Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,733,372 Members 39,655 Now Online
XDA Developers Android and Mobile Development Forum

[DOC][DEV][25/07] Search for root-access: first beta testers with S-OFF

Tip us?
 
Elim
Old
(Last edited by Elim; 27th July 2011 at 09:21 AM.)
#1  
Elim's Avatar
Senior Member - OP
Thanks Meter 304
Posts: 1,484
Join Date: Feb 2008
Location: Antwerpen
Exclamation [DOC][DEV][25/07] Search for root-access: first beta testers with S-OFF

Got root rights
Many functions and and changes in the system need root rights on our phone. In this thread I will describe all steps I and others did, to get them.

In this post you will find a history off all steps and the status, in post #2 a detailed documentation and in post #3 one day tutorials.

Status: beta testers with S-OFF
  • 11.6.2011: Open this thread
  • 12.6.2011: Collect all informations (and unpack my own Flyer )
  • 19.6.2011: Prepare PC and Flyer
  • 20.6.2011: run first script to got root rights in a shell (no success)
  • 24.6.2011: Rooted for S-OFF Flyers (by dalada)
  • 15.7.2011: Temp root rights with the fre3vo tool by agraben.
  • 18.7.2011: Permanent temp root rights by eugene373
  • 25.7.2011: First beta testers got S-OFF with help from the alpharev team.

Samsung Note 10.1 edition 2014 ROM:

HTC one ROM:
The Following 6 Users Say Thank You to Elim For This Useful Post: [ Click to Expand ]
 
Elim
Old
(Last edited by Elim; 27th July 2011 at 09:28 AM.)
#2  
Elim's Avatar
Senior Member - OP
Thanks Meter 304
Posts: 1,484
Join Date: Feb 2008
Location: Antwerpen
Post Changelog and old versions

Documentation
The first stept to got root access to our HTC Flyer is to find a method which works. Until the first android phone are many different methods are successful but most off them didn't work for gingerbread.

I will first document all steps I or someone else did. Until know we have nothing but help and ideas are welcome.
After we find a way to become root access, we have to write a tool for everybody and after that the work begins... for all other stuff like custome ROMs

1.1 What others try
Here is a list off unsuccessful attempts until now:So, no standard, popular tool works... But can everybody, who check one of the tools above (or something else), send me the log-files which are produced? thx.

PS. I found that different tools with the same name exists (e.g. 1-click), so when you test one of these tools, please can you specify which tool you use, with the version number. Thx.

1.2 Next steps
Okay, I didn't expect that it will be such easy. Next step for me is to read about all this methods in detail and check why they didn't work with the Flyer to find a little hole to get through...

1.3 Use fre3vo tool
After some changes and with the help from agrabren we got successful temp root rights. Until now we found with this tools the following exploits:
  • HTC EVO view 4G: last version contains exploit
  • HTC Flyer WiFi 16GB: exploit at adress 38126600:a00
  • HTC Flyer 3G 32GB: exploit ad address 38125e00:1200

1.4 beta-tests for alpharevX
The first beta testers got their Flyer S-OFF.

For more information and the current status read the last postings or on the alpharev homepage if the Flyer is now supported. But don't use the current verion 0.2pre5, it will not work!

All thanks go to team TeamWin and team alpharev and not to me!!! I only document until now the process.

Samsung Note 10.1 edition 2014 ROM:

HTC one ROM:
The Following User Says Thank You to Elim For This Useful Post: [ Click to Expand ]
 
Elim
Old
(Last edited by Elim; 15th July 2011 at 08:27 PM.)
#3  
Elim's Avatar
Senior Member - OP
Thanks Meter 304
Posts: 1,484
Join Date: Feb 2008
Location: Antwerpen
Lightbulb Tutorials

Tutorials

Bootloader
Open the bootloader

HTC add a special "fastboot" option to his android devices. When fastboot is active the device can be set-on very fast but you can't open the bootloader with fastboot active. Therefore you have first to deactived the fastboot option.

1. deactivate fastboot
  • go to settings
  • select "Power"
  • unchek "fastboot"
  • switch off the Flyer
2. open bootloader
  • hold down volume-down button
  • hold down power button
  • wait until bootloader open by holding both buttons together down

Reset
So long we make test but also when we have an exploit, I am sure we need the functionality to reset our devices.

On other devices I remove the battery but the Flyer one is build-in and can't be removed.

Soft reset
  • Tap and hold on the Volume Up and Volume Down buttons
  • While holding on the Volume Up and Volume Down buttons, please tap and hold the Power button until the screen closes.
(Source: HTC)

Hard (factory) reset
  • Press and hold the VOLUME DOWN button
  • briefly press the POWER button
  • Wait for the screen with the three Android images to appear
  • release the VOLUME DOWN button
  • Press VOLUME DOWN to select FACTORY RESET
  • press the POWER button.
(Source: HTC)

Temp root
with the tool fre3vo
  • Be aware that this is only temp root and the device is still locked and you can brick your Flyer when you did something wrong with you root rights. Solong the device is locked, don't remove anything from the /system directory!!!
  • Download the last version from here
  • Download the android sdk
  • Close HTC sync (or any other tool which maybe listen on the USB ports)
  • use the adb tool from sdk with following commands (replace [exploit adress] with correct address from #2):
    adb push fre3vo /data/local/tmp
    adb shell chmod 777 /data/local/tmp/fre3vo
    adb shell /data/local/tmp/fre3vo -debug -start [exploit address] -end [exploit address]
(all work done by agrabren and the fre3vo team!)

Samsung Note 10.1 edition 2014 ROM:

HTC one ROM:
The Following 3 Users Say Thank You to Elim For This Useful Post: [ Click to Expand ]
 
habibas
Old
#4  
Member
Thanks Meter 2
Posts: 61
Join Date: May 2009
do the root and the 50$ is for you
 
ex69
Old
#5  
Senior Member
Thanks Meter 13
Posts: 106
Join Date: Aug 2007
There is a couple hundred bucks easily in the bounty in general section. My addition still stands.

Good luck.
HTC EVO 4g LTE Rooted/S-off | Flashaholic

Galaxy Note 10.1, Still 100% stock!
 
senji75
Old
#6  
Member
Thanks Meter 4
Posts: 48
Join Date: Apr 2011
probably a newbie question, but is it not working because they locked the bootloaders?
 
argh2000
Old
#7  
Senior Member
Thanks Meter 14
Posts: 202
Join Date: Nov 2003
I agree $$ if you rooted HTC Flyer .
Phone History:
LG G3 - White (current)

Samsung S4 - Artic Blue
Sony Xperia Z- White
Samsung Galaxy Note/ Samsung Galaxy Note II
Samsung SII/ Samsung S III
iPad 1/ iPad 2/ iPad 3rd Gen
iPhone 2G/ iPhone 3G/ iPhone 3Gs/ iPhone 4/ iPhone 4s
XDA II/ XDA Exec
SonyEricsson T28c
Nokia 6110/Nokia 8250/ Nokia 8810/ Nokia 6120/ Nokia 8850/ Nokia Communicator 9210
 
Elim
Old
(Last edited by Elim; 12th June 2011 at 07:45 AM.)
#8  
Elim's Avatar
Senior Member - OP
Thanks Meter 304
Posts: 1,484
Join Date: Feb 2008
Location: Antwerpen
Quote:
Originally Posted by senji75 View Post
probably a newbie question, but is it not working because they locked the bootloaders?
Locked bootloader
Yes, this is the problem. But I don't think that HTC at the end really unlock all his bootloaders and also with a locked bootloader it can be possible to get root access. So, when HTC like to help us, it's possitive, when not... let's try

And we are not allone, also the Sensation has the new locked bootloader and the devs there are also working on it. And maybe a solution there help us also.

Samsung Note 10.1 edition 2014 ROM:

HTC one ROM:
 
AndroidMobileNZ
Old
#9  
AndroidMobileNZ's Avatar
Senior Member
Thanks Meter 13
Posts: 155
Join Date: Aug 2010
Do we know if an XTC Clip works on the Flyer? I realise this is a hardware solution, but it would be good to know...
Phone: Samsung Galaxy Note 2
Tablet: Nexus 7, Windows Surface RT
Mobile Kiwi
 
LowFire82
Old
#10  
LowFire82's Avatar
Senior Member
Thanks Meter 20
Posts: 122
Join Date: Apr 2011
Location: Fort Myers
The GingerBreak.apk does not work, got that

Has anyone run the manual way with the binary file? Even to see if temp root could be accomplished?

I may try tonight when I get off work to see what happens..

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes