Does anyone have a step by step guide as to how to root my Xperia ZR on a 4.4.2 firmware without custom recovery, full stock? I need root access for so many reasons but mainly because of the memory limitation..
Thank you!
Well, if there's a simple answer to your question: Nobody has found it yet! If you're talking about custom recovery with locked bootloader (where you can't flash custom kernel, meaning prerooted). SuperSU won't work either. If you unlock bootloader, then proceed to flashing prerooted ftfs. But that's more closely like flashing custom ROM than rooting the stock one.
Less simple answer would start with a story about SELinux:
SELinux - introduced in Android 4.2 - is essentially a set of kernel add-ons and tools that restricts pieces of software to run with only the bare minimum privilege set they require to function properly, and minimizes the damage a malicious program can do by tightly controlling security policy. Previously, SELinux operated in "permissive" mode in Android, but in 4.4 it has been switched to "enforcing" mode, meaning essentially that even if a piece of malware successfully intrudes, it won't be able to disable SELinux and do whatever it wants, even - theoretically - if it has administrative access.
With Google SELinux enforcing means that there is a "context" for every file (which is pretty much everything in Linux) similar to file permissions, but determines when, where and by whom data can be run and accessed. It's used to make Linux hyper-secure and makes it incredibly difficult to root a phone without having access to the bootloader to flash a su.apk. Even if they find a compromise in a "system" package, it won't give them the access to write to the root filesystem. Incredibly smart people will find some ways around it but it will get rid of most of the non-bootloader based roots on 4.4+. Basically it's a good thing for security and bad thing if you want to have admin privileges over your piece of android running hardware.
Hoping that wizards of reverse coding like @
DooMLoRD said:
http://dance.csc.ncsu.edu/papers/codespy14.pdf might find some related clues in in-depth analysis of PREC project, the malware detection and avoidance tool based on root exploit supported by high-level funding partners like IBM, Google, the U.S. Army, and the U.S. National Science Foundation.
Click to expand...
Click to collapse
Hope it helps.
EnzoDC said:
Does anyone have a step by step guide as to how to root my Xperia ZR on a 4.4.2 firmware without custom recovery, full stock? I need root access for so many reasons but mainly because of the memory limitation..
Thank you!
Click to expand...
Click to collapse
Yes, there is such a way
In short:
Backup TA
Unlock
Flash Cyanogen kernel
From recovery install SuperSu
Flash original kernel back
Restore TA (relock)
Result: full rooted locked stock
Yes I have read the FAQ, and I still think this is possible, if you install via custom recovery.
Currently the flashable zip generation requires root access. If there is any way to generate that flashable zip file without root then only a custom recovery would be required to install Xposed, as a custom recovery can write to /system without needing root. Since I am currently installing root only to install Xposed and then immediately removing it I would greatly appreciate an install option that doesn't require me going through the rooting process.
So my request is for the two recovery installation options not require root to generate the zip file. Thank you.
Open recovery, flash ZIP file.
You don't need at all.
That part I know. Once I have the flashable zip file I am fine. However, on my phone I cannot create the flashable zip file without root. It just fails. Hence my request.
Stupid question, but can you install recovery without root?
ldeveraux said:
Stupid question, but can you install recovery without root?
Click to expand...
Click to collapse
Yes, some manufacturers include recoveries pre-installed, but those often have restricted functionality.
Also, recovery can be installed on some phones without root with the use of a PC (again, it's brand-dependant).
And finally, a few (too few) manufacturers ship their devices with unlocked bootloader which means you can do anything you want with them.
XspeedPL said:
Yes, some manufacturers include recoveries pre-installed, but those often have restricted functionality.
Also, recovery can be installed on some phones without root with the use of a PC (again, it's brand-dependant).
And finally, a few (too few) manufacturers ship their devices with unlocked bootloader which means you can do anything you want with them.
Click to expand...
Click to collapse
Yep. I personally have an HTC device and they allow anyone to unlock their bootloader by filling out a form on their website. Once the bootloader is unlocked no root is required to flash a custom recovery. That is how I typically run my device no root but custom recovery. Occasionally, I revert to stock recovery to install a system update. Then I run into this issue where I have to root just to reactivate Xposed, then unroot again. I would much prefer to avoid the root/unroot part of reactivating Xposed.
I'm hoping that since it is only creating the zip file that I am asking about this is a quick and easy change.
XspeedPL said:
Yes, some manufacturers include recoveries pre-installed, but those often have restricted functionality.
Also, recovery can be installed on some phones without root with the use of a PC (again, it's brand-dependant).
And finally, a few (too few) manufacturers ship their devices with unlocked bootloader which means you can do anything you want with them.
Click to expand...
Click to collapse
In Moto G you can install a custom recovery and mount /system and /data (I need a custom recovery to flash SuperSU.zip), so, I think it's possible.
XspeedPL said:
Yes, some manufacturers include recoveries pre-installed, but those often have restricted functionality.
Also, recovery can be installed on some phones without root with the use of a PC (again, it's brand-dependant).
And finally, a few (too few) manufacturers ship their devices with unlocked bootloader which means you can do anything you want with them.
Click to expand...
Click to collapse
Not the stock recoveries, installed recoveries. I didn't think you could install TWRP or CWM without root.
ldeveraux said:
Not the stock recoveries, installed recoveries. I didn't think you could install TWRP or CWM without root.
Click to expand...
Click to collapse
Have you heard of flashtool or Odin?
Using flashmode/fastboot you can do more than with root.
ldeveraux said:
Not the stock recoveries, installed recoveries. I didn't think you could install TWRP or CWM without root.
Click to expand...
Click to collapse
I have installed both without root multiple times. Here are a few guides.
Nexus Devices (Note rooting comes after custom recovery is installed.)
General Advice (Note: First option requires root, second two do not.)
In general as long as you can unlock your bootloader no root is required. I have only ever purchased Android devices that let me unlock the bootloader, so I have always gone that route.
Again for my feature request though I just want the flashable zip generation to not require root. That (hopefully minor) change would allow a completely root free use of Xposed. Which would be wonderful for me.
Stock recovery will only flash officially signed packages. If you have a custom recovery, you can easily gain root access. So what point would it serve?
mattdm said:
Stock recovery will only flash officially signed packages. If you have a custom recovery, you can easily gain root access. So what point would it serve?
Click to expand...
Click to collapse
That question makes no more sense to me than a comment that Xposed does nothing more than a custom ROM, and if you can install Xposed you can install a custom ROM so what is the point of Xposed?
However, I will provide a few of my answers to your question pick your favorite.
Requiring root without needing to doesn't serve any point so why require it?
Root is required "because it replaces a file in /system/bin". However, on my phone /system/bin is write protected by the kernel, so root does not grant write access to /system/bin only recovery does, So why is root required to create a zip file that I install via recovery?
I like to be able to run apps that don't work if you are rooted. (DRM protected movies, corporate apps, etc.) so rooting causes me problems, and fully unrooting afterwards is a bit of a pain. (I have had to develop a custom script to do it efficiently.)
So, I just did some more searching and discovered that I'm not the only one who wants this. jurben requested this back in September and even wrote up the code to make it possible.
So, I went ahead and turned it into a Pull Request on GitHub. Hopefully it gets accepted.
I know that one step in the rooting process is to use application like Root Genius.
Curious as I am, I would like to know what exactly this application is doing?
I would like to know whether whatever this application does, I can do by hand.
Depending what firmware you are right now on it may be possibly (definitely possible with any B6xx and higher rom) to flash the newest SuperSU.zip through a custom recovery. This way you gain root access. To be full rooted you may also delete the set_immutable on B6xx roms.
So, I'd definitely recommend to use the recovery-methode..
l3Nni said:
Depending what firmware you are right now on it may be possibly (definitely possible with any B6xx and higher rom) to flash the newest SuperSU.zip through a custom recovery. This way you gain root access. To be full rooted you may also delete the set_immutable on B6xx roms.
So, I'd definitely recommend to use the recovery-methode..
Click to expand...
Click to collapse
So, actually step for using Root genius, iRoot or Kingo android root is not necessary.
If I flash custom recovery, than supersu, I believe that I have to flash rooted boot partition as well.
Still I would like to know what these applications do.
My past rooting has been based on installing a ROM that is already rooted. For reasons I won't bother you with, I want to run EPE3 (have already moved to it), and I want to root it. No custom ROM>
Remembering that I am on EPE3, Is it as simple as:
Odin TWRP to replace stock recovery
Boot to TWRP
Let it install SU/Root
I've never done it that way. I'm not sure it is possible. I have typically seen the message "Root appears to not be installed, do you want to install SU?" That has been after installing a ROM that is rooted.
Thanks in advance.
Aha! Even though I am not a big fan of KingRoot, I managed to get version 5.3.0 to root the Z4V. Sort Of.
Sort Of? Well, I have Flashtool running on my PC and all drivers working. KingRoot runs and achieves root. Flashtool then recognizes root and pushes files and deactivates RIC. Then I get a seemingly random reboot on the phone, when it returns, root is gone.
Any ideas how to get it fixed?
RIck
BlackIce000
Sorry for the x-post, but this is a new issue.
I can have root for up to 30 seconds with ADB push and shell working and write access. What can I do to change build.prop (or other file) to allow bootloader unlock or disable RIC so on reboot I keep root? if I can get the ROM OUT of the phone I can change it.
Anyone have the Stock ROM image for the E6508?
Rick
BlackIce
blackice000 said:
I can have root for up to 30 seconds with ADB push and shell working and write access. What can I do to change build.prop (or other file) to allow bootloader unlock or disable RIC so on reboot I keep root? if I can get the ROM OUT of the phone I can change it.
Anyone have the Stock ROM image for the E6508?
Rick
BlackIce
Click to expand...
Click to collapse
Not really sure if bootloader unlock is possible in any way, shape or form - perhaps ask @jerpelea if he knows of any way to unlock it
disabling RIC, patching the boot.img and other stuff perhaps can be done with tobias.waldvogel's patcher but for that you first need an image (mentioned in your other thread)
also without unlocked bootloader trying to flash a kernel would be fruitless and the risk is high to brick the device by writing directly (from within Android) via dd an prepared image - given that it's possible that the image
might not work or you made a mistake so you'll end up with a non-booting or bootlooping device ...
... which you cannot recovery since you cannot restore a working state
Interesting reading! I just cannot get it done in the short time allotted by my brief root access.
I have spoken with Sony and they have provided an unlock code. I have spoken with verizon and they couldn't care less what I do with the phone. I am waiting for some high level tech to get back to me with some additional info.
I do not know if it is possible verizon can allow the bootloader to be unlocked with a simple code entry. if it CAN be done, I am sure I can get to someone to allow it. I have some very high connections within the verizon hierarchy. Just don't know what to actually ask for!
Rick