Archos 101 one-click-root for firmware 2.0.71 using Archangel

Search This thread
By:
Advanced…
L

louis chan

Member
May 8, 2006
22
0
wdl1908 said:
Nice. A pitty my wifi router is just crap for this kind of thing.

So you have a setup that should be able to get the tcpdump we need to see if something fishy is going on.

Are you a brave person? Are you willing to test the archangel with a tcpdump running to see what it sends on the network?
Click to expand...
Click to collapse

I upgrade my A70 to 2.1.02. And test the ver 1 root utility with tcpdump on those IP packets.
During root, there are lots of arp request & lots of ntpv4 update, but I didn't see suspicious IP addresses. And I reboot it and observe the permanent root activities. Still nothing odds that'd catch my eyes.

So my verdict is that it is safe.
 
Last edited:
wdl1908

wdl1908

Senior Member
Dec 18, 2010
380
156
louis chan said:
I upgrade my A70 to 2.1.02. And test the ver 1 root utility with tcpdump on those IP packets.
During root, there are lots of arp request & lots of ntpv4 update, but I didn't see suspicious IP addresses. And I reboot it and observe the permanent root activities. Still nothing odds that'd catch my eyes.

So my verdict is that it is safe.
Click to expand...
Click to collapse

A buddy of mine has a linux PC that is configured as router. I asked him if we could test the setup and do a tcpdump of the traffic.

I can confirm there are no other packets being send/received than just ARP and NTPv4 packets.

So i agree with "louis chan".
 
Cthugha

Cthugha

Senior Member
Mar 16, 2009
70
2
Do backup and restore with Titanium Backup work after getting root using this exploit?
 
ExploreMN

ExploreMN

Senior Member
Jun 23, 2007
1,574
463
wdl1908 said:
Listen to everything on the LAN is impossible when you have a switch in your network unless you configure the ports on the switch in replication mode.

So Switches 101 says no in the first case.

The second case Routers 101 says that is impossible.

WAN <-> Router <-> LAN <-> PC
<-> Wifi

All traffic that is coming into the Wifi and goes out to the WAN is NEVER seen on the LAN unless you configure your router as a bridge. And if that is the case it's Bridge 101 not Router 101 so Sniffers 101 is not working in my setup.
Click to expand...
Click to collapse

Honestly, I have no clue what you are talking about, but when I run Wireshark on my PC I can see the Archos broadcasting on my network and when I use it to surf the net I can see the requests and what-not. So...based on that, I am assuming whatever you are doing is incorrect. I can also filter out everything except the Archos as well.

It looks like I will have to be the one to test this since no one else seems able to do it...maybe this weekend I'll back up all my crap and factory reset my 101, set up the dummy e-mail account and see what this thing really wants with our wifi connections...
 
  • Like
Reactions: Tesla74
T

Tesla74

Senior Member
Dec 18, 2010
528
151
dancnpete said:
so at this point are we saying the root apk is a go? at least for back up purposes?
Click to expand...
Click to collapse

I would wait until we see what ExploreMN finds out this weekend.

@ExploreMN

Thank you for taking the time to do this. I know it is a lot of work to reload everything. It will be interesting to see what you find.

Tesla
 
ExploreMN

ExploreMN

Senior Member
Jun 23, 2007
1,574
463
Okay, I did it and I didn't see anything nefarious going on. In fact, it never even tried to contact the outside world (all traffic coming from it was local and/or broadcast only). Now, I don't know if there is some kind of "trigger" event that would cause it to download something in the background or transmit something.

I can only say that installing it, running it, and setting it to permanent root does not do anything.

The root does work (first app I installed was Wireshark for root LOL) and it worked okay.

So, for what its worth! There you go!

Oh, and just to be safe, I checked my test e-mail account and there were no other IP addresses except my own.
 
Last edited:
N

nashi20002003

Senior Member
Mar 7, 2010
123
32
Archangel -- -Means Archos Angel...

Hey guys...don't be too suspicious....

We got google Market on Archos 5IT and gen 8 thru a mysterious poster who only post once year when an new gen is released. He always visit us in December...or so....right before xmas. Well ...he never responds to questions, never post his code, .... All the google Market versions for Archos came from his first version...

He may well be part of Arcangel team... Archos did not exist on XDA back then ...now it's nice to see Archangel respond to questions and hang around..but i think he's doing so because there was so much doubt and questioning ....

I wonder if our mysterious angel on Archosfans is not the same as Archangel....
if you think about it this will prolong the life and the fun on Archos devices...why not get this boost which also safe: does not void warranty.....

People have even speculated that it's somebody from Archos.
Personally I don't know. All I know this is good and thanks Archangel.

Keep being the Archos Angel.
 
ExploreMN

ExploreMN

Senior Member
Jun 23, 2007
1,574
463
nashi20002003 said:
Hey guys...don't be too suspicious....
Click to expand...
Click to collapse

When you have e-mail addresses, passwords, credit card numbers and other personal information that could be compromised, it is smart to be suspicious and only a fool wouldn't be.

Especially if you are placing your faith in someone because of their "name" or their app having the name "angel" in it...
 
L

louis chan

Member
May 8, 2006
22
0
dfauvarq said:
I did a tcpdump on my dd-wrt router and I actually found something suspicious if confirmed by another person.

The first time I rooted I saw a HTTP GET to
apache2-twiddle.camelopardalis.dreamhost.com

...
Click to expand...
Click to collapse

You better kill all processes or running apps before you make the sniff.

==========

BTW, I should add this. I thought if a guy know how to obtain root and get your private info, he shouldn't tell you too much. Just attract your attention and install his apk without any hints or warning. And not all people want to get their device rooted.

Ofcoz, it is totally possible the stealing algorithm is so clever that it only runs at certain date/time or after a number of runs. And therefore can't be detected easily. Chances are? You have to take your own risk. But I'll give 90% confidence.

Anyway, thanks Archangel for the hack.
 
Last edited:
B

bgrnbrg

New member
Jan 27, 2011
1
0
Another apparently negative packet capture.

Reports were positive enough that I felt comfortable giving this a try... This is with the first app posted, not the revised one, and run on 2.1.02 firmware.

I have a Linux-based border router/firewall between my home network and the world. I ran tcpdump(1) with options to capture anything passing through with my Archos 43's IP address.

I started the first capture, and installed and ran the root app. I stopped the capture, restarted it, then connected to Google Market.

I can't find any malicious connections in either trace. Lots of traffic to Google, ntp queries and huge amounts of ARP spam, but nothing odd or suspicious.

For those running Wireshark, or another compatible analyzer, I've attached the two (zipped) capture files. (Don't complain to me if you don't know how to open them.)

I'll be happier once someone has disassembled the ls binary, but it's looking more and more legit.


grnbrg.
 

Attachments

  • archos.pcap.zip
    14.5 KB · Views: 21
  • archos2.pcap.zip
    55.2 KB · Views: 14
ExploreMN

ExploreMN

Senior Member
Jun 23, 2007
1,574
463
bgrnbrg said:
ntp queries and huge amounts of ARP spam, but nothing odd or suspicious.
Click to expand...
Click to collapse

That happens even if you have a clean factory reset device. LOL Every few seconds its ARPing all possible addresses on the subnet.

Looks like we got the same results. Not sure where the other person had the dreamhost.com request. It could be his system was compromised prior to this hack.
 
You must log in or register to reply here.

Similar threads

C
[ROOT] Howto root easily your Gen8 device [fw 2.0.71 - 2.4.83] + R/W FILESYSTEM
Replies
815
Views
489K
S
shanreecodr
L
Honeycomb on Archos gen8 [development thread] [early stage]
Replies
106
Views
98K
P
pen25
Quinny899
[GUIDE] ADB Driver Install for Dummies
Replies
37
Views
112K
J
JoseTMart
wdl1908
  • Sticky
[INFO] What is root? How do I root my gen8 device? What can I do when I have root?
Replies
54
Views
71K
N
Normanjhicks
minxwin
Archos 101 upgrade to Gingerbread and Higher.
Replies
22
Views
23K
Peelp5090
Peelp5090

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 15
    A
    archaism1
    Download rar file with apk:

    dump.ru/file/5037798
    or
    depositfiles.com/files/7sh8g638s

    rar password: cea69e0419

    sha1sum of apk: 80ff2925e12b8d3f2e9c0cabd5b294e6556b2e3f


    Archangel one-click-root from the Archaism Team

    This will give you temporary or permanent root on your Archos 101 - firmware 2.0.71

    Archos are kind enough to provide a SDE firmware which can allow root access,
    but involves some significant changes to the system and they say that they will
    invalidate your warranty if you install it. This is a bit frightening for new owners.

    Archangel solves this with a painless one-click-root which you can uninstall at any time.
    It does not use the SDE developer firmware.

    This was specifically designed for the Archos 101 with firmware 2.0.71 - it may work on
    other Archos devices or firmwares, but has not been tested and is not recommended for them.

    If you find this application useful, please donate to those great forums who have given
    the android root community so much. Encourage them to keep up their great work. We are
    fans of C-Skills Blog, XDA Developers and Modaco Forum.

    When installed, this app will use approx 10mb of storage space. Don't run it if you don't
    have that much spare.

    Usage Instructions:

    1) Make sure you have 10mb of space available on the internal storage
    2) Make sure you are connected on Wifi
    3) Run the Archangel app
    4) Click to install SuperUser application
    5) Click to get root!
    6) Check everything is working correctly, try an app which needs root
    7) Once you have root you can tick the "Permanent" root option to always have root.
    8) Party Hard!

    To turn off root, either just reboot, or turn off permanent root and reboot if you had
    enabled it.

    To uninstall, just uninstall like any other app. You may also want to use the menu item
    to clean up before you uninstall.

    You can create a script in /sdcard/sdcard/extraroot.sh and this will be executed as root
    whenver you reboot, so you can use this to do any additional root functions you want.

    Enjoy!
    View
    4
    wdl1908
    wdl1908
    Ok People I give up.

    There are a lot of people who tried to analyze the exploit to see if it's safe.

    Then you get people who start discussing network infrastructure and think they know how a network works.

    Then there is one that thinks a wifi connection is the same as a connection to the internet.

    I tried to explain these things and in general tried to help out. BUT nobody seems to appreciate the help so I give up.

    I you want to use it. Use it.
    If you don't want to use it then don't use it.

    I don't care anymore.
    View
    3
    A
    archaism1
    dump.ru/file/5041494
    or
    depositfiles.com/files/247x6gbwp

    rar password: b223844a132

    sha1sum of apk: 6a6cb89aa093a1d4671f5142fe156bcfc6535db4


    Achaism Team bring you a quick update of Archangel, we added some extra info
    about working devices and firmwares which have been reported.

    We also added some more options for the extraroot feature (see readme.txt)
    for advanced users.

    This version has a few tweaks which may make it take a bit longer but should
    make it a little more reliable.

    It also patches the vulnerability which it exploits and seals the system after.
    View
    2
    J
    jsperri
    You'll probably be happy to hear that this method still works (well, at least for me) on 2.1.2 ;)
    Tested on Archos 70 IT.

    hurrpancakes said:
    I hope this eventually works with 2.1.02. They finally put in wifi n connectivity with the newest firmware, and I would love to have root on that firmware
    Click to expand...
    Click to collapse
    View
    2
    A
    archaism1
    There is not much time for Q&A but here are some answers for some questions:


    Someone said that they couldn't use archangel to block ads... Here is an example extraroot.sh script to do that:


    make an extraroot.sh in linux text format (not dos/windows) like so:

    --- cut here ---
    cat <<EOF >/tmp/hosts
    127.0.0.1 localhost
    127.0.0.1 pagead2.googlesyndication.com pagead.l.google.com googleads.g.doubleclick.net
    127.0.0.1 api.admob.com mm.admob.com r.admob.com mob.adwhirl.com cus.adwhirl.com met.adwhirl.com
    EOF
    mount --bind /tmp/hosts /etc/hosts
    --- cut here ---

    There are many good mods which can safely be done in ways like this above. Nice forum people can post their recipes maybe?



    Someone else asked about when they reboot their device and there is no wireless and they need root:

    In this case perhaps use the deep sleep option instead of power off, if it is a huge problem for you to do this there are other more serious rooting methods like the SDE methods good people have worked on.



    Someone else asked about the new patch/seal in archangel version 2:

    This only applies until after reboot as archangel makes no changes which can not be reversed for the safety of your archos



    A question from archaism:

    Does this still work with firmware 2.1.03 ? Can anyone answer this? don't risk yourself to find the answer, but it would be nice to know.


    There may be more updates in the future but do not get unhappy if there are not or questions remain not answered
    View

New posts