FORUMS
Remove All Ads from XDA

giefroot - rooting tool (CVE-2014-4322)

1,427 posts
Thanks Meter: 4,305
 
By zxz0O0, Senior Member on 24th January 2015, 01:22 PM
Post Reply Email Thread
giefroot
A tool to root your device using CVE-2014-7911 (by Keen Team) and CVE-2014-4322 (by zxz0O0).
System rw access & SuperSU installation.

Requirements
  • USB debugging enabled
    Settings => About phone => Click 7 times on Android Build to unlock developer options
  • Allow mock locations
    Settings => Developer Settings
  • adb drivers installed
  • Firmware < October 2014 (kernel and system)

How to use
  1. Download the tool (latest version) and extract it
  2. Start your device and plug it to your computer
  3. Put your device in air plane mode
  4. Run install.bat and follow the instructions on screen
  5. Congratulations! You should now be rooted. If you get an error "Device not rooted", try running the tool a second time.
    Don't forget to make a donation
    If you are not rooted, see post #3 for possible solutions!

What can you do next
Download v3.1

Thanks to
Big thanks to Keen Team for developing the CVE-2014-7911 exploit.
Original thread: http://forum.xda-developers.com/mate...6/post57991147
Code:
88      a8P   88888888888  88888888888  888b      88  
88    ,88'    88           88           8888b     88  
88  ,88"      88           88           88 `8b    88  
88,d88'       88aaaaa      88aaaaa      88  `8b   88  
8888"88,      88"""""      88"""""      88   `8b  88  
88P   Y8b     88           88           88    `8b 88  
88     "88,   88           88           88     `8888  
88       Y8b  88888888888  88888888888  88      `888  

Huawei Ascend Mate 7 root utility
                                                      
Present by Keen Team:
      Liang Chen, flanker017 - CVE-2014-7911 exploit
      idl3r - Kernel vulnerability and exploit

Special thanks to:
      Yaron Lavi and Nadav Markus from Palo Alto Networks for "Mock Location" trick
      Chainfire for SuperSU
      KingRoot (www.kingroot.net) for testing devices

Tested on MT7-TL10 and MT7-CL00 China Domestic edition with B122 SP06 (2014/12/30)
May or may not work on international editions
Additionally, thanks to:
  • Chainfire: SuperSU developer
  • MohammadAG: Disable RIC kernel module (Link)
  • idler1984: Trick for stopping system_server
  • RHBH, squabbi, minijaws, Desperanto86: Testing & debugging

Changelog
  • v3.1
    • Add new device D6643 and D6616 (see here)
    • Small fixes
    .
  • v3
    • Fixed a few bugs allocating memory
    • Add some new devices / firmwares for compatibility
    .
  • v2
    • Fix phone rebooting before exploit completed (thanks idler1984!)
    • Fix error allocating memory for exploit code
    .
  • v1
    • Initial release


XDA:DevDB Information
giefroot - rooting tool, Tool/Utility for the OEM Cross Device Development

Contributors
zxz0O0

Version Information
Status: Beta

Created 2015-01-24
Last Updated 2015-05-03
The Following 291 Users Say Thank You to zxz0O0 For This Useful Post: [ View ] Gift zxz0O0 Ad-Free
 
 
24th January 2015, 01:22 PM |#2  
zxz0O0's Avatar
OP Senior Member
Thanks Meter: 4,305
 
Donate to Me
More
Reserved
Help: My device is not supported

The tool uses static kernel addresses. To support a device, I need the following information from someone with stock kernel (supported firmware) and root:
Code:
cat /proc/version
su
echo 0 > /proc/sys/kernel/kptr_restrict
cat /proc/kallsyms > /data/local/tmp/kallsyms
chmod 777 /data/local/tmp/kallsyms
Upload kallsyms and show output of version command.

Currently as in v1 only Z3 Compact and Z3 is supported.
The Following 36 Users Say Thank You to zxz0O0 For This Useful Post: [ View ] Gift zxz0O0 Ad-Free
24th January 2015, 01:22 PM |#3  
zxz0O0's Avatar
OP Senior Member
Thanks Meter: 4,305
 
Donate to Me
More
Reserved
I have supported firmware / kernel but still not rooted!

Solution 1:
  • Run the tool a few times

Solution 2:
  • Put your phone into safe mode and run the tool. To get the device into safe mode:
    Quote:
    Originally Posted by pkobier

    Hold power button and than hold "Turn off". You will see prompt message to reboot phone in safe mode.


Solution 3:
  • Try running the tool on another computer

No solution works:
To speed up the support process you can provide the following output / information:
  • Device model / firmware version
  • Kernel version (cat /proc/version)
  • adb shell "ls -l /data/local/tmp/"
  • adb shell "cat /data/local/tmp/giefrootlog"
  • adb shell "cat /proc/last_kmsg"
The Following 33 Users Say Thank You to zxz0O0 For This Useful Post: [ View ] Gift zxz0O0 Ad-Free
24th January 2015, 01:28 PM |#4  
Senior Member
Flag Piñas
Thanks Meter: 192
 
More
The wait worth a lot... Thanks man, you are awesome!
24th January 2015, 01:30 PM |#5  
mo3553's Avatar
Senior Member
Flag Århus
Thanks Meter: 21
 
More
can i use it on D6603?
24th January 2015, 01:34 PM |#6  
thienbrand's Avatar
Senior Member
Thanks Meter: 71
 
More
@zxz0O0 : I have done everything but at the end, it's say "Error: device not rooted"?
24th January 2015, 01:36 PM |#7  
zxz0O0's Avatar
OP Senior Member
Thanks Meter: 4,305
 
Donate to Me
More
Quote:
Originally Posted by thienbrand

@zxz0O0 : I have done everything but at the end, it's say "Error: device not rooted"?

Post this information: http://forum.xda-developers.com/show...97&postcount=3
and output of install.bat
The Following User Says Thank You to zxz0O0 For This Useful Post: [ View ] Gift zxz0O0 Ad-Free
24th January 2015, 01:36 PM |#8  
graffixnyc's Avatar
Retired Forum Moderator / Recognized Developer
Flag New York City
Thanks Meter: 6,329
 
Donate to Me
More
Nice
24th January 2015, 01:45 PM |#9  
thienbrand's Avatar
Senior Member
Thanks Meter: 71
 
More
Quote:
Originally Posted by zxz0O0

I have supported firmware / kernel but still not rooted!

To speed up the support process you can provide the following output / information:

  • Device model / firmware version
  • Kernel version (cat /proc/version)
  • adb shell "ls -l /data/local/tmp/"
  • adb shell "cat /data/local/tmp/giefrootlog"

Device model / firmware version : D6603 / 23.0.A.2.93 Generic Global
Kernel version (cat /proc/version): 3.4.0-perf-g0961 cdf BuildUser@BuildHost #1 Tue-Aug 19 19:48:36 2014
adb shell "ls -l /data/local/tmp/":
C:\adb>adb shell "ls -l /data/local/tmp/"
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
-rw-rw-rw- shell shell 4016989 2015-01-24 06:00 SuperSU.zip
-rwxrwxrwx shell shell 152 2015-01-24 17:50 a
-rwxrwxrwx shell shell 657704 2014-02-07 06:39 busybox
-rw-r--r-- root root 30184 2014-07-15 15:10 flatland
-rwxrwxrwx shell shell 17892 2015-01-24 20:13 getroot
-rwxrwxrwx shell shell 143 2015-01-24 05:06 giefroot
-rwxrwxrwx system system 181 2015-01-24 20:31 giefrootlog
-rw------- u0_a33 u0_a33 3774 2015-01-24 20:39 glsl_shader_log.txt
-rwxrwxrwx shell shell 752 2015-01-24 09:08 installsupersu.sh
-rwxrwxrwx shell shell 60799 2015-01-07 12:40 main
-rwxrwxrwx shell shell 0 2015-01-24 20:38 memfile
-rwxrwxrwx shell shell 13592 2014-07-20 23:10 modulecrcpatch
-rwxrwxrwx shell shell 1544 2015-01-24 10:13 systemrw.sh
-rwxrwxrwx shell shell 34473 2014-07-10 05:02 wp_mod.ko


adb shell "cat /data/local/tmp/giefrootlog":
C:\adb>adb shell "cat /data/local/tmp/giefrootlog"
giefroot (c) zxz0O0
query failed. trying another app...
getting ptr
getting offset
Error: Could not allocate memory for exploit code
getting root...
getuid: 1000
Error getting root


output of bat:

==============================================
= =
= giefroot v1 =
= created by zxz0O0 =
= =
= Many thanks to: =
= - [NUT] =
= - MohammadAG =
= - Keen Team =
= =
==============================================

* daemon not running. starting it now on port 5037 *
* daemon started successfully *
=============================================
Waiting for Device, connect USB cable now...

Make sure that you authorize the connection
if you get any message on the phone
=============================================
Device found

=============================================
Sending files
=============================================
9 KB/s (152 bytes in 0.015s)
1118 KB/s (17892 bytes in 0.015s)
25 KB/s (143 bytes in 0.005s)
1899 KB/s (60799 bytes in 0.031s)
13 KB/s (13592 bytes in 1.000s)
1 KB/s (1544 bytes in 1.000s)
2144 KB/s (34473 bytes in 0.015s)
2666 KB/s (4016989 bytes in 1.471s)
2417 KB/s (657704 bytes in 0.265s)
0 KB/s (752 bytes in 1.000s)
2766 KB/s (44259 bytes in 0.015s)
pkg: /data/local/tmp/exploitServiceApp.apk
Success

=============================================
Running exploit
=============================================
Please wait 70 seconds to let the device reboot
Error: device not rooted
Press any key to continue . . .
The Following User Says Thank You to thienbrand For This Useful Post: [ View ] Gift thienbrand Ad-Free
24th January 2015, 01:47 PM |#10  
LeonidasTurk's Avatar
Senior Member
Flag Konya
Thanks Meter: 72
 
More
Hey, after root, can i update my device to latest firmware?
24th January 2015, 01:48 PM |#11  
serajr's Avatar
Recognized Developer / Recognized Themer
Flag Rafard - SP
Thanks Meter: 16,185
 
Donate to Me
More
Thumbs up
Thank so much my friend...
My small contribution: 8TJ698456J713772F
The Following 2 Users Say Thank You to serajr For This Useful Post: [ View ]
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes