Database Develop

How to ROOT Samsung Galaxy Tab Active 2 T395 - SOLVED !

First up - Let me say that the complete credit to the method goes to two members here as in the thread https://forum.xda-developers.com/galaxy-tab/help/galaxy-tab-active-2-forum-question-t3712591
BUT BUT BUT what the two experts have missed out is on explaining a clear step by step guide for a complete noob like me . So this is an attempt to explain every step. My tab had root in less than 10 mins .
why i needed the root ?
16gb is not enough for the tab so i wanted to apps and data to be moved to the sd card .
Here are the steps
On the Pc
1. Download the stock firmware (must be the same as in your tab) from samfirmware or any other source.
2. Extract the firmware and the extract archive called AP... . Once extracted you will have a boot.img file in it.
On the TAB
3. Activate developer options by clicking the software version 5 times.
4. In the developer options check OEM unlock and USB debugging
5. Download Magisk Manager v16 from xda and install on the TAB.
Connect the tab to the pc
6. Copy the boot.img file from pc to the tab.
7. Run Magisk Manager and in settings choose the output format as odin compatible tar,
8. Click the INSTALL button in the MAGISK manager and choose 'patch boot image file'
9. After a few minutes a dark screen will appear will read all ok boot image patched...now copy that patched_boot.img.tar file from the tab to the PC and rename it as boot.img.tar
On the Tab
10. Recheck under developer options if check OEM UNLOCK and USB DEBUGG
11. DELETE the GOOGLE account (crucial)
12. Switch of the tab
13. Go to download mode by holding vol down, menu and power together , once asked press vol up to go to the download mode.
14. Connect tab to PC.
On the PC
15. Download ODIN and once downloaded right click and run as administrator.
16. Choose AP and select the previously patched boot.img.tar file.
17. Click START
On the TAB
18. It will run the download and restart , restart will say "VERIFICATION FAILED and aask to RESET and erase .
19. CLICK RESET
20. wait for reset saying ERASING and let the tab restart.
NOW the next step is the most crucial one and it is where i got stuck as none of the members who have rooted their device mention it. I did all of the above procedures repeatedly and failed to get root until i realized there was one FINAL CRUCIAL STEP before enjoying the root.
LAST STEP
ON THE TAB
After the TAB restarts , fill in the initial details (google , samsung account, wifi etc) and before you do anything else INSTALL THE MAGISK MANAGER V16 app you downloaded from XDA .......thats it ....you have root access now . ENJOY!

How did you install Magisk?
When I open Magisk Manager v5.6.4, I get a "Magisk is not installed" and I only have the settings option.
No "install" options.
I have the same tablet. don't know of any twrp that can work with it, therefore leaving me with Magisk Manager only.
Id' be glad to get some help
Thanks,
SOLVED: You must have a functioning network interface in order for the "install" button to appear and you need internet connection to "install the v16 zip".
Magisk is OpenSource though, right? so probably it can be changed to allow offline installation as well.

Rooteed
Well Crap...I just got my Nice, New, Sparkleing Tab Active2 and cant root it yet. I have the New US version SM-T397U Unlocked model. cant find a Stock firmware on Sammobile as of yet...any ideas?
EDIT: Neeeevermind... I did a lil hacking and cracking (for about 26min, lol) to find the files I needed for the SM-T397U. If anyone is looking for em let me know and I'll shoot em' your way. Guessing I'm the first person to root a T397U, hope more will follow. I havent even had this thing 6 hours yet. Thanks for the write up and all those that contributed to the tools and info!

I followed every steps till the end and everything went smoothly. But once I rebooted the tablet, I got the red label on the top left corner: "custom binary blocked by OEM lock". The tablet won't boot properly anymore "OEM unlock" was enabled in the Developers options, I double checked to be sure before flashing.
Edit:
Actually, the "custom binary blocked by OEM lock" appears as soon as I modify the system partition (I wanted to modify the Generic.kl in the keylayout folder on the system partition). If you do not touch anything, everything is fine.

[X-POST from here ]
Worked perfectly, Thank you very much!
WARNING: THIS WILL WIPE EVERYTHING ON YOUR TABLET.
Backup all of your important files before you flash the patched boot.img using odin.
I tried to backup my app data using samsung switch and it worked, but didn't restore most of my device settings and all of my app data.
(Good thing I kept backups for my important apps that had in app backup functionality - like Nova launcher and Squid)
Keep in mind that you probably won't be able to get OTA updates after you perform these steps, it doesn't matter though since this tablet isn't going to be updated that frequently (The 8.0 update is going to come at the end of 2018, source)

Hello.
I tried this but when i using the magisk manager i have an error meassage and the following log:
- Copying image to cache
- Device platform: armeabi-v7a
- Existing zip found
1038+1 records in
1038+1 records out
1063528 bytes transferred in 0.022 secs (48342181 bytes/sec)
- Unpacking boot image
MagiskBoot v18.1(18100) (by topjohnwu)
- Boot Image Modification Tool
mmap failed with 12: Out of memory
! Unable to unpack boot image
! Installation failed
Can you help what i did wrong?
Thank you

oem unlock does not appear
SOLUTION FOUND
how do you oem unlock
I have wasted hours on this, waited weeks, tried the date trick with a legit setup, but the oem unlock never appears, running oldest version of firmware 7.1.1 feb 2018, what gives?
Tried reinstalling firmware via odin, successful flash but no factory reset. Suspect this made no difference. Got the security fail on PIT error, needed a new version of odin and selecting individual AP etc. files fixed this.
apparently you need a samsung or google account
So trying a samsung account... no dice
Now trying adding a sim card as well... success
OK after months of waiting and trying things, this just worked!
Update- I lost the date trick, have to wait 7 days after step 7 on auto date, just appears in developer options no need to press manual update.
https://forum.xda-developers.com/galaxy-s8+/how-to/guide-how-to-skip-rmm-prenormal-install-t3749468
- try downloading UK rom which was released before december '17 (october)
See if it lets the below process work again?
0/ install sim card (was not even the original carrier one in my case although my phone is not carrier locked)
1/ factory reset
2/ on reboot skip all accounts, do not enter a name do not turn on wifi, accept minimal amounts of things
3/ set date to 1/4/19 - turn off automatic date
4/ turn off automatic software updates
5/ enable developer options and turn off auto update system
6/ turn on wifi (date changes)
6b/ change date back
7/ Install samsung account (I went to samsung cloud) (date not changed but software update now triggered despite not touching manual update)
8/ (for interest look at manually check for software updates - it already says 1/4/19 last checked)
9/ reboot
10/ (date is now changed back to today again without my permission)
11/ (it pops up asking to install an update, despite auto updates turned off. - LATER)
12/ (last checked software date is now today (because I left wifi on I think through a reboot) this is 4/5/19 over 1 month later)
13/ go to developer options for the 27868745# time
OEM UNLOCK APPEARED HOLY ****
It is between Bluetooth HCI snoop log and Running services on the dev page, top of the developer options
Since the RMM prenormal thing triggered I had to do this again, so the above instructions do work.
If you stuff up the date just factory reset and start again. Reflash not required
I used a brand new throwaway samsung account for this but thats possibly up to you.

RMM state prenormal
OK now that I've jumped through hoops, installed TWRP
I go to reboot and it's locked recovery again - repeat above OEM unlock reappearing act steps fixes RMM=prenormal. Now it's official again.
Apparently you need to install an RMM patch as well which is not mentioned in this thread.
https://forum.xda-developers.com/showpost.php?p=75360965&postcount=22
So, odin -> ap -> TWRP download
quickly press power-up-home when it resets!!!
recovery is not seandroid enforcing appears and TWRP starts.
1. back up all partitions to microsd!
2. install
a TWRP -> magisk
b TWRP -> RMM disabler - this writes to /system defeating the purpose of magisk???
wipe cache/dalvik reboot
on boot:
"Verification failed"
"Unable to restart your device the integrity verification has failed.... erase all your data"
Well recovery boots this time not an RMM error thats nice... oh it runs a few commands and automatically restarts again.
"Verification failed..."
I guess that is a boot loop then, thanks TWRP for not stopping at a menu ffs.
Reflash TWRP with odin, now it halts at TWRP menu.
https://forum.xda-developers.com/ga...t/how-to-recover-verification-failed-t3775722
Apparently I should put in download mode and cancel - Result = fail & TWRP bootloop -> reinstall TWRP
unmountable /data partition - yep thats me - could try format to exfat - ext4 - Result = Verification failed ffs
---------- Post added at 01:52 PM ---------- Previous post was at 01:00 PM ----------
Take 3
"Looks like you didnt flash encryption breaker." no-verity-no-encrypt_ashyx.zip or no-verity-opt-encrypt-6.0 zip well duh of course but which one for t395
https://www.androidinfotech.com/no-verity-opt-encrypt-versions/
seems a few up to 6.0
BTW if you don't press reset and instead try and reboot into recovery you don't have to reflash TWRP
Verification FAIL.
https://forum.xda-developers.com/galaxy-note-8/how-to/guide-how-to-root-device-encryption-t3742493
Take 4 - try reinstating boot.img with no mods.
Try flashing stock AP -> twrp -> DMM fix -> magisk in quick succession & booting tablet
Verification Failed! Reset
Goes to recovery - less errors on TWRP (no mount errors like before) but verification failed again.
Because TWRP is installed I don't get the erasing screen as described by OP....? TWRP does something very quickly I think it says formatting cache, it is doing a standard factory reset. Trying manual factory reset with TWRP does not work.
So I think I need TWRP to prevent DMM tripping and install magisk but I need stock recovery to avoid the verification failing constantly.
Or a new version of TWRP that supports encryption? 3230+ I have 3230...?
Try Stock RO system - twrp - dm verity - magisk
Verification failed. Reset - no dmm error thats nice. TWRP did some extra stuff.
Verification failed again.
#&%^&^#%$#[email protected]#%[email protected]#%#$%
Option 556
Install dmverity patch using stock recovery.
Gives error can't find /misc partition - pretty sure these are TWRP zips only.
Magisk website says install TWRP so I can't see how to avoid TWRP and this annoying verification fail. Maybe try an older version of magisk???
Verification bootloop FIX:?
I tried booting stock, it says something like data corrupt on start, looks the same as the verification failed but with the different message. I let it erase/factory reset with stock recovery.
DMM preload did not trigger on this!
As soon as it succeeded I installed TWRP in case DMM triggers.
Now with fixed data partition (presumably) retry TWRP
1. no verity patch (6.0)
2. magisk
cannot install DMM as it alters system partition...?
No cache wipe.
Lets see what happens...... Black screen but this time
'encryption failed' reset. Press reset.... TWRP does a factory reset
'encryption failed'
LOL now I have an encryption failed bootloop.
Reinstall stock and use stock factory reset again - boot to recovery straight away, wipe data & cache
Now install TWRP (not booted once yet)
Install verity patch 6.0
install magisk 19.1
Boot system for the first time. - got a bootloop? no just taking it's sweet time. Fingers crossed!
Android is starting... WELCOME
HOLY **** IT WORKED
DMM patch not installed and it hasn't tripped DMM yet (the old 7 day wait issue)
SUMMARY:
1/ ensure DMM is official and not preload, OEM unlocked etc with above post steps
2/ flash stock AP - do NOT boot system yet
3/ stock recovery - wipe data and cache
4/ download odin mode - install twrp-3.2.3.0-gtactive2lte-7.1.2.tar
5/ twrp - install no-verity-opt-encrypt-6.0.zip
6/ twrp - install magisk 19.1
7/ Boot system for the first time
So I have not installed RMM patch (system untouched) but I did install the no encryption/dm verity patch.
It actually boots now.... will update if further problems
Interestingly OEM unlock has disappeared, so RMM must be prenormal so it will probably die on reboot. Argh. But everything is restoring OK for now. See what happens...
Magisk app auto installed and passes safetynet. Preserve force enctyption and AVB 2.0/dm-verity unchecked.
Annoyingly despite backing up all my messages to samsung they are not restoring past 20 april. Not the end of the world.
Skype keeps stopping.
Reboot and YES only officially released binaries are allowed to be flashed boot loop.
So lets do this again!
SUMMARY:
1/ ensure DMM is official and not preload, OEM unlocked etc with above post steps
8skip 2/ flash stock AP - do NOT boot system yet
8skip 3/ stock recovery - wipe data and cache
4/ download odin mode - install twrp-3.2.3.0-gtactive2lte-7.1.2.tar
5/ twrp - install no-verity-opt-encrypt-6.0.zip
6/ twrp - install magisk 19.1
7/ Boot system for the second time
Pretty sure I already tried this so it won't work. &^%#@&^$#$#%#$%@##%@
Oh great it has managed to install the update and now the date fix doesn't work. &^#%&^#$#@$%@#$
After waiting 7 days
1/ Use stock recovery factory reset, then immediately hold down-home-power download mode
2/ Odin TWRP, then immediately hold up-home-power to enter TWRP
2a/ TWRP swipe to allow modifications (for RMM patch)
3/ TWRP install RMM patch
4/ TWRP install no verity patch
5/ TWRP install latest Magisk
NB Magisk seems to install itself as an app - its just there.
...Safetynet pass despite RMM editing /system phew

Hello,
With the last version of Magisk, we no longer have the setting to choose the output format as odin compatible tar.
How can we deal with this, please ?
Regards,

Driss35 said:
Hello,
With the last version of Magisk, we no longer have the setting to choose the output format as odin compatible tar.
How can we deal with this, please ?
Regards,
Click to expand...
Click to collapse
You don't have to choose any file type. Magisk scans files automatically.
Also, if your file type is ".lz4", you have to change it to ".img". Unless, you can't continue.
@Drnms thanks for this thread. But, some places have to be updated because of new Magisk versions.

Did App data remain after rooting
Drnms said:
First up - Let me say that the complete credit to the method goes to two members here as in the thread https://forum.xda-developers.com/galaxy-tab/help/galaxy-tab-active-2-forum-question-t3712591
BUT BUT BUT what the two experts have missed out is on explaining a clear step by step guide for a complete noob like me . So this is an attempt to explain every step. My tab had root in less than 10 mins .
why i needed the root ?
16gb is not enough for the tab so i wanted to apps and data to be moved to the sd card .
Here are the steps
On the Pc
1. Download the stock firmware (must be the same as in your tab) from samfirmware or any other source.
2. Extract the firmware and the extract archive called AP... . Once extracted you will have a boot.img file in it.
On the TAB
3. Activate developer options by clicking the software version 5 times.
4. In the developer options check OEM unlock and USB debugging
5. Download Magisk Manager v16 from xda and install on the TAB.
Connect the tab to the pc
6. Copy the boot.img file from pc to the tab.
7. Run Magisk Manager and in settings choose the output format as odin compatible tar,
8. Click the INSTALL button in the MAGISK manager and choose 'patch boot image file'
9. After a few minutes a dark screen will appear will read all ok boot image patched...now copy that patched_boot.img.tar file from the tab to the PC and rename it as boot.img.tar
On the Tab
10. Recheck under developer options if check OEM UNLOCK and USB DEBUGG
11. DELETE the GOOGLE account (crucial)
12. Switch of the tab
13. Go to download mode by holding vol down, menu and power together , once asked press vol up to go to the download mode.
14. Connect tab to PC.
On the PC
15. Download ODIN and once downloaded right click and run as administrator.
16. Choose AP and select the previously patched boot.img.tar file.
17. Click START
On the TAB
18. It will run the download and restart , restart will say "VERIFICATION FAILED and aask to RESET and erase .
19. CLICK RESET
20. wait for reset saying ERASING and let the tab restart.
NOW the next step is the most crucial one and it is where i got stuck as none of the members who have rooted their device mention it. I did all of the above procedures repeatedly and failed to get root until i realized there was one FINAL CRUCIAL STEP before enjoying the root.
LAST STEP
ON THE TAB
After the TAB restarts , fill in the initial details (google , samsung account, wifi etc) and before you do anything else INSTALL THE MAGISK MANAGER V16 app you downloaded from XDA .......thats it ....you have root access now . ENJOY!
Click to expand...
Click to collapse
Hi Dmms,
Please confirm if the data remained (i.e. was not erased) after the rooting?
Thanks in advance.

Hi, in case it is still relevant:
- Tab does a factory reset when booting first time after the boot img is flashed, data on the device is lost. Data on the SD card is not affected
- In my case, flashing boot.img with Odin didn't work. Odin said success, but no root. Heimdall worked fine, tab was rooted at first attempt

Does this guide also work for Android 9 ?
Edit: So it works with Android 9 also but I had to unpack the boot.img with 7zip ZS according to this post https://forum.xda-developers.com/t/samsung-a40-how-to-root.3929496/post-79902328
and re-pack it with normal 7zip according to these steps:
Do you have the boot.img.lz4 file to boot.img unpacked?
You have renamed the magisk_patched.img to boot.img?
You used the normal 7zip to package into a .tar file? Not the 7zZs?
You used the normal Odin 3.14?

Hello, did you manage to remove the "format as internal" lock?

Hi guys,
Trying to root this tablet, when I load the patched magisk file in Odin and perform the download. The tablet restarts and loads like normal but the tablet isn't rooted.
Any ideas?

alguma fortma?

[NOOB’s][DETAILED] [GUIDE] TO Backup/Restore Stock+ Unlock Bootloader + TWRP + ROOT

A/A & Welcome,
READ THE FULL GUIDE OR YOU CAN LAND IN TROUBLE
Ain't gonna work on pie official
AND DO PRESS THE THANKS BUTTON
Disclaimer
* Your warranty is now void.
* I am not responsible for bricked devices, dead SD cards,
thermonuclear war, or anything that happens to your device
INTRO
This is a full guide for unlock/relock, install TWRP, Root your device and backup/restore stock OS. Each and every step is explained thoroughly with pictures and videos.
I have ASUS Zenfone Max Pro M1 (6GB variant) (X00TD) (ZB601KL), so I can’t test for other variants. Please report back issues, corrections, omissions, etc., though the guide should work for all devices.
THINGS TO KNOW (IMPORTANT)
~Every text written in double quotes “” means the same written without the quotes.
e.g.:- “abcd” means abcd
“zxcv” means zxcv
They (“”) help to separate usual text from the other text (like a command, file name, etc.)
~If you have not enabled file name extensions then you will see files without their extension and vice versa
e.g.:- “filename”, “mypicture” in 1st case
“filename.extension”, “mypicture.png” in 2nd case, respectively.
~Boot Partition or Bootloader:-This is the partition that enables the phone to boot. Without this partition, the device will not be able to boot.
~Recovery Partition:-Recovery partition lets you boots the device into a recovery mode to perform recovery tasks.
~TWRP: - stands for TeamWin Recovery Project. It is a custom touch recovery that is GUI based.
~Flashing: - simplest: - installing
~Fastboot Partition: - lets us reflash partitions. (On device)
~Fastboot: - is an executable used to reflash partitions. It comes with the Android SDK. (On PC)
~Rooting: - an Android phone lets owner edit system files. Thus enabling various tweaks and use of apps that require root access.
~Device driver: - determines how PC will communicate with a device.
~Unlocking/Relocking:-With a locked Bootloader, booting into custom things is not allowed is not. Unlocking lets us do so.
~Reboot: - Switching ON AND OFF (in simple terms)
Requirements
MIND, PC, USB Cable, Internet, Fully charged PC (Windows OS), and obviously Asus Zenfone Max Pro M1
The Real Steps From Here
FOLLOWING THIS GUIDE YOU WILL PROBABLY LOSE ALL THE DATA ON YOUR PHONE SO MAKE A BACKUP FIRST (Don’t worry it’s in guide too)
STEP 1. Downloading all the necessary files
a. Here are 2 zip file with everything you will probably need following the guide :-
basic zip
extension zip
. I have tested the procedures using these files only so maybe other versions might not work. A “guide.doc” with the same text as in here (on XDA) is also present. It will be of great help if you don’t have internet connection in PC.
The basic zip file contains minium files needed.
The extension zip file contains the TWRP recovery(then one used in the guide),guide.docx ,and the videos used here too.
Copy the twrp file to unlock folder of extracted folder.
b. Extract the zip file above.
First download the zip file and Copy to PC
Then Right Click on it
Then click “Extract All”
Uncheck “Show extracted files…”
Click on “Extract”
The folder “zip” will be extracted
Done
This “zip” folder will be called extracted folder in the guide video link to extract zip
To download most up to date version of the files go to links present at last
STEP 2. BACKUP
a. Use an apk backup tool to backup app installers
VIDEO TO BACKUP APP INSTALLERS
b. Some APPS like Whatsapp, etc. have backup to drive function use that
VIDEO TO BACKUP WHATSAPP CHATS
c. Backup SMS AND Call Logs
VIDEO TO BACKUP CALL LOGS AND MESSAGES
d. Copy each and every file from you internal storage to PC.
Video to backup each file to pc
DONE
Step 3. UNLOCKING BOOTLOADER(Data will be wiped)
2 options:-
A. Official Method (NOT TESTED): -
In extracted folder go to “unlock” folder then “Official” folder. Install the “UnlockTool_9.1.0.3_180621_fulldpi_signed_ZB601KL.apk” in Asus and follow the steps from there.
B. Unofficial Method (Tested):-
a. Installing Drivers
Connect phone using USB cable to PC
Right click on This Pc
Go to “Manage” > “Device Manager” Or Just search for “Computer Management”/“Device Manager”
A list will appear.
Find your device (best way to do so is by disconnecting/connecting the device and notice the changes accordingly in the list)
Now right click on it>”Update Driver Software”>“Browse my computer for driver software”
Now either enter path of the driver folder or click on browse and navigate to the driver path from there.
Press Next OR
“Let me pick …”>and select the driver
video to install driver
The drivers have been installed
b. Booting into FASTBOOT
Switch Off the Phone
Hold the Volume UP and Power ON Button Simultaneously
Device buttons labbled image
You will see this on your phone
image of FASTBOOT screen
c. Unlocking Bootloader
Now connect phone using USB cable to PC
Look for the “unlock” folder in the extracted folder.
Open it
Find “unlock.cmd” or “unlock” file
(Or “unlock no erase.cmd” to keep data {not tested})
Open it
Done
d. You will see some messages in yellow/brown/white colour on your phone
You will most probably see “encrypting your device”, “warning Bootloader unlocked” messages, let phone do its work and don’t interrupt it, and keep cable connected. Phone might reboot too. The phone will at last boot into stock OS and you will see the device setup screen.
image of the warning message
e. Now if you wanted TO ONLY UNLOCK BOOTLOADER THEN THE JOB IS DONE, long press power button. If you want to root or flash TWRP then continue (Tested method to root requires TWRP flashing or you can try the untested method to root only)
Step4. Installing/Flashing TWRP
TESTED METHOD
a. Connect phone using USB cable to PC
b. Don’t setup your device just now because possibilities are you might lose the data again
c. Boot into fastboot mode
d. Open the “unlock” folder in the extracted folder.
Now Two Different ways to opt for from here:-
i. THE LAZY METHOD (Tested)
a. Open “flash_recovery.bat” or “flash_recovery” in the “unlock” folder of the extracted folder.
b. You can flash the tested or any other recovery using this script.
c. Follow the steps from the script
video of how to use the script
d.Then go to step of Flashing ZIPS of The Manual Method
e. Done
OR
ii. The Manual Method (Tested)
a. Keeping Shift Key pressed, right click {with mouse} in the blank white space of the “unlock” folder’s explorer window.
b. From the menu select “open command window here”
c. A CMD window will be opened
open cmd video
d. Now type “fastboot devices”
e. See if your device is connected. You will see something like this
f. Now type “fastboot flash recovery twrp-3.2.3-0-X00TD-20181024.img”
If you want to flash any other recovery instead of “twrp-3.2.3-0-X00TD-20181024.img” write the file name of your recovery file. Make sure it’s in “unlock folder”. Though this recovery is the only tested one (by me).
g. Now keeping the phone connected to PC, boot into TWRP/Recovery by pressing the Volume Down and Power ON Button Simultaneously.
h. The usual warnings, messages and recovery boot screen will flash:-
warning image
twrp flash screen image
i. It may take some time to load so wait for at least 2 minutes.
j. Now if touch is not working press power button 2 times (on and off the screen)
video showing how to enable touch in twrp
k. If it shows “Swipe to Unlock” do so. If it shows “Swipe to Allow Modifications” then wait and continue reading …
swipe to allow image
swipe to unlock
l. “Swipe to Allow Modifications” means you allow TWRP to modify system. This will make sure TWRP remains in the phone and not just vanish after a reboot but it also means you will have to flash some other files to be able to boot into stock rom back.
m.
2 ways from here:-
i. Now after swiping, Decrypt Screen will appear just press cancel.
decrypt screen image
OR
ii. If you have data on the device then enter pin/password or try default_password.
If you had kept pattern then either go back and change it or try this:-
1 2 3
4 5 6
7 8 9
these no’s correspond to pattern dots.
Say you kept pattern “third row left to right” then the password is 789 .
If all these fail then you will have to lose your data.
n. As we don’t have any precious data in our phone we will (or you are compromising)
Press “Wipe”
Press “Format Data”
TYPE “yes”
Press “tick” or “enter key”
Done
wipe data video
>Flashing ZIPS
o. Now Copy these 2 files
i. “decrypt.zip” or “decrypt”
ii. “Disable_Dm-Verity_ForceEncrypt_12.16.2018.zip” or “Disable_Dm-Verity_ForceEncrypt_12.16.2018”
From extracted folder to your phones internal storage.
p. Go to Install>select the zip>swipe to flash (flash dm_verity… then decrypt…)
If you don’t see your device storage connected then try reconnecting using USB cable and also check if MTP is enabled.
enable mtp video
>Done
Want to root? Then continue…
or >
Now reboot to system Go to Reboot>System
video to show how to rebbot to system in twrp
Step 5. Rooting
We will be using Magisk to root you can use any other method but this is the only tested method.
a. Copy “Magisk-v18.0.zip” or “Magisk-v18.0” to your phones internal storage from extracted folder.
b. Go to Install>select Magisk…>swipe to flash
Done
c. Now reboot to system Go to Reboot>System
reboot video
e. To use Magisk properly you may need to download latest apk. (Link at last)
Step 6. Relock (NOT TESTED)
a. Connect phone using USB cable to PC
b. Boot into fastboot mode
c. Open “Relock” folder from extracted folder
d. Open “relock.cmd” or “relock” file
Done
Step 7. RESTORING
a. First setup the Device again
b. Copy each and every file back to the phone storage
c. Now to restore messages see the restoring part of this video here
d. WhatsApp messages will be automatically restored after you install the app with same number as before.
Tips
After rooting don’t just go on and flash a custom rom. Take a backup first (of all partitions) using TWRP and keep it safe somewhere so you won’t need to find unbrick tutorials later. Plus you will have your most stable and tailored rom with you.
Also don’t just go on and flash xyz mod. Research and then Flash.
Magisk is our best friend. It lets you do modifications without hurting the system. The Magisk modules are most safe mods as they can be reverted back easily.
And don’t just go on and debloat stock OS. In Magisk there is a module called Debloater use that. You can easily revert back if anything goes wrong.
Other good Magisk modules: - Energized, Systemizer, MidnightCore & Advanced Charging Controller (acc) but do read their XDA guides first.
Sources/Credits:-
Dm_Verity.zip Official XDA:-
link
Original unlocking XDA:-
link
Magisk XDA:-
link
Original Decrypt Data XDA:-
link
TWRP Used XDA:-
link
Credits to the authors of the above guides
Plus sorry for bad editing of videos. I am facing some problems. Will try to post better videos.
I thank all the members who have made the previous guides for their hard work. This guide by no means disrespects their hard work. This guide is just an Addition instead of an Alternative.
Read the full guide
Press the thanks button

Re edited the guide.
Added link of apps used in YouTube videos.

Not working for pie official

Deleted cruddy comments. Good job.

Good initiative but not so good noob guide. Please format it for better organization and better understanding.

malikmiran19 said:
2. BACKUP
>Use an apk backup tool to backup app installers
howto video
Click to expand...
Click to collapse
Appreciate the effort . I have a suggestion. It would be helpful to put the name or link of the app that you used to back up apks.(some apk extractor lite ig). I'll provide the one I found anyway. https://www.apkmirror.com/apk/ankit.../apk-extractor-lite-2-8-android-apk-download/

camaroamarelo said:
Good initiative but not so good noob guide. Please format it for better organization and better understanding.
Click to expand...
Click to collapse
Did so

GliderZ said:
Appreciate the effort . I have a suggestion. It would be helpful to put the name or link of the app that you used to back up apks.(some apk extractor lite ig). I'll provide the one I found anyway. https://www.apkmirror.com/apk/ankit.../apk-extractor-lite-2-8-android-apk-download/
Click to expand...
Click to collapse
Added apk links in YouTube videos

Anyone tried unlocking without erasing data?

TheDarkKnight said:
Anyone tried unlocking without erasing data?
Click to expand...
Click to collapse
nyimak

fuzuy said:
nyimak
Click to expand...
Click to collapse
What?

TheDarkKnight said:
What?
Click to expand...
Click to collapse
it means im interested in your question and im following it

I want to unlock bootloader, flash TWRP and flash a custom ROM (Cerberus OS).
I have rooted and flashed TWRP before in my previous device but I'm not familiar with unlocking and Custom ROM.
Do I have to follow all hese steps for what I want to do or I must skip decrypt/encrypt and Magisk?

dharsouparno1 said:
I want to unlock bootloader, flash TWRP and Custom ROM.
Click to expand...
Click to collapse
U can flash twrp then flash ROM and probably flash magisk for root tooo

malikmiran19 said:
U can flash twrp then flash ROM and probably flash magisk for root tooo
Click to expand...
Click to collapse
Thanks for the help.
I'm running into some problems while installing the driver software on my Windows 10 laptop. It shows Error 10 this device cannot start.
I tried to uninstall and reinstall the drivers, rebooted my pc on every step, tried to install while connected to my phone, but nothing seems to work.
I've installed the Pie Beta for Asus Zenfone Max Pro M1 (not sure if this is causing it)
Is there a solution to this problem?

I am currently on Beta Pie...will these methods work for bootloader unlocking and TWRP, custom rom flash ???? I just wanna use PE/Havoc OS rom...no other tweaks or root

thanks its working

I updated to pie beta and I think this guide is not working for that, because when flashing twrp. I'm getting 'request download size is more than allowed size' and I tried every way possible to solve it. But no luck Hope you can help me with it, or maybe it'll work after stable version?
---------- Post added at 04:15 AM ---------- Previous post was at 04:11 AM ----------
utsavdey said:
I am currently on Beta Pie...will these methods work for bootloader unlocking and TWRP, custom rom flash ???? I just wanna use PE/Havoc OS rom...no other tweaks or root
Click to expand...
Click to collapse
It's not working for me. I also updated to pie beta few days back.

Is this method working on pie stable build

Anyone tried this method on the stable pie build 056?

SM-T295 - Finally rooted tablet!! (updated 19-March-2021)

I have root on my SM-T295 A8 tablet!!
See my new post: How to Install TWRP and Root T295
Update 19 March 2021
Tested on T295XXU3BUC3 ROM
Prerequisites:
Bootloader unlocked - search forums.xda-developers for instructions how to do this.
OEM unlock on. In Settings/developer options, OEM Unlock slider should be to the right.
I see people still trying to patch files to get root.
If you flash the TWRP posted by @Talich52, with reboot unchecked you can install Magisk from TWRP.
1. If prerequisites met: install Android 9 bootloader through ODIN
2. Reboot to system
3. Go into download mode.
4. Open ODIN and in the AP slot put TWRP (see attachment below)
5. Uncheck auto reboot
6. Flash TWRP
7. Press vol dn + pwr keys.
8: When screen goes blank, press vol up + pwr keys.
9. Keep holding down both keys after reboot.
10. Tablet will reboot again.
11. When Samsung logo appears stop pressing pwr key.
12. When bootloader msg appears, release vol up key, quickly press & release pwr key, and quickly press vol up key until in TWRP.
13. You will then format (NOT WIPE) data. Answer yes to the format prompt
14. Clear dalvik/cache if prompted
15. Install Fix_vendor_9.0.zip or Fix_vendor_10.0.zip. See attached files.
16. Clear dalvik and cache.
17. Reboot back into recovery.
18. Install magisk - see attached
19. Reboot into system. May reboot again - that's okay
20. Enjoy!!
Updated (23 March 2020) my Tab A with XXS3ATB2 and got it rooted!!
Attached AP.tar file is for XXU2ASL3 only.
T295-Magisk-AP.tar
Okay, after multiple failed attempts, I read about a method to root my T295. It did not work!! But, I decided to just use Magisk Manager on the boot.img file only. The resultant file would not flash - it will fail. The original boot.img & recovery.img files are 65,536K bytes each. I had to take the Magisk modified boot.img and overlay it onto the original boot.ing file. I did the same for the recovery.img. Then the files would flash successfully. The first thing after booting was to check Magisk Manager. It showed I have Magisk 20.3 installed. So, I tested this with Root Explorer. I did have root!!
If you are going to try this, you need to unlock your boot loader, I think. I have not tried this with a locked bootloader.
Basic instructions
PLEASE READ ALL OF THIS BEFORE STARTING!! VERY IMPORTANT!!
Here are the steps to root your tablet:
Make a backup of you apps & data before doing this. This procedure will
wipe all you data.
Go to settings.
Select software info
Tap build number 7 times to get into developer mode
Go back to main settings page.
Scroll to bottom and select developer mode
In middle of page find OEM unlocking
Make sure slider is all the way to the right (should say allow bootloader to be unlocked)
Unlock bootloader:
1. turn off tablet
2. press and hold down vol up & vol down keys together
3. insert usb cable (should already be connected to computer)
4. when bootloader screen appears, release all keys
5. press and hold vol up key for 5 seconds, then release
6. read instructions on screen to unlock bootloader (this will wipe all your data)
After reboot, go through normal setup.
Now for the hard part.
You need to download the complete ROM you have installed on your Tablet.
It will be better if you have the same ROM version as I do in post in this post (#1).
You need to unzip the ROM so you can flash it in ODIN.
If you are on the same ROM version as in my post #1, then you can just download my rooted files.
Unzip my downloaded root files zip file.
Unzip the downloaded ROM files.
In the AP* file, you need to replace my files in the zip: boot.img, recovery.img & vbmeta.img
Start ODIN. Select files for BL*, AP*, CSC* & CP*
For CSC file, select HOME_CSC*
*** Uncheck auto reboot ***
Flash ROM.
After flashing ROM. press vol dn + pwr key
As soon as screen goes blank press vol up key and hold
When get into recovery, select data wipe, then reboot
Set up phone as you normally would.
After setup, go to Play store and install Magisk Manager. Run Magisk Manager to see if you have root.
Do It Yourself Instructions
You need to do some research before doing this. This is NOT a walk you by the hand tutorial. You need to learn some things before following these instructions. Learn how to use lz4.exe. Learn how to use simg2img. Learn how to make a .tar file.
Make a backup of you apps & data before doing this. This procedure will
wipe all you data.
Go to settings.
Select software info
Tap build number 7 times to get into developer mode
Go back to main settings page.
Scroll to bottom and select developer mode
In middle of page find OEM unlocking
Make sure slider is all the way to the right (should say allow bootloader to be unlocked)
Unlock bootloader:
1. turn off tablet
2. press and hold down vol up & vol down keys together
3. insert usb cable (should already be connected to computer)
4. when bootloader screen appears, release all keys
5. press and hold vol up key for 5 seconds, then release
6. read instructions on screen to unlock bootloader (this will wipe all your data)
After reboot, go through normal setup.
Now for the hard part.
You need to download the complete ROM you have installed on your Tablet.
Extract ROM files
Extract system.*.lz4, recovery*.lz4 and vbmeta*.lz4
Use tar to make an AP.tar file with the 3 above files. **Search the Internet if you do not know how to use tar.
Copy the AP.tar file to your phone. It is better to use adb push to prevent file correuption.
Install Magisk Manager from Play store.
Run Magisk Manager. Select install Magisk. Choose Select and Patch a file. Follow directions on screen to patch the AP.tar file.
Once the AP.tar file has been patched, use adb to pul the file to yur computer.
Extract the file from the AP.tar file.
Now come the hard part:
You cannot edit .lz4 directly. You have to decompress them. After decompressing system*, use simg2img to decompress the sparse file. Search the Internet if you do not know how to do this.
Now we make our modified files so they will flash in ODIN.
Instructions:
I used hex editor neo - a windows 10 app
I opened the stock kernel & recovery files in hex editor neo
I opened the Magisk modified kernel & recovery files in hex editor neo
I copied the modified kernel & recovery code onto their respective stock files in hex editor neo
I saved the stock files & closed hex editor neo.
I used cygwin to create a tar file: boot.img, recovery.img, vbmeta.img plus other files in original AP*.MD5 file.
You should also flash all ROM *.MD5 files (BL, CP, CSC) per Magisk instructions.
New AP.tar contents:
boot.img
dtbo.img.lz4
meta-data
recovery.img
system.img.ext4.lz4
userdata.img.ext4.lz4
vbmeta.img
vendor.img.ext4.lz4
I used Odin to flash the tar file
Flash ROM.
After flashing ROM. press vol dn + pwr key
As soon as screen goes blank press vol up key and hold
When get into recovery, select data wipe, then reboot
Set up phone as you normally would.
After setup, go to Play store and install Magisk Manager. Run Magisk Manager to see if you have root.
After installing Magisk:
(Powering up normally) → (System with NO Magisk)
(OEM Recovery Key Combo) → (Splash screen) → (Release all buttons) → (System with Magisk)
(OEM Recovery Key Combo) → (Splash screen) → (Keep pressing volume up) → (Actual recovery)
Please follow my instructions and the install instructions from Magisk web page.
Magisk Installation

What system do you use to manipulate the files? (Windows? Linux? Android?)
What is "overlay"? Do you extract the boot.img from the original AP.tar.md5, and from the magisk-patched.tar, copy the magisk-patched-boot.img to the beginning of the original-boot.img, and then replace the boot.img in magisk-patched.tar?
Do you give Odin four files, or just AP? Do you use CSC or HOME_CSC?

J.Michael said:
What system do you use to manipulate the files? (Windows? Linux? Android?)
What is "overlay"? Do you extract the boot.img from the original AP.tar.md5, and from the magisk-patched.tar, copy the magisk-patched-boot.img to the beginning of the original-boot.img, and then replace the boot.img in magisk-patched.tar?
Do you give Odin four files, or just AP? Do you use CSC or HOME_CSC?
Click to expand...
Click to collapse
In answer to your question, basically, yes.
I only flash the 3 files in the .tar file
I am on a Windows 10 laptop. Only 3 files need to be modified by Magisk: boot.img, recovery.img, vbmeta.img
I use Hex Editor Neo for overlaying the modified kernel and recovery files..
At the end of these 2 stock files is code that needs to be there, thus the 65 MB file size.
So I open the stock .img files (boot, recovery) in Hex Editor Neo, and copy the modded boot, recovery code into each stock .img file..
I use cygwin to create the .tar file, then flash with ODIN 3.1.14

Where does this leave you with respect to booting? Do you have to hold down buttons like you're trying to boot to recovery, then let go at the right time, to boot with Magisk active? Have you booted "normally" since you installed Magisk? Is Magisk still active? Have you shut down completely and then rebooted?
Wu's writeup says, when he's patching an AP file, to install to recovery, the boot.img is patched to "remove the signature of the image to prevent soft bricks". He doesn't explain why the signature would cause a soft brick with an unlocked bootloader and a nulled-out vbmeta. If you're restoring the original signature, it seems like you're flirting with the situation he was trying to avoid.
Will you be posting in the main Magisk thread. Aside from the news of another success, the details of your solution might help Wu improve the automatic patching enough to make manual adjustments unnecessary.

J.Michael said:
Where does this leave you with respect to booting? Do you have to hold down buttons like you're trying to boot to recovery, then let go at the right time, to boot with Magisk active? Have you booted "normally" since you installed Magisk? Is Magisk still active? Have you shut down completely and then rebooted?
Wu's writeup says, when he's patching an AP file, to install to recovery, the boot.img is patched to "remove the signature of the image to prevent soft bricks". He doesn't explain why the signature would cause a soft brick with an unlocked bootloader and a nulled-out vbmeta. If you're restoring the original signature, it seems like you're flirting with the situation he was trying to avoid.
Will you be posting in the main Magisk thread. Aside from the news of another success, the details of your solution might help Wu improve the automatic patching enough to make manual adjustments unnecessary.
Click to expand...
Click to collapse
No keypress is required for booting to maintain root.
I have tried this multiple ways: shutdown/boot & reboot - still have root.
I have not posted in main Magisk thread yet. Can you give me a link to the main thread where I can post this information?

https://forum.xda-developers.com/apps/magisk/mod-magisk-v1-universal-systemless-t3432382
This is the General Discussion thread. I've seen references to github for reporting bugs. github might be a better bet for providing technical information about how patching should be implemented.

J.Michael said:
https://forum.xda-developers.com/apps/magisk/mod-magisk-v1-universal-systemless-t3432382
This is the General Discussion thread. I've seen references to github for reporting bugs. github might be a better bet for providing technical information about how patching should be implemented.
Click to expand...
Click to collapse
Thanks for the link. I have posted to the Magisk forum.

Well, besides the possible outcomes, I tried the method and it worked for me. I'm not loosing magisk between boots too, not touching system apps but I can install modules and get root.
So, thank you very much for the finding!

Gartrax said:
Well, besides the possible outcomes, I tried the method and it worked for me. I'm not loosing magisk between boots too, not touching system apps but I can install modules and get root.
So, thank you very much for the finding!
Click to expand...
Click to collapse
You're welcome. Enjoy your Tab A now that you have root.

gcrutchr said:
I have root on my SM-T295 A8 tablet!!
Attached boot.tar file is for XXU2ASL3 only.
T295-Magisk-AP.tar
Okay, after multiple failed attempts, I read about a method to root my T295. It did not work!! But, I decided to just use Magisk Manager on the boot.img file only. The resultant file would not flash - it will fail. The original boot.img & recovery.img files are 65,536K bytes each. I had to take the Magisk modified boot.img and overlay it onto the original boot.ing file. I did the same for the recovery.img. Then the files would flash successfully. The first thing after booting was to check Magisk Manager. It showed I have Magisk 20.3 installed. So, I tested this with Root Explorer. I did have root!!
If you are going to try this, you need to unlock your boot loader, I think. I have not tried this with a locked bootloader.
Click to expand...
Click to collapse
You must have a unlocked bootloader to proceed. How did you overlay the files?

secretwolf98 said:
You must have a unlocked bootloader to proceed. How did you overlay the files?
Click to expand...
Click to collapse
Instructions moved to Post #1

In unlocking the bootloader, does it have any negative side? I remember on my sasung s5 before that i would loose what they call knox and not be able to restore permanently. How abiut in the 2019 tab?

amnher said:
In unlocking the bootloader, does it have any negative side? I remember on my sasung s5 before that i would loose what they call knox and not be able to restore permanently. How abiut in the 2019 tab?
Click to expand...
Click to collapse
Probably the same situation. I do not care about knox. I do not care about Samsun Pay.
I have not tested anything to restore knox.

gcrutchr said:
Probably the same situation. I do not care about knox. I do not care about Samsun Pay.
I have not tested anything to restore knox.
Click to expand...
Click to collapse
Attempting to restore Knox would be a waste of time because it is impossible. When you think of Knox, think of the manufacture warranty. Once you void the warranty, it's a goner.

secretwolf98 said:
Attempting to restore Knox would be a waste of time because it is impossible. When you think of Knox, think of the manufacture warranty. Once you void the warranty, it's a goner.
Click to expand...
Click to collapse
My understanding is knox is not installed on the T295

gcrutchr said:
My understanding is knox is not installed on the T295
Click to expand...
Click to collapse
According to the off site, the tablet has a Knox
Some user use the file from #1 and have this error(about security)
only official released binaries are allowed to be flashed after reboot

gcrutchr said:
My understanding is knox is not installed on the T295
Click to expand...
Click to collapse
The T29x and T51x has knox.

secretwolf98 said:
The T29x and T51x has knox.
Click to expand...
Click to collapse
Yea...just checked in priv-app folder.
I read somewhere the T29x series did not have knox...must have read wrong...ha, ha

And what we have?
How I can solve the problem with "Only official released binaries are allowed to be flashed"?

Alloc777 said:
And what we have?
How I can solve the problem with "Only official released binaries are allowed to be flashed"?
Click to expand...
Click to collapse
Did you unlock bootloader?
Did you toggle OEM unlock in settings/developer options?

[guide] [also root] how to root your a50s again with no bootloop.

@topjohnwu has left xda due to some reasons.
but before that, he also fixed the bootloop problem.
if you already in the version 19.3, guided by @redymedan, update to new v20.4 by the beta channel...
it works in ata6 build for me, but i can't risk my data again to test on android q.

update: i tried on android q bit it didn't work. welp, back to 9 i guess.

halcyon441 said:
@topjohnwu has left xda due to some reasons.
but before that, he also fixed the bootloop problem.
if you already in the version 19.3, guided by @redymedan, update to new v20.4 by the beta channel...
it works in ata6 build for me, but i can't risk my data again to test on android q.
Click to expand...
Click to collapse
I have tested Magisk v20.4 and facing same problem with magisk v20.3, I tried to fix it:
1. Boot system without magisk
2. Clear magisk data/cache ( don't run magisk after clear data/cache, just turn power off )
3. Boot system with magisk

redymedan said:
I have tested Magisk v20.4 and facing same problem with magisk v20.3, I tried to fix it:
1. Boot system without magisk
2. Clear magisk data/cache ( don't run magisk after clear data/cache, just turn power off )
3. Boot system with magisk
Click to expand...
Click to collapse
on android Q?

[update 2] hey folks, after a day testing and stuff, even mess up my sd card with more than 15gb data in it (rip my "homework n stuff"), i had decided that stay in android 9 would be better. Magisk v20.4 COULD works in android 10, but can't do initial setup thingy, so you can't install modules., try to delete MM data and it won't work, conflict with OneDrive maybe.
backup your data, unlock the bootloader and unlock OEM.
open your MM, choose beta channel and refresh, you'll see v20.4 (20400)
copy AP files ( ata6 recommend), to your phone.
select "patch a file", choose the AP files and let the MM do it jobs.
after MM done patching, connect your phone with PC.
open File Explorer, accept permission, copy magisk_patched.tar to your pc.
to Odin, UNTICK THE "AUTO REBOOT" and KEEP "F.RESET TIME"
choose bl file for bl
magisk_patched.tar for ap
cp for cp
and note this: if you choose csc file in csc, you will mess up. your phone will be shrink from 64gb to 16gb.
home_csc for csc.
click start and wait...
after 2 minutes or less, odin will say "PASS".
next step will be hard, buy some coffee for
concentrate in pressing buttons (lol)
press volume down and power for more 7s, when screen blank, use 50% of your mana and press both volume up and power.
when samsung text appear, hold till it pass the bootloader warning, after that, only keep the volume up.
after a few secs, you will see text "erasing" and the screen will eventually blank again.
continue the process, do as above, and keep the volume up button to enter recovery mode.
wipe all data&factory reset.
choose the "reboot system now", when the screen blank, immediately hold both power up and power until it passes the bootloader warning.
the first time it boot, it won't boot to os but instead it will reboot again, dont panic, just stay at natural.
wait...
do setup, PLEASE NOTE THAT DO NOT CONNECT WIFI IN SETUP OR ELSE YOU WILL GET IN BOOTLOOP.
after setup, you can connect to wifi.
go to MM to do initial setup, and done.
feel free to restore your data, install modules, block ads,...

halcyon441 said:
[update 2] hey folks, after a day testing and stuff, even mess up my sd card with more than 15gb data in it (rip my "homework n stuff"), i had decided that stay in android 9 would be better. Magisk v20.4 COULD works in android 10, but can't do initial setup thingy, so you can't install modules., try to delete MM data and it won't work, conflict with OneDrive maybe.
backup your data, unlock the bootloader and unlock OEM.
open your MM, choose beta channel and refresh, you'll see v20.4 (20400)
copy AP files ( ata6 recommend), to your phone.
select "patch a file", choose the AP files and let the MM do it jobs.
after MM done patching, connect your phone with PC.
open File Explorer, accept permission, copy magisk_patched.tar to your pc.
to Odin, UNTICK THE "AUTO REBOOT" and KEEP "F.RESET TIME"
choose bl file for bl
magisk_patched.tar for ap
cp for cp
and note this: if you choose csc file in csc, you will mess up. your phone will be shrink from 64gb to 16gb.
home_csc for csc.
click start and wait...
after 2 minutes or less, odin will say "PASS".
next step will be hard, buy some coffee for
concentrate in pressing buttons (lol)
press volume down and power for more 7s, when screen blank, use 50% of your mana and press both volume up and power.
when samsung text appear, hold till it pass the bootloader warning, after that, only keep the volume up.
after a few secs, you will see text "erasing" and the screen will eventually blank again.
continue the process, do as above, and keep the volume up button to enter recovery mode.
wipe all data&factory reset.
choose the "reboot system now", when the screen blank, immediately hold both power up and power until it passes the bootloader warning.
the first time it boot, it won't boot to os but instead it will reboot again, dont panic, just stay at natural.
wait...
do setup, PLEASE NOTE THAT DO NOT CONNECT WIFI IN SETUP OR ELSE YOU WILL GET IN BOOTLOOP.
after setup, you can connect to wifi.
go to MM to do initial setup, and done.
feel free to restore your data, install modules, block ads,...
Click to expand...
Click to collapse
has anyone been able to successfully root on Q? on which firmware? I have tried this endless times on 4BTB4 firmware but always getting bootloop before I can even complete initial android setup.

kamwash said:
has anyone been able to successfully root on Q? on which firmware? I have tried this endless times on 4BTB4 firmware but always getting bootloop before I can even complete initial android setup.
Click to expand...
Click to collapse
Ive succesfully root it

nikkali25 said:
Ive succesfully root it
Click to expand...
Click to collapse
what firmware version do you have?

nikkali25 said:
Ive succesfully root it
Click to expand...
Click to collapse
Btb4

Solved - Boot S10 into rooted ROM without requiring 3 buttons pressed

I have purchased my Samsung S10 Exynos and successfully rooted it using the only possible ways that have seems to be available so far. I have gained root, but I was wondering if anyone has solved the issue of having to turn the device on with all 3 keys held down at the same time. I understand that this is because the rooted version of the phone has be installed on the recovery of the phone, but I hope that there becomes a way to turn on the phone with root and use only the power button. I check from time to time, but it seems that this has not been solved yet. If anyone can find a solution for me so that I do not have to keep searching then I will reward them $100. An idea that I had is if there was a way to modify the power button to boot into recovery by itself? I believe this would be impossible but if anyone could think of a way to do that then that would solve the problem. I am okay with never being able to unroot the device if this would be the case.

How often do you cold boot?
reboot:
- Magisk boot menu
- adb reboot recovery

DHGE said:
How often do you cold boot?
reboot:
- Magisk boot menu
- adb reboot recovery
Click to expand...
Click to collapse
Hello, thank you for the suggestion. I thought about that idea already and I forgot to mention it in my post. I am looking for a way to do it via a cold boot. I know about the reboot into recovery method already, and I know of a way to map the power button to reboot into recovery if held down, but I am looking for a way to cold boot into recovery with just the power button.
I like your idea, but if there was a way to do it as a cold boot then that is ideally what I'm looking for. Your method would work if there was a way to just keep the phone shut down and wait until I hold the power button to turn it on and then it boot into recovery. If you can think of a way to do that then let me know.
The reason I am seeking this is because I root the S10 out to have a proprietary app on it and the app requires root to function properly. I need the power button to boot with root on the S10 so that it will always do so and my employees / customers will not access the non-rooted side of the phone by accident. The 3 button combination is too difficult, so I would need to resort so either a S8 or S9 if the S10 won't allow power button only to boot with root access. The app that I make uses a great amount of battery life so I need the ability to shut down the phone and cold boot it back into recovery. Thanks.

Hi, I assume you have rooted using the magisk-patched-recovery method (patched AP file) and if memory serves and from what I am re-reading this method does require the 3-button-combo to boot to rooted system.
When I first got my s10 and rooted this was the only method at the time, but then came custom kernels with built-in magisk.
With this method from power menu if I...
- reboot, phone will reboot to rooted system.
- power off, the power on button will boot to rooted system.
In fact I'm not sure how/if I can boot to non-rooted system with this method.
I currently on custom rom AmbasadiiRom 2.2 with AmbasadiiCruel Kernel G97xF-v3.10.
There are a few custom kernels that have built-in magisk. You will have to check rom compatibility but believe they work on samsung stock based firmware/roms, AmbasadiRomi is based on stock firmware.
- Cruel Kernel
- ThundeRStormS kernel
If you like I can provide a step-by-step, but you will lose all data as it will require flashing stock unpatched firmware, unpatched twrp in odin then custom rom (optional - depending on if the custom kernel does work on stock firmware) & custom kernel.

pjc21 said:
Hi, I assume you have rooted using the magisk-patched-recovery method (patched AP file) and if memory serves and from what I am re-reading this method does require the 3-button-combo to boot to rooted system.
When I first got my s10 and rooted this was the only method at the time, but then came custom kernels with built-in magisk.
With this method from power menu if I...
- reboot, phone will reboot to rooted system.
- power off, the power on button will boot to rooted system.
In fact I'm not sure how/if I can boot to non-rooted system with this method.
I currently on custom rom AmbasadiiRom 2.2 with AmbasadiiCruel Kernel G97xF-v3.10.
There are a few custom kernels that have built-in magisk. You will have to check rom compatibility but believe they work on samsung stock based firmware/roms, AmbasadiRomi is based on stock firmware.
- Cruel Kernel
- ThundeRStormS kernel
If you like I can provide a step-by-step, but you will lose all data as it will require flashing stock unpatched firmware, unpatched twrp in odin then custom rom (optional - depending on if the custom kernel does work on stock firmware) & custom kernel.
Click to expand...
Click to collapse
Awesome. Your solution sounds perfect for what I was looking for. Yes, I got my S10 back over a year ago and rooted it with patched AP file and magisk. I was only able to find that method even up until yesterday. I would like a step by step if you are able to quickly put one together. If it works then I am glad to grant you the reward for your help. I am willing to do this in the easiest way possible, even if it requires wiping data. I never used the phone so wiping is no problem at all. I am looking to do this to several devices so the easiest and fastest way would be the best. I will look into your comments and see if I can figure out doing this over this weekend. Will keep everyone updated.

pjc21 said:
Hi, I assume you have rooted using the magisk-patched-recovery method (patched AP file) and if memory serves and from what I am re-reading this method does require the 3-button-combo to boot to rooted system.
When I first got my s10 and rooted this was the only method at the time, but then came custom kernels with built-in magisk.
With this method from power menu if I...
- reboot, phone will reboot to rooted system.
- power off, the power on button will boot to rooted system.
In fact I'm not sure how/if I can boot to non-rooted system with this method.
I currently on custom rom AmbasadiiRom 2.2 with AmbasadiiCruel Kernel G97xF-v3.10.
There are a few custom kernels that have built-in magisk. You will have to check rom compatibility but believe they work on samsung stock based firmware/roms, AmbasadiRomi is based on stock firmware.
- Cruel Kernel
- ThundeRStormS kernel
If you like I can provide a step-by-step, but you will lose all data as it will require flashing stock unpatched firmware, unpatched twrp in odin then custom rom (optional - depending on if the custom kernel does work on stock firmware) & custom kernel.
Click to expand...
Click to collapse
I just read some info on the links you provided and i think i can figure it out. if i have any trouble then ill let you know. Dont worry about a step by step for now unless I have any trouble. Thanks!

Here is a bit of a step-by-step for Samsung s10 Exynos Model:SM-G973F
Info below is based on using December Security patch: 2020-12-01 firmware G973FXXS9DTK9 (Android 10) and Ambasadii Rom
NOTICE: The easiest and fastest way would probably be flashing kernel with stock firmware/rom. I have only done custom (but stock based) roms with kernel so am assuming the steps (5a.) for stock firmware/rom, you may want to post in chosen kernel thread to confirm if those steps are correct.
- both kernels I mentioned say they are compatibly with stock roms & AmbasadiiCruel Kernel is based on Cruel Kernel so I assume that would also work on stock rom.
This assumes you have already unlocked your bootloader, if not check this Recovery thread under Instructions: Odin (windows) - steps 1-6 for how to unlock bootloader.
1. Download all files needed to pc.
- Current latest firmware G973FXXS9DTK9, I use frija tool as downloading from samfirmware.com is very slow.
Enter Model, CSC, check the auto box & click check update and download.
Once complete unzip with 7Zip or preferred zip tool.
- In Recovery thread download latest twrp for device, is this case for S10 G973F latest twrp is - twrp-3.5.0_9-1-beyond1lte.img.tar
Under Instructions: Odin (windows) download
- Odin v3.14.1
- avb disabled vbmeta.tar
- click link to multidisabler-samsung-2.* and download latest version from there, currently multidisabler-samsung-3.1.zip
If sticking with stock and custom kernel
- easiest one looks like it would be Cruel kernel or AmbasadiiCruel kernel.
- check kernel thread of choice for compatibility with stock firmware and specific install instructions.
For custom rom in this example for Ambasadii rom
- Download files from Ambasadii rom site
- ROM.G97xF.XXS9DTK9-v2.2.by.ambasadii.zip
- mods_DTJA-v1.3.4.zip
- magisk_safetynet_fix.zip
- AmbasadiiCruel-G97xF-v3.10.zip (rom does include previous kernel 3.9 but this one is updated to latest magisk 21.2)
Bootlogo patcher - this will get rid of the warning about bootloader being unlocked when booting phone. (optional)
TWRP_Bootlogo_patcher.zip
Copy the below files to phones external SDCard
- multidisabler-samsung-3.1.zip
- TWRP_Bootlogo_patcher.zip (optional)
- chosen kernel zip - if sticking with stock
Custom Rom files
- ROM.G97xF.XXS9DTK9-v2.2.by.ambasadii.zip
- mods_DTJA-v1.3.4.zip
- magisk_safetynet_fix.zip
- AmbasadiiCruel-G97xF-v3.10.zip
2. Flashing stock firmware - Odin
- Open Odin on pc
- Turn off the phone
- Use vol down + bixby, then connect usb cable to phone from pc to start the phone in download mode, press vol up to confirm and go to download mode.
- In Odin under log you should see added, I also like to turn off auto reboot under the options tab and do manual reboot once complete but that's up to you.
- Add BL, AP, CP & CSC from the unzipped firmware downloaded in step 1. The AP & CSC can take a little time as they are larger files.
- Once all files added click start and wait until complete, you should see SUCCESS in the top left area once done.
- If you turned off auto-reboot then unplug usb and do manual reboot by pressing vol down + power for 7 seconds, else phone should reboot automatically then unplug.
3. Once phone boots up
- complete setup and connect to Wi-Fi or data
- skip adding Google & Samsung accounts.
- enable developer settings & check OEM unlock is on.
- turn off the phone.
4. Flashing TWRP Recovery - Odin
- In the Recovery thread under Instructions: Odin (windows) continue on from step 8 including formatting data and flashing multidisabler zip which you copied to SDCard.
- in twrp go back to wipe and select advanced and wipe data, cache & dalvik-cache
5a. If sticking with stock & custom kernel - Read NOTICE at top of post
Assumed Steps
- Still in twrp recovery go back to main menu
- select install and flash kernel zip, then TWRP_Bootlogo_patcher.zip
- Not sure if magisk_safetynet_fix is needed or works on stock, would need to confirm in Ambasadii thread.
- go back to main menu and select reboot & system
- give the phone a few minutes to start, and then complete setup including adding your accounts.
- once setup is complete open magisk and it will run additional setup, and then phone will reboot
- done
OR
5b. If flashing Custom Rom & Kernel - steps below for Ambasadii Rom
- Still in twrp recovery go back to main menu
- select install and flash ROM.G97xF.XXS9DTK9-v2.2.by.ambasadii.zip, choose options in aroma - once the install is complete exit back to twrp recovery
- select and flash mods_DTJA-v1.3.4.zip, then magisk_safetynet_fix.zip, then AmbasadiiCruel-G97xF-v3.10.zip, then TWRP_Bootlogo_patcher.zip
- once you have flashed all files go back to main menu and select reboot & system
- give the phone about 8 minutes to start, and then complete setup including adding your accounts.
- once setup is complete open magisk and it will run additional setup, and then phone will reboot
- done
6. If you went with Ambasadii Rom
- you will then notice status bar icons are pushed to the right behind the camera
- open rom control, grant superuser rights
- select status bar/options and play around with notch adjustments and positions
- can be a little confusing to start but play around and you'll get the hang of it.
Hope this info helps, let me know if you need any clarification/detail to any of the steps
Also no need for reward, happy to help

pjc21 said:
Here is a bit of a step-by-step for Samsung s10 Exynos Model:SM-G973F
Info below is based on using December Security patch: 2020-12-01 firmware G973FXXS9DTK9 (Android 10) and Ambasadii Rom
NOTICE: The easiest and fastest way would probably be flashing kernel with stock firmware/rom. I have only done custom (but stock based) roms with kernel so am assuming the steps (5a.) for stock firmware/rom, you may want to post in chosen kernel thread to confirm if those steps are correct.
- both kernels I mentioned say they are compatibly with stock roms & AmbasadiiCruel Kernel is based on Cruel Kernel so I assume that would also work on stock rom.
This assumes you have already unlocked your bootloader, if not check this Recovery thread under Instructions: Odin (windows) - steps 1-6 for how to unlock bootloader.
1. Download all files needed to pc.
- Current latest firmware G973FXXS9DTK9, I use frija tool as downloading from samfirmware.com is very slow.
Enter Model, CSC, check the auto box & click check update and download.
Once complete unzip with 7Zip or preferred zip tool.
- In Recovery thread download latest twrp for device, is this case for S10 G973F latest twrp is - twrp-3.5.0_9-1-beyond1lte.img.tar
Under Instructions: Odin (windows) download
- Odin v3.14.1
- avb disabled vbmeta.tar
- click link to multidisabler-samsung-2.* and download latest version from there, currently multidisabler-samsung-3.1.zip
If sticking with stock and custom kernel
- easiest one looks like it would be Cruel kernel or AmbasadiiCruel kernel.
- check kernel thread of choice for compatibility with stock firmware and specific install instructions.
For custom rom in this example for Ambasadii rom
- Download files from Ambasadii rom site
- ROM.G97xF.XXS9DTK9-v2.2.by.ambasadii.zip
- mods_DTJA-v1.3.4.zip
- magisk_safetynet_fix.zip
- AmbasadiiCruel-G97xF-v3.10.zip (rom does include previous kernel 3.9 but this one is updated to latest magisk 21.2)
Bootlogo patcher - this will get rid of the warning about bootloader being unlocked when booting phone. (optional)
TWRP_Bootlogo_patcher.zip
Copy the below files to phones external SDCard
- multidisabler-samsung-3.1.zip
- TWRP_Bootlogo_patcher.zip (optional)
- chosen kernel zip - if sticking with stock
Custom Rom files
- ROM.G97xF.XXS9DTK9-v2.2.by.ambasadii.zip
- mods_DTJA-v1.3.4.zip
- magisk_safetynet_fix.zip
- AmbasadiiCruel-G97xF-v3.10.zip
2. Flashing stock firmware - Odin
- Open Odin on pc
- Turn off the phone
- Use vol down + bixby, then connect usb cable to phone from pc to start the phone in download mode, press vol up to confirm and go to download mode.
- In Odin under log you should see added, I also like to turn off auto reboot under the options tab and do manual reboot once complete but that's up to you.
- Add BL, AP, CP & CSC from the unzipped firmware downloaded in step 1. The AP & CSC can take a little time as they are larger files.
- Once all files added click start and wait until complete, you should see SUCCESS in the top left area once done.
- If you turned off auto-reboot then unplug usb and do manual reboot by pressing vol down + power for 7 seconds, else phone should reboot automatically then unplug.
3. Once phone boots up
- complete setup and connect to Wi-Fi or data
- skip adding Google & Samsung accounts.
- enable developer settings & check OEM unlock is on.
- turn off the phone.
4. Flashing TWRP Recovery - Odin
- In the Recovery thread under Instructions: Odin (windows) continue on from step 8 including formatting data and flashing multidisabler zip which you copied to SDCard.
- in twrp go back to wipe and select advanced and wipe data, cache & dalvik-cache
5a. If sticking with stock & custom kernel - Read NOTICE at top of post
Assumed Steps
- Still in twrp recovery go back to main menu
- select install and flash kernel zip, then TWRP_Bootlogo_patcher.zip
- Not sure if magisk_safetynet_fix is needed or works on stock, would need to confirm in Ambasadii thread.
- go back to main menu and select reboot & system
- give the phone a few minutes to start, and then complete setup including adding your accounts.
- once setup is complete open magisk and it will run additional setup, and then phone will reboot
- done
OR
5b. If flashing Custom Rom & Kernel - steps below for Ambasadii Rom
- Still in twrp recovery go back to main menu
- select install and flash ROM.G97xF.XXS9DTK9-v2.2.by.ambasadii.zip, choose options in aroma - once the install is complete exit back to twrp recovery
- select and flash mods_DTJA-v1.3.4.zip, then magisk_safetynet_fix.zip, then AmbasadiiCruel-G97xF-v3.10.zip, then TWRP_Bootlogo_patcher.zip
- once you have flashed all files go back to main menu and select reboot & system
- give the phone about 8 minutes to start, and then complete setup including adding your accounts.
- once setup is complete open magisk and it will run additional setup, and then phone will reboot
- done
6. If you went with Ambasadii Rom
- you will then notice status bar icons are pushed to the right behind the camera
- open rom control, grant superuser rights
- select status bar/options and play around with notch adjustments and positions
- can be a little confusing to start but play around and you'll get the hang of it.
Hope this info helps, let me know if you need any clarification/detail to any of the steps
Also no need for reward, happy to help
Click to expand...
Click to collapse
Hey There, Been busy lately and I haven't gotten around to trying any of these methods until today. Today I attempted the stockrom+CruelKernel. I am having a strange problem. I am acquiring root but as a read-only. I can not make any changes to system files, I can only view them. Can you tell me if you are able to modify or add to the system directory? Let me know. I know your phone is running custom rom + custom kernel, so I just might have to do that if that is the only fix. I have tried several things and read all of the threads but can not find anyone else that is experiencing this issue / I can not find a fix. I'm about to try the custom rom (stock based) + custom kernel to see if that works. If you can tell me if you have access to read/write system files then let me know so I know if this is even possible. Thanks.

I have found out that I can modify system files through twrp recovery, but when I boot into the main operating system then I have root but as read-only.

Hey, sorry for late reply - ever since xda updated it's not sending me emails when I get a notification.
As for the system directory being read-only, I believe this is normal even with root. Root just gives access to the /root dir that you would not normally have without it.
- my system dir permissions by default are 755/rwxr-xr-x
After a bit of searching looks like there are a few ways to change permissions
- twrp, can mount system as r,w - but as you said this reverts on reboot
- adb shell, and chmod permissions, same why you do with linux
- in android using either root explorer or x-plore, haven't tried root explorer as it is a paid app but did test with x-plore and working fine.
check this vid on changing the root access to superuser+mount writable which allows for changes in read-only folders and how to set permissions for files/folders.
I not sure if changing permissions on the system folder itself is safe or would cause any issues, I just created a folder within system and set permissions to 644 reclusive, created some files and rebooted - created folders/files and modified permissions remained fine after reboot.
If you need write permissions in system to install apps as system/app you may find this magisk module useful, it's called App Systemizer which allows you to use apps as system apps systemlessly. Just search in magisk modules.
Hope this helps.

pjc21 said:
Hey, sorry for late reply - ever since xda updated it's not sending me emails when I get a notification.
As for the system directory being read-only, I believe this is normal even with root. Root just gives access to the /root dir that you would not normally have without it.
- my system dir permissions by default are 755/rwxr-xr-x
After a bit of searching looks like there are a few ways to change permissions
- twrp, can mount system as r,w - but as you said this reverts on reboot
- adb shell, and chmod permissions, same why you do with linux
- in android using either root explorer or x-plore, haven't tried root explorer as it is a paid app but did test with x-plore and working fine.
check this vid on changing the root access to superuser+mount writable which allows for changes in read-only folders and how to set permissions for files/folders.
I not sure if changing permissions on the system folder itself is safe or would cause any issues, I just created a folder within system and set permissions to 644 reclusive, created some files and rebooted - created folders/files and modified permissions remained fine after reboot.
If you need write permissions in system to install apps as system/app you may find this magisk module useful, it's called App Systemizer which allows you to use apps as system apps systemlessly. Just search in magisk modules.
Hope this helps.
Click to expand...
Click to collapse
Cool, I'll give your suggestions a try. I'm a fan of ES File Explorer. They have a root explorer built in their app and previously I had a S8 Exynos and a S9 Exynos and that app worked for those phones but with this S10 the switch is grayed out and no other app is working for me either. On my older S8 Exynos and S9 Exynos I rooted with stock-rom + stock-kernel and just needed TWRP+Magisk and I always was able to modify or add/delete system files with ES file explorer. I guess Samsung is getting more and more strict on allowing this by making us hop through more hoops in order to do so. So far I only have ready only system files on the S10 Exynos which is new to me because the S8 and S9 always allowed modifying system files in the past but I will try your methods you suggested. Worst case I'll attempt the custom-rom + custom-kernel and see if that works. Right now I have stock-rom+custom-kernel. I was able to make changes in the system files in TWRP but hopefully your method will allow me to edit system files without having to switch to TWRP every time I want to change something. I will keep you updated.
On a side note I just rooted a Samsung S20 Exynos and turns out that the system files are read only everywhere whether in TWRP or not, so Samsung keeps making things more difficult on us all. I currently have no way of modifying system files on the S20 no matter what I try but that phone is still much newer so I will give the magicians more time before I look into the forums more for that phone. Right now if I can get the S10 Exynos then I'll be happy.
I'll let you know how things progress. If I get what I need done with this S10 then I am happy to give you a donation for your help in this matter. I would not have gotten this far without your help. Previously the S8 and S9 days were so much easier and people had youtube videos galore that described how to root. The process was easy and everything was unlocked as read write back in the S8 and S9 days.

Yeah I use to use ES on android 6-8 then moved of to solid explorer, very similar ui to ES and also has root explorer but unfortunately it does not work to change permissions on s10 android 10 (bloody samsung/google). So far the only free one I have found is x-plore to be able to do this now. Looks like google is locking down android even more now with android 11