The malware aims to root the user's phone and force-install unwanted softwares. If I have SuperSU installed (thus my phone already rooted), does it mean the phone is immune to Gooligan? Or can a Googligan-infected phone to use SuperSU to cure?
SilverFlash said:
The malware aims to root the user's phone and force-install unwanted softwares. If I have SuperSU installed (thus my phone already rooted), does it mean the phone is immune to Gooligan? Or can a Googligan-infected phone to use SuperSU to cure?
Click to expand...
Click to collapse
Just make sure you're on Marshmallow or above and you're fine
Sent from my SCH-R220
SilverFlash said:
The malware aims to root the user's phone and force-install unwanted softwares. If I have SuperSU installed (thus my phone already rooted), does it mean the phone is immune to Gooligan? Or can a Googligan-infected phone to use SuperSU to cure?
Click to expand...
Click to collapse
No, SuperSU will neither protect you from nor fix Gooligan. But as mattzeller said, Marshmallow will.
josephcsible said:
No, SuperSU will neither protect you from nor fix Gooligan. But as mattzeller said, Marshmallow will.
Click to expand...
Click to collapse
Alright, thx for your answer
Related
Hi, I recently rooted my Z3c using KingRoot. I ten installed custom Rom: SLiM ROM 4.9. Works great, but now I found out Kingroot is very untrustworthy. How do I remove/replace kingroot without loosing root?
I rooted as per these instructions:
whattechsays.com/root-xperia-z2-z3-lollipop
So I have SuperSU installed, but KingRoot does not appear in apps list - so no option to uninstall. I can see kingroot folder in internal memory. Is deleting this sufficient to remove kingroot and any potential back-door?
I am new to rooting, so please explain simply if you can.
Many thanks.
Better remove Kingroot, and unroot all at once. You have Slimrom installed so I'm assuming your bootloader is unlocked so simply flash SuperSu Zip via recovery to get back root.
Kingroot is unreliable and shady when it comes to rooting devices in fact its not even endorsed here in Xda
Revontheus said:
Better remove Kingroot, and unroot all at once. You have Slimrom installed so I'm assuming your bootloader is unlocked so simply flash SuperSu Zip via recovery to get back root.
Kingroot is unreliable and shady when it comes to rooting devices in fact its not even endorsed here in Xda
Click to expand...
Click to collapse
I already have SuperSU installed already. And when I run rootcheck it says SuperSU has root. I have ' uninstalled' Kingroot, however kingroot folder/files remain on internal memory and I assume it could still be active and hiding it's process?
Sent from my D5833 using Tapatalk
Came across this thread from Google, but since it doesn't look like you really got an answer, here goes.
When you flashed Slim ROM, you would have replaced the system partition where Kingroot was installed, meaning it is no longer there at all.
The files left on the internal memory would have been written by Kingroot before and can just be deleted.
Frenik said:
Came across this thread from Google, but since it doesn't look like you really got an answer, here goes.
When you flashed Slim ROM, you would have replaced the system partition where Kingroot was installed, meaning it is no longer there at all.
The files left on the internal memory would have been written by Kingroot before and can just be deleted.
Click to expand...
Click to collapse
Oh dear, another Kingroot user stuck, how many warnings about Kingroot need to be posted on the threads before people listen.
Personally, knowing about what Kingroot does and the information it sends to China, I would wipe my phone and start from scratch.
There is a good guide written by bilboa1, which is very easy to follow.
Frenik is right, if you flash a rom, then the system should get wiped also. Just make sure you wipe data as well as dalvik/cache then you might end up with a Slim rom with SuperSU.
http://zidroid.com/how-to-get-ride-and-replace-kinguser-with-supersu-app/
I used the version 2.4 and worked like a charm
Although as above... even though i have stepped on the same rake as you... don't use KingsRoot... there probably is a fake copy of my phone somewhere in china thanks to that...
"use SuperSu Me" app
Sent from my D5833 using XDA-Developers mobile app
Hi fellas. I write ehre in order to not open a new thread. I recently bought one of this little beasts. I'm running 23.4.A.1.264 (stock in phone), Android 5.1.1. I've succesfully rooted it with king root 4.9.5. I've tried to change it to Supersu without success. I've tried supersu me, the script to remove kingroot to supersu from ver 1.8 to 2.4 and always lose root permissions. Could someone tell me what the f*** I am doing wrong?
I've had the phone rooted last year and haven't really messed with freezing unused apps until recently, bringing my battery life length to normal.
One of the apps I have frozen was Kingroot. Out of all the apps I've frozen, I'd think that one would be the culprit.
Here's a list of the relevant apps I've also frozen:
Root Browser
Root Checker
If there isn't a way around this, could I possibly reinstall or update Kingroot? Thanks in advance.
If your bootloader is unlocked and you have TWRP installed, you can use SuperSU instead of Kingroot.
Kingroot has issues and should only be used when absolutely necessary. Someone said it sends data back to China for no good reason.
Here's a post that details how to completely remove Kingroot and use SuperSu instead. I've only posted the relevant parts.
TheSt33v said:
However, if you absolutely cannot use a computer, you can do this, although I do not recommend it:
1. Google Kingroot, download, install it onto your phone and use it to root your phone. Be aware that Kingroot is developed by a Chinese company, and part of their rooting process involves sending lots of personal info to them for reasons that aren't entirely clear. There is some debate over how legit they are, but their root method should work on a phone with an unlocked bootloader.
5. Uninstall Kingroot.
6. Download this to your phone and install it using TWRP:
http://forum.xda-developers.com/droid-turbo/development/rom-su4tl-49-100-stock-t3390041.
This will remove all of the Kingroot files from your phone that probably were left on it after you uninstalled it.
7. Download this to your phone and install it using TWRP:
https://s3-us-west-2.amazonaws.com/supersu/download/zip/SuperSU-v2.78-201609011115.zip
You should now have a rooted, TWRP-equipped phone.
Click to expand...
Click to collapse
Thanks for the tip on KingRoot, Chazz.
I've just figured out the solution; Settings/Apps/Menu option in upper right-hand corner/Reset app preferences :good::good::good:
coconutt said:
Thanks for the tip on KingRoot, Chazz.
I've just figured out the solution; Settings/Apps/Menu option in upper right-hand corner/Reset app preferences :good::good::good:
Click to expand...
Click to collapse
I edited my post to incluede @TheSt33v instructions on how to completely remove Kingroot. There is no valid reason for keeping it on your phone.
2 days ago i rooted my G800F with CF-auto-root through ODIN. (Used the latest CF-auto-root from here , with ODIN v3.10.6)
But after that my device is too laggy!
Much slower as it had 512 RAM. Root success was confirmed with Root Checker
SuperSU was also installed but sometimes i get a message that SU binary isn't installed.
I 've tried with "ROM toolbox" and "System App Remover" to unistall some system apps but i got the message "Failed to Unistall xxxxxxx app". But if i entered again "ROM toolbox" i found out that the xxxxxx app wasn't there. It has been unistalled!
Once Play Store didn't let me upgrade some apps, because it said that i must logged in to my account (which i was already logged in), and others problems like that!
What shall i do now?
Root again the device? Unroot the device and root again? Unistall Knox? (i've read somewhere that Knox is responsible for problems after rooting). Find another version for CF- auto-root? (the latest is for Build ID LMY47X.G800FXXU1BPB2 but mine is LMY47X.G800FXXU1BPC4 if it matters)
Please help!
Yes, if you have root you must disable Knox. If it doesn't help, you can try go back to stock to see if it's a hardware issue (it will still lag), then root again if everything is fine for a day or two...
lfom said:
Yes, if you have root you must disable Knox. If it doesn't help, you can try go back to stock to see if it's a hardware issue (it will still lag), then root again if everything is fine for a day or two...
Click to expand...
Click to collapse
I have this device for about 2 years. These problems have begun just after rooting. So, i believe it is not a hardware problem.
By saying disable Knox you mean delete/unistall or freeze?
And how can i do that?
billphone said:
I have this device for about 2 years. These problems have begun just after rooting. So, i believe it is not a hardware problem.
By saying disable Knox you mean delete/unistall or freeze?
And how can i do that?
Click to expand...
Click to collapse
I would first use Link2SD to freeze all related to Knox and Security log first. If everything went right, backup and delete files.
lfom said:
I would first use Link2SD to freeze all related to Knox and Security log first. If everything went right, backup and delete files.
Click to expand...
Click to collapse
I freezed all apps and having the word Knox in their names. The phone isn't so laggy now but if i open some apps for rooted devices such as Busybox or Rom Toolbox they can't operate and got a message that my device isn't rooted. After that, no others apps for rooted devices are working! The SU doesn't open at all! All will work again after restart (except ofcourse Busy box Rom toolbox)
So what shall i do?
Unroot and root again? Root again over the previous root? What else?
billphone said:
I freezed all apps and having the word Knox in their names. The phone isn't so laggy now but if i open some apps for rooted devices such as Busybox or Rom Toolbox they can't operate and got a message that my device isn't rooted. After that, no others apps for rooted devices are working! The SU doesn't open at all! All will work again after restart (except ofcourse Busy box Rom toolbox)
So what shall i do?
Unroot and root again? Root again over the previous root? What else?
Click to expand...
Click to collapse
I thought that CF-Auto-Root disabled Knox protection when used, but maybe not... I think there is an option in SuperSU to disable it, you must use it as soon as you open it after using CF-Auto-Root and booting again to Android. If it doesn't have this option, it's not only Knox that makes the security system that prevents root, there is SecurityLog too (and on MM I think I've seen Rootpd that probably is a root protection daemon). Probably it removed su when you were disabling Knox. If you can root again over the current state, probably you can try disabling security system completely this time. Check other threads about rooting G800F, probably there is a list of apps you must disable.
lfom said:
I thought that CF-Auto-Root disabled Knox protection when used, but maybe not... I think there is an option in SuperSU to disable it, you must use it as soon as you open it after using CF-Auto-Root and booting again to Android. If it doesn't have this option, it's not only Knox that makes the security system that prevents root, there is SecurityLog too (and on MM I think I've seen Rootpd that probably is a root protection daemon). Probably it removed su when you were disabling Knox. If you can root again over the current state, probably you can try disabling security system completely this time. Check other threads about rooting G800F, probably there is a list of apps you must disable.
Click to expand...
Click to collapse
Thanks for your anwser.
The SU isn't permanently removed but only temporarily, because after restart it is working again
I 'll try to unroot and root again and we 'll see what happens
billphone said:
Thanks for your anwser.
The SU isn't permanently removed but only temporarily, because after restart it is working again
I 'll try to unroot and root again and we 'll see what happens
Click to expand...
Click to collapse
SuperSU is the app, su is the superuser daemon. Good luck.
billphone said:
Thanks for your anwser.
The SU isn't permanently removed but only temporarily, because after restart it is working again
I 'll try to unroot and root again and we 'll see what happens
Click to expand...
Click to collapse
So finally the problems are still here. The device is no longer laggy, but the root sometimes works sometimes doesn't.
I root again over the previous root, again the same. I unroot and again root, the same. I install a custom recovery and flash the SuperSU, the same results.
Initially working fine, giving rights to the applications but later sometime does not. With restart reverts briefly again.
What on earth has gone wrong? I have root many devices and all of them were working perfect!
I would like to avoid factory reset because i don't know how to restore my backup without problems.
Is there another solution?
Knox disables root, it can even revert custom recovery. Did you disable it, as well as Security Log (disable its updates in settings first), as suggested previously?
lfom said:
Knox disables root, it can even revert custom recovery. Did you disable it, as well as Security Log (disable its updates in settings first), as suggested previously?
Click to expand...
Click to collapse
Yes, i disable some apps with the word Knox in them. I don't know if is still a Knox app with a different name. Is there a list with Knox apps?
I didn't disable the Security Log neither its updates. Where can i find them?
So, finally i have a rooted device which randomly unroot itself!
And nothing can be done!
Question:
Is Xposed or any of its modules suppose to give zygote root access? Doesnt Xposed already take care of that?
Yes. What's app extensions module must have zygote/sqlite3 base for work.
Robert342 said:
Yes. What's app extensions module must have zygote/sqlite3 base for work.
Click to expand...
Click to collapse
One module that is using it wrong.
Others? None?
riahc3 said:
Question:
Is Xposed or any of its modules suppose to give zygote root access? Doesnt Xposed already take care of that?
Click to expand...
Click to collapse
No. You must have root access on your device before trying to install Xposed.
Please go read in the Zygote sub-forums to learn how to get root access, if it is possible.
Spott07 said:
No. You must have root access on your device before trying to install Xposed.
Please go read in the Zygote sub-forums to learn how to get root access, if it is possible.
Click to expand...
Click to collapse
...wow...really?
Spott07 said:
No. You must have root access on your device before trying to install Xposed.
Please go read in the Zygote sub-forums to learn how to get root access, if it is possible.
Click to expand...
Click to collapse
I accidentally unrooted my phone multiple times yet Xposed still works. So I'd say you are wrong, Xposed only requires unlocked bootloader/recovery.
levizx said:
I accidentally unrooted my phone multiple times yet Xposed still works. So I'd say you are wrong, Xposed only requires unlocked bootloader/recovery.
Click to expand...
Click to collapse
Technically, you are correct.
However, you can't get root access without unlocking the bootloader/recovery, so it's easiest just to start with root as your goal. By the time you unlock bootloader/recovery you're already 90% of the way to root.
Spott07 said:
Technically, you are correct.
However, you can't get root access without unlocking the bootloader/recovery, so it's easiest just to start with root as your goal. By the time you unlock bootloader/recovery you're already 90% of the way to root.
Click to expand...
Click to collapse
90% of the way to root means EXACTLY that, not rooted. So saying Xposed REQUIRES root is not just "technically" wrong, there's nothing right about that statement, and that's a fact.
levizx said:
90% of the way to root means EXACTLY that, not rooted. So saying Xposed REQUIRES root is not just "technically" wrong, there's nothing right about that statement, and that's a fact.
Click to expand...
Click to collapse
To install Xposed requires permission or workarounds to edit system files at the root level. End of story.
However you go about it, whether the user account has ongoing root access or not, whether the device allows root/bootloader access out-of-the-box or if you have to use exploits, whether it continues to run after the *user account* has unrooted, is immaterial.
SuperSU or equivalents do not *provide* root access, and removing them is not the same as unrooting the entire device. They instead take existing root access and bring it to where it is convenient for the user.
Unlocking the bootloader/system partition IS rooting your device, even if you never install a root manager program, despite how the terminology has been distorted in popular use here on XDA.
Xposed requires root access. Xposed modules do not provide root access if your device does not already have it.
Ok, fine. But where did the "zygote" related discussion ended up? I've just had a zygote root permission request which I denied, and now SuperSU is not responding and crashing. Some other non root app nor Xposed module is also closing itself...
Sent from my Moto G4 Plus using XDA Labs
The Analog Kid said:
Ok, fine. But where did the "zygote" related discussion ended up? I've just had a zygote root permission request which I denied, and now SuperSU is not responding and crashing. Some other non root app nor Xposed module is also closing itself...
Click to expand...
Click to collapse
Zygote process is in the system, and should not request root permission (already has it).
You encountered a bug which you should have neither allowed/disallowed and just rebooted your device.
Search the supersu threads, the bug get's reported every now and then.
Chainfire said:
There is a case where an internal crash of zygote(64) will attempt to create log files as root. This is a left-over from Android development and really shouldn't be in production builds, but it often is. It is impossible to know if that is the cause, though.
Click to expand...
Click to collapse
corkiejp said:
Zygote process is in the system, and should not request root permission (already has it).
You encountered a bug which you should have neither allowed/disallowed and just rebooted your device.
Search the supersu threads, the bug get's reported every now and then.
Click to expand...
Click to collapse
Well, I've searched for that indeed; but there's no concluding answer that I can spot whatsoever. Anyway, just to see if granting zygote root permission (Chainfire's "suggestion" picked from one zygote related discussion) resulted in any help, I just did... And it positively doesn't. SuperSu has exactly the same bad behavior. I even updated it to 2.82 SR5, to no avail. Nevertheless, I agree this is something that just entered device since SuperSU was working as usual for one month a few days back; I can say it started right after I tried the SuperSU logs section. As of know, I have a nice collection of different "Cracker" logs regarding SuperSU crashes (though, sometimes it just stops). One of the most dramatic SuperSU related events, involved multiple apps and even system stopping in sequence following SuperSU's own. That is something I couldn't even find reports of in any SuperSu nor zygote threads. I think I'll keep trying some stuff before definitely going full restore and start from zero.
Sent from my Moto G4 Plus using XDA Labs
Hallo,
managing some different devices and run them mostly with custom ROMs, rooting was again and again a topic in this endeavour. During this course I've came accross so many resources but it isn't 100% clear for me. This is an attempt to get any uncertainties resolved.
Any input is welcome.
There are many explaining what rooting means, gaining administrative rights on the file system of your phone (in linux, root or superuser is the username of the master admin). With root access, you can install and uninstall anything you want on the phone. But resources what rooting actually does on modern Android are widely scattered around but I haven't found place yet where it all is well explained in one decent post. I've gone through some articles but still don't fully understand what it does and how can I hide later on as it certain apps won't run if they detect if a phone is rooted. These are my resources:
Best way to hide Root and SuperSU from apps that otherwise block access on Lineage?
Question about LOS root, SuperSU and Magisk
Does magisk manager go well with lineage os
LOS Root or Magisk?
As I mainly looked in to rooting LineageOS many resources are referring to this ROM after rooting you have to manage binaries
XDA-Developers Root Directory
iSu
phh's SuperUser
Magisk on xda Magisk Root
SuperSU
Magisk Root
LOS root addon on xda LOS root addon
unsorted collection:
https://techviral.net/top-best-root-apps/#4nbspTrickster_Mod
https://forum.xda-developers.com/showthread.php?t=803682
https://techviral.net/best-tricks-for-rooted-android/#13_Top_10_Best_Root_Apps_2016_for_Android
https://techviral.net/secure-rooted-android-from-security-threats/
https://www.androidauthority.com/root-android-277350/
https://en.wikipedia.org/wiki/Rooting_(Android)
I just wanted to know. If this is true for a root. I mean, does this sound like a properly rooted device under these circumstances?
Taken from a chat log...
"Device is now rooted but PLEASE TAKE NOTE:
1.Do not uninstall SuperSU
2.Do not Factory Reset
3.Do not turn off developer options
4.Do not disable OEM Unlock (if you have this setting)
5.Do not enable Reactivation Lock (if you have this setting)
6.Do not install System Updates"
03:01
why not factory reset? Does this sound like a permanent root?
Confused
2ISAB said:
why not factory reset? Does this sound like a permanent root?
Confused
Click to expand...
Click to collapse
depending on the method and ROM, root related modification could be overridden when flashing. This is one of the reasons why I kicked off this thread. I want to outline it in more details (as soon as I have some spare hours)
PackElend said:
depending on the method and ROM, root related modification could be overridden when flashing. This is one of the reasons why I kicked off this thread. I want to outline it in more details (as soon as I have some spare hours)
Click to expand...
Click to collapse
Well it's a N7 stock rom for my M9 using the controversial Oneclickroot advertised on XDA.
So I just want to know if they root permanently using team viewer remote root. ?
2ISAB said:
So I just want to know if they root permanently using team viewer remote root. ?
Click to expand...
Click to collapse
can't tell you need to ask in the specific thread
2ISAB said:
I just wanted to know. If this is true for a root. I mean, does this sound like a properly rooted device under these circumstances?
Taken from a chat log...
"Device is now rooted but PLEASE TAKE NOTE:
1.Do not uninstall SuperSU
Click to expand...
Click to collapse
Uninstall it should not be a problem, the su binary already in /system (system way) and in boot image (systemless way). But if you remove SuperSU from that app you will LOSE root!
2ISAB said:
2.Do not Factory Reset
Click to expand...
Click to collapse
It's because some devices play not good with Factory Reset with root. Like my ASUS ZF2, everytime I try to factory reset + root, the device lost boot.
2ISAB said:
3.Do not turn off developer options
Click to expand...
Click to collapse
Read note 4 and 5 below.
2ISAB said:
4.Do not disable OEM Unlock (if you have this setting)
Click to expand...
Click to collapse
OEM Unlock will allow your phone to root. If you are rooted and you disable this option, your phone will brick (as it will enable the device to check system signatures). I had this mistake and my SS phone said on reboot "Custom binary blocked by FRP lock"
The fix would be full stock ROM flash.
2ISAB said:
5.Do not enable Reactivation Lock (if you have this setting)
Click to expand...
Click to collapse
Read note 4.
2ISAB said:
6.Do not install System Updates"
Click to expand...
Click to collapse
This is not true. Some device can still install OTA, but you must unroot. Else your phone might get hard bricked.
2ISAB said:
why not factory reset? Does this sound like a permanent root?
Click to expand...
Click to collapse
Yes, it's a permanent root. You can unroot if you want.