CONFIRMED
I've looked a bit arround how we could achieve root on the fire without TWRP.
I don't have 5.1.1 installed, but I'm hoping the following is still possible.
(I tested it on a brand-new fire, that never came in touch with TWRP or a custom rom)
If someone could test this please:
Confirmed, working:
- Enable ADB-Debugging in Developer Settings, then:
Code:
adb reboot-bootloader
fastboot oem append-cmdline "androidboot.unlocked_kernel=true"
fastboot continue
adb wait-for-device && adb shell
You should now hopefully have a shell with root-priviledges:
Code:
[email protected]:/ #
Please test and report back.
To Flash SuperSU and make root persistent (thx @pappasmurfsharem):
https://www.androidfilehost.com/?w=files&flid=42700
If you are still inside "adb shell" from the last command above type "exit" first.
Or just skip the "adb shell" command above.
Code:
adb remount
adb push files\libsupol.so /data/local/tmp/
adb push files\root_fire.sh /data/local/tmp/
adb push files\su /data/local/tmp/
adb push files\Superuser.apk /data/local/tmp/
adb push files\supolicy /data/local/tmp/
adb shell chmod 777 /data/local/tmp/root_fire.sh
adb shell /data/local/tmp/root_fire.sh
# This Part reopened fastboot and I just re-ran the cmds from the first post in this thread #
fastboot oem append-cmdline "androidboot.unlocked_kernel=true"
fastboot continue
adb wait-for-device && adb remount
adb shell /system/xbin/su --install
adb reboot
It works, in fact I've used it to remove a couple of apks from Amazon on 5.1.1 but... I can't see firelauncher, for example.
Huge thanks k4y0z!
I have another Fire due to arrive tomorrow, will definitely try it if I get 5.1.1.
Could you give the commands for restoring the old bootloader? Or would we use FlashFire? I presume there is a risk of hard brick. Flashing the bootloader would include the preloader & amazon recovery? I see there is a Boot & a Recovery partition.
Confirmed. This works on 5.1.1
Thanks, it is working on my fire 5.1.1.
now just need to figure out how load TWRP on here
I'll do it... I only have one, but I bought it for $30, so I don't mind helping here!
cococo42 said:
It works, in fact I've used it to remove a couple of apks from Amazon on 5.1.1 but... I can't see firelauncher, for example.
Click to expand...
Click to collapse
Thanks for the feedback
blueberry.sky said:
Huge thanks k4y0z!
I have another Fire due to arrive tomorrow, will definitely try it if I get 5.1.1.
Could you give the commands for restoring the old bootloader? Or would we use FlashFire? I presume there is a risk of hard brick. Flashing the bootloader would include the preloader & amazon recovery? I see there is a Boot & a Recovery partition.
Click to expand...
Click to collapse
I have never used FlashFire.
I believe it should be enough to flash the old fastboot, though I'm unsure about the preloader.
You are correct, the following could potentially WILL brick your Fire, do at your own risk!
Code:
adb push lk.bin /data/local/tmp/
adb push preloader_prod.img /data/local/tmp/
adb shell "dd if=/data/local/tmp/lk.bin of=/dev/block/platform/mtk-msdc.0/by-name/UBOOT"
adb shell "dd if=/data/local/tmp/preloader_prod.img of=/dev/block/platform/mtk-msdc.0/mmcblk0boot0"
adb reboot-bootloader
Now fastboot boot should hopefully work again.
Please test and report back!
Total noob question, I know... I haven't used Android Studio before, but am definitely a computer guy... Very simply, can you show me how to just run a straight up terminal to type these commands without creating a new "app"...
I just have a lack of android coding experience, but if you tell me, I'll understand very quickly...
jbraney said:
Total noob question, I know... I haven't used Android Studio before, but am definitely a computer guy... Very simply, can you show me how to just run a straight up terminal to type these commands without creating a new "app"...
I just have a lack of android coding experience, but if you tell me, I'll understand very quickly...
Click to expand...
Click to collapse
You don't need android studio to do any of this. Do you have ADB and fastboot installed? If you need help PM me.
jbraney said:
Total noob question, I know... I haven't used Android Studio before, but am definitely a computer guy... Very simply, can you show me how to just run a straight up terminal to type these commands without creating a new "app"...
I just have a lack of android coding experience, but if you tell me, I'll understand very quickly...
Click to expand...
Click to collapse
You don't need Android Studio, you just need adb and fastboot, your best bet is to search this forum for these two.
Well this is exciting!
Alright guys... this looks promising!
I'll go ahead and try the bootloader downgrade trick in a few hours, assuming nobody else has done it by that time .
Installed supersu on 5.1.1 ... works perfect ! THX VERY MUCH!!
lordpit said:
Installed supersu on 5.1.1 ... works perfect ! THX VERY MUCH!!
Click to expand...
Click to collapse
Does this mean that the bootloader is unlocked? With root we can now flash CM12.1 and GAPPS?
jbraney said:
Does this mean that the bootloader is unlocked? With root we can now flash CM12.1 and GAPPS?
Click to expand...
Click to collapse
The 5.1.1 bootloader still prevents TWRP recovery/others from being installed. According to post #7, we might be able to downgrade bootloaders.
k4y0z said:
Thanks for the feedback
I have never used FlashFire.
I believe it should be enough to flash the old fastboot, though I'm unsure about the preloader.
You are correct, the following could potentially brick your Fire, do at your own risk!
I have the old fastboot attatched to this post to flash it:
Code:
adb push lk.bin /data/local/tmp/
adb shell "dd if=/data/local/tmp/lk.bin of=/dev/block/platform/mtk-msdc.0/by-name/UBOOT"
adb reboot-bootloader
Now fastboot boot should hopefully work again.
Please test and report back!
Click to expand...
Click to collapse
This bricked my fire on 5.1.1 ... do not do this! Here is what I did to brick it:
Code:
adb reboot-bootloader
fastboot oem append-cmdline "androidboot.unlocked_kernel=true"
fastboot continue
adb push lk.bin /data/local/tmp/
adb shell "dd if=/data/local/tmp/lk.bin of=/dev/block/platform/mtk-msdc.0/by-name/UBOOT"
adb reboot-bootloader
maratd said:
This bricked my fire on 5.1.1 ... do not do this! Here is what I did to brick it:
Code:
adb reboot-bootloader
fastboot oem append-cmdline "androidboot.unlocked_kernel=true"
fastboot continue
adb push lk.bin /data/local/tmp/
adb shell "dd if=/data/local/tmp/lk.bin of=/dev/block/platform/mtk-msdc.0/by-name/UBOOT"
adb reboot-bootloader
Click to expand...
Click to collapse
Damn can you still get into fastboot with VOL-DOWN + Power?
Maybe we also have to flash the older preloader
jbraney said:
Does this mean that the bootloader is unlocked? With root we can now flash CM12.1 and GAPPS?
Click to expand...
Click to collapse
Bootloader is still locked. But if we can downgrade to the 5.0.1 fastboot bootloader then we can return to flashing CM12.1, SlimLP, gapps as we did before (temporarily loading twrp into memory then flashing rom).
k4y0z said:
CONFIRMED
I've looked a bit arround how we could achieve root on the fire without TWRP.
I don't have 5.1.1 installed, but I'm hoping the following is still possible.
(I tested it on a brand-new fire, that never came in touch with TWRP or a custom rom)
If someone could test this please:
- Enable ADB-Debugging in Developer Settings, then:
Code:
adb reboot-bootloader
fastboot oem append-cmdline "androidboot.unlocked_kernel=true"
fastboot continue
adb wait-for-device && adb shell
You should now hopefully have a shell with root-priviledges:
Code:
[email protected]:/ #
Please test and report back.
If it works we can probably restore the old bootloader with "fastboot boot" support.
Click to expand...
Click to collapse
Is this all I habe to do, getting into the root shell or are there any more things to do for a root in my 5.1.1?
Thanks
Related
1) I just got Ubuntu on my computer. How do I use adb on it? I have already put the file in that udev folder and debugging is on already. What files do I need and what do I run in terminal?
2) Adb&fastboot do not work for me anymore. It always says "waiting for device" but nothing happens
3) Are there any alternates to applying your nandroid backups other than fastboot?
4) I just got LucidREM's new JFv1.51 but whenever I receive a call my phone vibrates then just loses all connection and has me input my 4 digit sim card key to unlock it. Anyone else get this problem?
5) What is the latest system recovery utility build? Mine is JFv1.42
First, make sure you have set up the adb compatibility for your distribution:
http://telyas.com/wordpress2/2009/04/29/ubuntu-jaunty-and-android-adb/
Note this is for jaunty.
do you have the android SDK? you need to download it, then run adb from the tools folder, or add it to your .bashrc profile so that you can type "adb" from anywhere.
http://developer.android.com/sdk/download.html?v=android-sdk-linux_x86-1.5_r2.zip
http://developer.android.com/sdk/1.5_r2/installing.html
There are no "image all" alternates to fastboot. If you need a compiled for linux fastboot (32 bit), here:
http://yochai.dyndns.org:8888/android/fastboot
I can't help you with the last one.
yochaigal said:
First, make sure you have set up the adb compatibility for your distribution:
http://telyas.com/wordpress2/2009/04/29/ubuntu-jaunty-and-android-adb/
Note this is for jaunty.
do you have the android SDK? you need to download it, then run adb from the tools folder, or add it to your .bashrc profile so that you can type "adb" from anywhere.
http://developer.android.com/sdk/download.html?v=android-sdk-linux_x86-1.5_r2.zip
http://developer.android.com/sdk/1.5_r2/installing.html
There are no "image all" alternates to fastboot. If you need a compiled for linux fastboot (32 bit), here:
http://yochai.dyndns.org:8888/android/fastboot
I can't help you with the last one.
Click to expand...
Click to collapse
So I installed the adb. It is in /android/tools/
How do I get to it
either use
Code:
cd /android/tools
./adb devices
or
Code:
sudo cp /android/tools/adb /usr/bin/adb
adb devices
either one will work. if you use the second one you can use adb from any directory. Also the latest recovery image for the G1 is 1.43 but i still use 1.42 since i don't think there is a differnce
tubaking182 said:
either use
Code:
cd /android/tools
./adb devices
or
Code:
sudo cp /android/tools/adb /usr/bin/adb
adb devices
either one will work. if you use the second one you can use adb from any directory. Also the latest recovery image for the G1 is 1.43 but i still use 1.42 since i don't think there is a differnce
Click to expand...
Click to collapse
Thanks ill try that out later.
Also, how can I restore my boot.img, system.img, data.img without fastboot?
Abolfazl said:
Thanks ill try that out later.
Also, how can I restore my boot.img, system.img, data.img without fastboot?
Click to expand...
Click to collapse
you can't
tubaking182 said:
you can't
Click to expand...
Click to collapse
Ok I have fastboot and I put it in /android/tools
I did sudo cp /android/tools/fastboot /usr/bin/fastboot
But when I run "fastboot" I get "bash: /usr/bin/fastboot: Permission denied"
Any help?
Abolfazl said:
Ok I have fastboot and I put it in /android/tools
I did sudo cp /android/tools/fastboot /usr/bin/fastboot
But when I run "fastboot" I get "bash: /usr/bin/fastboot: Permission denied"
Any help?
Click to expand...
Click to collapse
use: sudo fastboot
korndub said:
use: sudo fastboot
Click to expand...
Click to collapse
sudo: fastboot: command not found
Fastboot is in /usr/bin :\
use the path
either try specifying the full path to fastboot in your sudo command, or ensure that sudo is installed, which should obtain, since Ubuntu installs it by default
arqueware said:
either try specifying the full path to fastboot in your sudo command, or ensure that sudo is installed, which should obtain, since Ubuntu installs it by default
Click to expand...
Click to collapse
Alright I got fastboot working.
Now my only problem is that whenever I use fastboot to restore the 3 .img's my phone just goes to the android image and it keeps on cycling the boot
I got the tool "galaxys2_kernel_repack" to modified the zImage which got from the official release and changed the default.prop "ro.secure=0".
Use the kTool.apk write the image to phone. after reboot, the default.prop value has changed. but the adb shell is still in normal mode, not root mode.
Is there any way to require adb shell root?
Thanks for you help.
My devices software version is N7000ZSLPM_TGY
hello,
have you tried this :
ningoune said:
hello,
have you tried this :
Click to expand...
Click to collapse
Thanks for your answer.
I used the stock ICS release by SAMSUNG, not CM release.
As your answer, there is still the normal mode, but can require root shell type the command "su".
I have resolved the problem by flash the speedmod kernel which provide adb shell root. With adb shell root you can use PC Client command like "adb root", "adb remount", "adb push to /system directly"
I have been trying to do this at work and cannot figure it out at all. I have unlocked my bootloader and it is rooted and installed custom Twerp recovery. I have downloaded firewater but then am stuck. I have opened up CMD and typed in adp reboot but nothing happens. in the instructions it says I need to do this:
Push, Prepare, and Execute firewater:
adb reboot <–important!!!!
adb wait-for-device push firewater /data/local/tmp
adb shell
su
chmod 755 /data/local/tmp/firewater
/data/local/tmp/firewater
Question is how do I push, Prepare etc? Sorry I have read so many posts this afternoon I am starting to go stir crazy. I have moded loads of samsung phones but this really is starting to go over my head. Any help would be wonderfull
Spendy said:
I have been trying to do this at work and cannot figure it out at all. I have unlocked my bootloader and it is rooted and installed custom Twerp recovery. I have downloaded firewater but then am stuck. I have opened up CMD and typed in adp reboot but nothing happens. in the instructions it says I need to do this:
Push, Prepare, and Execute firewater:
adb reboot <–important!!!!
adb wait-for-device push firewater /data/local/tmp
adb shell
su
chmod 755 /data/local/tmp/firewater
/data/local/tmp/firewater
Question is how do I push, Prepare etc? Sorry I have read so many posts this afternoon I am starting to go stir crazy. I have moded loads of samsung phones but this really is starting to go over my head. Any help would be wonderfull
Click to expand...
Click to collapse
do you have adb and fastboot installed on your computer?
if yes have you opened your cmd prompt from adb/fastboot folder?
is you rphone drivers correctly installed on the computer?
alray said:
do you have adb and fastboot installed on your computer?
if yes have you opened your cmd prompt from adb/fastboot folder?
is you rphone drivers correctly installed on the computer?
Click to expand...
Click to collapse
[*]do you have adb and fastboot installed on your computer? Yes
[*]if yes have you opened your cmd prompt from adb/fastboot folder? Yes
[*]is you rphone drivers correctly installed on the computer? Yes
Error says adb is not recognised as an internal or external command, operable program or batch file
Will try and watch a youtube video tonight. Spent way to much time on this today
Spendy said:
Error says adb is not recognised as an internal or external command, operable program or batch file
Click to expand...
Click to collapse
That mean your cmd prompt doesn't find ADB.exe either because you don't have it or because you did not started the command prompt from adb.exe folder.
Hi guys, I would really appreciate some help. I am able to root my gear and transfer the TWRP via odin. But when I reboot into recovery it just goes back to the stock launcher. I read this in the developer thread:
IF YOU FIND THE RECOVERY IS NOT STICKING & YOUR GEAR WIPES WHEN ATTEMPTING TO ACCESS RECOVERY AFTER FLASHING.
YOU MUST ROOT YOUR GEAR PRIOR TO INSTALLING TWRP AGIAN & RUN THE FOLLOWING COMMANDS IN ADB.
*NOTE* YOU WILL HAVE TO ACCEPT A SUPERUSER REQUEST POPUP WHEN EXECUTING "SU" COMMAND.
*NOTE 2* PROBABLY A GOOD IDEA TO RUN THIS PRIOR TO FIRST INSTALLATION, TO SAVE TIME.
Code:
$ adb shell
$ su
# mount -o rw,remount /dev/block/mmcblk0p20 /system
# rm /system/recovery-from-boot.p
IF YOU DELETE THE "RECOVERY-FROM-BOOT.P" FILE YOU MUST RELFASH TWRP RECOVERY.
I have rooted and installed roms on phone before but working in the developer tools is new to me. Can anyone explain exactly how and when to do this during the TWRP recovery install process? Or possibly just point me to a how to or youtube on basic adb commands? I have searched and it looks super complicated. Just need to know how to run these 3 commands.
THANKS!
i have the exact same issue, is there any answer for this??
Wettpassat said:
Hi guys, I would really appreciate some help. I am able to root my gear and transfer the TWRP via odin. But when I reboot into recovery it just goes back to the stock launcher. I read this in the developer thread:
IF YOU FIND THE RECOVERY IS NOT STICKING & YOUR GEAR WIPES WHEN ATTEMPTING TO ACCESS RECOVERY AFTER FLASHING.
YOU MUST ROOT YOUR GEAR PRIOR TO INSTALLING TWRP AGIAN & RUN THE FOLLOWING COMMANDS IN ADB.
*NOTE* YOU WILL HAVE TO ACCEPT A SUPERUSER REQUEST POPUP WHEN EXECUTING "SU" COMMAND.
*NOTE 2* PROBABLY A GOOD IDEA TO RUN THIS PRIOR TO FIRST INSTALLATION, TO SAVE TIME.
Code:
$ adb shell
$ su
# mount -o rw,remount /dev/block/mmcblk0p20 /system
# rm /system/recovery-from-boot.p
IF YOU DELETE THE "RECOVERY-FROM-BOOT.P" FILE YOU MUST RELFASH TWRP RECOVERY.
I have rooted and installed roms on phone before but working in the developer tools is new to me. Can anyone explain exactly how and when to do this during the TWRP recovery install process? Or possibly just point me to a how to or youtube on basic adb commands? I have searched and it looks super complicated. Just need to know how to run these 3 commands.
THANKS!
Click to expand...
Click to collapse
i have the exact same issue, is there any answer for this??
Well it's been well over a year since I did that but let's see if I can help..... Before I start I'm hoping you've already enabled adb debugging on the gear and downloaded adb onto your computer. I believe you run the commands after you've run cygnia but before you flash twrp. You run the task from a command prompt from your pc. I'm pretty sure you don't include the $ or #. Before you start try the adb command- adb devices from the command prompt on your pc. That'll let you know if the gear is connected. I remember being a bit intimidated by it all as it was different to any other flash I'd done. In reflection it's very easy, type the line in a command prompt, press enter, wait for the cursor to come up again, type the next line. As for guides..... I can't remember which one I used but there's plenty out there.
So I'm trying to root my fire 7 9th gen (os ver 6.3.1.4)
And the problem is mtk-su says permission denied (sw method btw)
I'll literally follow every step correctly
And it will just say perrmission denied when I run ./mtk-su
If anyone can help me thanks in advance
Sonicfann said:
So I'm trying to root my fire 7 9th gen (os ver 6.3.1.4)
And the problem is mtk-su says permission denied (sw method btw)
I'll literally follow every step correctly
And it will just say perrmission denied when I run ./mtk-su
If anyone can help me thanks in advance
Click to expand...
Click to collapse
What directory on the kindle are you copying the mtk-su file to?
The ADB shell has the necessary access in some folders only, so the target folder matters.
/data/local/tmp worked fine for me.
For me the following worked:
(Computer) adb push mtk-su /data/local/tmp
(Computer) adb shell
(ADB shell) cd /data/local/tmp
(ADB shell) chmod 755 mtk-su
(ADB shell) ./mtk-su
I did do this on os 6.3.1.2 though. If this does not work on 6.3.1.4 anymore, you might want to downgrade to 6.3.1.2 via ADB sideload first.
Sonicfann said:
So I'm trying to root my fire 7 9th gen (os ver 6.3.1.4)
And the problem is mtk-su says permission denied (sw method btw)
I'll literally follow every step correctly
And it will just say perrmission denied when I run ./mtk-su
If anyone can help me thanks in advance
Click to expand...
Click to collapse
You can use hardware method instead: https://forum.xda-developers.com/am...ire-7-2019-mustang-unbrick-downgrade-t3944365
Follow the steps carefully.
porter.mb said:
What directory on the kindle are you copying the mtk-su file to?
The ADB shell has the necessary access in some folders only, so the target folder matters.
/data/local/tmp worked fine for me.
For me the following worked:
(Computer) adb push mtk-su /data/local/tmp
(Computer) adb shell
(ADB shell) cd /data/local/tmp
(ADB shell) chmod 755 mtk-su
(ADB shell) ./mtk-su
I did do this on os 6.3.1.2 though. If this does not work on 6.3.1.4 anymore, you might want to downgrade to 6.3.1.2 via ADB sideload first.
Click to expand...
Click to collapse
So how do I adb sideload? I can't find it in stock recovery
Sonicfann said:
So how do I adb sideload? I can't find it in stock recovery
Click to expand...
Click to collapse
I dont believe Downgrading is an option. You need to do the hardware method to unlock. ADB sideload has been removed from stock recovery. Downgrading involves brick risk also. This thread should have most of the answers you seek.
https://forum.xda-developers.com/am...ire-7-2019-mustang-unbrick-downgrade-t3944365
Sonicfann said:
So I'm trying to root my fire 7 9th gen (os ver 6.3.1.4)
And the problem is mtk-su says permission denied (sw method btw)
I'll literally follow every step correctly
And it will just say perrmission denied when I run ./mtk-su
If anyone can help me thanks in advance
Click to expand...
Click to collapse
Did you ever get it figured out? I just got one and its a TOTAL paperweight with Amazons trash layer
Sonicfann said:
So how do I adb sideload? I can't find it in stock recovery
Click to expand...
Click to collapse
trying to root my fire 6.3.1.2 to lineage 14.1 man alittle lost install linux from my thumb drive to a partion on my main hd boot up linux not sure where to put all the files on hd at this point anyone help