Thread Closed

Stupid SU: Galaxy S 4 stock+root helper

OP supercurio

17th May 2013, 09:03 PM   |  #1  
supercurio's Avatar
OP Senior Recognized Developer
Flag Chambéry
Thanks Meter: 5,072
 
3,529 posts
Join Date:Joined: May 2010
Donate to Me
Hi guys!

As some of you must have noticed, latest Samsung GT-I9500 firmwares carry a kernel configuration supposed to prevent SETUID privilege elevation.
Stock unmodified firmware with root is my preferred setup but also a strong dependency for all my development, for me this change is a massive setback if not a dealbreaker.

While poking around I found in about an hour something weird that reveled being a vulnerability, so I created a little thing to make it useful for now.

README:
Quote:

Stupid SU: Galaxy S4 root helper by François SIMOND aka @supercurio

Circumvent an extremely weak false-security "Anti Root" mechanism implemented
on latest Samsung Galaxy S4 devices (on both Exynos and Qualcomm versions)

Preventing proper root function on official firmware breaks all my Voodoo apps
requiring stock+root and is a move that's hostile to both users and developers.

Samsung security might be embarassed by this proof of concept, as it defeats
their mechanism in a single line... not even with complex ARM assembler
but *one* line of shell script.
However, the goal here is to show Superuser solutions developers how to
deal with those devices for now, and provide a working solution to people who
bought a Galaxy S4 expecting to root it cleanly and easily but cannot.

This proof of concept is slightly slowing down Superuser calls, but its
"plain text" implementation has the merit of showing how stupid this exploit is.

SELinux configuration stays unmodified and active.

Features:
- Detect and supports both SuperSU and Koush's Superuser
- Installs Super SU binary by default

Make sure you have one of those Superuser apps installed:
- https://play.google.com/store/apps/d...utta.superuser
- https://play.google.com/store/apps/d...infire.supersu

Root feature doesn't rely on a "StupidSU kernel" which is only an installer.
Feel free to flash back Samsung's original boot.img from their official firmware
after booting at least once.

Important Note:
This "exploit" is so lame that it will be fixed in no time, making updated S4
a pain to root again.

I wish Samsung will reconsider their "Anti Root" approach, which is damageable
in every regard and defective by design as demonstrated here.
Also, I'm simply not interested developing for and promoting devices from
manufacturers hostile to developers: It's just a waste of valuable time.

INSTALL
Quote:

1/ copy rooting/ directory in your initramfs

Make sure "root.sh" file is has an executable permission (chmod 744 recommended)


2/ Add those lines at init.universal5410.rc end:

# Stupid SU
service rooting /stupidsu/root.sh
class main
user root
group root
oneshot

3/ Assemble your initramfs with the associated Samsung official kernel binary
of choice in a regular boot image

4/ flash as boot.img

5/ At each boot, Superuser app are detected automatically and su binary adjusted
accordingly.


Source code

On GitHub


License


Kernels downloads, only for demo purposes of the concept, you can flash back original Samsung boot.img once rooted

GT-I9500 Stock + root StupidSU v4 UBUAMDE
GT-I9500 Stock + root StupidSU v4 XXUAMDK
GT-I9500 Stock + root StupidSU v4 XXUAME1

What's next

Owners of Qualcomm Galaxy S 4 devices experiencing the same dificulties with Samsung the anti root strategy might want to try this method, please let me know if you're ready for some experimentations.
Last edited by supercurio; 20th May 2013 at 08:36 PM.
The Following 42 Users Say Thank You to supercurio For This Useful Post: [ View ]
17th May 2013, 11:28 PM   |  #2  
muhamet's Avatar
Senior Member
Flag Skopje
Thanks Meter: 146
 
818 posts
Join Date:Joined: Feb 2011
More
Supercurio pleas add thraed t General section i think ther well bee lots of testers for i9505.thx for suport

Sent from my LG-P500 using xda app-developers app
17th May 2013, 11:38 PM   |  #3  
Senior Member
Flag Kurnool, Andhra Pradesh
Thanks Meter: 4,390
 
2,685 posts
Join Date:Joined: Nov 2009
More
Going to try this on latest LE1 stock kernel now .....thread is in correct section

edit: did not work on LE1 kernel. I will try once again. DId any one tried the MDK kernel..I am having again the problem with SU binaries installation..

Edit: Thanks bro. working on ME1 kernel now. Did mistake while doing tar. Appreciate it! Root is working fine but cant update the binaries of Supersu, still the root works fine.
Last edited by grgsiocl; 18th May 2013 at 07:12 AM.
18th May 2013, 05:43 AM   |  #4  
Rahulrulez's Avatar
Senior Member
Flag India
Thanks Meter: 1,444
 
1,638 posts
Join Date:Joined: Oct 2010
Donate to Me
More
Here comes the master welcome to SGS4 development forum mate.. (rahulzeven from twitter here )
18th May 2013, 06:28 AM   |  #5  
GSeeker's Avatar
Senior Member
Flag Guangzhou
Thanks Meter: 94
 
347 posts
Join Date:Joined: Aug 2008
More
So the BEST thing's just happened?!
18th May 2013, 07:16 AM   |  #6  
Senior Member
Flag Kurnool, Andhra Pradesh
Thanks Meter: 4,390
 
2,685 posts
Join Date:Joined: Nov 2009
More
i repacked the kernel of Samsung-Updates.com-KERNEL-GT-I9500-XSE-I9500XXUAME1-1367637350 using supercurio method. Root works fine. All we need to is install it from ODIN and dont update the binaries of supersu.

Download Link

Edit: New file uploaded
Last edited by grgsiocl; 18th May 2013 at 08:02 AM.
The Following 4 Users Say Thank You to grgsiocl For This Useful Post: [ View ]
18th May 2013, 07:45 AM   |  #7  
GSeeker's Avatar
Senior Member
Flag Guangzhou
Thanks Meter: 94
 
347 posts
Join Date:Joined: Aug 2008
More
Quote:
Originally Posted by grgsiocl

i repacked the kernel of Samsung-Updates.com-KERNEL-GT-I9500-XSE-I9500XXUAME1-1367637350 using supercurio method. Root works fine. All we need to is install it from ODIN and dont update the binaries of supersu.

Download Link

Thanks fo much! Will Titanium Backup work on this kernel?
18th May 2013, 07:50 AM   |  #8  
walda's Avatar
Senior Member
Thanks Meter: 229
 
1,267 posts
Join Date:Joined: Apr 2010
More
Hope chainfire will start working on mobileOdin soon. So much easier to flash than.

... tapat*lked
18th May 2013, 08:03 AM   |  #9  
Senior Member
Flag Kurnool, Andhra Pradesh
Thanks Meter: 4,390
 
2,685 posts
Join Date:Joined: Nov 2009
More
Quote:
Originally Posted by GSeeker

Thanks fo much! Will Titanium Backup work on this kernel?

wrong file uploaded. Please download the same in 5 minutes. Uploading is on and the kernel date should be MAY 04

---------- Post added at 12:33 PM ---------- Previous post was at 12:28 PM ----------

Quote:
Originally Posted by GSeeker

Thanks fo much! Will Titanium Backup work on this kernel?

it should work as i dont use titanium backup and instead i use gobackup pro and it works fine anyway
The Following User Says Thank You to grgsiocl For This Useful Post: [ View ]
18th May 2013, 08:09 AM   |  #10  
jlevy73's Avatar
Senior Member
Los Angeles
Thanks Meter: 1,304
 
9,261 posts
Join Date:Joined: Nov 2009
MDK from OP working good, thanks

Thread Closed Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes


Top Threads in Galaxy S 4 i9500 Original Android Development by ThreadRank