I am in the position of having to manually apply the defult sepolicy patch, init,?*init_shell?* and?*recovery?*permissive, and as the title states when using the supolicy tool to modify my supplieded sepolicy it is not being produced and on closer inspection throwing an error. I have attached both the images and the sepolicy file I am trying to applie these change to.
Have I been doing something wrong or is the file corrupted??
If you need more info just ask
Note: when I first tried it inside an adb shell it reported a segumentation fault, but I was unable to reproduce that condition to be provided with as a screen shot.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
EDIT: I at least can say that the possibility of a corrupt file is now smaller becuse I am able to run dumpav and dump its contents to a txt file and then do afb pull back to pc. So amyone know any way to applie the defult P atchs needed to sysyemless root?
@Chainfire Since this is your binary files, you should know the most about it.
Commands to gain application root on emulator
Code:
adb shell df #Check Available Space
adb shell mount -o remount,rw /system
adb push su /system/bin/su
adb shell chmod 0755 /system/bin/su
adb push su /system/xbin/su
adb shell chmod 0755 /system/xbin/su
adb shell su --install
adb shell "su --daemon&"
adb install superuser.apk
adb install rootcheck.apk
I then proceed to patch the sepolicy file with the following commands
Code:
adb push sepolicy /data/local/tmp/sepolicy
adb shell su -c "supolicy --file /data/local/tmp/sepolicy /data/local/tmp/sepolicy_out" #There is no sepolicy_out file
adb shell su -c "chmod 0644 /data/local/tmp/sepolicy_out"
adb pull /data/local/tmp/sepolicy_out sepolicy_out
So what am I able to do?
Are you able to
A) Help me debug the problem
Or
B) Patch the sepolicy file and post the output back to me/here
Matt07211 said:
...
Click to expand...
Click to collapse
Works fine on my device... could be an x86 specific issue? Unfortunately I don't have any x86 devices to test with.
Thanks for that. Yes, I am trying to patch the policy for my armv8 (arm64) cpu device (just realised, but would trying to patch the sepolicy from one architecture using the supolicy for a different architecture have new the problem?, if so I feel dumb). And since I didn't have a spare device devce that met the requirements, I resorted to use the already setup emulator in my Windows installation.
I had proceeded to root and run the supolicy tool for which nothing out-putted (tried different directorys), I then created a new sub-directory, test, in /data/local/tmp and chmod it with read and write permissions. I tried again and failed, I then ran a dumpav in the sepolicy I was trying to patch and outputted it to /data/local/tmp/test/dumpav.txt which worked.
I am just wondering why it didn't work for me .
Thanks again for the sepolic_out file, I really do apperciate it.
Ah you're saying the segmentation fault occurred on the emulator? That's interesting. Might be reproducable on my end.
Note: look at my first image with cms in the foreground and near the bottom of the command window you should see the segfault message, around second last command or so.
To reproduce that segfault (hopefully):
1) https://software.intel.com/en-us/android/articles/android-44-kitkat-x86-emulator-system-image Download the system image from here (had to direct download instead of sdk as internet was running through profile and ask wouldn't work through it)
2) used the 2.78 SuperSu zip and run above commands to gain root
3) run above commands to try and modify sepolicy (it doesn't produce anything)
4) start an adb shell and then run the commands inside the shell. Know the outputs shown was segfault the first time running the commands, every time afterwards it would show the error in the above screenshots
If you figure out what cause the segfault can you please tell me ?
Matt07211 said:
Note: look at my first image with cms in the foreground and near the bottom of the command window you should see the segfault message, around second last command or so.
To reproduce that segfault (hopefully):
1) https://software.intel.com/en-us/android/articles/android-44-kitkat-x86-emulator-system-image Download the system image from here (had to direct download instead of sdk as internet was running through profile and ask wouldn't work through it)
2) used the 2.78 SuperSu zip and run above commands to gain root
3) run above commands to try and modify sepolicy (it doesn't produce anything)
4) start an adb shell and then run the commands inside the shell. Know the outputs shown was segfault the first time running the commands, every time afterwards it would show the error in the above screenshots
If you figure out what cause the segfault can you please tell me ?
Click to expand...
Click to collapse
Before I go do all this, can you make sure the issue persists with the v2.78 SR1 version from the BETA thread ? Some issues with supolicy were fixed in that release.
Started with a fresh emulator and the newest SuperSu and ran these commands to gain root (I am placing everything as described in update-binary in the right places just to eliminate one thing, missing dependencies)
Code:
adb shell df
adb shell mount -o remount,rw /system
adb push Superuser.apk /system/app/Superuser.apk
adb shell chmod 0644 /system/app/Superuser.apk
adb push install-recovery.sh /system/etc/install-recovery.sh
adb shell ln -s /system/etc/install-recovery.sh /system/bin/install-recovery.sh
adb shell chmod 0755 /system/etc/install-recovery.sh
adb push su /system/xbin/su
adb shell chmod 0755 /system/xbin/su
adb push su /system/bin/.ext/.su
adb shell chmod 0755 /system/bin/.ext/.su
adb push su /system/xbin/daemonsu
adb shell chmod 0755 /system/xbin/daemonsu
adb push su /system/xbin/sugote
adb shell chmod 0755 /system/xbin/sugote
adb push supolicy /system/xbin/supolicy
adb shell chmod 0755 /system/xbin/supolicy
adb push libsupol.so /system/lib/libsupol.so
adb shell chmod 0644 /system/lib/libsupol.so
adb push 99SuperSUDaemon /system/etc/init.d/99SuperSUDaemon
adb shell chmod 0755 /system/etc/init.d/99SuperSUDaemon
adb shell su --install
adb shell "su --daemon&"
adb install superuser.apk
adb install rootcheck.apk
No everything should be in place, and we now can eliminate one thing (supolicy not finding needed dependencies)
Opened up SuperSu and let it install/update binary (succesful)
I then proceeded to patch the sepolicy file like so
Code:
adb push sepolicy /data/local/tmp/sepolicy
adb shell su -c "supolicy --file /data/local/tmp/sepolicy /data/local/tmp/sepolicy_out"
I then did "ls" in the directory and no file out-putted. So I went into a shell and ran
Code:
supolicy --file /data/local/tmp/sepolicy /data/local/tmp/sepolicy_out
And it throw the error shown in the image below. First time running that command in shell it says stopped, but the second time it says stopped as well as segfault.
Keep in mind I am trying to patch a sepolicy file that originates from an armv8 cpu (arm64) on an x86 Intel emulator.
Any more info needed? I am happy to help @Chainfire
So, I think it has something to do with your emulator image (perhaps its too old ?)
I took SuperSU's ZIP file and extracted it, changed to that folder, then:
(note that my adb shell to my emulator image has # root by default)
Code:
adb push c:\download\sepolicy /data/local/tmp/sepolicy
adb push x86\. /data/local/tmp/.
adb shell
cd /data/local/tmp
chmod 0755 supolicy
LD_LIBRARY_PATH=/data/local/tmp:$LD_LIBRARY_PATH ./supolicy --file sepolicy sepolicy_out
exit
Resulting in:
Code:
supolicy v2.78 (ndk:x86) - Copyright (C) 2014-2016 - Chainfire
Patching policy [sepolicy] --> [sepolicy_out] ...
- Success
So, I'm really not sure what might be going on with your setup, but I don't think its SuperSU itself, but rather the emulator.
Note that to use supolicy --file, you only need supolicy and libsupol.so, you don't even need root.
Chainfire said:
So, I think it has something to do with your emulator image (perhaps its too old ?)
I took SuperSU's ZIP file and extracted it, changed to that folder, then:
(note that my adb shell to my emulator image has # root by default)
Resulting in:
So, I'm really not sure what might be going on with your setup, but I don't think its SuperSU itself, but rather the emulator.
Note that to use supolicy --file, you only need supolicy and libsupol.so, you don't even need root.
Click to expand...
Click to collapse
Hmm, I really don't know what is wrong, I will try exactly what you have done later today, to see If can reproduce the output. If it doesn't work then we can pin it down to the emulator itself. What emulator image did you use?
I also realise that so emulator are rooted in the sense that web shell has root acess, just wasn't sure what dependices supolicy had at the time.
Matt07211 said:
Hmm, I really don't know what is wrong, I will try exactly what you have done later today, to see If can reproduce the output. If it doesn't work then we can pin it down to the emulator itself. What emulator image did you use?
I also realise that so emulator are rooted in the sense that web shell has root acess, just wasn't sure what dependices supolicy had at the time.
Click to expand...
Click to collapse
I created an API 22 Google Nexus x86_64 AVD in Android Studio
I should be able to try that in about 20-30 mins after I download it, I was using api level 19, Intel's emulator image.
I ran these commands on the Intel api 19 x86 emulator image.
Code:
adb push libsupol.so /system/lib/libsupol.so
adb shell chmod 0644 /system/lib/libsupol.so
adb push /system/xbin/supolicy
adb shell chmod 0755 /system/xbin/supolicy
adb push supolicy /data/local/tmp/supolicy
adb shell chmod 0755 /data/local/tmp/supolicy
adb push sepolicy /data/local/tmp/sepolicy
adb shell
cd /data/local/tmp
chmod 0755 supolicy
LD_LIBRARY_PATH=/data/local/tmp:$LD_LIBRARY_PATH ./supolicy --file sepolicy sepolicy_out
and it results in the error(shown in screenshot)
Code:
libsepol.policydb_read: policydb magic number 0x464c457f does not match expected magic number 0xf97cff8c or 0xf97cff8d
-Failure!
I then tried it on the Intel x86_64 api 22 emulator image (running the same commands as the first one, resulting in a succes, with the file being outputted as the sepolicy_out.
So as you have stated @Chainfire , it looks like a problem with the emulator itself, and most likely not the supolicy tool.
Chainfire said:
So, I think it has something to do with your emulator image (perhaps its too old ?)
I took SuperSU's ZIP file and extracted it, changed to that folder, then:
(note that my adb shell to my emulator image has # root by default)
Code:
adb push c:\download\sepolicy /data/local/tmp/sepolicy
adb push x86\. /data/local/tmp/.
adb shell
cd /data/local/tmp
chmod 0755 supolicy
LD_LIBRARY_PATH=/data/local/tmp:$LD_LIBRARY_PATH ./supolicy --file sepolicy sepolicy_out
exit
Resulting in:
Code:
supolicy v2.78 (ndk:x86) - Copyright (C) 2014-2016 - Chainfire
Patching policy [sepolicy] --> [sepolicy_out] ...
- Success
So, I'm really not sure what might be going on with your setup, but I don't think its SuperSU itself, but rather the emulator.
Note that to use supolicy --file, you only need supolicy and libsupol.so, you don't even need root.
Click to expand...
Click to collapse
@Chainfire, I'm trying to patch sepolicy for a Samsung device running Nougat, so that Supersu can be installed in system mode. Could you confirm if the --sdk=24 parameter is required?
adb shell su -c "supolicy --file /data/local/tmp/sepolicy /data/local/tmp/sepolicy_out --sdk=24"
Thanks, appreciate your time.
ashyx said:
@Chainfire, I'm trying to patch sepolicy for a Samsung device running Nougat, so that Supersu can be installed in system mode. Could you confirm if the --sdk=24 parameter is required?
adb shell su -c "supolicy --file /data/local/tmp/sepolicy /data/local/tmp/sepolicy_out --sdk=24"
Thanks, appreciate your time.
Click to expand...
Click to collapse
Yes it is.
System mode hasn't been tested at all on 7.0 though. I'm not sure anybody has been able to get it to work at this point.
If you do, let me know and with the steps
Chainfire said:
Yes it is.
System mode hasn't been tested at all on 7.0 though. I'm not sure anybody has been able to get it to work at this point.
If you do, let me know and with the steps
Click to expand...
Click to collapse
Hmm wasn't aware of the lack of support for system mode in nougat, any plans to implement?
It seems system mode root renders the device unbootable according to reports from my tester.
Question, if I modify the supersu script to mount su.img from /system am I likely to hit issues?
Seems a strange query I know.
Reason is we have a Samsung device that for some reason will not boot from a source built custom Nougat kernel. Not sure if this is related to AVB yet or something else.
However we can get a half assed TWRP to boot with the stock kernel.
Only problem is, no matter what, only /system can be mounted and accessed with write permission due to permission denied issues with the rest of partitions. Pretty sure this is an SELinux issue.
Meaning systemless root cannot be installed as normal. No access to /data or /cache.
I can patch the boot.img ramdisk manually for systemless, but for root to work I would need to push su.img to system and mount it from there.
Is it possible to still mount su.img from system if I modify the ramdisk init as required?
The other avenue is to flash su.img to /data or /cache via ODIN.
If it was flashed to /cache would supersu automatically pick up its location and copy it to /data or would a flag need to be set?
Just trying to keep my options open here.
ashyx said:
Hmm wasn't aware of the lack of support for system mode in nougat, any plans to implement?
It seems system mode root renders the device unbootable according to reports from my tester.
Click to expand...
Click to collapse
It is on my list of things to test/fix, but that list is long and full of terrors.
Question, if I modify the supersu script to mount su.img from /system am I likely to hit issues?
Is it possible to still mount su.img from system if I modify the ramdisk init as required?
Click to expand...
Click to collapse
I think that could work, yes.
The other avenue is to flash su.img to /data or /cache via ODIN.
If it was flashed to /cache would supersu automatically pick up its location and copy it to /data or would a flag need to be set?
Just trying to keep my options open here.
Click to expand...
Click to collapse
SuperSU should pick it up from /cache. Alternatively, try SuperSU's FRP mode, which stores a copy of the needed files in the boot-image and re-creates /data/su.img as needed.
Chainfire said:
It is on my list of things to test/fix, but that list is long and full of terrors.
I think that could work, yes.
SuperSU should pick it up from /cache. Alternatively, try SuperSU's FRP mode, which stores a copy of the needed files in the boot-image and re-creates /data/su.img as needed.
Click to expand...
Click to collapse
Thanks, great info as always. Finally managed to root the damn thing by adding a short script to the init which copies su.img to cache.
However FRP mode sounds like a more elegant solution if I can work out how to implement it in the Ramdisk.
Much appreciate your input.
ashyx said:
So, I think it has something to do with your emulator image (perhaps its too old ?)
...
Could you confirm if the --sdk=24 parameter is required?
adb shell su -c "supolicy --file /data/local/tmp/sepolicy /data/local/tmp/sepolicy_out --sdk=24"
Thanks, appreciate your time.
Click to expand...
Click to collapse
Yea believe it was segfaulting due to the Android version, I think I was using KitKat and it wasn't working, bumped up to lollipop and above and it worked fine
Oh, the SDK parameter, never heard of it, what does it do? Geuss I'll Google that then.
ashyx said:
Thanks, great info as always. Finally managed to root the damn thing by adding a short script to the init which copies su.img to cache.
However FRP mode sounds like a more elegant solution if I can work out how to implement it in the Ramdisk.
Much appreciate your input.
Click to expand...
Click to collapse
I did the same thing for my device, add a little script to move it to data. Had no other way to get it to a locked down device without TWRP. Hehe. Good job
Can you please tell me how to manually patch init by supersu ?
I've googled a lot, but haven't found a way to manually patch init by supersu.
My model is Honor v10, there isn't a custom recovery, so i have to make a boot.img with supersu inside to get root.
Related
Stupid me go back to the stock rom and upgraded to 2.2.1 and lost the root. Ive been trying all day today by following the instruction from this tutorial(http://forum.xda-developers.com/showthread.php?t=736271) but im stuck at the rootshell command. its says permission denied. Can some one please help me..please.. is there any way to root this FRG83, please??
This method does not work anymore.. you have to go a different method..
you can try this method
Code:
adb push rageagainstthecage-arm5.bin /data/local/tmp/
adb shell
$chmod 700 /data/tmp rageagainstthecage
exit
go to sdk/tools
/tools>freenexus.bat
adb shell
$cd data/local/tmp
ls
check if all files are in
rage
su
Superuser.apk
busybox
$./rageagainstthecage
743C[*] checking NPROC limit ...
[+] RLIMIT_NPROC={3084, 3084}[*] Searching for adb ...
[+] Found adb as PID 64[*] Spawning children. Dont type anything and wait for reset![*][*] If you like what we are doing you can send us PayPal money to[*] 7-4-3-C[at]web.de so we can compensate time, effort and HW costs.[*] If you are a company and feel like you profit from our work,[*] we also accept donations > 1000 USD![*][*] adb connection will be reset. restart adb server on desktop and re-login.
DONT TYPE ANYTHING TILL YOU HERE THE ADB ON PHONE RESTARTS.
C:/adb kill-server
C:/adb start-server
adb shell
#
should get pound sign if not run ragecage again and dont do anything to you here the last ding on computer
#cd /data/local/tmp
#./busybox cp busybox /system/bin/
(if get read-only error do this
mount -o remount,rw /dev/block/mtdblock3 /system)
#chmod 4755 /system/bin/busybox
#./busybox cp Superuser.apk /system/app
#./busybox cp su /system/bin/
#chmod 4755 /system/bin/su
#exit
if $ type exit again
then go into terminal on phone, and type su
if you get the # you have root once again! yay!
now to install busybox command
adb shell
$su
#cd /sdcard
#sh ./installbusybox.sh
thats it
i dont have files i will upload in a bit before i have to go
ok for busybox installing on phone..
put installer.sh
and busybox on root of sdcard
then follow rest of instructions..pretty simple
put su,busybox,and all the freenexus stuff in sdktools
http://www.mediafire.com/file/nm7k71ofdgltk5g/root.rar
ilostchild said:
This method does not work anymore.. you have to go a different method..
you can try this method
Code:
adb push rageagainstthecage-arm5.bin /data/local/tmp/
adb shell
$chmod 700 /data/tmp rageagainstthecage
exit
go to sdk/tools
/tools>freenexus.bat
adb shell
$cd data/local/tmp
ls
check if all files are in
rage
su
Superuser.apk
busybox
$./rageagainstthecage
743C[*] checking NPROC limit ...
[+] RLIMIT_NPROC={3084, 3084}[*] Searching for adb ...
[+] Found adb as PID 64[*] Spawning children. Dont type anything and wait for reset![*][*] If you like what we are doing you can send us PayPal money to[*] 7-4-3-C[at]web.de so we can compensate time, effort and HW costs.[*] If you are a company and feel like you profit from our work,[*] we also accept donations > 1000 USD![*][*] adb connection will be reset. restart adb server on desktop and re-login.
DONT TYPE ANYTHING TILL YOU HERE THE ADB ON PHONE RESTARTS.
C:/adb kill-server
C:/adb start-server
adb shell
#
should get pound sign if not run ragecage again and dont do anything to you here the last ding on computer
#cd /data/local/tmp
#./busybox cp busybox /system/bin/
(if get read-only error do this
mount -o remount,rw /dev/block/mtdblock3 /system)
#chmod 4755 /system/bin/busybox
#./busybox cp Superuser.apk /system/app
#./busybox cp su /system/bin/
#chmod 4755 /system/bin/su
#exit
if $ type exit again
then go into terminal on phone, and type su
if you get the # you have root once again! yay!
now to install busybox command
adb shell
$su
#cd /sdcard
#sh ./installbusybox.sh
thats it
i dont have files i will upload in a bit before i have to go
ok for busybox installing on phone..
put installer.sh
and busybox on root of sdcard
then follow rest of instructions..pretty simple
put su,busybox,and all the freenexus stuff in sdktools
http://www.mediafire.com/file/nm7k71ofdgltk5g/root.rar
Click to expand...
Click to collapse
man thanks alot for your help, but im really a noob.
wud u mind telling me step by step, i know it sounds pretty stupid but pls just guide in the right direction. Much appreciated.
Ouch. I hope you can laugh about this one day. I'm sure you'll have root again.
Have you ever heard the term "curiosity kills the cat".
You knew enough to get root, revert to stock so that you could apply 2.2.1, to discover the hard way that the .1 was mainly, if nothing more than a security patch locking out root. And now need coles notes for above. Sorry, that'll be funny after you have root again.
In the meantime, I hope you find solace in paving the road for future noobs starting new from 2.2.1.
Anyway, the majority of the guide above are sequences while in ADB. You had to use some adb to get
root the first time. Google and do a little research on the subject. You need to polish up as I think the warnings above about "don't do anything until", are warnings to avoid bricking. If this procedure is that risky then your ounce of comprehension is worth a ton of hand holding.
Sent from my Nexus One using XDA App
read this thread first
my instructions are the same just more detailed..
and yes gotto do this thru adb
so you get the ragecage arm5
and go to android sdk/tools> and from there do adb push.. and im sure you can do the rest
ilostchild said:
my instructions are the same just more detailed..
and yes gotto do this thru adb
so you get the ragecage arm5
and go to android sdk/tools> and from there do adb push.. and im sure you can do the rest
Click to expand...
Click to collapse
ijust wanted to know which files to download and where to extract themm.. just lik ehow it was mentioned in the freenexus thread, it was defined so clear which fuiles to download and where,,.
Can anyone please help. thanks.
Loveact's post links you to a thread with multiple victims of the patch, links and details to get back root.
Sent from my Nexus One using XDA App
Detailed step-by-step instructions
nexusdue said:
Detailed step-by-step instructions
Click to expand...
Click to collapse
ok so i tried last nite several time but im stuck at the part after
$./rageagainstthecage
its says not found
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
what am i suppose to do now, I am stuck. All my files are in the tools folder
I need your help, please help me out.
If you are running windows, did you run freenexus.bat? I think that step was not mentioned unless u looked at the readme file in the freenexus.zip files.
kpjimmy said:
If you are running windows, did you run freenexus.bat? I think that step was not mentioned unless u looked at the readme file in the freenexus.zip files.
Click to expand...
Click to collapse
Do I have to double click it and run iton windows before i start the process??
is that what you mean??
junooni.1980 said:
ok so i tried last nite several time but im stuck at the part after
$./rageagainstthecage
its says not found
what am i suppose to do now, I am stuck. All my files are in the tools folder
I need your help, please help me out.
Click to expand...
Click to collapse
Congrats for not following the instructions.
nexusdue said:
Congrats for not following the instructions.
Click to expand...
Click to collapse
i did man.. can some one help me then dunno what am i m issing.. here pls.
Looks like you don't have the rageagainstthecage binary on your phone.
Doing 'adb shell ls -l /data/local/tmp' on your computer should get you something like this:
Code:
-rwxrwxrwx shell shell 5392 2010-08-25 01:42 rageagainstthecage-arm5.bin
-rwxr-xr-x shell shell 1926944 2010-03-22 20:29 busybox
-rwxrwxrwx shell shell 26248 2010-07-22 10:20 su
-rwxrwxrwx shell shell 27688 2010-07-22 10:19 Superuser.apk
There might be some other files in there; it's these that matter. If you don't see them then do all the 'adb push' and 'adb shell chmod' stuff in the previously linked instructions.
Egypt Urnash said:
Looks like you don't have the rageagainstthecage binary on your phone.
Doing 'adb shell ls -l /data/local/tmp' on your computer should get you something like this:
Code:
-rwxrwxrwx shell shell 5392 2010-08-25 01:42 rageagainstthecage-arm5.bin
-rwxr-xr-x shell shell 1926944 2010-03-22 20:29 busybox
-rwxrwxrwx shell shell 26248 2010-07-22 10:20 su
-rwxrwxrwx shell shell 27688 2010-07-22 10:19 Superuser.apk
There might be some other files in there; it's these that matter. If you don't see them then do all the 'adb push' and 'adb shell chmod' stuff in the previously linked instructions.
Click to expand...
Click to collapse
what is Doing 'adb shell ls ((-l /data/local/tmp' ))on your computer should get you something like this: i meant what is -I??
If you can't follow these instrucstions, you should NOT be rooting anyhow, since you obviously have NO IDEA what you are doing.
1) Get rageagainstthecage-arm5.bin
http://stealth.openwall.net/xSports/RageAgainstTheCage.tgz
2) Get Superuser.apk, busybox,su
http://dl.dropbox.com/u/1327667/freenexus.zip
3) Get the Android SDK (ADB)
http://dl.google.com/android/android-sdk_r07-windows.zip
4a) Unzip android SDK (e.g. so that the tools folder is F:\ADB\)
4b) connect Nexus One with with "applications=>development=>USB debug enabled" (and install USB driver if necessary)
5) Unzip/unrar files within RageAgainstTheCage.tgz to F:\ADB\
6) Unzip/unrar files within freenexus.zip to F:\ADB\
7) Open command prompt go to F:\ADB
[7b) Verify that your nexus one is connected and responding - type "adb devices" it should list your N1
8) Now within the command prompt do the following (commands in bold - the rest gives you an indication of the results)
(Note: if you get $ instead of #, just go back and repeat the instructions from where it says $ ./rageagainstthecage. Worked like a charm on the second try for me.)
F:\ADB>adb push rageagainstthecage-arm5.bin /data/local/tmp/rageagainstthecage
263 KB/s (5392 bytes in 0.020s)
F:\ADB>adb push Superuser.apk /data/local/tmp/Superuser.apk
263 KB/s (5392 bytes in 0.020s)
F:\ADB>adb push su /data/local/tmp/su
263 KB/s (5392 bytes in 0.020s)
F:\ADB>adb push busybox /data/local/tmp/busybox
263 KB/s (5392 bytes in 0.020s)
F:\ADB>adb shell chmod 700 /data/local/tmp/rageagainstthecage
F:\ADB>adb shell
$
$ cd /data/local/tmp
cd /data/local/tmp
$ ./rageagainstthecage
./rageagainstthecage[*] CVE-2010-EASY Android local root exploit (C) 2010 by 743C[*] checking NPROC limit ...
[+] RLIMIT_NPROC={3084, 3084}[*] Searching for adb ...
[+] Found adb as PID 64[*] Spawning children. Dont type anything and wait for reset![*][*] If you like what we are doing you can send us PayPal money to[*] 7-4-3-C[at]web.de so we can compensate time, effort and HW costs.[*] If you are a company and feel like you profit from our work,[*] we also accept donations > 1000 USD![*][*] adb connection will be reset. restart adb server on desktop and re-login.
$
F:\ADB>adb kill-server
F:\ADB>adb start-server
* daemon not running. starting it now *
* daemon started successfully *
F:\ADB>adb shell chmod 755 /data/local/tmp/busybox
F:\ADB>adb shell
#mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
# cd /data/local/tmp
cd /data/local/tmp
# ./busybox cp busybox /system/bin
./busybox cp busybox /system/bin
# chmod 4755 /system/bin/busybox
chmod 4755 /system/bin/busybox
# busybox cp Superuser.apk /system/app
busybox cp Superuser.apk /system/app
# busybox cp su /system/bin
busybox cp su /system/bin
# chmod 4755 /system/bin/su
chmod 4755 /system/bin/su
# exit
F:\ADB>adb shell
# su
su
#mount -o remount,ro -t yaffs2 /dev/block/mtdblock3 /system
mount -o remount,ro -t yaffs2 /dev/block/mtdblock3 /system
# exit
F:\ADB>exit
Click to expand...
Click to collapse
nexusdue said:
If you can't follow these instrucstions, you should NOT be rooting anyhow, since you obviously have NO IDEA what you are doing.
1) Get rageagainstthecage-arm5.bin
http://stealth.openwall.net/xSports/RageAgainstTheCage.tgz
2) Get Superuser.apk, busybox,su
http://dl.dropbox.com/u/1327667/freenexus.zip
3) Get the Android SDK (ADB)
http://dl.google.com/android/android-sdk_r07-windows.zip
4a) Unzip android SDK (e.g. so that the tools folder is F:\ADB\)
4b) connect Nexus One with with "applications=>development=>USB debug enabled" (and install USB driver if necessary)
5) Unzip/unrar files within RageAgainstTheCage.tgz to F:\ADB\
6) Unzip/unrar files within freenexus.zip to F:\ADB\
7) Open command prompt go to F:\ADB
[7b) Verify that your nexus one is connected and responding - type "adb devices" it should list your N1
8) Now within the command prompt do the following (commands in bold - the rest gives you an indication of the results)
(Note: if you get $ instead of #, just go back and repeat the instructions from where it says $ ./rageagainstthecage. Worked like a charm on the second try for me.)
Click to expand...
Click to collapse
Ok perhaps that what i am doing wrong...
so i download android-sdk_r07-windows.zip & unzip it..to a folder F:\ADB.
So i have to create a new folder named ADB and thne unzip all teh stuff in it??
because before i was unzipping the android-sdk_r07-windows.zip & then the folder named android-sdk_r07-windows & i was upzipping freenexus.zip & RageAgainstTheCage.tgz in the tools folder in the android-sdk_r07-windows folder.
So correct me if im wrong instead of android-sdk_r07-windows folder I have to make a new folder named F:\ADB and then unzinp android-sdk_r07-windows.zip & freenexus.zip & RageAgainstTheCage.tgz in teh F;\ADB folder not in the android-sdk_r07-windows tools folder??
Please advise?>?
junooni.1980 said:
Ok perhaps that what i am doing wrong...
so i download android-sdk_r07-windows.zip & unzip it..to a folder F:\ADB.
So i have to create a new folder named ADB and thne unzip all teh stuff in it??
because before i was unzipping the android-sdk_r07-windows.zip & then the folder named android-sdk_r07-windows & i was upzipping freenexus.zip & RageAgainstTheCage.tgz in the tools folder in the android-sdk_r07-windows folder.
So correct me if im wrong instead of android-sdk_r07-windows folder I have to make a new folder named F:\ADB and then unzinp android-sdk_r07-windows.zip & freenexus.zip & RageAgainstTheCage.tgz in teh F;\ADB folder not in the android-sdk_r07-windows tools folder??
Please advise?>?
Click to expand...
Click to collapse
Sorry this is so basic ... if you don't understand folder structures, you really SHOULD NOT ROOT!
Do NOT do it! Maybe after using computers for a couple of years you can "upgrade" to rooting your phone.
nexusdue said:
Sorry this is so basic ... if you don't understand folder structures, you really SHOULD NOT ROOT!
Do NOT do it! Maybe after using computers for a couple of years you can "upgrade" to rooting your phone.
Click to expand...
Click to collapse
I can admire how you're so annoyed but I guess i gotta suck it up cus It I who is in need.
LOL! i've been using computers for a while now & I do undrestand the folder structure pretty well why would i think that? Cus I was able to root the phone the first time.
It's just that i find the description so confusing, I use windows, dunno what OS are you on? But when you extract a zip file it creates a default folder of the same name so...
But i really don't think that my question was that hard, which shot you over the moon & piss you off and made you tell me to learn basic computing first.
All i asked was If I am suppose to make a separate folder named ADB & if I sould extract every thing in it rather than the default unzipped folder that windows makes. But I guess If you're so annoyed then i'l leave it for some one else, I am quite sure one of the purpose of this forum is to get and give help. And im pretty sure that there will be someone who can help me or perhaps i'll find a way myself. But anyways thanks alot for your time, you've been nothing but great help. LOL! And I mean it...
Ladies and Gents:
Please help me out.
I am trying to install a "Japanese IME" that sir JMaurice has kindly provided through one of the forums.
Did everything (I think) required in order to get my N1 connected and recognized by my laptop. Then used SuperOneClickv1.5.5-ShortFuse to gain root. Started on the IME installation and got the following.
>adb devices
List of devices attached
HTxxxPxxxxxx device
>adb kill-server
* server not running *
>adb root
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
adbd cannot run as root in production builds
>adb remount
remount failed: Operation not permitted
So I decided to confirm root.
>adb shell
$ su
su
# exit
exit
$ exit
exit
I couldn't start the "adb push" sequence due to the errors above. What am I doing wrong?
Did you reboot after executing SuperOneClick? Try that.
Jack_R1 said:
Did you reboot after executing SuperOneClick? Try that.
Click to expand...
Click to collapse
Believe I rebooted. Rebooted again just in case. Still gives me the following:
>adb root
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
adbd cannot run as root in production builds
>adb remount
remount failed: Operation not permitted
Weird, but already seen on the forum not a long time ago, I think. I'm not sure what can be done in this situation. "adb remount" can be easily substituted by shell commands, root shell you're still achieving by "su", but how to solve this - I have no idea. Might be permissions thing.
Jack_R1 said:
Weird, but already seen on the forum not a long time ago, I think. I'm not sure what can be done in this situation. "adb remount" can be easily substituted by shell commands, root shell you're still achieving by "su", but how to solve this - I have no idea. Might be permissions thing.
Click to expand...
Click to collapse
Thanks for your replies. Am searching the forums for a similar post; still no luck. Hopefully someone will chime in with an answer.
Thanks again.
You have root, you just don't have an insecure boot.img
Rusty! said:
You have root, you just don't have an insecure boot.img
Click to expand...
Click to collapse
Please clarify. Where possible, detailed explanation/instructions would be most appreciated.
You have root, that's all fine.
To use the command adb remount, you need an insecure bootloader, as you don't have this (due to using the stock boot.img) you have to mount /system as RW in a different way:
su
mount -o remount,rw /dev/mtdblock3 /system
Rusty! said:
You have root, that's all fine.
To use the command adb remount, you need an insecure bootloader, as you don't have this (due to using the stock boot.img) you have to mount /system as RW in a different way:
su
mount -o remount,rw /dev/mtdblock3 /system
Click to expand...
Click to collapse
What I am trying to achieve after adb remount is:
adb push iWnnIME/jp.co.omronsoft.iwnnime /data/data/
adb push iWnnIME/[email protected]@[email protected] /data/dalvik-cache/
adb push iWnnIME/libiwnn.so /system/lib/
.
.
.
adb push iWnnIME/libnjubase2.so /system/lib/
adb push iWnnIME/DroidSansJapanese.ttf /system/fonts/
adb install iWnnIME/iWnnIME.apk
This will actaully be the first time for me to use su. Could you confirm whether the following sequence of commands are correct?
>adb shell
$ su
# mount -o remount,rw /dev/mtdblock3 /data
# exit
$ exit
> adb push iWnnIME/jp.co.omronsoft.iwnnime /data/data/
> adb push iWnnIME/[email protected]@[email protected] /data/dalvik-cache/
>adb shell
$ su
# mount -o remount,rw /dev/mtdblock3 /system
# exit
$ exit
> adb push iWnnIME/libiwnn.so /system/lib/
.
.
.
> adb push iWnnIME/libnjubase2.so /system/lib/
> adb push iWnnIME/DroidSansJapanese.ttf /system/fonts/
> adb install iWnnIME/iWnnIME.apk
Please let me know if I am missing anything.
Wrong. You don't need to remount data, it's always writeable, and the command is erroneous - you're mounting system partition and calling it "data". You need to just push the apps to /data, as shown below:
> adb push iWnnIME/jp.co.omronsoft.iwnnime /data/data/
> adb push iWnnIME/[email protected]@[email protected] /data/dalvik-cache/
> adb shell
$ su
# mount -o remount,rw /dev/mtdblock3 /system
# exit
$ exit
> adb push iWnnIME/libiwnn.so /system/lib/
.
.
.
> adb push iWnnIME/libnjubase2.so /system/lib/
> adb push iWnnIME/DroidSansJapanese.ttf /system/fonts/
> adb install iWnnIME/iWnnIME.apk
Jack_R1 said:
Wrong. You don't need to remount data, it's always writeable, and the command is erroneous - you're mounting system partition and calling it "data". You need to just push the apps to /data, as shown below:
> adb push iWnnIME/jp.co.omronsoft.iwnnime /data/data/
> adb push iWnnIME/[email protected]@[email protected] /data/dalvik-cache/
> adb shell
$ su
# mount -o remount,rw /dev/mtdblock3 /system
# exit
$ exit
> adb push iWnnIME/libiwnn.so /system/lib/
.
.
.
> adb push iWnnIME/libnjubase2.so /system/lib/
> adb push iWnnIME/DroidSansJapanese.ttf /system/fonts/
> adb install iWnnIME/iWnnIME.apk
Click to expand...
Click to collapse
I think I am starting to understand this. I punched in the first adb push sequence and got the following:
> adb push iWnnIME/jp.co.omronsoft.iwnnime /data/data/
push: iWnnIME/jp.co.omronsoft.iwnnime/dicset/master/njuserphone.a -> /data/data/dicset/master/njuserphone.a
failed to copy 'iWnnIME/jp.co.omronsoft.iwnnime/dicset/master/njuserphone.a' to '/data/data/dicset/master/njuserphone.a': No such file or directory
Checked in tools directory and the appropriate directory/file combination was there. Does this indicate that I have to create the appropriate directory in my phone?
Someone? Anyone?
Or is it possible to execute the same adb sequence in shell as su?
I must admit, I've never pushed more that a single file at a time over, given you appear to be trying to push an entire directory tree, perhaps you might be better off copying it over to the SD card in Windows, and using busybox to get it where you need it.
Exactly as Rusty suggested above me. Otherwise you need to create all the directories manually, through adb shell mkdir <your_directory_that_is_not_on_the_phone> .
I am attempting to get Cyanogenmod onto my Nexus One, but am running into far more problems than expected. The information on rooting Android devices seems heavily fragmented across the web and the tools unreliable. At least in my case, SuperOneClick has proven a complete misnomer. So I'd like to go back to basics - executing as many of the commands as possible from a Linux terminal to get the phone rooted/unlocked/whatever else has to happen to get Cyanogenmod installed. The two constraints I'm working with here are as follows:
1. The device is running Android 2.2.1 (I downgraded from 2.3.x using the PASSIMG method).
2. The power button on the device is broken, so any method which requires pressing/holding it is ruled out.
The problem I am having is that even after following Linux-centric guides, I get to the point of installing the SuperUser app followed by the ROM Manager app, but I'm never prompted to give ROM Manager superuser permissions and so can't flash the ClockworkMod recovery.
Below I describe the steps I've been taking so far, based on the "How To Root Nexus One Running Android 2.2.1 From Ubuntu Linux" guide (Google it, I can't post hyperlinks).
- Download/extract/move Nexus One Softroot files to same directory as adb
- From adb directory, execute the following commands:
sudo ./adb push psneuter /data/local/tmp/psneuter
sudo ./adb push busybox /data/local/tmp/busybox
sudo ./adb push su /data/local/tmp/su
sudo ./adb shell chmod 755 /data/local/tmp/psneuter
sudo ./adb shell chmod 755 /data/local/tmp/busybox
sudo ./adb shell chmod 755 /data/local/tmp/su
sudo ./adb shell cd /data/local/tmp ./psneuter
sudo ./adb shell
After executing sudo ./adb shell as above, I get the # prompt, which is purported to indicate that rooting was successful.
- Still following the guide, I then execute the commands which purportedly make root permanent:
mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
cd /data/local/tmp
./busybox cp busybox /system/bin
chmod 4755 /system/bin/busybox
busybox cp su /system/bin
chmod 4755 /system/bin/su
exit
exit
- Again, still following the guide, I execute the commands which purportedly set the /system partition back to read-only:
sudo ./adb shell
su
mount -o remount,ro -t yaffs2 /dev/block/mtdblock3 /system
exit
exit
- Now, I download the SuperUser app from the Android Market and open it to make sure it's running.
- Next, I download the ROM Manager app from Google Play (looks like it pulled a sneaky and upgraded from Android Market to Google Play here).
- I run ROM Manager and choose Flash ClockworkMod Recovery. I'm prompted to confirm the phone is a Google Nexus One and then ROM Manager runs for about 30 seconds (yellow program bar goes all the way) before spitting out An error occurred while attempting to run privileged commands!. And this is the point I am stuck at.
I should note that at no point am I prompted by the SuperUser app to give the ROM Manager app super user permissions. I don't restart the phone or do anything else throughout all of the steps I've described above, so I can't see any reason for root to have been lost at any point. In fact, if I execute the command sudo ./adb shell after all this, I still get the # prompt indicating root. And when I execute id afterwards, I get uid=0(root) gid=0(root) -- further confirmation of root. I really am stuck on this one. I've spent a lot of time digging through forum posts and online articles, but the signal to noise ratio is poor and I haven't been able to find anything that actually works. Can someone suggest where I am going wrong?
Programs might expect su to be in /system/xbin rather than /system/bin, which is probably your case.
Also, use SuperSU instead of Superuser.
Also, make sure the su you're using is matching the relevant control program - which means, downloading Superuser from the Play Store won't help, if it can't work with the binary you have. So download a complete ZIP from XDA with SuperSU.apk and su binary, and use those. The last version I used was 0.89 and it was on XDA just like I described above.
interesting problem with ez fix, get new phone. n1's are $100 on ebay, thats how i got mine.
I have an un-rooted device, with Android 5.0 system, and the core is ARM Coretex A53.
I happen to found "adb root" works, that means I can play as root through ADB shell.
I successfully deleted a trash apk, renowned "kingroot", from my system.
Then, I try to manually update su and SuperSu file, through the bellowing commands:
# mount -o rw,remount /system
# cp /sdcard/mrw/su /system/xbin/su
# cp /sdcard/mrw/su /system/bin/su
# pm install /sdcard/mrw/superuser.apk
(I'm using a 2.46 SuperSu version, which should be OK for Android 5.0 system)
But it fails. The SuperSu told me " su binary not installed".
My questions:
1. Is this a feasible way to update Su and SuperSu, and get root access?
2. There's a bunch of architect, I tried both "arm" and "arm64", but none of the su binary can work. Which architect shall I choose, when I'm running on a ARM Coretex A53 core? ( I know it is a 64bit core)
Thanks a lot, and Best Regards,
towenyu
Did you get this device secondhand? Also what device is it, since many have their own root method because of OEM crap.
That said, you only need su in one location, either /system/xbin/su or /system/bin/su (I typically see it in /system/xbin/su). I'm not sure what happens if it's in both, but it's just wasted space.
You can try these commands through adb root; since you already were able to get su onto your device, it may be just a matter of ownership and permissions:
Code:
# mount -o rw,remount /system
# chmod 755 /system/xbin/su
# chown root:root /system/xbin/su
# mount -o ro,remount /system
chown 755 sets the permissions to rwxr-xr-x (user gets read/write/execute, group/other gets read/execute). Execute is the important bit here, since otherwise the su binary can't do its job. After those commands, try SuperSU again and see if it works (you might need a reboot, because of how Android 5.0+ handles changes to /system) The last mount -o ro command just changes /system back to read-only, to prevent accidental changes to other parts.
Successfully rooted!
Not that simple, but basically follow the update-binary script already inside supersu package.
Only need to made slight modification due to my system won't support "unzip"
Now that you're successfully rooted, go install Busybox, that'll give you a lot of Linux commands Android doesn't have by default, including unzip.
xfullmetal17 said:
Now that you're successfully rooted, go install Busybox, that'll give you a lot of Linux commands Android doesn't have by default, including unzip.
Click to expand...
Click to collapse
Thanks for your advice! I will try it.
But don't there's already a Busybox in android system? I guess what I need to do is find somewhere a more powerful busybox binary -- or build it by my own, but that may be not so easy for me.
Android has some basic Linux commands support, but I don't think it has Busybox (if you have a custom ROM you may have some additional commands, but since you said unrooted I don't think it was installed.
This is one of the most popular installers for Busybox: https://play.google.com/store/apps/details?id=stericson.busybox
I've used it since I first rooted with Android 2.2 and haven't had any issues with it (save for lack of vim, since stock Android doesn't have the correct libraries for it)
rooting my htc m9 running marshmallow
Hi, I'm totally blind, and twrp isn't an option for me since it doesn't have a built in screen reader. I would like to install supersu to system, would some one kindly help me in telling me what files to put where. I think the m9 is arm64, but besides su and supersu.apk, I think there's installrecovery.ssh and some other files that have to go in, so please help some one
xfullmetal17 said:
Android has some basic Linux commands support, but I don't think it has Busybox (if you have a custom ROM you may have some additional commands, but since you said unrooted I don't think it was installed.
This is one of the most popular installers for Busybox: https://play.google.com/store/apps/details?id=stericson.busybox
I've used it since I first rooted with Android 2.2 and haven't had any issues with it (save for lack of vim, since stock Android doesn't have the correct libraries for it)
Click to expand...
Click to collapse
Hi guys ,
it is possible to run manualy via adb shell update-binary file from META-INF supersu folder for install it ? (means before unpacked folder supersu is copied to ex. /tmp)
I'm asking bcose no custom recovery and no root on my device yet.
Thx
nalas said:
Hi guys ,
it is possible to run manualy via adb shell update-binary file from META-INF supersu folder for install it ? (means before unpacked folder supersu is copied to ex. /tmp)
I'm asking bcose no custom recovery and no root on my device yet.
Thx
Click to expand...
Click to collapse
I have same saturation, no TWRP, no SU installed on my device: [email protected]_cn:/ #, Android M,
What I have is a userdebug boot.img support "adb root", so my draft commands in my mind please run one by one, not batch.. WARNING, this may make your system bootloop,take your own risk!!!.)
fastboot flash boot boot_userdebug.img
fastboot reboot
adb wait-for-device
adb root
adb remount
adb disable-verity
adb shell setenforce 0
adb reboot
cd D:\tools\Downloads\SR3-SuperSU-v2.82-SR3-20170813133244\arm64
adb wait-for-device
adb root
adb remount
adb shell setenforce 0
adb push .\su /system/bin/su
adb push .\su /system/xbin/su
adb shell chmod 06755 /system/bin/su
adb shell chmod 06755 /system/xbin/su
adb shell /system/bin/su --install
adb shell /system/bin/su --daemon&
adb install ..\common\Superuser.apk
adb shell setenforce 0
adb disable-verity
if you found SuperSU not found root, try adb shell setenforce 0 again.
then you can get SuperSU found su file need to update, use normal way to do it.
then, it will be "Installation success !"
Enjoy it.
so reference log:
D:\tools\Downloads\SR3-SuperSU-v2.82-SR3-20170813133244\arm64>adb push su /system/bin/su
adb: error: failed to copy 'su' to '/system/bin/su': Read-only file system
D:\tools\Downloads\SR3-SuperSU-v2.82-SR3-20170813133244\arm64>adb root
D:\tools\Downloads\SR3-SuperSU-v2.82-SR3-20170813133244\arm64>adb push su /system/bin/su
adb: error: failed to copy 'su' to '/system/bin/su': Read-only file system
D:\tools\Downloads\SR3-SuperSU-v2.82-SR3-20170813133244\arm64>adb remount
remount succeeded
D:\tools\Downloads\SR3-SuperSU-v2.82-SR3-20170813133244\arm64>adb push su /system/bin/su
[100%] /system/bin/su
D:\tools\Downloads\SR3-SuperSU-v2.82-SR3-20170813133244\arm64>adb push su /system/xbin/su
adb: error: failed to copy 'su' to '/system/xbin/su': Read-only file system
D:\tools\Downloads\SR3-SuperSU-v2.82-SR3-20170813133244\arm64>adb shell
[email protected]_cn:/ # su
[email protected]_cn:/ # cd /system/bin
[email protected]_cn:/system/bin # chmod 06755 su
chmod: chmod 'su' to 106755: Read-only file system
1|[email protected]_cn:/system/bin # ls su
su
[email protected]_cn:/system/bin # ls -al su
-rwxr-xr-x root shell 108496 2008-02-29 03:33 su
[email protected]_cn:/system/bin # su --intall
[email protected]_cn:/system/bin # su --daemon&
[1] 6146
[email protected]_cn:/system/bin # getenforce
Enforcing
[1] + Done su --daemon
[email protected]_cn:/system/bin # setenforce 0
[email protected]_cn:/system/bin # getenforce
Permissive
[email protected]_cn:/system/bin # exit
[email protected]_cn:/system/bin # exit
[email protected]_cn:/ # exit
/system/bin/su
exit
^C
Azlun said:
I have same saturation, no TWRP, no SU installed on my device: [email protected]_cn:/ #, Android M,
What I have is a userdebug boot.img support "adb root", so my draft commands in my mind please run one by one, not batch.. WARNING, this may make your system bootloop,take your own risk!!!.)
fastboot flash boot boot_userdebug.img
fastboot reboot
adb wait-for-device
adb root
adb remount
adb disable-verity
adb shell setenforce 0
adb reboot
cd D:\tools\Downloads\SR3-SuperSU-v2.82-SR3-20170813133244\arm64
adb wait-for-device
adb root
adb remount
adb shell setenforce 0
adb push .\su /system/bin/su
adb push .\su /system/xbin/su
adb shell chmod 06755 /system/bin/su
adb shell chmod 06755 /system/xbin/su
adb shell /system/bin/su --install
adb shell /system/bin/su --daemon&
adb install ..\common\Superuser.apk
adb shell setenforce 0
adb disable-verity
if you found SuperSU not found root, try adb shell setenforce 0 again.
then you can get SuperSU found su file need to update, use normal way to do it.
then, it will be "Installation success !"
Enjoy it.
so reference log:
D:\tools\Downloads\SR3-SuperSU-v2.82-SR3-20170813133244\arm64>adb push su /system/bin/su
adb: error: failed to copy 'su' to '/system/bin/su': Read-only file system
D:\tools\Downloads\SR3-SuperSU-v2.82-SR3-20170813133244\arm64>adb root
D:\tools\Downloads\SR3-SuperSU-v2.82-SR3-20170813133244\arm64>adb push su /system/bin/su
adb: error: failed to copy 'su' to '/system/bin/su': Read-only file system
D:\tools\Downloads\SR3-SuperSU-v2.82-SR3-20170813133244\arm64>adb remount
remount succeeded
D:\tools\Downloads\SR3-SuperSU-v2.82-SR3-20170813133244\arm64>adb push su /system/bin/su
[100%] /system/bin/su
D:\tools\Downloads\SR3-SuperSU-v2.82-SR3-20170813133244\arm64>adb push su /system/xbin/su
adb: error: failed to copy 'su' to '/system/xbin/su': Read-only file system
D:\tools\Downloads\SR3-SuperSU-v2.82-SR3-20170813133244\arm64>adb shell
[email protected]_cn:/ # su
[email protected]_cn:/ # cd /system/bin
[email protected]_cn:/system/bin # chmod 06755 su
chmod: chmod 'su' to 106755: Read-only file system
1|[email protected]_cn:/system/bin # ls su
su
[email protected]_cn:/system/bin # ls -al su
-rwxr-xr-x root shell 108496 2008-02-29 03:33 su
[email protected]_cn:/system/bin # su --intall
[email protected]_cn:/system/bin # su --daemon&
[1] 6146
[email protected]_cn:/system/bin # getenforce
Enforcing
[1] + Done su --daemon
[email protected]_cn:/system/bin # setenforce 0
[email protected]_cn:/system/bin # getenforce
Permissive
[email protected]_cn:/system/bin # exit
[email protected]_cn:/system/bin # exit
[email protected]_cn:/ # exit
/system/bin/su
exit
^C
Click to expand...
Click to collapse
Thank You - I will check and give feedback
Can I somehow just copy su and supersu files to phone (stock ROM) with full root shell to get root? Unfortunately bootloader is locked and only root shell is available.
user4978023 said:
Can I somehow just copy su and supersu files to phone (stock ROM) with full root shell to get root? Unfortunately bootloader is locked and only root shell is available.
Click to expand...
Click to collapse
Of course not. If it were that easy rooting would be a non-issue for devices with a locked bootloader.
towenyu said:
Successfully rooted!
Not that simple, but basically follow the update-binary script already inside supersu package.
Only need to made slight modification due to my system won't support "unzip"
Click to expand...
Click to collapse
Can you give more details ?
I'm in a similar situation (/system/bin/su and /system/xbin/su "updated" from Supersu zip , root access from adb shell , rom built as userdebug) but I'm unable to launch the update-binary through adb to get the TV fully rooted..
Has anybody worked out how to create a Genymotion Xposed testing device?
What I've already achieved:
- Grant Root access to Xposed
- Flash ARM zip
The problem is: Genymotion runs on x86, not ARM. So flashing the ARM zip just breaks the VM.
But flashing the x86 zip just gives the Error "Failed to flash file".
(Yes, I'm using Genyflash)
I also tried it with and without arm translation, no changes.
I simply have no idea what else I could try. Is it currently possible at all?
LM13 said:
Has anybody worked out how to create a Genymotion Xposed testing device?
What I've already achieved:
- Grant Root access to Xposed
- Flash ARM zip
The problem is: Genymotion runs on x86, not ARM. So flashing the ARM zip just breaks the VM.
But flashing the x86 zip just gives the Error "Failed to flash file".
(Yes, I'm using Genyflash)
I also tried it with and without arm translation, no changes.
I simply have no idea what else I could try. Is it currently possible at all?
Click to expand...
Click to collapse
I found that the flash-script.sh inside the xposed-v78-sdk23-x86.zip file is somehow not successfully executed by Genymotion. I've manually patched it.
getting root on Marshmallow
Hi,
How did You get root on Marshmallow?
Sergiusz
sbrzezin said:
Hi,
How did You get root on Marshmallow?
Sergiusz
Click to expand...
Click to collapse
Yes, the latest Genymotion version already come with rooted MM image
itandy said:
Yes, the latest Genymotion version already come with rooted MM image
Click to expand...
Click to collapse
I installed Custom Phone and Google Nexus 7 and none of them has root. Should I do any special setup or did I install wrong device? I use Genymotion 2.6.0 free version.
Sergiusz
sbrzezin said:
I installed Custom Phone and Google Nexus 7 and none of them has root. Should I do any special setup or did I install wrong device? I use Genymotion 2.6.0 free version.
Sergiusz
Click to expand...
Click to collapse
The ROM should be rooted already. su command is available and when you use ADB, it's already a rooted shell.
itandy said:
The ROM should be rooted already. su command is available and when you use ADB, it's already a rooted shell.
Click to expand...
Click to collapse
I got answer from Genymotion team:
"I just got an update from the Dev Team : it appears that in 6.0 the SuperUser Android App hasn't been yet implemented.
This feature will be implemented in the future, and I have linked your request to the task.
When it will be completed and released, you will be automatically notified."
Sergiusz
sbrzezin said:
I got answer from Genymotion team:
"I just got an update from the Dev Team : it appears that in 6.0 the SuperUser Android App hasn't been yet implemented.
This feature will be implemented in the future, and I have linked your request to the task.
When it will be completed and released, you will be automatically notified."
Sergiusz
Click to expand...
Click to collapse
So I managed to make some progress on this. I got the latest v84 xposed working in the newest Genymotion 2.6.0 with a Nexus 5X image by doing the following:
Code:
git clone https://github.com/rovo89/GenyFlash
cd GenyFlash && ./install.sh
adb push xposed-v84-sdk23-x86.zip /sdcard
adb shell flash-archive.sh /sdcard/xposed-v84-sdk23-x86.zip
Reboot Genymotion VM and then drag XposedInstaller_3.0_alpha4.apk to Genymotion vm...profit!
As stated above, the Genymotion images are rooted but a lot of root apps ask for permission and the prompt to grant/deny root wasn't working for me rendering the apps limited in use. I downloaded the newest SuperSU BETA, at the time of this post, BETA-SuperSU-v2.71-20160331103524. I extracted it and then issues the following commands from terminal:
Code:
adb shell mount -o remount,rw /system
adb install common/Superuser.apk
adb push x86/su /system/bin/su
adb shell chmod 0755 /system/bin/su
adb push x86/su /system/xbin/su
adb shell chmod 0755 /system/xbin/su
adb shell su --install
adb shell "su --daemon&"
adb shell setenforce 0
adb shell mount -o remount,ro /system
The problem was issuing the "su" commands resulted in: "error: only position independent executables (PIE) are supported." Countless time spent google searching didn't turn up any leads, but then I happened to notice in the x86/su directory a file called su.pie...pie = position independent executable derp. So I reran the following:
Code:
adb shell mount -o remount,rw /system
adb push x86/su.pie /system/bin/su
adb shell chmod 0755 /system/bin/su
adb push x86/su.pie /system/xbin/su
adb shell chmod 0755 /system/xbin/su
adb shell su --install
adb shell "su --daemon&"
adb shell setenforce 0
adb shell mount -o remount,ro /system
Rebooted my Genymotion vm and BAM root access prompts!!!!! Hope this helps others and good luck.
Worked for me
123SIT said:
So I managed to make some progress on this. I got the latest v84 xposed working in the newest Genymotion 2.6.0 with a Nexus 5X image by doing the following:
Code:
git clone https://github.com/rovo89/GenyFlash
cd GenyFlash && ./install.sh
adb push xposed-v84-sdk23-x86.zip /sdcard
adb shell flash-archive.sh /sdcard/xposed-v84-sdk23-x86.zip
Reboot Genymotion VM and then drag XposedInstaller_3.0_alpha4.apk to Genymotion vm...profit!
As stated above, the Genymotion images are rooted but a lot of root apps ask for permission and the prompt to grant/deny root wasn't working for me rendering the apps limited in use. I downloaded the newest SuperSU BETA, at the time of this post, BETA-SuperSU-v2.71-20160331103524. I extracted it and then issues the following commands from terminal:
Code:
adb shell mount -o remount,rw /system
adb install common/Superuser.apk
adb push x86/su /system/bin/su
adb shell chmod 0755 /system/bin/su
adb push x86/su /system/xbin/su
adb shell chmod 0755 /system/xbin/su
adb shell su --install
adb shell "su --daemon&"
adb shell setenforce 0
adb shell mount -o remount,ro /system
The problem was issuing the "su" commands resulted in: "error: only position independent executables (PIE) are supported." Countless time spent google searching didn't turn up any leads, but then I happened to notice in the x86/su directory a file called su.pie...pie = position independent executable derp. So I reran the following:
Code:
adb shell mount -o remount,rw /system
adb push x86/su.pie /system/bin/su
adb shell chmod 0755 /system/bin/su
adb push x86/su.pie /system/xbin/su
adb shell chmod 0755 /system/xbin/su
adb shell su --install
adb shell "su --daemon&"
adb shell setenforce 0
adb shell mount -o remount,ro /system
Rebooted my Genymotion vm and BAM root access prompts!!!!! Hope this helps others and good luck.
Click to expand...
Click to collapse
Worked for me on the Google Nexus 9 API 23
gamerkcw123 said:
Worked for me on the Google Nexus 9 API 23
Click to expand...
Click to collapse
Hell yeah! I was beginning to think I was the only one who wanted this...and then there were two lol
123SIT said:
Hell yeah! I was beginning to think I was the only one who wanted this...and then there were two lol
Click to expand...
Click to collapse
the Supersu.apk still won't update the su binary. Do you know of a way to get that to work? If not I don't care I have supersu granting root. LOL
gamerkcw123 said:
the Supersu.apk still won't update the su binary. Do you know of a way to get that to work? If not I don't care I have supersu granting root. LOL
Click to expand...
Click to collapse
If I remember correctly I have that same issue but if you use the newest supersu zip you should be able to update it manually via the provided steps.
I think GenyFlash shouldn't be needed anymore... just drag and drop the x86 zip and the installer APK on the Genymotion window and reboot. The only thing that isn't working are the reboot buttons in the installer.
123SIT said:
If I remember correctly I have that same issue but if you use the newest supersu zip you should be able to update it manually via the provided steps.
Click to expand...
Click to collapse
I got it to work. This is what I did. I fallowed your steps to get SuperSU working, and granting
apps permission. Then I removed the APK and installed the APK from the 2.46 update. Then I updated SuperSU.apk from the play store. Success the binary updated successfully.
Step 1: fallowed your steps with the Bata.
Step 2: once I confirmed superSU is working, I remove the APK.
Step 3: I use the SuperSU APK in the 2.46 update.
Step 4: I use adb to push the APK in the 2.46 update to /system/app, and chmod it to 755.
Step 5: I reboot and go to the play store and update SuperSU.
Success!!!!!!!
this was again on the Genymotion Google Nexus 9 6.0 API.
rovo89 said:
I think GenyFlash shouldn't be needed anymore... just drag and drop the x86 zip and the installer APK on the Genymotion window and reboot. The only thing that isn't working are the reboot buttons in the installer.
Click to expand...
Click to collapse
You know, I don't think I ever actually tried it without. May have saved me some time lol
123SIT said:
So I managed to make some progress on this. I got the latest v84 xposed working in the newest Genymotion 2.6.0 with a Nexus 5X image by doing the following:
Code:
git clone https://github.com/rovo89/GenyFlash
cd GenyFlash && ./install.sh
adb push xposed-v84-sdk23-x86.zip /sdcard
adb shell flash-archive.sh /sdcard/xposed-v84-sdk23-x86.zip
Reboot Genymotion VM and then drag XposedInstaller_3.0_alpha4.apk to Genymotion vm...profit!
As stated above, the Genymotion images are rooted but a lot of root apps ask for permission and the prompt to grant/deny root wasn't working for me rendering the apps limited in use. I downloaded the newest SuperSU BETA, at the time of this post, BETA-SuperSU-v2.71-20160331103524. I extracted it and then issues the following commands from terminal:
Code:
adb shell mount -o remount,rw /system
adb install common/Superuser.apk
adb push x86/su /system/bin/su
adb shell chmod 0755 /system/bin/su
adb push x86/su /system/xbin/su
adb shell chmod 0755 /system/xbin/su
adb shell su --install
adb shell "su --daemon&"
adb shell setenforce 0
adb shell mount -o remount,ro /system
The problem was issuing the "su" commands resulted in: "error: only position independent executables (PIE) are supported." Countless time spent google searching didn't turn up any leads, but then I happened to notice in the x86/su directory a file called su.pie...pie = position independent executable derp. So I reran the following:
Code:
adb shell mount -o remount,rw /system
adb push x86/su.pie /system/bin/su
adb shell chmod 0755 /system/bin/su
adb push x86/su.pie /system/xbin/su
adb shell chmod 0755 /system/xbin/su
adb shell su --install
adb shell "su --daemon&"
adb shell setenforce 0
adb shell mount -o remount,ro /system
Rebooted my Genymotion vm and BAM root access prompts!!!!! Hope this helps others and good luck.
Click to expand...
Click to collapse
It's worked on Galaxy S6 6.0.0 API23, Genymotion 2.7.2! Thanks you so much!