Related
I'm not asking how do I root my phone. That's already done. My question is, how did the original devs figure out how to root Android? Did they brute force the passwd? Did it leak from Google?
I'm just curious how it was done the first time.
The first time root access was actually already available, as we could issue a command just typing it in the address book search. However this security hole was closed with an update quickly.
So how does the current root software work? Does it use a cracked password?
klaberte said:
So how does the current root software work? Does it use a cracked password?
Click to expand...
Click to collapse
As for the Nexus One, you can unlock the bootloader, therefore letting you install whatever you want (Superuser Permission)
klaberte said:
So how does the current root software work? Does it use a cracked password?
Click to expand...
Click to collapse
No, there is no password involved. Rooting the various devices involves using an exploit to gain elevated privileges, then using them to install a new boot image that enables root access thereafter.
klaberte said:
So how does the current root software work? Does it use a cracked password?
Click to expand...
Click to collapse
What current root software? What the hell are you talking about? Are you just talking about the Nexus One, or other Android phones?
If you're talking about the Nexus One in particular, Google/HTC designed the phone to be easily unlocked/rooted out of the box. I thought you said your phone was rooted. If so, don't you remember how you did it? Pretty simple, eh? What made you think there was some special software involved?
So Towelroot is working on many S4 variants... But ours. Bummer.... So close. I started this thread in hopes that an authority on the subject might chime in on possible reasons as to why. Also Towelroot has gotten quite a bit of attention as a proof of concept for a major security flaw in Android devices. What are your opinions on that?
Its witchcraft! Burn those responsible at the stake!!
Sent from my SPH-L720 using Tapatalk
This is bad news. I've been wanting to try towelroot for the past 2 days, asking around if it works on our Sprint S4. Do you think it'll ever work on ours? If it works on Sprint Note 3 there's no reason why it shouldn't.
edmund75 said:
This is bad news. I've been wanting to try towelroot for the past 2 days, asking around if it works on our Sprint S4. Do you think it'll ever work on ours? If it works on Sprint Note 3 there's no reason why it shouldn't.
Click to expand...
Click to collapse
I can say first hand it is completely safe to attempt to run towelroot... It will not trip Knox or the flash counter, etc, etc... It just does nothing. If you watch a video if towelroot in action you will see text after you “make it ra1n"... But on our devices it just says black below the button then resets the phone.
There is a list of devices that says the sprint s4 works with towel root.
http://www.droidviews.com/root-att-and-verizon-galaxy-s5-without-voiding-knox-warranty/
Noticed that towelroot has been updated to version 2- no more reboot. May give it a try. However, I just read an article about towelroot saying,
"A flaw in the Android operating system may leave many Android phones and tablets vulnerable to attack, including the Samsung Galaxy S5 and Google's own Nexus 5. It's the same flaw that was recently discovered in the Linux kernel, on which Android is based — and a just-released Android "rooting" tool that uses the flaw could make the problem even worse.
Exploiting the flaw on an Android device yields root permissions, or total control of the system. That's not itself malicious, but the exploit could also let attackers remotely download malware, copy the device owner's files and other personal data, disable the device's security apps and create a backdoor for more attacks, according to San Francisco-based security firm Lacoon Mobile Security."
Any thoughts?
A true double edged sword. Kinda scary the Antivirus gave it an OK... Yet android actually warned me. I've read that in Linux systems the bug has been fixed.. However with so many generations and models of phones and tablets it's trickier.
I'd say the best solution would be an apk that can be ran on a rooted device (or with the bug... Not) that fixes or at least blocks it.
That's a negative on version 2... But nothing tripped. Odd thing... It still resets on its own.
noob with sprint sg4
Syntaxerror999 said:
I can say first hand it is completely safe to attempt to run towelroot... It will not trip Knox or the flash counter, etc, etc... It just does nothing. If you watch a video if towelroot in action you will see text after you “make it ra1n"... But on our devices it just says black below the button then resets the phone.
Click to expand...
Click to collapse
when I say noob I mean noob...I'm new to Android and I have no clue really what I'm doing all I know is that I wanted to be rooted because I used to use iPhone and I'm in jail breaker, which gave me the ability to not be charged out the bottom from Sprint just to tether my unlimited data to my computer. after trying to understand the wholr "rooting" process I gave up ( i suffer with OCD and ADD and that is not a good combination when teaching yourself anything tech...plus if you haven't notice I tend to be long winded and very detailed about very unnecessary information just as this last sentence sorry) Yesterday I came across Towelroot was very skeptical but continued reading as much as I could find and decided after reading "it won harm your device to try" I did..... and it works!!! first try unbelievable... now I just got to try to teach myself what to do now... there is a lot of information in computer language that the typical ex jail breaker doesn't understand....it's going to be a long road ahead of me but from what I've read so far it's going to be great. Thanks!
btw....I read this thread and wanted to reply to let people with the sprint sg4...that it's possible but I wasn't registered .... I guess things happen for a reason! if anyone has some helpful information that they can give me as to bypass the frightening journey me and my OCD andADD have in trying to work through the mass amounts of information in this strange language I sure would love ya for it! lol but what doesn't kill me will only make me smarter. love the site guys!
cwithy74 said:
Yesterday I came across Towelroot was very skeptical but continued reading as much as I could find and decided after reading "it won harm your device to try" I did..... and it works!!!
Click to expand...
Click to collapse
Worked for you? How updated was your device?
Syntaxerror999 said:
Worked for you? How updated was your device?
Click to expand...
Click to collapse
I'm staying away from the kit Kat update..read too much negative
my software: L720VPUEMK2
android version: 4.3
I'm not sure if that is what you wanted to know...I'm not very educated on the computer lango. .
just to let you know though I used towelroot then checked to see if it worked using root checker basic and it was a success then I downloaded superuser couldn't update so u installed it checked my root again it was gone. I opened towelroot again ran it and was rooted again...now I'm just trying to figure out what I need to be safe and secure and get started learning what I am able to do now... hope this info helps
cwithy74 said:
I'm staying away from the kit Kat update..read too much negative
my software: L720VPUEMK2
android version: 4.3
I'm not sure if that is what you wanted to know...I'm not very educated on the computer lango. .
just to let you know though I used towelroot then checked to see if it worked using root checker basic and it was a success then I downloaded superuser couldn't update so u installed it checked my root again it was gone. I opened towelroot again ran it and was rooted again...now I'm just trying to figure out what I need to be safe and secure and get started learning what I am able to do now... hope this info helps
Click to expand...
Click to collapse
so you basically used towelroot on 4.3? enh, I used saferoot, which was released a while back, to root 4.3 without tripping Knox... what we need to know is will towelroot give us root on 4.4 NAE...
cwithy74 said:
I'm staying away from the kit Kat update..read too much negative
my software: L720VPUEMK2
android version: 4.3
I'm not sure if that is what you wanted to know...I'm not very educated on the computer lango. .
just to let you know though I used towelroot then checked to see if it worked using root checker basic and it was a success then I downloaded superuser couldn't update so u installed it checked my root again it was gone. I opened towelroot again ran it and was rooted again...now I'm just trying to figure out what I need to be safe and secure and get started learning what I am able to do now... hope this info helps
Click to expand...
Click to collapse
Yes that's exactly what I wanted to know. This would explain why some sites are reporting it as working on our model
Works fine on NAE. Download latest towelroot (v3), click the title 3 times, enter "1337 0 1 7380 4 0". Click "Make it rain".
Enjoy root. No KNOX tripped.
DXtremz said:
Works fine on NAE. Download latest towelroot (v3), click the title 3 times, enter "1337 0 1 7380 4 0". Click "Make it rain".
Enjoy root. No KNOX tripped.
Click to expand...
Click to collapse
What is the reason for entering "1337 0 1 7380 4 0" before making it rain?
Because it doesn't work otherwise. It's a modstring to modify the exploit parameters for our specific device.
DXtremz said:
Because it doesn't work otherwise. It's a modstring to modify the exploit parameters for our specific device.
Click to expand...
Click to collapse
Alrighty, I'll give it a try. Thanks!
DXtremz said:
Works fine on NAE. Download latest towelroot (v3), click the title 3 times, enter "1337 0 1 7380 4 0". Click "Make it rain".
Enjoy root. No KNOX tripped.
Click to expand...
Click to collapse
Aw man...I was just about to post this and you beat me to it.... but yes folks the above offset will make towelroot work on 4.4
Syntaxerror999 said:
Aw man...I was just about to post this and you beat me to it.... but yes folks the above offset will make towelroot work on 4.4
Click to expand...
Click to collapse
I concur the successful rooting of our beloved Sprint S4 (NAE)!! Enjoy everyone!
For sure worked. Just did it on my friends Sprint GS4 that has never been rooted.
Read this comment today.....
Here is the bad news though - Towelroot makes use of a Linux kernel flaw (Android is Linux based) that was just discovered in early June. While Towelroot does exactly what creator George Hotz says it will and simply exploits the flaw to achieve root, it is possible that others with less pure motives could use it as a security exploit. As far as I know, this has not happened. Just make sure your settings allow installation from trusted sources only and after you root be sure to install SuperUser to grant/deny permissions to software seeking root access.
The flaw is present in Android 4.4 and earlier, so you should be able to use Towelroot on most devices, although George Hotz says that some Motorola and HTC devices block the exploit
Click to expand...
Click to collapse
Since there are quite a few SuperUser apps in Play, which one is most appropriate just to manage the deny/grant ?
xdafly said:
Read this comment today.....
Since there are quite a few SuperUser apps in Play, which one is most appropriate just to manage the deny/grant ?
Click to expand...
Click to collapse
The only one you should be using is SuperSU.
This is the place to discuss anything and everything related to SuperSU and SafetyNet / Android Pay.
To clarify, I am not currently actively doing any development on having SuperSU pass SafetyNet detection, or having Android Pay work; the same way I put no effort into beating other root detection methods such as various enterprise security tools.
In case any SuperSU-rooted device passes SafetyNet, that is a bug in SafetyNet, not a feature of SuperSU.
While I may not agree with Google's stance, I'm not about to go messing with payment systems. Is it possible though? Probably yes.
This thread has been created because you guys simply cannot stop talking about this, so these posts can now go here, where I don't ever have to see them.
Will v2.50 cause Android Pay not to work in 6.0? If so, I am guessing there is no way around it?
0.0 said:
Will v2.50 cause Android Pay not to work in 6.0? If so, I am guessing there is no way around it?
Click to expand...
Click to collapse
Root is a no no with android pay and I think custom ROMs are also out at the moment
Sent from my A0001 using Tapatalk
Pure Drive GT said:
Hey, thanks for your continued support for root on Android, was just wondering, is google making it harder to achieve decent root privileges, as in they don't want rooted devices or are they just unrelatedly changing up things which forces you guys to adapt?
On another note, is there any progress on root without the modded boot? This is by no means an ETA, just wanted to know if you think it's possible or the situation looks rather dire.
Thanks again for your many efforts!
Click to expand...
Click to collapse
Well, just look at Android Pay, it will not allow one to add a credit card if it detects the device is rooted. So yeah, Google definitely wants to stop root, or at least make sure there is a strong dissuasion towards same. It's not a bad thing persae, as Google is just making the devices more secure for the masses. We 'power users' are lucky to have those such as Chainfire working so hard to get us what they can.
mdamaged said:
Well, just look at Android Pay, it will not allow one to add a credit card if it detects the device is rooted. So yeah, Google definitely wants to stop root, or at least make sure there is a strong dissuasion towards same. It's not a bad thing persae, as Google is just making the devices more secure for the masses. We 'power users' are lucky to have those such as Chainfire working so hard to get us what they can.
Click to expand...
Click to collapse
Many banking and financial apps restrict access on rooted devices; it's not just Google.
It makes sense in some ways: root access allows running things in the background to either circumvent, monitor, or interrupt program transactions. They're being paranoid, and I don't blame them.
I don't like the Google Pay concept (or Apple's either); like every other encryption or security system, it's destined to eventually be hacked.
mdamaged said:
Well, just look at Android Pay, it will not allow one to add a credit card if it detects the device is rooted. So yeah, Google definitely wants to stop root, or at least make sure there is a strong dissuasion towards same. It's not a bad thing persae, as Google is just making the devices more secure for the masses. We 'power users' are lucky to have those such as Chainfire working so hard to get us what they can.
Click to expand...
Click to collapse
Yep, I was able to add my debit card but not credit.
VZW LG G4
mdamaged said:
Well, just look at Android Pay, it will not allow one to add a credit card if it detects the device is rooted. So yeah, Google definitely wants to stop root, or at least make sure there is a strong dissuasion towards same. It's not a bad thing persae, as Google is just making the devices more secure for the masses. We 'power users' are lucky to have those such as Chainfire working so hard to get us what they can.
Click to expand...
Click to collapse
http://www.androidpolice.com/2015/0...hy-android-pay-doesnt-support-rooted-devices/
shaggyskunk said:
Yet the Note 5 has been rooted for at least a couple of weeks
Click to expand...
Click to collapse
On Lollipop... And you also have to unlock your bootloader to do that, right? If yes, then you will trip the KNOX, and that mean you will loose some of your device functionality (Samsung Pay for example), without option to take it back. On the Nexus on the other hand, when you want to use Android Pay on Nexus, you can restore your phone to completely stock condition, without any trace of previously used root.
Also, all of this is completely irrelevant to carried device users, since they have a locked bootloaders.
Srandista said:
On Lollipop... And you also have to unlock your bootloader to do that, right? If yes, then you will trip the KNOX, and that mean you will loose some of your device functionality (Samsung Pay for example), without option to take it back. On the Nexus on the other hand, when you want to use Android Pay on Nexus, you can restore your phone to completely stock condition, without any trace of previously used root.
Also, all of this is completely irrelevant to carried device users, since they have a locked bootloaders.
Click to expand...
Click to collapse
I believe that it's only at&t and Verizon that locks the bootloader - And none in Canada and many other Countries.
Sent From my SM-N910W8 Running SlimRemix V5.1
Had an interesting event, on 2.52.
I unchecked "Enable Superuser" in Settings, to attempt to use Android Pay (Android Pay still wouldn't work). Then, when I rechecked "Enable Superuser", the re-installation of the binary failed, and I was prompted to reboot to try again. However, then I got a boot loop (never even got the opportunity to enter my encryption code). The only way I was able to boot was to re-flash the modified boot.img and re-install SuperSU from the zip (no idea whether both steps were necessary).
I have a Marshmallow Nexus 6, encrypted. For what it's worth, I was previously rooted on 5.1.1, and, after updating to 6.0 and until I re-rooted, I always got a "Your device is corrupt" message on startup, despite being all stock.
NYZack said:
Had an interesting event, on 2.52.
I unchecked "Enable Superuser" in Settings, to attempt to use Android Pay (Android Pay still wouldn't work). Then, when I rechecked "Enable Superuser", the re-installation of the binary failed, and I was prompted to reboot to try again. However, then I got a boot loop (never even got the opportunity to enter my encryption code). The only way I was able to boot was to re-flash the modified boot.img and re-install SuperSU from the zip (no idea whether both steps were necessary).
I have a Marshmallow Nexus 6, encrypted. For what it's worth, I was previously rooted on 5.1.1, and, after updating to 6.0 and until I re-rooted, I always got a "Your device is corrupt" message on startup, despite being all stock.
Click to expand...
Click to collapse
Root doesn't have to be enabled for pay to fail. Any time the system partition is modified pay will not work. There was an xda news article on it. A quick Google search involving Android pay and root should find it.
Lrs121 said:
Root doesn't have to be enabled for pay to fail. Any time the system partition is modified pay will not work. There was an xda news article on it. A quick Google search involving Android pay and root should find it.
Click to expand...
Click to collapse
I also found that having an unlocked bootloader will stop Pay working. When MM released I decided to go fully back to stock but kept the bootloader unlocked so I could flash MM. Pay still failed, so I've given up and gone rooted again.
Sent from my Nexus 6 using Tapatalk
Ch3vr0n said:
@Chainfire if you actually are able to pull off fully working stable root WITHOUT modifying the /system does that mean you MIGHT have opened the door into having root AND still being able to get OTA's?
Click to expand...
Click to collapse
osm0sis said:
Yup, all you'd need to do is reflash stock kernel to pass the boot partition EMMC check, or, we could automate restoring the previous stock kernel, flashing the OTA and then injecting the new stock kernel with root after flashing (à la AnyKernel2 or MultiROM). So many exciting possibilities there where custom recoveries are concerned.
Click to expand...
Click to collapse
Chainfire said:
Honestly it's not so different from using FlashFire to flash re-flash system, then OTA, then re-root. But it is easier, yes.
Click to expand...
Click to collapse
This is indeed exciting. However, I noticed that @Chainfire posted this downside on Google+ :
Andrew Morykin 12:24
This should retain Android Pay, right?
Click to expand...
Click to collapse
Chainfire 12:58
+Andrew Morykin if it does, then it's by accident and not by design, and Android Pay will be updated to block it.
Click to expand...
Click to collapse
https://plus.google.com/+Chainfire/posts/aJbqUZ8PEP4
also, I was confused by this:
Chainfire said:
- I have not tested with encrypted devices
Click to expand...
Click to collapse
http://forum.xda-developers.com/showpost.php?p=63197935
Aren't
Nexus 6P / angler
angler-mdb08k-boot-systemless.zip
Click to expand...
Click to collapse
and
Nexus 5X / bullhead
bullhead-mdb08i-boot-systemless.zip
Click to expand...
Click to collapse
encrypted out of the box?
dabotsonline said:
This is indeed exciting. However, I noticed that @Chainfire posted this downside on Google+ :
Click to expand...
Click to collapse
How is that a downside?
It's exactly the same with every other form of root you will ever see. They don't want to support Android Pay (and some other stuff) on rooted devices. If we find a root that allows it, they will update their system to detect and block it. That cat and mouse game will not end as long as Google doesn't want Android Pay on rooted devices.
Maybe someone will make apps/modules that help circumvent this, but it certainly will not be me.
also, I was confused by this:
Aren't
Nexus 6P / angler
and
Nexus 5X / bullhead
encrypted out of the box?
Click to expand...
Click to collapse
Still can't test what I don't have.
russlowe73 said:
Factory images
Click to expand...
Click to collapse
So basically I have to go back to 100% stock using ADB, and then flash the new SuperSU stuff with any custom ROM? If so, what are the benefits of this other than getting Android Pay while rooted?
I'm not sure if anyone has specifically mentioned this, but Android Pay still works with this form of root on the Nexus 6!!
efrant said:
Starting with Android 5.0, OTA updates are now block-based rather than file-based, so any modification to the system partition will cause the OTA to fail, even mounting the system partition as r/w.
Click to expand...
Click to collapse
Just to add to this, it's a whole-partition /system patch OTA if the device launched with Lollipop or later, anything that launched with KitKat is still receiving the old file-based patch OTAs. Modifying Settings.apk would likely trip either method for a lot of OTAs though, since it's a pretty central component.
galaxyuserx said:
I use Galaxy s6 G9200 HK with Kernel compiled by me, but i have problem with root 5.1.1 and i think in future too 6.0
These root method is integrated in kernel source or i can integrate with those "boot.img systemless" my selfcompiled kernel?(repack boot.img with kernel compiled by me)
Is possible to work this new root method to android 5.1.1?
I have problem with gain root when i use kernel compiled by me ( STOCK kernel have too this problem BOOTLOOPs and FREEZEs on boot system) and i don't know how slove it :/
I found on chineese forums root integrated in boot.img it working good and isn't comunicat "KERNEL is not SEandroid enforced" but when i try integrate my kernel with this boot.img error with boot system :/
Click to expand...
Click to collapse
Yup, it's all ramdisk changes so should be workable on any version of Android. Chainfire left instructions outlining the ramdisk changes in the WIP thread if you want to give it a try.
phishfi said:
I'm not sure if anyone has specifically mentioned this, but Android Pay still works with this form of on the Nexus 6!!
Click to expand...
Click to collapse
Yup, seems to be the case with most banking and root-detecting apps... for now.
Can someone with the non-system SU use this app: https://play.google.com/store/apps/details?id=com.cigital.safetynetplayground and post the results?
This app is supposed to do the SafetyNet checks cleanly, the same way Android Pay does them.
Would be interesting to see if it succeeds on devices with this new supersu version.
secguy said:
Can someone with the non-system SU use this app: https://play.google.com/store/apps/details?id=com.cigital.safetynetplayground and post the results?
This app is supposed to do the SafetyNet checks cleanly, the same way Android Pay does them.
Would be interesting to see if it succeeds on devices with this new supersu version.
Click to expand...
Click to collapse
Just ran it and it passed.
Went ahead and installed su on a stock nexus 5, so far working well, android pay does not work but that was me being stupid and changing the host file and dpi before setting it up
I do notice a little input lag after this, not enough to even make me consider removing root, but it is noticeable, anybody else with this?
I'm not sure where the appropriate place for this would be, and I apologize in advance if this isn't it, but I need some assistance.
For starters, I'm an absolute n00b when it comes to anything root and I don't understand the language and procedures to it, only how to do it by following instructions. Hence why I'm currently on a 4.4 untethered root.
I'm due for an upgrade this month and am torn between getting a later device with Lollipop or a newer device with Marshmallow. The deciding point is if there's any kind of walkthrough on rooting Marshmallow, preferably a dumbed-down version for nondevs like myself.
I know there's currently an experimental one provided by Chainfire, and I skimmed through it but couldn't really understand it.
So any assistance would be greatly appreciated.
@Chainfire If you could weigh in, that would be very helpful.
What are you on about untethered root this isn't IOS. Also it's just two simple steps:
Get a recovery for your device (TWRP preferably)
Use either the stable zip from this forum or beta zip thosent matter and transfer it to your device.
Flash it in the recovery done you're rooted
@Xmaster24 I appreciate the response. I was losing hope on getting an answer as I had already gone with the newer device for my upgrade.
In jcase's pie thread for the 2013 Motorola line, that's what the 4.4 root was referred to as. Wasn't confusing Android with iOS.
And I apologize for being so n00bish, but how would I go about getting TWRP recovery? I do know how to flash the zip from there as I used Safestrap on my current device (but I already needed root access for it to work).
Kodalades said:
@Xmaster24 I appreciate the response. I was losing hope on getting an answer as I had already gone with the newer device for my upgrade.
In jcases's pie thread for the 2013 Motorola line, that's what the 4.4 root was referred to as. Wasn't confusing Android with iOS.
And I apologize for being so n00bish, but how would I go about getting TWRP recovery? I do know how to flash the zip from there as I used Safestrap on my current device (but I already needed root access for it to work).
Click to expand...
Click to collapse
Depends on your device just tell me what it is and I can send you some info. Safestrap seems to be dead for at least a year thosent sound very safe lol.
Xmaster24 said:
Depends on your device just tell me what it is and I can send you some info. Safestrap seems to be dead for at least a year thosent sound very safe lol.
Click to expand...
Click to collapse
I'm getting the Samsung Galaxy S7 Edge. Considering it's not out in the US yet (I have it on preorder), I'm not sure if you'd be able to tell me anything at the moment.
Kodalades said:
I'm getting the Samsung Galaxy S7 Edge. Considering it's not out in the US yet (I have it on preorder), I'm not sure if you'd be able to tell me anything at the moment.
Click to expand...
Click to collapse
Oh dear yes it has just been released probably no rooting info available for quite some time considering samsungs stance on root and open software. Maybe check again in a few weeks or months
Xmaster24 said:
Oh dear yes it has just been released probably no rooting info available for quite some time considering samsungs stance on root and open software. Maybe check again in a few weeks or months
Click to expand...
Click to collapse
Bummer. Kinda expected something along those lines though so I'm not surprised.
Would getting TWRP or some other kind of recovery still be possible at the very least?
Kodalades said:
Bummer. Kinda expected something along those lines though so I'm not surprised.
Would getting TWRP or some other kind of recovery still be possible at the very least?
Click to expand...
Click to collapse
Flash fire could work but it requires root already. Doubt there are any easy exploits on a flagship just released phone
Xmaster24 said:
Flash fire could work but it requires root already. Doubt there are any easy exploits on a flagship just released phone
Click to expand...
Click to collapse
Makes sense. I really appreciate the help. If you happen to learn of anything more, please let me know.
Kodalades said:
Makes sense. I really appreciate the help. If you happen to learn of anything more, please let me know.
Click to expand...
Click to collapse
Guess not kingo root seems to be working :http://www.xda-developers.com/galaxy-s7-root/