[SOLVED] Softbricked, Rooted Bionic. - Motorola Droid Bionic

TL;DR: can someone direct me to a custom recovery image for droid bionic that lets me turn on developer mode USB from recovery mode? does CWM or TWRP do this?
Long version: i thought i could run a game that wasnt running well by installing the chainfire 3D mod. nope. it softbricked, and my developer usb mode was off at the time. now im stuck at a black screen after the M logo.
the device is rooted, running stock. (4.1.2). i plan on switching to a modded rom when i solve this and back my stuff up.
i can boot into fastboot, and the stock recovery mode. through recovery i can get an adb sideload mode to enable, and it does connect properly to PC, but normal ADB commands do not work. i also have options for bp modes and stuff when trying to boot to recovery, but most of those fail to start.
i know that if i can acesss normal ADB mode, fixing this is a couple simple commands away. there's an uninstall.sh file already there i just need to run.
fastboot and the sideload adb mode both function properly. my PC drivers seem to be in order for now.
if there's a file i can sideload or a command that works in adb sideload mode that will uninstall this driver, im all for it. ive already located the code used in the uninstaller:
Code:
#!/system/bin/sh
mount -o rw -o remount /dev/block/mmcblk0p25 /system
stop
cat /system/lib/libGLESv1_CM_ORG_CF3D.so > /system/lib/libGLESv1_CM.so
chown 1000.1000 /system/lib/libGLESv1_CM.so
chown 1000:1000 /system/lib/libGLESv1_CM.so
chown system.system /system/lib/libGLESv1_CM.so
chown system:system /system/lib/libGLESv1_CM.so
chmod 644 /system/lib/libGLESv1_CM.so
cat /system/lib/libGLESv2_ORG_CF3D.so > /system/lib/libGLESv2.so
chown 1000.1000 /system/lib/libGLESv2.so
chown 1000:1000 /system/lib/libGLESv2.so
chown system.system /system/lib/libGLESv2.so
chown system:system /system/lib/libGLESv2.so
chmod 644 /system/lib/libGLESv2.so
#rm /system/lib/libGLESv1_CM_ORG_CF3D.so
#rm /system/lib/libGLESv2_ORG_CF3D.so
rm /system/lib/cf3d_uninstall.sh
rm /system/lib/cf3d_sh
reboot -f
reboot
reboot normal
toolbox reboot
busybox reboot -f
busybox reboot
busybox reboot normal
sadly, i know very little about android and not much about linux. kind of picking this up as i go. im not even sure how to turn that code into an uninstaller file, though im guessing its as easy as a text file with the correct filename extension. i feel like i'm missing something sort of simple that someone more linux/android knowledgeable would be able to share.
can someone suggest, if one exists, an alternate recovery image i could install that would let me browse and edit files on the system partition, or enable full adb mode?
edit: i've tricked the device into charging, so the 'low battery' issue so many bionic softbrickers end up with has been avoided. phew.
edit 2: i used fastboot to reflash only system.img (i knew thats where the bad file was,) from cdma_targa_9.8.2O-72_VZW-22_cfc.xml.zip. the result was what appears to be a proper fix. i just lost a few tweaks (like deleting that godawful startup sound), and root. but i've rooted it before. shouldnt be a problem. next will be a full backup, and adb install of better recovery tools.
marking as solved.

Related

[Q] Qemu local.prop root method bricked my KFHD

I used Qemu local.prop method to set /system/fonts folder as 766 and bricked my KFHD with the following steps:
adb shell
rm -r /data/local/tmp
ln -s /data/ /data/local/tmp
exit
adb reboot
adb shell
echo ‘ro.kernel.qemu=1′ > /data/local.prop
exit
adb reboot
adb shell mount -o remount,rw /system
adb push myfont.ttf /system/fonts
adb shell
cd /system/fonts
mv DroidSans.ttf DroidSans.ttf.bak
ln -s myfont.ttf DroidSans.ttf
chmod -R 06766 /system/fonts
rm /data/local.prop
exit
adb reboot
Click to expand...
Click to collapse
Now my KFHD does gets stucked in
"Your Kindle doesn't seem to be able to boot"
Is that because I changed the permission? Or is it because I did not reboot first after changing permission, and than delete local.prop? Which step was wrong? I am worried that doing that again would cause the same problem. I assume that the only way to recover from this would be to get into fastboot mode with factory cable. But I still want to keep fonts folder as writable.
When you edit files like this, with a device like a KFHD, odds are they deal with the framework-res.apk And if you mess with files that deal with framework-res.apk, your bound to get boot loop. But anyways, can you get adb? If not, fast boot might be your best friend. Cables are available that can boot to it, and if you see the system img. Files in the android development section, you can use fasboot to flash those. It's not the easiest solution, but it is something.
Sent from my Fire HD with root!

[tutorial]Root any latest firmware with ease

Firstly what i would like to say is this is not a one click root like update.zip or superoneclick you will need to have some basic knowledge of adb and ubuntu and a little bit working mind which can follow the provided steps.
Requirements:-
*cwm recovery already flashed (if not refer here)
* Working linux distro (ubuntu, mint, kubuntu etc.) with atleast sudo rights
* adb setted-up (if not refer here, may not need to follow the usb drivers steps)
* must know how to use adb
* superuser package from here
Click to expand...
Click to collapse
So we are now ready to start
STEPS:-
1. Extract all file (su, busybox) from the downloaded package to the folder where you have adb setted-up
2. open a terminal
3. cd to the directory where you have placed adb and files
4. boot your phone into cwm recovery mode (home power) connect through usb
5. type "sudo chown root:shell /path to su"
6. type "sudo chmod 06755 /path to su"
7. type " sudo chmod 04755 /path to busybox"
8. type " adb devices" if you will see anything attached you are good to go
9. type " adb remount" if you get remount succedd then you can do below steps if not you are doing something wrong do again
10. type "adb push su /system/xbin"
11. type "adb push busybox /system/xbin
12. type adb push supersu.apk ( or what it is called) /system/app
13. now type "adb shell"
14. type su if accepted then you are rooted
15. now type "reboot"
Click to expand...
Click to collapse
you are successfully rooted
enjoy your phone
awesome guide buddy very useful for n0obs
First of all great guide! But please correct these:
You have to mount the system partition manually. Adb remount won't do it!
adb shell
# mount -rw -t rfs /dev/block/stl12 /system
Do chmod/chown in adb. It isn't enough to set it before copying.
# chown root:shell /system/xbin/*
# chmod 06755 /system/xbin/su
# chmod 04755 /system/xbin/busybox
# chmod 04755 /system/xbin/sqlite3
# chmod 04755 /system/xbin/ssh
if we were able to chmod with adb there was no need to use ubuntu
we cannot chmod it shows operation not permitted as as we yet dont have root
have you tried to do adb remount or just saying that i will not do the work
and thanks for chown part
dheeraj (dhlalit11) said:
if we were able to chmod with adb there was no need to use ubuntu
we cannot chmod it shows operation not permitted as as we yet dont have root
have you tried to do adb remount or just saying that i will not do the work
Click to expand...
Click to collapse
Hi!
For me, adb remount didn't work. It exited with an error code. I don't remember the exact error code... (cwm couldn't mount too)
When I experienced "operation not permitted" while chmoding, the partition was mounted as vfat! Because if you do "mount /dev/... /system" without switches, it automatically mounts it as vfat. In vfat you can't set setuid, setgid permissions.
I think it was just a coincidence that i could rooted with ubuntu. But it worked, so better to use linux (better adb perhaps?).
Rooting is a bit strange in this new firmware. For example when you do "adb shell" while the phone is in cwm, you have root access. So you have to do those things manually while you have temporary root access.
how can you mount rfs file system as vfat i dont think it can be done
dheeraj (dhlalit11) said:
how can you mount rfs file system as vfat i dont think it can be done
Click to expand...
Click to collapse
Yes it's really strange. I don't know how this thing possible too...
But I checked multiple times with "cat /proc/mounts" , and mounting without "-t rfs" it was mounted as vfat.
a bit of googling:
"You can mount as rfs as Fat in ubuntu and read/copy the files
editing them wont work at all ."
So maybe it is possible.

unroot/stock under linux?

So, I went to fastboot and flashed my stock system image, recovery, boot....
booted up and it works fine.
But, I'm still rooted, even though the backup wasn't. wat.
so, now I'm on a fully stock system with root, and need to unroot. how do I?
In order to create an image of your system partition, your device needs to be rooted. Since 'root' is on the system partition, it will be rooted when you restore it again.
Open Android Terminal Emulator or adb shell and enter the following:
Code:
su
mount -o remount,rw system
rm /system/app/Superuser.apk
rm /system/xbin/su
Voila, root gone!
soupmagnet said:
In order to create an image of your system partition, your device needs to be rooted. Since 'root' is on the system partition, it will be rooted when you restore it again.
Open Android Terminal Emulator or adb shell and enter the following:
Code:
su
rm /system/app/Superuser.apk
rm /system/xbin/su
Voila, root gone!
Click to expand...
Click to collapse
It seems like today isn't my day.
Code:
[email protected]:/ # rm /system/app/Superuser.apk
rm failed for /system/app/Superuser.apk, Read-only file system
255|[email protected]:/ # rm /system/xbin/su
rm failed for /system/xbin/su, Read-only file system
255|[email protected]:/ #
System is read only right now, and I'm not familiar wnough with adb shell to flip it to rw...
edit: luckly, I know my way both around Google, and around the linux terminal.
mounted as RW, removed, rebooting the tablet now. if it takes I"ll restore it and see if it sticks there too. thank you!
Oh yeah, you might want to remount the system partition first
I'll edit my response accordingly.

[Q] How to bypass ADB block (or how to reinstall ADB) on Android system?

I have a 65 inch XiaomiTV 3 (note, this is a different flavor of OS from MiBox), it works great until Xiaomi starts to push video ads everytime I turn on the TV. Xiaomi has disabled (likely completely removed ADB) from their system (mine is 1.12.10, any newer version would not be allow u to gain root access in anyway, unless you prove me wrong). Since there is no way to install a new recovery on XiaomiTV 3 (not that I know of, I should add), I tried the only tool that can root this system with an exploit, the 360 Root (http://root.360.cn/). Now this tool itself has some ads, so I will need to remove it later. But at least it allows me to use `su` in a terminal emulator.
Once I gain the root access on my device, I first tried to use ADB by running (and I need to add, XiaomiTV 3 does not have USB debugging port) a terminal emulator (I use Android Terminal Emulator):
Code:
su
stop adbd
setprop service.adb.tcp.port 5555
start adbd
Then I try to connect to my XiaomiTV 3 (its ip is 192.168.123.123) by:
Code:
adb connect 192.168.123.123
It connects, meaning ADB is not removed completely. However if I type `adb devices` it shows 192.168.123.123 is offline.
I then upgraded my Android platform tools and adb by:
Code:
android update sdk no-ui
android update adb
Restart the adb server:
Code:
adb kill-server
adb connect 192.168.123.123
Here it still shows offline, so I restarted both the XiaomiTV 3 and my laptop, and regain root (I will lose root everytime I reboot XiaomiTV 3), did the above all over again. No luck. Then I thought to copy my `~/.android/adbkey.pub` to a usb drive, and then plug it in to XiaomiTV 3, then use a terminal emulator to:
Code:
su
mv /mnt/usb/sdcard/adbkey.pub /data/misc/adb/adb_keys
Then
Code:
stop adbd
setprop service.adb.tcp.port 5555
start adbd
Still, after I
Code:
adb kill-server
adb connect 192.168.123.123
the device is still offline.
Then I tried another approach to get get SuperSU to the system by first copying supersu to a USB drive and then copy it to `/data/superuser` in XiaomiTV 3.
Then I did:
Code:
su
mount -o rw,remount /system
mkdir /system/bin/.ext
chmod 777 /system/bin/.ext
chown root /system/bin/.ext
cp /data/superuser/su /system/bin/.ext/.su
chmod 6755 /system/bin/.ext/.su
chown root /system/bin/.ext/.su
cp /data/superuser/su /system/xbin/su
chmod 755 /system/xbin/su
chown root /system/xbin/su
cp /data/superuser/su /system/xbin/daemonsu
chmod 755 /system/xbin/daemonsu
chown root /system/xbin/daemonsu
cp /data/superuser/supolicy /system/xbin/supolicy
chmod 755 /system/xbin/supolicy
cp /data/superuser/libsupol.so /system/lib/libsupol.so
chmod 644 /system/lib/libsupol.so
mkdir /system/etc/init.d
chmod 644 /system/etc/init.d
cp /data/superuser/99SuperSUDaemon /system/etc/init.d/99SuperSUDaemon
chmod 744 /system/etc/init.d/99SuperSUDaemon
busybox_xm touch /system/etc/.installed_su_daemon
echo 1 >> /system/etc/.installed_su_daemon
chmod 644 /system/etc/.installed_su_daemon
mkdir /system/app/SuperSU
chmod 755 /system/app/SuperSU
cp /data/superuser/SuperSU.apk /system/app/SuperSU/SuperSU.apk
chmod 644 /system/app/SuperSU/SuperSU.apk
cp /data/superuser/install-recovery.sh /system/etc/install-recovery.sh
chmod 755 /system/etc/install-recovery.sh
ln -s /system/etc/install-recovery.sh /system/bin/install-recovery.sh
Then I reboot, apparently, the system overwrites the `/system/xbin/su` (either by 360 root or Xiaomi's OS). So I redid everything above, without reboot. Sadly, SuperSU still asks me to upgrade/update my binary file.
So this is when I stopped knowing what to do next. Any ideas?

Bypass prenormal state method.

Hi. First sorry for my English.
I can erase they prenormal state without wait the 7 days I a A+2019 (A605GN) with binary 3 in Oreo
Need tools: ADB driver's, combination fw for ur model, stock fw, Mixplorer (or an other root file explorer), SuperSu zip, RMM bypass zip, forced encryption disabled zip and Odin 3.13.
Optional TWRP image zip, magisk zip.
First go to download mode and flash the combination fw.
Reboot ur phone when startup go to settings, enable usb debugging.
Unzip the SuperSu zip and make a bat (in Windows) or sh (in Linux) with the following code in the root of SuperSu folder

Code:
adb root
adb remount
adb push common/Superuser.apk /system/app/SuperSU/SuperSU.apk
adb shell chmod 0644 /system/app/SuperSU/SuperSU.apk
adb shell chcon u:object_r:system_file:s0 /system/app/SuperSU/SuperSU.apk
adb push common/install-recovery.sh /system/etc/install-recovery.sh
adb shell chmod 0755 /system/etc/install-recovery.sh
adb shell chcon u:object_r:toolbox_exec:s0 /system/etc/install-recovery.sh
adb shell ln -s /system/etc/install-recovery.sh /system/bin/install-recovery.sh
adb push armv7/su /system/xbin/su
adb shell chmod 0755 /system/xbin/su
adb shell chcon u:object_r:system_file:s0 /system/xbin/su
adb push armv7/su /system/bin/.ext/.su
adb shell chmod 0755 /system/bin/.ext/.su
adb shell chcon u:object_r:system_file:s0 /system/bin/.ext/.su
adb push armv7/su /system/xbin/daemonsu
adb shell chmod 0755 /system/xbin/daemonsu
adb shell chcon u:object_r:system_file:s0 /system/xbin/daemonsu
adb push armv7/supolicy /system/xbin/supolicy
adb shell chmod 0755 /system/xbin/supolicy
adb shell chcon u:object_r:system_file:s0 /system/xbin/supolicy
adb push armv7/libsupol.so /system/lib/libsupol.so
adb shell chmod 0644 /system/lib/libsupol.so
adb shell chcon u:object_r:system_file:s0 /system/lib/libsupol.so
adb shell cp /system/bin/app_process /system/bin/app_process_original
adb shell chmod 0755 /system/bin/app_process_original
adb shell chcon u:object_r:zygote_exec:s0 /system/bin/app_process_original
adb shell cp /system/bin/app_process32 /system/bin/app_process32_original
adb shell chmod 0755 /system/bin/app_process32
adb shell chcon u:object_r:zygote_exec:s0 /system/bin/app_process32_original
adb shell rm -rf /system/bin/app_process32
adb shell rm -rf /system/bin/app_process
adb shell ln -s /system/xbin/daemonsu /system/bin/app_process32
adb shell ln -s /system/xbin/daemonsu /system/bin/app_process
adb shell "echo 1 > /system/etc/.installed_su_daemon"
adb shell /system/xbin/su --install
Open a terminal with ur phone connected and run
Adb root
Adb remount
Then run ur bat or sh file in the terminal if u don't underestandme search how to install SuperSu with ADB.
Reboot the phone.
Open SuperSu and install the binaries normally.
Open Mixplorer and go to root.
Then go to dev\block and open steady with de code Editor of Mixplorer.
The file only show symbols. In the star search prenormal and change to Normal. Search an other prenormal word and change to Normal. Save the file.
Reboot ur phone in recovery mode and then to bootloader.
And the prenormal state are gonne.
Open Odin and DISABLE AUTOREBOOT AND F. LOCK.
Flash the stock FW (all AP BL CSC CL)
When finish no reboot yet. In plug and plug the phone.
Flash TWRP.
Reboot ur phone in recovery mode and TWRP should open.
Then flash the encryption forced disabled. And Format data. (DONT WIPE, USE FORMAT DATA).
Reboot again in recovery mode.
Flash de rmm bypass zip.
Install magisk zip.
Reboot in system.
READY!!!!
U have a Normal State. TWRP and rooted phone. Enjoy.
Su4ck said:
Hi. First sorry for my English.
I can erase they prenormal state without wait the 7 days I a A+2019 (A605GN) with binary 3 in Oreo
Need tools: ADB driver's, combination fw for ur model, stock fw, Mixplorer (or an other root file explorer), SuperSu zip, RMM bypass zip, forced encryption disabled zip and Odin 3.13.
Optional TWRP image zip, magisk zip.
First go to download mode and flash the combination fw.
Reboot ur phone when startup go to settings, enable usb debugging.
Unzip the SuperSu zip and make a bat (in Windows) or sh (in Linux) with the following code in the root of SuperSu folder

Open a terminal with ur phone connected and run
Adb root
Adb remount
Then run ur bat or sh file in the terminal if u don't underestandme search how to install SuperSu with ADB.
Reboot the phone.
Open SuperSu and install the binaries normally.
Open Mixplorer and go to root.
Then go to dev\block and open steady with de code Editor of Mixplorer.
The file only show symbols. In the star search prenormal and change to Normal. Search an other prenormal word and change to Normal. Save the file.
Reboot ur phone in recovery mode and then to bootloader.
And the prenormal state are gonne.
Open Odin and DISABLE AUTOREBOOT AND F. LOCK.
Flash the stock FW (all AP BL CSC CL)
When finish no reboot yet. In plug and plug the phone.
Flash TWRP.
Reboot ur phone in recovery mode and TWRP should open.
Then flash the encryption forced disabled. And Format data. (DONT WIPE, USE FORMAT DATA).
Reboot again in recovery mode.
Flash de rmm bypass zip.
Install magisk zip.
Reboot in system.
READY!!!!
U have a Normal State. TWRP and rooted phone. Enjoy.
Click to expand...
Click to collapse
Have you actually tried this for sure?
I'm a little skeptical as combo firmware no longer gives Eng-root, so not possible to push anything to system.
Not only that, System SuperSU doesn't work on Oreo at all as far as I'm aware.
Su4ck said:
Hi. First sorry for my English.
I can erase they prenormal state without wait the 7 days I a A+2019 (A605GN) with binary 3 in Oreo
Need tools: ADB driver's, combination fw for ur model, stock fw, Mixplorer (or an other root file explorer), SuperSu zip, RMM bypass zip, forced encryption disabled zip and Odin 3.13.
Optional TWRP image zip, magisk zip.
First go to download mode and flash the combination fw.
Reboot ur phone when startup go to settings, enable usb debugging.
Unzip the SuperSu zip and make a bat (in Windows) or sh (in Linux) with the following code in the root of SuperSu folder

Code:
adb root
adb remount
adb push common/Superuser.apk /system/app/SuperSU/SuperSU.apk
adb shell chmod 0644 /system/app/SuperSU/SuperSU.apk
adb shell chcon u:object_r:system_file:s0 /system/app/SuperSU/SuperSU.apk
adb push common/install-recovery.sh /system/etc/install-recovery.sh
adb shell chmod 0755 /system/etc/install-recovery.sh
adb shell chcon u:object_r:toolbox_exec:s0 /system/etc/install-recovery.sh
adb shell ln -s /system/etc/install-recovery.sh /system/bin/install-recovery.sh
adb push armv7/su /system/xbin/su
adb shell chmod 0755 /system/xbin/su
adb shell chcon u:object_r:system_file:s0 /system/xbin/su
adb push armv7/su /system/bin/.ext/.su
adb shell chmod 0755 /system/bin/.ext/.su
adb shell chcon u:object_r:system_file:s0 /system/bin/.ext/.su
adb push armv7/su /system/xbin/daemonsu
adb shell chmod 0755 /system/xbin/daemonsu
adb shell chcon u:object_r:system_file:s0 /system/xbin/daemonsu
adb push armv7/supolicy /system/xbin/supolicy
adb shell chmod 0755 /system/xbin/supolicy
adb shell chcon u:object_r:system_file:s0 /system/xbin/supolicy
adb push armv7/libsupol.so /system/lib/libsupol.so
adb shell chmod 0644 /system/lib/libsupol.so
adb shell chcon u:object_r:system_file:s0 /system/lib/libsupol.so
adb shell cp /system/bin/app_process /system/bin/app_process_original
adb shell chmod 0755 /system/bin/app_process_original
adb shell chcon u:object_r:zygote_exec:s0 /system/bin/app_process_original
adb shell cp /system/bin/app_process32 /system/bin/app_process32_original
adb shell chmod 0755 /system/bin/app_process32
adb shell chcon u:object_r:zygote_exec:s0 /system/bin/app_process32_original
adb shell rm -rf /system/bin/app_process32
adb shell rm -rf /system/bin/app_process
adb shell ln -s /system/xbin/daemonsu /system/bin/app_process32
adb shell ln -s /system/xbin/daemonsu /system/bin/app_process
adb shell "echo 1 > /system/etc/.installed_su_daemon"
adb shell /system/xbin/su --install
Open a terminal with ur phone connected and run
Adb root
Adb remount
Then run ur bat or sh file in the terminal if u don't underestandme search how to install SuperSu with ADB.
Reboot the phone.
Open SuperSu and install the binaries normally.
Open Mixplorer and go to root.
Then go to dev\block and open steady with de code Editor of Mixplorer.
The file only show symbols. In the star search prenormal and change to Normal. Search an other prenormal word and change to Normal. Save the file.
Reboot ur phone in recovery mode and then to bootloader.
And the prenormal state are gonne.
Open Odin and DISABLE AUTOREBOOT AND F. LOCK.
Flash the stock FW (all AP BL CSC CL)
When finish no reboot yet. In plug and plug the phone.
Flash TWRP.
Reboot ur phone in recovery mode and TWRP should open.
Then flash the encryption forced disabled. And Format data. (DONT WIPE, USE FORMAT DATA).
Reboot again in recovery mode.
Flash de rmm bypass zip.
Install magisk zip.
Reboot in system.
READY!!!!
U have a Normal State. TWRP and rooted phone. Enjoy.
Click to expand...
Click to collapse
Thanksssss a Lot........... U'r my savior :laugh:
Confirm it's working
I really didn't expect that this could ever work.
First Problem was to find the Combination FW, after some time searching through google, i finally found a U3 Combination FW.
Flashed it, had a laugh at that boot screen, replugged my micro usb cable, did run the new .bat (looks like USB-Debugging is already on), rebooted, replugged my micro usb cable, opend cmd, executed "adb root" and "adb install mixplorer.apk", opend the steady file with the code editor, replaced Prenormal with Normal, saved the file, rebooted to download mode, flashed my wanted fw (CSC, dont know if HOME_CSC works) (turned auto reboot and flash lock off, i did leave f. reset time on), repluged my micro usb cable, flashed twrp (warning, auto reboot gets reenabled when you reset the odin settings, be careful), unplugged my micro usb cable, tried to reboot the phone, got into upload mode, got out of upload mode and finally in twrp (i did do this whole stuff 3 times now i dont know what i did wrong), installed the a605_oreo_forced_encryption_disabler, formated data, installed the RMM Bypass (Mesa_v2), and rebooted the phone and got in to a boot loop lol. Installed a patched boot.img with magisk and then it worked.
I learned so much new stuff trough this like what the U Version is and what the first number on the Samsung FW meant, so im not even mad that i spend so much time fixing this.
This hobby is so tedious but i also love it so much.
And ashyx, that SuperSU part really worked. Maybe it works because of the Combination FW, who knows.
Used a A605FN with Odin 3.13.1 3B "PatcheD"

Categories

Resources