Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,737,124 Members 43,541 Now Online
XDA Developers Android and Mobile Development Forum

[PRERLS-REF] Root, BL, Kernel, Recovery

Tip us?
 
Chainfire
Old
(Last edited by Chainfire; 6th June 2012 at 08:57 PM.)
#1  
Chainfire's Avatar
Senior Moderator / Senior Recognized Developer - Where is my shirt? - OP
Thanks Meter 48816
Posts: 8,983
Join Date: Oct 2007

 
DONATE TO ME
Default [PRERLS-REF] Root, BL, Kernel, Recovery

This thread is left here only for historical purposes ! Now that the device has been released, easier and better methods have been developed to gain root, like CF-Root.

.
.
.
.
.

Check your device model ! Settings -> About device -> Model number. This stuff is made for the GT-I9300, if your model number has a suffix, it may not work, or if it is a totally different model, it will not work (may even brick) !

Ladies and gentlemen, we have root on the SGS3 (!)

This will all be common knowledge in the near future, but here's some info I though various devs, chefs, and users will be dying to know!

Unfortunately, I am not able to share the "insecure" kernel with you at the moment, because of fears it is traceable to the leaker (this is said to be the last traceable firmware revision).

Update: The kernel is linked at the bottom of the post.

Update: The easiest way for rooting is now CF-Root

This root is, as expected, trivial. It was a simple matter of repacking the stock kernel, with a modified adbd binary that thinks ro.secure=0 (even if ro.secure=1). This gives access to all adb root commands (see screenshots). Then SuperSU was installed manually.

Kernel

The modification was trivial, because this time around, Samsung is using the standard boot.img format, instead of the zImage format used for SGS1, SGS2, SGNote, etc, that is much harder to repackage.

This is also why I don't feel particularly bad about not giving you the insecure kernel - any serious dev on this board can do the same thing in 10 minutes.

Recovery

The recovery partition is also being used this time around. And thus we can flash recoveries separately from the kernel.

Bootloaders

There was no warning triangle at boot-up after flashing the modified kernel, but download mode did show a custom kernel flash counter which increased. Whether or not flashing a custom recovery also triggers this counter is as of yet unknown. Both flashing kernel and/or flashing recovery will trigger the flash counter!

Final note

This was all tested on a current (release candidate) SGS3 firmware. There may be a newer firmware on true retail/production devices. Though some things may change, it is unlikely to change much. Let's hope nothing

Also, Triangle Away did not work. They have hidden the boot partitions again as on the latest SGNote firmwares.

(No, I don't have an SGS3 yet, everything was done remotely)

Now, everybody say thanks to Samsung! I don't always agree with them, but so far they have been the first and IMHO still are the only high-end Android OEM who aren't complete douchebags in the unlock department!

Download

The instructions below assume some basic knowledge about Samsung devices. This is not a noob-proof guide.

Here's the "insecure" kernel, based on XX NEE ALE8 firmware:

CF-Insecure-SGS3_XX_NEE_ALE8-v1.2.zip

- Extract the linked file (you will get a .tar file)
- Use the ODIN version attached below to that .tar file to your SGS3 as "PDA"

Going from insecure to full root

After having flashed the insecure kernel, boot your phone, and make sure USB debugging is enabled.

Your device is now insecure, so you can use the adb root commands. This does not allow your on-device apps to get superuser access, though. For that, you need to install SuperSU:

Download and extract the sgs3-root-install.zip file, containing SuperSU v0.89. Make sure adb is running correctly, then just double click install.bat (this will reboot your phone).
Attached Thumbnails
Click image for larger version

Name:	root.png
Views:	23105
Size:	28.0 KB
ID:	1069141   Click image for larger version

Name:	remount.png
Views:	22593
Size:	23.0 KB
ID:	1069142  
Attached Files
File Type: zip Odin3-v1.85.zip - [Click for QR Code] (198.4 KB, 46071 views)
BLOG - G+(Chainfire) - G+(Personal) - TWITTER - IRC - DONATE

A proper quote includes only the relevant paragraphs, and a proper post never ends with the word "why"

Android
HTC G1, Hero, One
Samsung i5800, i9000*2, P1000*2, P7100, i9100*2, N7000, P6800, i9300, N7100, i9505, N9005
Sony T LT30p, Z C6603
Nexus Galaxy*2, N7, N10, N7-2013

SuperSU, Mobile ODIN, TriangleAway, DSLR Controller, CF-Root, 500 Firepaper, OpenDelta, USB Host Diagnostics, ExynosAbuseAPK, Live dmesg+logcat, NoMoarPowah!, CF-Bench, Chainfire3D, CF.lumen, SGS2 SIM Unlocker, GingerBreakAPK, SuperPower, and more!

Windows Mobile 5/6
E-Mobile EM-ONE
HTC Wizard*2, Kaiser, Touch, Diamond, Pro, HD*2, Diamond 2, Pro 2*2, HD2*2
Samsung i780, i900*2, i8000*2, b7300, b7320, b7330, b7620*2, b6520

WMWifiRouter, KaiserTweak, FPUEnabler, WMLongLife, WMRegOptimizer, CFC+GUI, TF3D+v2 ports, Kaiser+Omnia2+Snapdragon 3D drivers, GfxBoost, and more!

Windows Phone 7
LG GW910

NOTICE: I do not respond to tech support questions through PM.
The Following 325 Users Say Thank You to Chainfire For This Useful Post: [ Click to Expand ]
 
orb3000
Old
#2  
orb3000's Avatar
XDA Portal Team / Senior Moderator
Thanks Meter 3029
Posts: 22,275
Join Date: Feb 2007
Location: T r a v e l i n g Likes: HTC & XDA Dislikes: apples...

 
DONATE TO ME
Wow, that was fast!
orb


HTC One M8 - HTC Butterfly S - HTC Universal

XDA is about developing and is for developers. Any user that recognizes that will gain the most benefit from this site


 
This is and always will be a site for developers, pure and simple. Without them we are nothing, without them there would be no reason for XDA Developers to exist; we should never ever forget that. Without them this place would not be called XDA-Developers but something else, e.g Mobile Phone User Support Services For Ungrateful Nerds.

Previous devices: HTC: Treo 650 - Excalibur - Diamond - Diamond 2 - Maple - HD2 - Rhodium - Desire Z - Desire HD - Vivid - Sensation - One V - One X - Titan II - One X+ - DNA - Butterfly
samit.mahap Old
(Last edited by samit.mahap; 18th May 2012 at 07:25 PM.)
#3  
Guest
Thanks Meter
Posts: n/a
Quote:
Originally Posted by Chainfire View Post
Ladies and gentlemen, we have root on the SGS3 (!)


(No, I don't have an SGS3 yet, everything was done remotely)
bravo my friend i hope the candle wasnt the inspiration or errr turpitude dayyyyymn.....nough said....thanks for leading the way
The Following User Says Thank You to For This Useful Post: [ Click to Expand ]
 
mdfine
Old
#4  
Member
Thanks Meter 3
Posts: 54
Join Date: Jun 2009
Appreciate
IPAQ 614 WM6.1 Manila - Sold : Topaz unbranded german - UdK WM 6.5 R5 - Sold : Desire - S-OFF 16GB Sandisk SD LeeDroid 3.x - Sold
Sensation - stock - S-ON awful - returned ! : SGS II - Litening 2.2 @ Siyah 3.x - Sold : SGS III @ Omega - Sold
Xperia Z1 @ .142 Telekom.de stock : Pre-ordered Xperia Z2
The Following User Says Thank You to mdfine For This Useful Post: [ Click to Expand ]
 
exynos5250x
Old
#5  
Member
Thanks Meter 21
Posts: 94
Join Date: Jan 2012
Location: Connecticut
Finally boot.img/recovery.img about time samsung(on their flasg ship that is)
 
wanam
Old
#6  
wanam's Avatar
Recognized Contributor / Developer
Thanks Meter 21057
Posts: 4,570
Join Date: Jan 2011
Location: Temara

 
DONATE TO ME
Remotely! Good work, i can't wait to get the device .

Sent from my GT-I9100 using Tapatalk 2
I'm out until 04/08/2014.

Apps : Wanam Xposed - XSense - Language Enabler - YouTube AdAway - Xposed Torch

Blog : WanamLite.com
Follow : GooglePlus - Twitter
The Following 2 Users Say Thank You to wanam For This Useful Post: [ Click to Expand ]
 
ogdobber
Old
#7  
ogdobber's Avatar
Recognized Developer
Thanks Meter 1759
Posts: 3,227
Join Date: Nov 2008

 
DONATE TO ME
thats great. i hope they don't 180 on the boot.img format.

>>>>>>>>>test kernels foundhere
z ɐıɹǝdxJame Bond
dropbox
 
Phistachio
Old
#8  
Phistachio's Avatar
Recognised Contributor
Thanks Meter 992
Posts: 1,438
Join Date: Oct 2011
Location: Madeira, PT
So is the GSIII bootloader unlocked from factory or did it require a bootloader unlock?
Samsung Galaxy Note 2 - Stock XXDME6 / CM11 4.4 KitKat | XXDME4 Modem | NEAK 2.2 | TWRP 2.6.3.0

Soft bricked/unflashable phone? Check out my Recovery Guide! N7100 and I9100

 
Chainfire
Old
#9  
Chainfire's Avatar
Senior Moderator / Senior Recognized Developer - Where is my shirt? - OP
Thanks Meter 48816
Posts: 8,983
Join Date: Oct 2007

 
DONATE TO ME
Quote:
Originally Posted by Phistachio View Post
So is the GSIII bootloader unlocked from factory or did it require a bootloader unlock?
As with the SGS1, SGS2, and SGNote, it was never locked to begin with.
BLOG - G+(Chainfire) - G+(Personal) - TWITTER - IRC - DONATE

A proper quote includes only the relevant paragraphs, and a proper post never ends with the word "why"

Android
HTC G1, Hero, One
Samsung i5800, i9000*2, P1000*2, P7100, i9100*2, N7000, P6800, i9300, N7100, i9505, N9005
Sony T LT30p, Z C6603
Nexus Galaxy*2, N7, N10, N7-2013

SuperSU, Mobile ODIN, TriangleAway, DSLR Controller, CF-Root, 500 Firepaper, OpenDelta, USB Host Diagnostics, ExynosAbuseAPK, Live dmesg+logcat, NoMoarPowah!, CF-Bench, Chainfire3D, CF.lumen, SGS2 SIM Unlocker, GingerBreakAPK, SuperPower, and more!

Windows Mobile 5/6
E-Mobile EM-ONE
HTC Wizard*2, Kaiser, Touch, Diamond, Pro, HD*2, Diamond 2, Pro 2*2, HD2*2
Samsung i780, i900*2, i8000*2, b7300, b7320, b7330, b7620*2, b6520

WMWifiRouter, KaiserTweak, FPUEnabler, WMLongLife, WMRegOptimizer, CFC+GUI, TF3D+v2 ports, Kaiser+Omnia2+Snapdragon 3D drivers, GfxBoost, and more!

Windows Phone 7
LG GW910

NOTICE: I do not respond to tech support questions through PM.
The Following 5 Users Say Thank You to Chainfire For This Useful Post: [ Click to Expand ]
 
Mbb15
Old
#10  
Mbb15's Avatar
Member
Thanks Meter 4
Posts: 35
Join Date: May 2011
Location: Hoek van Holland
Awesome!

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes