Hi everyone!
I would like to know some things... Is it possible to unlock OEM/bootloader of said device? Dev options doesn't have the option and looking on the internet i only found solution for kirin960 while my model has kirin985 hardware. Primarily i've been looking for a possibility to root my device but as far as i know it's impossible without unlocking OEM. There was a thread on 4PDA which mentioned that it's only possible now by paying for the unlock code which is a bit ridiculous in my opinion.
To root a device's Android unlocking device's bootloader is NOT required at all.
jwoegerbauer said:
To root a device's Android unlocking device's bootloader is NOT required at all.
Click to expand...
Click to collapse
The only way i know of is to root using Magisk, and https://topjohnwu.github.io/Magisk/install.html here it says that your bootloader needs to be unlocked. Is there another way i don't know of?
Edit - also says that huawei devices are not supported
A phone's Android is rooted when SU ( read: Superuser , root ) binary is present in Android OS.
Here is what you have to do to root your device's Android:
Replace Android's Toybox binary - what is a restricted version by default - by unrestricted Toybox v0.8.5, means what has SU-binary implemented.
This can get achieved by means of ADB.
jwoegerbauer said:
Replace Android's Toybox binary - what is a restricted version by default - by unrestricted Toybox v0.8.5, means what has SU-binary implemented.
This can get achieved by means of ADB.
Click to expand...
Click to collapse
Is there a tutorial on how to do that? I've spent some time looking on forums what is toybox exactly and how to install it but i couldn't really find something beginner friendly
Related
Hello XDA-Forum users,
I ask you a question: How does Android Root works ?
I mean, for example, How does it works in Nexus One ?
This would be an understanding question to know more about how I get root from my Phone (Nexus One, for example) from scratch, from sources.
upupupupupup
Rooting basics:
http://lifehacker.com/5342237/five-great-reasons-to-root-your-android-phone
For details on how to do it on your device, Google or use the forum search. Lots of rooting information that is device dependent out there.
It basically gives your phone permission to do almost anything. It is similar to giving a user in Windows Administrator rights. It is called super user. You can do many things such as removing unwanted apps and overclocking.
This is not what I mean, I asks for an explaining in which the question is "How the root is possible? What active the root ?" Probably a kernel exploit, or stuff like that, to understand the underground passage to take it, from an hack view.
So, How works a root utility (such SuperOneClick) to set gid to 0 ?
Valid question, I am also interested in learning this.
In other words, if I were to perform the rooting manually, where can I find such info?
And some of the question is why su must be in some diredctories, and can't be run from /data/local/tmp for example?
Someone can enlighten us?
diego.stamigni said:
Someone can enlighten us?
Click to expand...
Click to collapse
The general approach is taking advantage of bugs in the android OS
The process works something like this
User crafts some special data that contains a "payload" (the script/executable that we want to run)
User runs a system process that has root privileges and gets it to open the special data
The bug causes the system process to get confused by the data, and ends up running the embedded script
The embedded script runs with the same privileges as the system process, and thus can stuff that normal users aren't allowed to do (e.g. installs the SU app)
Commonly, things such as buffer overflows are used
So after gaining root access, which apps can run as root?
Or the user becomes root(as in desktop), and can run all types of apps?
Can root app(run as root) access everything?? Or app permission still applies?
Is it that system exploit is always used to run root apps?
can someone explain in technical details? not how to root.
are rooting programs open source??
What is the root procedure
Bayint Naung said:
So after gaining root access, which apps can run as root?
Or the user becomes root(as in desktop), and can run all types of apps?
Can root app(run as root) access everything?? Or app permission still applies?
Is it that system exploit is always used to run root apps?
can someone explain in technical details? not how to root.
are rooting programs open source??
Click to expand...
Click to collapse
Hi guys!
I have the same question and after searching and asking find this!
it is good!!
hope it works!
http://stackoverflow.com/questions/...hat-are-the-pre-requisites-for-it-to-work-wha
also look at the suggestedpages at the right of this page!
Hi, I would like to have root access to my phone, but not necessarily with a custom ROM. I would also prefer to not change my bootloader.
What exactly is rooting? Is it replacing the whole system image with an image that gives the user root access? Or is it just like enabling sudo for the user? Or is a smaller part replaced? (I am somewhat familiar with electronics, computers and Linux, but I find the Android hacking a bit confusing )
Also, is it possible to run stock Android, only with root access? Will the access be lost when upgrading?
c3c0l0n said:
Hi, I would like to have root access to my phone, but not necessarily with a custom ROM.
DEV section rooting post /
What exactly is rooting?
root is the user account in Linux with all privileges. The root user can edit anything on the system. For safety reasons, users do not have all those privileges. When you root your phone, you will gain write access to areas of the phone you couldn't previously access and are allowed to run more commands in the terminal. Because applications do not get a lot of privileges, some of them require you to root the device in order for them to function properly (or fully).
Also, is it possible to run stock Android, only with root access?
Yes and Yes lost root on upgrade usually .
jje
Click to expand...
Click to collapse
Thank you. How is the rooting performed? Is only an ACL modified, or is a more fundamental part of the system changed (like the kernel, bootloader etc)?
I know that a custom ROM might be unstable/experimental, but does the same apply for rooting, or is the modification so small that one could expect the exact same stability as in the stock ROM?
c3c0l0n said:
Thank you. How is the rooting performed? Is only an ACL modified, or is a more fundamental part of the system changed (like the kernel, bootloader etc)?
I know that a custom ROM might be unstable/experimental, but does the same apply for rooting, or is the modification so small that one could expect the exact same stability as in the stock ROM?
Click to expand...
Click to collapse
All your questions are explained in detail in the Development section
Sorry, I did not find it. However, I read this without getting smarter. This video suggests that rooting is a process that does something with your phone without replacing everything. An exact list of what the rooting tools do would be perfect
Not all tools do the same thing. To get a specific answer, you will have to ask the person that came up with whatever rooting tool you are referring to. Some phones take more to root than others.
Is rooting mean really exploiting a Kernel vulnerability to gain root access?
If there are no vulnerabilities, no root access?
why doesn't Android allow root access by default like other Linux or windows...
silvercats said:
Is rooting mean really exploiting a Kernel vulnerability to gain root access?
If there are no vulnerabilities, no root access?
Click to expand...
Click to collapse
No, not really. Using a vulnerability is only needed when the manufacturer not allows you to root your device, i.e. using a locked bootloader not possible to unlock.
silvercats said:
why doesn't Android allow root access by default like other Linux or windows...
Click to expand...
Click to collapse
Because buying a phone, and the manufacturer guarantees not only the functionality of the hardware, but of the software as well. This is the difference compared to an ordinary computer. If you could modify the software in the device, the manufacturer would no longer be able to guarantee its function.
Another reason is DRM - for this to be work safely (for the rights owner), the device must be tamper proof. This is why many manufacturers allowing unlocking at the same time erases any DRM information from the phone.
Has a write-up ever been released on exactly how SuperSu works? After searching around for a while I found mostly guides on who to use the app, no the implementation details.
I did, however, find this official resource that is mostly directed at explaining how to use the root privileges programmatically, but explained things fairly well. The article gives information about SELinux, but not so much how its enforcement is circumvented.
There appears to be a lot of context switching to allow execution of certain events (from the point of view of those using SuperSu) otherwise denied under SELinux, but how did SuperSu get to the point at which it was able to "legally", as far as SELinux is concerned, patch SELpolicies?
It seems that the objective is to force the init process to spawn a new shell that runs the su daemon, but there does not appear to be any patching of the init process, but from the article linked:
On firmwares that use SELinux, su is generally implemented as a proxy to a daemon started from init
Click to expand...
Click to collapse
and
You might wonder why - if we're already running as the init context, as the root user ..
Click to expand...
Click to collapse
-------------------------------------------
tl;dr; How does SuperSu execute in the context of the init process?
Given as:
u:r:init:s0 - Highest init context
u:r:init_shell:s0 - Shell started from init
Click to expand...
Click to collapse
SuperSU does not provide root privilege. Root privilege exists or it doesn't. Someone more knowledgeable can explain it better than I can, but either you have access to the system partition (root), or you don't. What SuperSU and similar apps do is act as a gatekeeper for other apps that utilize root access. Primarily to allow or disallow apps, or certain functions within apps, to do whatever it is they do. And of course, it's also a safety precaution against malware, because malware with root access can cause serious damage.
As for the other questions, I'm not the one to reply; that stuff is beyond me.
OEMs use root/admin and then lock it away like on Linux so Its SuperSU tht is the admin and grants root*admin permission
Planterz said:
SuperSU does not provide root privilege. Root privilege exists or it doesn't. Someone more knowledgeable can explain it better than I can, but either you have access to the system partition (root), or you don't. What SuperSU and similar apps do is act as a gatekeeper for other apps that utilize root access.
Click to expand...
Click to collapse
This is likely misunderstood by many. You are thinking of the SuperSU app that can be downloaded from the app-store. In this regard, you are correct in that it manages root access. However, the application portion of SuperSU is only the front-end; there is an entire back-end solution to SuperSU that patches the system to achieve elevated permissions to be managed by the front-end in the first place. Check out the write-up linked in the OP.
arshad145 said:
OEMs use root/admin and then lock it away like on Linux so Its SuperSU tht is the admin and grants root*admin permission
Click to expand...
Click to collapse
This sounds like a plausible method, but I did not see any mention of this in the article linked in the OP. Could you provide further details or sources for your thought?
Android uses *linux* based kernel
So I know the root part is true but for the OEM just a guess ;p
---------- Post added at 19:07 ---------- Previous post was at 19:01 ----------
If you want to learn more about root just use a linux and go explore its deepest secret
Can be tricky to learn about the function of linux kernel but android is more or less the same
*Simplified description*
arshad145 said:
Android uses *linux* based kernel
So I know the root part is true but for the OEM just a guess ;p
---------- Post added at 19:07 ---------- Previous post was at 19:01 ----------
If you want to learn more about root just use a linux and go explore its deepest secret
Can be tricky to learn about the function of linux kernel but android is more or less the same
*Simplified description*
Click to expand...
Click to collapse
I have used Linux for some time now. It is not the architecture of Linux that I am curious about, though.
You are correct in that root access is locked away in most production phones. This is done simply by allowing the user of the phone to execute as a separate user with lower permissions. SuperSU somehow patches the system to execute a daemon in the same context as the init process, which presumably has the most privileged access from the set of contexts. I am wondering of the architecture of SuperSU such that it is able to achieve this execution.
Oh my sorry for misunderstanding :/
but no idea for SuperSU privilege accesses or loop
but if you debug it on pc u can find something?
*Hopefully*
:fingers-crossed:
---------- Post added at 19:29 ---------- Previous post was at 19:23 ----------
One thing am curious too
Why can't superSU gain permanent root unless bootloader is unlocked???
Like if there is OTA update root is gone unless bootloader unlocked ...
WHY?!
**Curious**
arshad145 said:
One thing am curious too
Why can't superSU gain permanent root unless bootloader is unlocked???
Like if there is OTA update root is gone unless bootloader unlocked ...
WHY?!
**Curious**
Click to expand...
Click to collapse
As far as I know, when a bootloader is "locked" is prevents any sort of reflash of the device unless you otherwise provide some kind of proprietary key (.e.g. to authenticate genuine OEM updates). So, you first need to unlock the bootloader in order to flash a custom recovery, which then gives you support for patching the system with the necessary SuperSU files.
Presumably, just as an educated guess, when you receive a genuine OTA the core patched files for SuperSU are overwritten, thus disabling your prior rootkit.
SuperSU is closed source. Just curious to see if anyone has any background knowledge of its implementation.
It seems not. Although this is disappointing, it was somewhat expected.
Hello masters,
I am here with a simple question, since Pixel 2 XL I have been unlocking boot loader, rooting with Magisk, and then editing the System/Build.prop file in order to enable Wifi Hotspot Native tethering. I got a new Pixel 6 and am wondering if I can edit the System/Build.prop file without unlocking boot loader or rooting the pixel 6 currently running android 13 with the latest patch as of Sep 2022.
Thank you in advance for your suggestions.
Sincerely,
Nope, no read/write access without root.
Cheers
@tom1807 ,
I actually don't agree with that, I believe it might be possible to write to the Build.prop without rooting. Especially if you can install a custom recovery image such as TWRP, because it will allow me to mount the system/Build.prop file and that way make the changes on the file save it and then unmount the system/Build.prop file?
Has anyone else experienced this scenario?
I tested it before I wrote my comment.
Filemanager without root access, saw the build.prop, but opening stated "Unable to read file." Access the build.prop with the same filemanager with root access was able to open the build.prop and show the content incl. editing.
There is no TWRP (yet) available for the Pixel 6-series, but installing that would require to unlock the bootloader.
Cheers
@tom1807 ,
Noted, if I am not able to install a custom recovery on the Pixel 6 with Android 13 then I am definitely out of luck, I wanted to avoid unlocking the bootloader because it will wipe/erase all the current data apps, etc on the Pixel 6 and I really want to avoid that.
Thank you very much for the information.
Sincerely,
Lol os13 even not possible with root access
Its depends on brands too
Like in oneplus os12 not even possible with root access twrp and also many other things to get rw
I'll pay to you or any other person if you or he can get rw in os12
So don't even think about without root edit build or modifications
@Mr Hassan,
OS 12 and OS 13 I am guessing you mean Android 12 and Android 13, in any device, not just the Pixel 6 (which is the device I am working on at the moment)?
Thank you,
Mr Hassan said:
Lol os13 even not possible with root access
Its depends on brands too
Like in oneplus os12 not even possible with root access twrp and also many other things to get rw
I'll pay to you or any other person if you or he can get rw in os12
So don't even think about without root edit build or modifications
Click to expand...
Click to collapse
No idea about OS12 on OnePlus, but I can assure you, that I was able to edit my build.prop with root access.
Maybe you use the wrong filemanager (I use FX) or don't have root access.
FX is able to switch to R/W access.
Cheers
jairunet said:
@Mr Hassan,
OS 12 and OS 13 I am guessing you mean Android 12 and Android 13, in any device, not just the Pixel 6 (which is the device I am working on at the moment)?
Thank you,
Click to expand...
Click to collapse
Op have very bad partitions table its on RO its blocks not sys parts to edits
The matter is not about editor
I can also try with pull then edit via pc notepad++ and try push but error not enough space
Or su not found or not accessible etc
tom1807 said:
No idea about OS12 on OnePlus, but I can assure you, that I was able to edit my build.prop with root access.
Maybe you use the wrong filemanager (I use FX) or don't have root access.
FX is able to switch to R/W access.
Cheers
Click to expand...
Click to collapse
Build prop edits still work ?
JazonX said:
Build prop edits still work ?
Click to expand...
Click to collapse
The system partition is read only and not even Root Explorer was able to fix that. With Magisk however I believe some files can be copied into a particular folder and run from there in place of the originals. Build.prop is almost certainly one of them.
I am rooted and I can't freaking access the damn thing either.
I'm thinking of downgrading the os to twelve. Won't give me read write access even with root.
dragonsouce said:
I am rooted and I can't freaking access the damn thing either.
I'm thinking of downgrading the os to twelve. Won't give me read write access even with root.
Click to expand...
Click to collapse
I haven't tried it, but there's this...
GitHub - HuskyDG/magic_overlayfs: Make system partition become read-write (it is also possible without Magisk)
Make system partition become read-write (it is also possible without Magisk) - GitHub - HuskyDG/magic_overlayfs: Make system partition become read-write (it is also possible without Magisk)
github.com