Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,812,702 Members 45,937 Now Online
XDA Developers Android and Mobile Development Forum

[ROOT] Universal root method for all variants.

Tip us?
 
Ricky Divjakovski
Old
#41  
Ricky Divjakovski's Avatar
Recognized Contributor - OP
Thanks Meter 5,287
Posts: 3,592
Join Date: Feb 2013
Location: Sydney

 
DONATE TO ME
[QUOTE=jcase;51968681/sdcard/ is not a normal file system, setting such permissions won't work. Place the giles on a normally mounted ext file system, like /data/local/tmp not one mounted using fuse

Repacking won't work due to signature validation during the flashing stage.

"only solution is looking for a bootloader unlock" What, how do you come to such a conclusion? It isn't a valid conclusion.

Please adjust your thread title, it is inaccurate and likely to cause confusion for those that don't know any better.[/QUOTE]

Quote:
Originally Posted by jcase View Post
Am I missing something here? This is just SuperSu's update.zip with a couple minor additions, it isn't a root kit and roots nothings. the majority of the entire package is straight out of Chainfire's update.zip, which accomplishes the same thing. It certainly won't "root any ARM device", it will certainly install SuperSu on some of them with a custom recovery (but no it will not work on all, even with a custom recovery.


Code:
ui_print("******************************************");  
ui_print("            Installing S5Tools");  
ui_print("******************************************");  
ui_print("    BROUGHT TO YOU BY RICKYS KITCHEN"); 
ui_print("             BY RICKY310711"); 
 
unmount("/system"); 
ui_print("Mounting System"); 
run_program("/sbin/mount", "-t", "auto", "/system"); 
 
ui_print("Executing checkpart"); 
package_extract_file("tmp/chechpartroot", "/tmp/chechpartroot.sh"); 
set_perm(0, 0, 0777, "/tmp/chechpartroot.sh");  
run_program("/tmp/chechpartroot.sh"); 

ui_print("Extracting data"); 
package_extract_dir("system", "/system"); 
 
ui_print("Setting permissions"); 
set_perm(0, 0, 06755, "/system/xbin/su"); 
set_perm(0, 0, 06755, "/system/xbin/daemonsu"); 
set_perm(0, 0, 06755, "/system/bin/.ext/.su"); 
run_program("/system/xbin/su", "--install"); 
 
ui_print("******************************************"); 
ui_print("        Successfully Installed"); 
ui_print("******************************************"); 
set_progress(1.0);
Code:
./system/app:
total 4456
drwxr-xr-x@ 3 jcase  staff      102 Apr 13 20:27 .
drwxr-xr-x@ 7 jcase  staff      238 Apr 16 21:30 ..
-rwxr-xr-x@ 1 jcase  staff  2278361 Apr  4 04:04 Superuser.apk

./system/bin:
total 0
drwxr-xr-x@ 3 jcase  staff  102 Apr 13 20:30 .
drwxr-xr-x@ 7 jcase  staff  238 Apr 16 21:30 ..
drwxr-xr-x@ 3 jcase  staff  102 Apr 13 20:27 .ext

./system/bin/.ext:
total 224
drwxr-xr-x@ 3 jcase  staff     102 Apr 13 20:27 .
drwxr-xr-x@ 3 jcase  staff     102 Apr 13 20:30 ..
-rwxr-xr-x@ 1 jcase  staff  113036 Feb 14 18:34 .su

./system/etc:
total 8
drwxr-xr-x@ 5 jcase  staff  170 Apr 13 20:27 .
drwxr-xr-x@ 7 jcase  staff  238 Apr 16 21:30 ..
-rwxr-xr-x@ 1 jcase  staff    0 Feb 14 18:34 .installed_su_daemon
drwxr-xr-x@ 3 jcase  staff  102 Apr 13 20:30 init.d
-rwxr-xr-x@ 1 jcase  staff  629 Feb 14 18:34 install-recovery.sh

./system/etc/init.d:
total 8
drwxr-xr-x@ 3 jcase  staff  102 Apr 13 20:30 .
drwxr-xr-x@ 5 jcase  staff  170 Apr 13 20:27 ..
-rwxr-xr-x@ 1 jcase  staff   55 Feb 14 18:34 99SuperSUDaemon

./system/xbin:
total 448
drwxr-xr-x@ 4 jcase  staff     136 Apr 13 20:27 .
drwxr-xr-x@ 7 jcase  staff     238 Apr 16 21:30 ..
-rwxr-xr-x@ 1 jcase  staff  113036 Feb 14 18:34 daemonsu
-rwxr-xr-x@ 1 jcase  staff  113036 Feb 14 18:34 su

./tmp:
total 8
drwxr-xr-x@ 3 jcase  staff  102 Apr 13 20:37 .
drwx------@ 6 jcase  staff  204 Apr 16 21:30 ..
-rwxr-xr-x@ 1 jcase  staff  264 Apr 13 20:39 checkpartroot
so why exactly would It work in /data/local/tmp and not /sdcard(/data/media/0)?
im going by the process of gaining root on previous devices, never dealt with a device with a locked bootloader other then my old htc..
also I came to that conclusion as thats MY only other known option.
Like my blog on facebook, add me to your circles, follow me on twitter or donate to me with paypal
 
jcase
Old
#42  
jcase's Avatar
Forum Moderator / Senior Recognized Developer - Taco Vendor
Thanks Meter 7,652
Posts: 3,758
Join Date: Feb 2010
Location: Sequim WA

 
DONATE TO ME
Quote:
Originally Posted by ricky310711 View Post
so why exactly would It work in /data/local/tmp and not /sdcard(/data/media/0)?
im going by the process of gaining root on previous devices, never dealt with a device with a locked bootloader other then my old htc..
also I came to that conclusion as thats MY only other known option.

/data is mounted as ext4(?) file system, or something with similar permission capabilities
The fake sdcard is not, see http://en.wikipedia.org/wiki/Filesystem_in_Userspace for an indepth explanation.
I'm taking a break of an undetermined length. Please don't contact me about exploits

Something important? jcase@cunninglogic.com
Like Android security topics? Join our G+ community -> https://plus.google.com/communities/...07618051049043
The Following User Says Thank You to jcase For This Useful Post: [ Click to Expand ]
 
open1your1eyes0
Old
#43  
open1your1eyes0's Avatar
Senior Member
Thanks Meter 3,324
Posts: 2,194
Join Date: Dec 2010
Location: New York City

 
DONATE TO ME
@ricky310711

May also want to look at /mnt/extSdCard directory (if you happen to have a microSD card you can format as exFAT).

This directory worked on the S4 for one kernel-based exploit (perf_event) where /data/local/tmp did not actually (details).

Not sure if anything changed with KitKat as far as that directory is concerned but worth a try.




The Following 2 Users Say Thank You to open1your1eyes0 For This Useful Post: [ Click to Expand ]
 
xHausx
Old
#44  
xHausx's Avatar
Forum Moderator / Recognized Developer
Thanks Meter 4,521
Posts: 6,772
Join Date: Jul 2010
Location: Central Florida

 
DONATE TO ME
Quote:
Originally Posted by ricky310711 View Post
chmod 775 /sdcard/busybox : permission denied

/sdcard/busybox --help : permission denied

/sdcard/chmod 775 /sdcard/busybox : permission denied

cant do anything without the abillity to set permissions :/
at the moment the only root method I can hope for is using a factory system image, unpacking, rooting, repacking and flashing with odin...
other then that the only solution is looking for a bootloader unlock, and im unable to do that as I dont have the device and needs ALLOOOOT of testing

if you have any suggestions/advice feel free to let me know, its got me wrapped in a ball :/
The SD Card is always supposed to be mounted as noexec, it's been this way since at least Froyo.
 
xHausx
Old
#45  
xHausx's Avatar
Forum Moderator / Recognized Developer
Thanks Meter 4,521
Posts: 6,772
Join Date: Jul 2010
Location: Central Florida

 
DONATE TO ME
Since this update zip requires a custom recovery, and you need an unlocked device before you can install a custom recovery, it is misleading to advertise this as a way to root a device. It's also unnecessary since the update Chainfire created does the exact same thing.

The only thing I can find that you created is your "checkpartroot" script that doesn't serve any purpose.

Thread closed.
The Following 8 Users Say Thank You to xHausx For This Useful Post: [ Click to Expand ]
THREAD CLOSED
Subscribe
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes