FORUMS

FYI: KEYone susceptible to Janus vulnerability - rooting possible?

270 posts
Thanks Meter: 115
 
Post Reply Email Thread
Using the Janus vulnerability, you can swap out the classes.dex from apps without tripping the Android security features. This works up until the November patch versions on the KEYone.

You can use this to swap the classes.dex of system apps, e.g. the Updater, and make it do whatever you want (with system rights). Just decompile the Updater APK, make your modifications, compile it back and attach the modified classes.dex to the original APK (downloaded from your device). Then "update" the app via adb / pm.
The Following User Says Thank You to mbirth For This Useful Post: [ View ] Gift mbirth Ad-Free
6th March 2018, 10:32 AM |#2  
Sinfamy's Avatar
Senior Member
Thanks Meter: 62
 
More
Any progress?
12th March 2018, 11:16 PM |#3  
Member
Thanks Meter: 8
 
More
Actually this sounds not that bad, this would be a "key feature" when buying an Android phone, no root is an absolute no-go for me.

On the other hand I really would like to get hands on a KeyOne, not as "daily driver" (I still love my Q10 and I have a second as backup), but in addition. Why I want to have "root"? Just simply to be able to make full, local backups from the phone and because I want to decide, which software is running or even installed on my device!

BTW: Are there older and current ROMs for the KeyOne to be downloaded somewhere?

Thanks a lot, regards,
24th June 2018, 05:54 PM |#4  
Paisley Pirate's Avatar
Member
Flag Hooterville
Thanks Meter: 3
 
More
Quote:
Originally Posted by thgxda

Actually this sounds not that bad, this would be a "key feature" when buying an Android phone, no root is an absolute no-go for me.

On the other hand I really would like to get hands on a KeyOne, not as "daily driver" (I still love my Q10 and I have a second as backup), but in addition. Why I want to have "root"? Just simply to be able to make full, local backups from the phone and because I want to decide, which software is running or even installed on my device!

BTW: Are there older and current ROMs for the KeyOne to be downloaded somewhere?

Thanks a lot, regards,

I feel the backup pain, however - the difference between data backup (easy) versus full system backup - really is it necessary? Or just a "want to" item? (you have to answer that one for yourself...)

AFA the ROMS list, there is a good write up over on Crackberry about that:

CB-how-upgrade-downgrade-keyone-beginners

NOTE: there are many (!) variants of the KEYone - and so many variants of what's out there. NONE allow root. That goes against the very thought of being "secure" - but heck, your Q10 doesn't really give you root access - all you can do is use the leaked versions of whatever BB10 is floating around. - I was an early user of BB10, and just got my KEYone because my Passport went sideways... so yeah, I get it. I also know that, so far, other than the want to, I haven't seen much need in actually rooting it (unlike the Huawei that I carried for the better part of a year)

YMMV.
24th June 2018, 10:14 PM |#5  
Member
Thanks Meter: 8
 
More
Quote:
Originally Posted by Paisley Pirate

I feel the backup pain, however - the difference between data backup (easy) versus full system backup - really is it necessary? Or just a "want to" item? (you have to answer that one for yourself...)

for me I can say, that mostly the possibility to make real full system backups and to create a backup of every app with Titanium is the most important reason, getting full root access. For me, that is mandatory!

Quote:

NOTE: there are many (!) variants of the KEYone - and so many variants of what's out there. NONE allow root. That goes against the very thought of being "secure" -

I know, the my hope was, getting a sudo installed, when a bug in Android would make this possible. Anyway I will not get a KEYone, because I do no like the device very much, mostly I do not like the current keyboard, nor the rounded screen.

Quote:

but heck, your Q10 doesn't really give you root access - all you can do is use the leaked versions of whatever BB10 is floating around.

You are absolutely correct, BB10 means no root and mostly no backup of internal data, like SMS or app-data that do not support any backup from within the app.

I do not like this and I don't want this again with my next device. But right now, I didn't found an successor for my Q10. It's currently just the perfect device for me.

Maybe the "KEYtwo" will be a more interesting device, at least the keyboard should be much better, it seems to be similar to one in my Q10. But again, no root access available ...
Post Reply Subscribe to Thread

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes