any changes).
-------
Prerequisites:
-------
- Locked Nexus One
- Latest Android SDK incl. USB drivers
- Working ADB
- The file "freenexus.zip"
edit:
get it here:
http://multiupload.com/MVT98F5HBY
or
http://dl.dropbox.com/u/1327667/freenexus.zip
MD5: 947C20222056D7C070733E7FCF85CF15
-------
Step-by-step guide:
-------
1. install android sdk & USB drivers
2. extract the content of the zip file into the tools directory of SDK (i.e. \android-sdk-windows\tools)
-> For all Newbies: Take care that you extract the files directly to the tools folder and don't create a new subdirectory freenexus within tools!!! If you did, delete the folder and extract again!!! Check twice that there is no FOLDER freenexus in your tools directory before you continue!!!
3. open a command prompt (Windows: Start, Run, "cmd", OK; Linux: Terminal)
4. change to SDK tools directory (i.e. cd \android-sdk-windows\tools)
5. connect Nexus to USB and check if debugging mode is activated
(Settings/Application/Development/USB Debugging)
6. run "adb devices" in shell and see if there is a device listed. if not back to step 5 or reinstall USB-drivers
7a. for Windows: run "freenexus.bat" in command shell (this copies the neccessary files to /data/local/tmp)
7b. for Linux or manual installation: run the following commands
Code:
adb push freenexus /data/local/tmp/freenexus
adb push Superuser.apk /data/local/tmp/Superuser.apk
adb push su /data/local/tmp/su
adb push busybox /data/local/tmp/busybox
adb shell chmod 755 /data/local/tmp/freenexus
adb shell chmod 755 /data/local/tmp/busybox
8. run the following commands:
Code:
adb shell
(you should see a "$" prompt now)
cd /data/local/tmp
9. on your phone go to a screen where you can easily toggle wifi (widget or settings/wireless)
10. be prepared to toggle wifi immediately after you execute the next step
11. run
Code:
./freenexus
12. toggle wifi on
13. you should see something like that:
[*] Android local root exploid (C) The Android Exploid Crew
[*] Modified by ak for HTC Nexus One
[+] Using basedir=/sqlite_stmt_journals, path=/data/local/tmp/freenexus
[+] opening NETLINK_KOBJECT_UEVENT socket
[+] sending add message ...
[*] Try to invoke hotplug now, clicking at the wireless
[*] settings, plugin USB key etc.
[*] You succeeded if you find /system/bin/rootshell.
[*] GUI might hang/restart meanwhile so be patient.
13b) if you get "permission denied" error, you have most likely not followed the big red newbie hint after point 2. check this by entering "ls -l", if you see a "drwxr-xr-x" and not "-rwxr-xr-x" in front of the line where freenexus is listed you did not follow properly. Search the posts in the thread on how to correct this.
14. run
Code:
rootshell
15. if you succeeded you will be asked for a password, if not try again from step 10
16. enter the password "freenexus"
17. now you should see a "#" as a prompt -> you are root now
18. run the following commands:
Code:
./busybox cp busybox /system/bin
chmod 4755 /system/bin/busybox
busybox cp Superuser.apk /system/app
busybox cp su /system/bin
chmod 4755 /system/bin/su
rm /system/bin/rootshell
exit
exit
19. Check if you keep root rights:
Code:
adb shell
su
20. after you executed the su command the Superuser app on your device should ask you for allowance
21. you should see the "#" prompt again, if you didn't get that try su again
22. done
-------
Comments:
-------
- General
If you are not planning to wipe your data partition (what you probably will do when installing CM6 first time) you should think about deleting all the temp files still lying in /data/local/tmp (for safety reasons and to have more space on /data):
Code:
adb shell
cd /data/local/tmp
rm busybox
rm su
rm Superuser.apk
rm freenexus
rm flash_image (will only exist if you executed the steps below in recovery section)
- Installation of Custom Recovery
If you only want root rights you are done here. If you want to install custom ROMs you have to install
a custom recovery first. Easiest way would be to download "ROM Manager" from the market. There are plenty of tutorials on how to install custom recovery/ROM at xda.
Edit: It is safer to install the recovery manually. In this case or for those of you running into problems with installing custom recovery with ROM Manager (doesn't stick) you can continue with
these steps (without remount of system partition, now tested successfully):
1) Download recovery-RA-nexus-v1.7.0.1.img to the root directory of your SD-Card
- Note: UnMount your SD-Card after copying these files, but keep your phone plugged in
- or don't mount SD-Card at all and push the file via adb to /sdcard
2) Save file "flash_image" to sdk tools directory:
3) In your terminal run
Code:
adb push flash_image /data/local/tmp/flash_image
adb shell
su
- At this point, it will hang until you choose "Allow" on your phone with the SuperUser app pop-up
- $ should now be replaced with #
5) run the following commands:
Code:
[COLOR="Red"]mount -o rw,remount /dev/block/mtdblock3 /system[/COLOR]
cd /data/local/tmp
chmod 755 flash_image
[COLOR="Red"]./flash_image recovery /sdcard/recovery-RA-nexus-v1.7.0.1.img[/COLOR]
rm /system/etc/install-recovery.sh
rm /system/recovery-from-boot.p
(and if everything worked fine:)
rm flash_image
Alternatively you can continue with step 9 and then steps 16-24 from the old rooting method tutorial
to manually install Amon_RA's recovery. You will also need the file flash_image for that (link taken from HBOOT thread).
- HBOOT
If you rooted from a Korean Rom or have installed the latest Vodafone Rom via PASSIMG you probably have
HBOOT 0.35 which makes it currently difficult to install Cyanogenmod (there is an assertion failure in the install script, at least with CM6 RC1/2. Maybe future versions of CM6 will include HBOOT 0.35 in the script) or other custom ROMs. (You are still on 0.33 if you just installed the Vodafone OTA Update)
There is a tutorial to revert HBOOT here:
http://forum.xda-developers.com/showthread.php?t=726258
Instead of using the EPF30 image you can also use any other PASSIMG file (at least if it has HBOOT 0.33,
otherwise this step wouldn't make sense...)
Note that when flashing a PASSIMG with a different HBOOT version there is a reboot after the HBOOT has been flashed, then after reboot the PASSIMG will be loaded again and the rest of the image will be flashed.
To check HBOOT and Radio version: press and hold trackball while turning on the phone. To exit select Reboot with Vol+/- and press Power button.
Caution:
After you have reverted your HBOOT, you have lost your root rights and you are back on stock recovery.
But you can (or have to) repeat the above procedure to get root rights back.
Edit:
The downgrading also downgrades your radio!!! Before installing CM6 you have to flash a Froyo Radio!
Latest one can be found here:
http://forum.xda-developers.com/showthread.php?t=723839
-------
Troubleshooting:
-------
After trying to flash a custom ROM with ROM Manager one user wasn't able to boot the phone normally and also no longer able to boot to recovery. In this rare case try to download a compatible PASSIMG file:
For example EPF30 (Europe Vodafone 2.1)
http://shipped-roms.com/shipped/Pas...ogle_WWE_1.14.1700.1_EPF30_release_signed.zip
or FRF91 (Europe Vodafone 2.2):
http://shipped-roms.com/shipped/Pas...on_VF_2.15.151.5_R_FRF91_MFG_Shipment_ROM.zip (<-this one is currently a zip in zip. You have to extract it once to get the working PASSIMG.zip)
(Appropriate US-PASSIMGs can also be found on shipped-roms.com, most likely EPE76)
Rename the file to PASSIMG.zip (case sensitive, Windows users take care that the file isn't called PASSIMG.zip.zip hidden extension)
Copy it to main folder of SD card.
Boot phone into Bootloader mode (press and hold trackball when turning on the phone, until fastboot mode starts)
Select Bootloader mode by pressing power button.
The bootloader should then start to analyse the PASSIMG.zip and ask you afterwards to install it.
You're phone (not your SD) will be completely wiped after the procedure but should work again (and can be rooted again...)
sweet!! been waiting for this! will try it tomorrow as soon as i wake up! will report back then!
edit: i cant download freenexus.zip maybe use another hoster?
file section edited.
Great tutorial ! Waiting for some feedbacks
(file link doesn't work)
dolomiti7 said:
file section edited.
Click to expand...
Click to collapse
On the left I can see just an empty folder named "SmartDrive"
link doesn't work
dolomiti7 said:
-> after clicking on "Smartdrive Gastzugang starten" you might get an error message, but after klicking ok on the error message
you should be able to access the folder "nexus" on the left side of the window anyway
Click to expand...
Click to collapse
No way! Can't do anything even after i press ok on the error message
if you click on that there should be a subfolder "nexus" that should be clickable too. at least it works here... anyway. someone wants to upload the file to a hoster? rapidshare... contact me
for the early adaptors (will only work 10 times):
rapidshare.com/files/409266634/freenexus.zip
MD5: 947C20222056D7C070733E7FCF85CF15
multiple download sites!:
http://www.multiupload.com/MVT98F5HBY
or here:
http://dl.dropbox.com/u/1327667/freenexus.zip
thank you. added the link.
This worked flawlessly.
Massive thanks.
Hi, I have a Italian Vodafone Nexus One with FRF91, i have followed all the steps and now in my apps there is Superuser Permission with green light. It means that i have root rights? Can I install Cyanogen Mod now? Thanks, excuse my English.
Worked perfectly on a stock AT&T N1 with FRF91. Thanks!
Excellent tutorial step by step...great work!
Can i change the password at the end?
So once gaining root, I can flash a custom recovery with rom manager without braking/unlocking the boot loader?
@fc_themaster:
if the superuser app popped up at step 19/20 then you have root rights. you can try to install ROM Manager from the market and install a custom recovery with that porgram. it also needs root rights so superuser should pop up again at that point.
@PSeeCO: you don't need to change a password. the password was only used for the temporary rootshell which you (hopefully) deletetd with the command "rm /system/bin/rootshell" in step 18. From that point on root rights are controlled via the Superuser app. If you install an already rooted custom ROM it is obsolete anyway.
@jivemaster: yes, we can! just use ROM Manager from the market to install custom recovery.
dolomiti7 said:
@PSeeCO: you don't need to change a password. the password was only used for the temporary rootshell which you (hopefully) deletetd with the command "rm /system/bin/rootshell" in step 18. From that point on root rights are controlled via the Superuser app. If you install an already rooted custom ROM it is obsolete anyway.
Click to expand...
Click to collapse
Perfect, thank you so much!
[TOOL]ADB + Fastboot v1.0.31 for OS X/4.3 [NOW Includes ADB & Fastboot][08-17-2013]
ADB & FASTBOOT FOR OS X
There has been some confusion since I discuss using Fastboot in this post, but the zip only contained ADB. This is completely my fault and I apologize. Either way I've updated the .zip to include ADB & Fastboot.UPDATED: 08/17/2013 - Added Fastboot to adb-1.0.31-mac.zip
I've seen several people having issues on OS X trying to use ADB since the release of Android 4.3. In my case ADB recognized my device, but each time I ran adb devices my device would be reported as offline. I downloaded the SDK from Google several times and always ended up with ADB v1.0.29 (4.2.2).
This will should solve your OS X & ADB issues if you're running Android 4.3. This ONLY includes the ADB & Fastboot executable files and is for Mac OS X ONLY. I, like many others, do not need the full SDK. If you're not an app developer, like myself, this is all you need to have ADB working on your machine.
For any new OS X users I'll add a how to just so you don't have to go search for it else where:
How to setup ADB + Fastboot on OS X
Note: This is for not for developers. This only includes ADB & Fastboot and is not the full Android SDK
Step 1: Download the ZIP containing ADB & Fastboot
Step 2: Extract the ZIP to the directory of your choice
Step 3: Optional Create an environment variable
1. Open Terminal
2. Type cd to take you to your home directory.
Code:
cd
3. Type touch .profile to create a hidden file in your home directory named .profile
Code:
touch .profile
4. Type open -e .profile to open the file you just created in TextEdit
Code:
open -e .profile
5. In the file, add the following:
Code:
export PATH=${PATH}:/PathToDirectoryWhereYouExtractedTheZIP
6. Save the file and close TextEdit, quit Terminal, and relaunch the Terminal
Step 4: In Terminal type adb devices, you should see your phone's corresponding serial number Ex: HXM1005HNF012345 device
Code:
adb devices
Note: If you choose not to create an environment variable from Step 3 it effects two things:
1. You will need to cd to the directory containing ADB each time you want to run ADB.
2. When executing ADB commands you will need to add ./ in front of ADB. Ex: ./adb devices
Dropbox Download
Alternate Download
wad3g, thanks for helping out.. but for some reason adb version is still showing 1.0.29 for me. I extracted the zip, removed the old adb and fasboot, restarted my machine.. ran kill-server, start-server but no luck.. any ideas? not sure what to do at this point.
mamba_nz said:
wad3g, thanks for helping out.. but for some reason adb version is still showing 1.0.29 for me. I extracted the zip, removed the old adb and fasboot, restarted my machine.. ran kill-server, start-server but no luck.. any ideas? not sure what to do at this point.
Click to expand...
Click to collapse
Hey, I was having the same issue so I took the adb and fastboot files from the SDK. You can copy them to usr/bin/ and run normally (as if the third step in the op's post had been completed), or by following the op's procedure if you're not an admin user.
kunjunk said:
Hey, I was having the same issue so I took the adb and fastboot files from the SDK. You can copy them to usr/bin/ and run normally (as if the third step in the op's post had been completed), or by following the op's procedure if you're not an admin user.
Click to expand...
Click to collapse
Thank you so much!
For some reason, that zip still reports ADB version 1.0.29.
I found the latest version (1.0.31) from https://ftp.mozilla.org/pub/mozilla.org/labs/r2d2b2g/. It has zips for linux, mac and windows adb.
kunjunk said:
Hey, I was having the same issue so I took the adb and fastboot files from the SDK. You can copy them to usr/bin/ and run normally (as if the third step in the op's post had been completed), or by following the op's procedure if you're not an admin user.
Click to expand...
Click to collapse
thanks that works fine 4 me
Enable Developer Mode:
( on the watch )
tap clock, swipe up and go all the way down to “About”
tab build number several times. You’ll know
up one menu, “Developer Options” -> “ADB debugging”
your phone will ask you to allow debugging
dock it, plug usb to computer
in terminal:
adb usb
adb devices (check out your device’s serial #)
adb shell (woot! shell on your watch!)
Backup contents of system partition
mkdir system
adb pull /system ./system
Void the warranty (unlock bootloader)
adb reboot-bootloader
fastboot oem unlock
follow instructions on device
device will factory reset & reboot
Root ( needed to dump partition images, otherwise not particularly useful )
credit for this: androidpolice.com/2014/07/05/how-to-android-wear-enable-debugging-take-screenshots-unlock-the-bootloader-and-root-the-lg-g-watch/
get this: androidfilehost.com/?fid=23501681358558067
adb reboot-bootloader
Boot the image: fastboot boot LGGW-rootboot.img
DO NOT FLASH THE IMAGE!!!! FOR THE LOVE OF GOD DON’T FLASH IT!!!!!!!
intended to boot only once (installs su, etc)
adb shell
su
now what?
Dump some partitions: ( in a root shell on the watch )
partition layout
mmcblk0p15 - boot
mmcblk0p16 - recovery
mmcblk0p19 - system
mmcblk0p20 - cache
mmcblk0p21 - userdatadump some partitions. for example: ( jump into adb shell, as root )
dd if=/dev/block/mmcblk0p15 of=/sdcard/backup/boot.img
dd if=/dev/block/mmcblk0p16 of=/sdcard/backup/recovery.img
dd if=/dev/block/mmcblk0p19 of=/sdcard/backup/system.img
dd if=/dev/block/mmcblk0p20 of=/sdcard/backup/cache.imgDONT TRY TO BACKUP mmcblk0p21 to the sdcard!!! the “sdcard” is on that partition!!
pull the images. for example: ( on your computer )
adb pull /sdcard/backup/boot.img .
adb pull /sdcard/backup/recovery.img .
adb pull /sdcard/backup/system.img .
adb pull /sdcard/backup/cache.img .maybe delete those images from the device when you are done
Have Fun!
Restore images (flash via fastboot)
fastboot flash boot boot.img
fastboot flash recovery recovery.img
fastboot flash system system.img
fastboot flash cache cache.img
The following may be tricky, might break stuff, and is generally not recommended unless you really know what you are doing
You have been warned!
Install a zip file using the stock recovery (might only work with signed updates, not roms)
In a terminal on your computer:
adb push whatever-new-rom.zip /sdcard/update.zip
adb shell
cp /sdcard/update.zip /cache/update.zip
echo 'boot-recovery ' > /cache/recovery/command
echo '--update_package=/cache/update.zip' >> /cache/recovery/commandreboot recovery
Enable Bluetooth debugging (really slow, kinda lame)
connect your phone over usb
on watch, in developer settings, Debug over Bluetooth
on phone, open wear app, in settings Debugging over bluetooth
on computer:
adb forward tcp:4444 localabstract:/adb-hub
adb connect localhost:4444
adb shell
Install Debian chroot
on your phone (thats right, your phone) install Debian Kit from Play Store
open it, it the download button in top right corner
download debian-kit-1-6-testing.shar
open an adb shell to your phone ( i prefer usb)
su
cd /sdcard/Download
on my phone it always downloads it as a .jpeg rename it to .shar
mv debian-kit-1-6-testing.jpeg debian-kit-1-6-testing.shar
sh debian-kit-1-6-testing.sharAnswer Y to unpack
read the menu, then choose 0j (wheezy does not work in this script, don’t want it anyway)
it will now create /sdcard/debian.img (512mb) (will take a couple minutes)
next it will mount the image
next it will debootstrap a basic installation of jessie to the image (this takes a long time, ~30 minutes)
you might see an error “cannot create symlink…” that’s good, we don’t want to touch /system anyway
once its done. copy that debian.img from your phone to your computer
adb pull /sdcard/debian.img .we also need everything it unpacked to /data/local/deb
mkdir deb
adb pull /data/local/deb ./deb
unplug phone and plug in the watch, then push those to the watch
adb push debian.img /sdcard/
adb push deb /data/local/debian will not have internet access, the watch has no wifi. need to figure out how to forward over bluetooth
now what? check out this page: sven-ola.dyndns.org/repo/debian-kit-en.html
Also, the best Fastboot Doc ever: wiki.cyanogenmod.org/w/Doc:_fastboot_intro
Thanks for the Info
If I backup the files, would I be able to flash those same files back to recover the device ,kinda like a unbricking method. Coudlnt I do it though fastboot ?
Sent from my LG-D851 using XDA Premium 4 mobile app
Froz3nsolid said:
Thanks for the Info
If I backup the files, would I be able to flash those same files back to recover the device ,kinda like a unbricking method. Coudlnt I do it though fastboot ?
Sent from my LG-D851 using XDA Premium 4 mobile app
Click to expand...
Click to collapse
The IMAGES (boot.img, etc) can be flashed from fastboot:
fastboot flash boot boot.img
fastboot flash recovery recovery.img
fastboot flash system system.img
However, there is no way (that i have found yet) do dump images using fastboot; dumping must be done on the device itself
updating op...
Thanks
Sent from my LG-D851 using XDA Premium 4 mobile app
Hi!
I'm trying to root my Huawei MediaPad T1-701w but am in need of help... I've tried out nearly every 'one click root' app or PC program out there, but every single one fails. Huawei has hardened the kernel/android version and patched all known exploits to date (October 2016). The issue is that the variant of the MediaTab I have is pretty uncommon (T1-701w) so there is not a lot to find about it.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
However, I did find that the iovyroot might be able to root it, see https://forum.xda-developers.com/general/xda-assist/huawei-t1-701u-write-protection-t3418836 , but the current pre-compiled version of iovyroot is not compatible with my tablet (it needs new offsets).
I also tried downgrading, but I don't quite understand how to do so. I found one older ROM for my Mediatab variant which might contain more exploits according to 4PDA.ru, but how do I downgrade? The 'dload' method does not work. Also before downgrading, I want to dump my current ROM, which requires root, right?
Can anyone help me out here please?
Thank you!
If you have the most recent stock ROM of your device (oct. 2016), extract the file "boot.img" out of (UPDATE.APP) and put it here, and i'll send you back the rooted one, then follow the steps in the following thread to make it works:
https://forum.xda-developers.com/huawei-mediapad/general/root-root-mediapad-t1-10-t1-a21l-t3601136
=====
Here's the link for the stock ROM:
http://consumer.huawei.com/nl-en/support/downloads/detail/index.htm?id=80385
mann1 said:
If you have the most recent stock ROM of your device (oct. 2016), extract the file "boot.img" out of (UPDATE.APP) and put it here, and i'll send you back the rooted one, then follow the steps in the following thread to make it works:
https://forum.xda-developers.com/huawei-mediapad/general/root-root-mediapad-t1-10-t1-a21l-t3601136
=====
Here's the link for the stock ROM:
http://consumer.huawei.com/nl-en/support/downloads/detail/index.htm?id=80385
Click to expand...
Click to collapse
Many thanks for your reply! Please find the boot.img from the UPDATE.app of my ROM with header file (?) here: http://data.freek.ws/public/huawei_t1-701w/V100R001C232B009CUSTC232D001/
(It was too large to attach to this post, sorry).
Is PhilZ Touch 6 Recovery compatible with my tablet?
Many many thanks!! Kind regards.
Well, download the following zip file here
Both rooted and stock imgs are included.
I do not know if PhilZ recovery will work with your device or not, i don't have the same model.
Give it a try, you don't need full functions anyway , just the "install zip" one, BUT keep the stock "recovery.img" before you do, so you can go back to it in case philz didn't work.
Also you can try the CWM recovery fromhere, both ways are risky, but nothing serious i guess, you can go back to the stock recovery at any moment.
Tell me the results pls
GOOD LUCK
mann1 said:
Well, download the following zip file here
Both rooted and stock imgs are included.
I do not know if PhilZ recovery will work with your device or not, i don't have the same model.
Give it a try, you don't need full functions anyway , just the "install zip" one, BUT keep the stock "recovery.img" before you do, so you can go back to it in case philz didn't work.
Also you can try the CWM recovery fromhere, both ways are risky, but nothing serious i guess, you can go back to the stock recovery at any moment.
Tell me the results pls
GOOD LUCK
Click to expand...
Click to collapse
Many many thanks for your quick reply and effort
I manage dto flash the rooted boot.img without any problems, great !
Howevever, in your tutorial you write that I need to flash SuperSU in order to activate the rooting. But how can I flash it if I don't have custom recovery? PhilZ recovery sadly does not work, I tried
Stock recovery does not allow me to flash super su.
Many thanks
Kind regards.
You're very welcome
Try the following:
use command prompet and type:
adb root
if it works w/o any errors type:
adb shell
a new cm window will pop up with your device shell
[email protected]:/ $
type:
su
if the root works, the shell is gonna be:
[email protected]:/ #
If it works, download the superSu.apk file NOT the zip, restart the device,
then put SuperSU options "Default access: Grant" and check "Enable su during boot" then restart
mann1 said:
You're very welcome
Try the following:
use command prompet and type:
adb root
if it works w/o any errors type:
adb shell
a new cm window will pop up with your device shell
[email protected]:/ $
type:
su
if the root works, the shell is gonna be:
[email protected]:/ #
If it works, download the superSu.apk file NOT the zip, restart the device,
then put SuperSU options "Default access: Grant" and check "Enable su during boot" then restart
Click to expand...
Click to collapse
Once again thanks for your reply.
Hmm, the root doesnt seem to be working:
Code:
C:\Program Files (x86)\Minimal ADB and Fastboot>adb devices
List of devices attached
U5MDU17327001608 device
C:\Program Files (x86)\Minimal ADB and Fastboot>adb root
C:\Program Files (x86)\Minimal ADB and Fastboot>adb shell
[email protected]:/ $ su
/system/bin/sh: su: not found
But I did flash your rooted_boot.img.. What should I do?
Nope, it works very well, if it doesn't you would see an error after you type "adb root"
Just try to install superSU.apk directly like we do with any apk, then restart.
OR
If it didn't work, try this:
=========
adb devices
adb root
adb shell "mount -o remount,rw /system"
adb push su /system/bin/su
adb push superuser.apk /system/app
adb reboot
=========
put the superSu in the same folder with adb
mann1 said:
Nope, it works very well, if it doesn't you would see an error after you type "adb root"
Just try to install superSU.apk directly like we do with any apk, then restart.
OR
If it didn't work, try this:
=========
adb devices
adb root
adb shell "mount -o remount,rw /system"
adb push su /system/bin/su
adb push superuser.apk /system/app
adb reboot
=========
put the superSu in the same folder with adb
Click to expand...
Click to collapse
Thanks again for the help!
My tablet is a tough one I think. It says 'mount: Operation not permited'.
Any ideas?
Yep, your tablet comes with Spreadtrum SC7731G, and it's not easy to find a custom recovery for these chipsets.
But i'm sure the device is already rooted now, we just need a working custom recovery to flash the superSU, so pls keep the rooted boot.
===
I've googled some custom recoveries that are compatible with SC7731, so give them a try:
https://drive.google.com/file/d/0B8vhq1nCgRGdR3VmbE1RSWNRSjA/view
this is number 9 recovery img in this thread:
https://forum.xda-developers.com/showthread.php?t=2527663
=====
and here's another one:
http://www.mediafire.com/file/1j4uj3c4vk5rtcw/recovery.img
=====
BE CAREFUL,these ones are not tested on your device, so test them very carefully, one of them may work but with cranky touch function, try to use it just to flash the SuperSu ZIP file NOT apk.
mann1 said:
Yep, your tablet comes with Spreadtrum SC7731G, and it's not easy to find a custom recovery for these chipsets.
But i'm sure the device is already rooted now, we just need a working custom recovery to flash the superSU, so pls keep the rooted boot.
===
I've googled some custom recoveries that are compatible with SC7731, so give them a try:
https://drive.google.com/file/d/0B8vhq1nCgRGdR3VmbE1RSWNRSjA/view
this is number 9 recovery img in this thread:
https://forum.xda-developers.com/showthread.php?t=2527663
=====
and here's another one:
http://www.mediafire.com/file/1j4uj3c4vk5rtcw/recovery.img
=====
BE CAREFUL,these ones are not tested on your device, so test them very carefully, one of them may work but with cranky touch function, try to use it just to flash the SuperSu ZIP file NOT apk.
Click to expand...
Click to collapse
Thanks for your reply
Hmm, are you sure it's rooted? Because it keeps complaining about 'no permission' or is that caused due to incompatibility with my device?
C:\Program Files (x86)\Minimal ADB and Fastboot>fastboot boot recovery.img
downloading 'boot.img'...
OKAY [ 2.171s]
booting...
FAILED (remote: no permission)
finished. total time: 2.173s
Freekers1337 said:
Thanks for your reply
Hmm, are you sure it's rooted? Because it keeps complaining about 'no permission' or is that caused due to incompatibility with my device?
C:\Program Files (x86)\Minimal ADB and Fastboot>fastboot boot recovery.img
downloading 'boot.img'...
OKAY [ 2.171s]
booting...
FAILED (remote: no permission)
finished. total time: 2.173s
Click to expand...
Click to collapse
I guess it's compatibility issue.
1- flash the rooted boot
fastboot flash boot rooted_boot.img
===
2- flash one of the custom recoveries (don't boot them)
fastboot flash recovery recovery.img (use the right file name)
then restart
===
your device will start normally w/o any problem, there's no problem with the rooted boot.
then turn off the tablet and get into the recovery mode by (Vol. down + power buttons)
do not use the "adb reboot-bootloader" cm.
===
now the the recovery might work, and if it didn't, you will face the bootloader screen mode, type:
fastboot reboot
to restart your device, and flash the 2nd recovery img.
So sorry i don't have your device to try that myself.
mann1 said:
I guess it's compatibility issue.
1- flash the rooted boot
fastboot flash boot rooted_boot.img
===
2- flash one of the custom recoveries (don't boot them)
fastboot flash recovery recovery.img (use the right file name)
then restart
===
your device will start normally w/o any problem, there's no problem with the rooted boot.
then turn off the tablet and get into the recovery mode by (Vol. down + power buttons)
do not use the "adb reboot-bootloader" cm.
===
now the the recovery might work, and if it didn't, you will face the bootloader screen mode, type:
fastboot reboot
to restart your device, and flash the 2nd recovery img.
So sorry i don't have your device to try that myself.
Click to expand...
Click to collapse
Thanks for sticking with me
I tried both custom recoveries you sent me, but both fail with error: 'FAILED (remote: image is not a boot image)'.
I also tried creating my own recovery using these two tutorials: https://www.youtube.com/watch?v=w1Ap2YwmGVk & https://www.youtube.com/watch?v=hwMFBuCY-5k but I get the same error (image is not a boot image).
Grrrr, do you still have any ideas ?
Kind regards!
YVW, it's ok, no problem at all.
Pls do not use the command
fastboot boot recovery *.img to try the custom recovery, flash it directly with
fastboot flash recovery filename.img
usually custom recoveries even if they work fine give the same error when u try them with the "boot" command
mann1 said:
YVW, it's ok, no problem at all.
Pls do not use the command
fastboot boot recovery *.img to try the custom recovery, flash it directly with
fastboot flash recovery filename.img
usually custom recoveries even if they work fine give the same error when u try them with the "boot" command
Click to expand...
Click to collapse
I did flash it directly using: fastboot flash recovery xxxxx.img . That's when I got the 'image is not a boot image image' error
Well, we will try easy step, flash the rooted boot img then restart the device, then go to google play, and use the online install function to get superSU.apk, do not download it, just install it directly from the site
mann1 said:
Well, we will try easy step, flash the rooted boot img then restart the device, then go to google play, and use the online install function to get superSU.apk, do not download it, just install it directly from the site
Click to expand...
Click to collapse
I'm sorry, I can't find the online install function. I went to Google Play and installed SuperSU but as soon as it opens it says Device not rooter. After that it says no SU binary found and automatically closes..
Freekers1337 said:
I'm sorry, I can't find the online install function. I went to Google Play and installed SuperSU but as soon as it opens it says Device not rooter. After that it says no SU binary found and automatically closes..
Click to expand...
Click to collapse
It's ok, don't give up
Right now i run out of ideas, but give me some time to get my unrooted stock ROM back, to start the race toward rooting w/o custom recovery.
mann1 said:
It's ok, don't give up
Right now i run out of ideas, but give me some time to get my unrooted stock ROM back, to start the race toward rooting w/o custom recovery.
Click to expand...
Click to collapse
OK I'll wait for your reply.
Freekers1337 said:
OK I'll wait for your reply.
Click to expand...
Click to collapse
Hi
After long journey, i could say I've got an effective way to root your device and mine too w/o custom recovery, it works fine for me, hope it will be the same for you.
First you need to download the following files:
1- New rooted_boot img from here
2- Compressed folder mann1.zip from here
3- SuperSu.apk file from here
====
Now lets start,
1- Unzip the rooted img then flash it, (be careful it's not tested):
use the flash command NOT boot
Code:
fastboot flash boot rooted_boot.img
===
2- Unzip the file "mann1.zip" to get folder "mann1" then copy it directly into your device internal storage NOT the SD card. Put the the whole folder not the files inside.
===
3- Put SupeSU.apk into your SD card
===
If the rooted boot worked fine, restart your device in the normal mode (NOT the recovery or bootloader), and type the following commands one by one:
Code:
adb devices
adb root
adb shell
[I][COLOR="Red"]Now you supposed to see your root like that[/COLOR][/I]
[COLOR="Blue"][email protected]:/ #[/COLOR]
[COLOR="Red"]complete the commands in the shell:[/COLOR]
mount -o rw,remount /system
cat sdcard/mann1/busybox > /system/bin/busybox
cat /sdcard/mann1/su > /system/xbin/su
cat /sdcard/mann1/su > /system/xbin/daemonsu
cat /sdcard/mann1/su > /system/xbin/sugote
cat /system/bin/sh > /system/xbin/sugote-mksh
chown 0.1000 /system/bin/busybox
chmod 0755 /system/bin/busybox
chown 0.0 /system/xbin/su
chmod 0755 /system/xbin/su
chown 0.0 /system/xbin/sugote
chmod 0755 /system/xbin/sugote
chown 0.0 /system/xbin/sugote-mksh
chmod 0755 /system/xbin/sugote-mksh
chown 0.0 /system/xbin/daemonsu
chmod 0755 /system/xbin/daemonsu
daemonsu -d
pm install /sdcard/mann1/superuser.apk
am start -a android.intent.action.MAIN -n
eu.chainfire.supersu/.MainActivity >/dev/null
reboot
If everything run smoothly after rebooting you will find the SuperSu icon installed.
Do NOT run it now
Before that go to your SD card and install SuperSU.apk, from the device not via pc, then restart.
Now your device should be completely rooted , if SUperSu asked to updated via google, reinstall it OR let it updates by google play site.