I'm getting increased queries and replies in this post/PM recently, so I'll try to make this clear (hopefully) for 99% of people. Short version of OP which you must read:
1. Don't install 5.1.1 for now if you ever want to root without tripping Knox warranty.
2. No new ROM can be supported as bug has been fixed.
3. If you don't know how to check a kernel's build date, DO NOT submit FPTAG.
New bootloader blocks downgrading, be careful installing 5.1.1 OTA! More details: http://forum.xda-developers.com/tmob...5-1-1-t3136151
Kernel built after May 15th (including some 5.0.2 and all 5.1.1) have this bug fixed. Be cautious when installing OTA these days and FlashFire might be your best shot of upgrading systems. Use Odin to unroot and receive OTA if you want.
Current version: Beta 6 (HTC One (M9) SUPERSU VERSION! Check updated Usage section!)
Since Beta 5.2: Should be more "stable" on devices with more application installed, but I'm not 100% sure. If it doesn't work, roll back to beta 5.1
I'm getting too many queries about Note 4. Two things to clarify: 1) No device data needed to root Note 4, try KingRoot 4.0. 2) Unless you have KNOX warranty bit tripped already, there is no perm-root for Note 4 yet.
If you have decent bandwidth and experience with ROM files, please see this: http://forum.xda-developers.com/gala...hread-t3104639. Volunteers needed to speed up adding new ROMs.
Big THANK YOU to all helped collecting ROMs. Now we have 91+2 ROM versions supported!
FPTAG fingerprint here
So I can quickly filter FP out of the replys by using search. Thanks.
Samsung Galaxy S6 with following ROM versions:
***new*** Use Download Data!
Samsung Galaxy S6 Edge with following ROM versions:
***new*** Use Download Data!
G9250ZTU1AOE4 (5/11 kernel, seems not fixed yet, please test)
SCV31KDU1AOCP (Japan version of S6E?)
HTC One (M9) -- EXPERIMENTAL, UNLOCKED BL REQUIRED
Verizon 1.33.605 (?)
New ROM and device support are coming~~
If your ROM version is not listed here, please check if any ROM with the same variant is already supported. If the supported one is newer, I suggest go and grab it instead of waiting.
Coming next release: (will come after SuperSU version)
Check the workshop thread: http://forum.xda-developers.com/gala...hread-t3104639 but DO NOT REPLY UNLESS YOU ARE WORKING ON ROMS. Thank you for keeping that post clean!
OK, since manual switch is too complex and there are some compatibility issue of Kinguser, I'm making a SuperSU version now.
Note that due to the natural that SuperSU su doesn't ask for permission when SuperSU apk is missing, root will only happen when SuperSU apk has been installed. Read instrucitons below CAREFULLY!
0. Read Q&A section and BACKUP your data.
1. If you already have Kinguser installed please:
a. Open Kinguser, go to Settings -> Root authorization setting -> Remove Root permission. Click to remove root permission2. Download pingpongroot_<ver>.apk. Install & open it.
b. Uninstall Kinguser
3. It will automatically install SuperSU 2.46 for you. Follow the instructions on screen. You may need to enable unknown source for this step.
a. Once install is finished, click “Open" and run it once to "activate" it. It will prompt an error message (unless you already rooted) and exit automatically, bring you back to PingPong root.4. Click "Download Data" button to update device data if you have Internet connection.
5. Open it and click "Get Root!" button
6. If prompted for app permissions, allow them and continue. If it reboots, just retry.
7. Once finished, please make sure to reboot.
8. You can uninstall PingPong root app once finished.
Vulnerability: memeda, wushi
Original idea of exploit: memeda
Exploit: idl3r, Qoobee
Special thanks to:
Kingroot team (@Kingxteam) for help testing and great root manager
Q: How to root 5.1.1 then since PingPong root will never work?
WARNING: User report that fingerprint sensor and incoming call stop working after using the engineering sboot.
A: The classic recovery root method. You shall find details in many other posts. If you are T-Mobile user, lucky for you that there is a leaked engineering bootloader which make root a piece of cake without tripping Knox warranty bit:
Q: It just keeps rebooting, what can I do?
A: The exploit may panic the kernel and reboot your device. If the data is off, same could happen as well. When issue happens, try these:
a. Clean up background process before running root.If these doesn't help after 5 retries, there could be some issue, please collect the information in /proc/last_kmsg and send it to me.
b. Turn on airplane mode after clicking "Download Data".
c. Backup your data and run factory reset.
d. Definitely avoid doing anything else when "wait!!!" appears.
Note: User reporting installing My Knox or enable other Knox feature (like enterprise provision or KNOX active protection) may cause reboot loop. Be cautious!
Q: My ROM is not yet supported?
A: Since I have limited bandwidth to download ROMs, I have to prioritize ROM requests and focusing on new variants/models first. And currently recruiting volunteers to help download/shrink ROMs.
If you see your ROM FP is not listed, but a very similar one (may be just the last digit or character is different) exists, please see if you can flash that version of ROM. I'm sure you can find someone helping you in corresponding forum.
Q: Will Samsung Pay/My Knox work?
A: To be honest I can't tell for sure. Indeed this root does not trip warranty bit. But it still leaves SU files, which is inevitable, on system partitions. And a lot of root features actually make change to system partition, so let's say it can be detected. If Samsung makes the decision that there will be no certain feature for presence of a su file, then there will be no fun. IMHO this is very bad idea since even Apple doesn't disable anything on jailbreak devices. Let's see what will be the outcome. This makes sense to enterprise uses but for consumers at least a choice should be given.
Q: Note4/Z3/Old Samsung/etc?
A: We also wrote the rooting engine in KingRoot 4.0 for generic 32-bit devices. Give it a try. Note that for some devices like Note4, only temp root is achievable.
Q: Why "PingPong" root?
A: Because the vulnerability affects ping socket and we are Chinese
Q: What's the current status of this tool?
A: Beta. We've thoroughly tested it on ROMs for G9200, but not other variants. You are the 1st batch of beta testers!
Q: Is my device supported?
A: You can check the version of your ROM in "About this phone" page. It shall read LRXxxx following by the ROM version.
This tool checks your ROM version as well. If you read "Your device data is still not supported." after clicking "Get Root!", your device data has not been collected yet. Please reply with your ROM version plus keyword "FPTAG" in this thread.
Q: Will this root trip KNOX warranty bit or disable OTA?
A: No, it won't trip KNOX warranty bit and YES, it will disable OTA. It doesn't require odin to flash in a custom recovery, so the warranty bit will remain intact.
Q: I'd like switching to SuperSU, what shall I do?
1. Download supersu.7z and extract it. You will get the files needed to install Supersu.
2. Using adb to push su and busybox (if not installed) to /data/local/tmp.
adb push su /data/local/tmp adb push busybox /data/local/tmp
mount -o remount,rw /system cat /data/local/tmp/su >/system/xbin/daemonsu && chmod 0755 /system/xbin/daemonsu cat /data/local/tmp/busybox >/system/bin/busybox && chmod 0755 /system/bin/busybox daemonsu -d &
4. Open Kinguser, go to Settings -> Root authorization setting -> Remove Root permission. Click to remove root permission. Your su session should be still running.
5. Uninstall Kinguser app.
6. Go back to the su session and run following commands to replace su and cleanup:
cat /data/local/tmp/su >/system/xbin/su && chmod 0755 /system/xbin/su busybox chattr -ia /system/bin/ddexe busybox chattr -ia /system/bin/ddexe_real cat /system/bin/ddexe_real >/system/bin/ddexe busybox chattr -ia /system/xbin/ku.sud rm /system/xbin/ku.sud rm /system/xbin/pidof rm /system/xbin/supolicy
8. Open Supersu apk to update files.
Q: S6 Edge/G Flex 2/M9/other arm64 devices?
A: We will look into them soon
S6 Edge: Done
G Flex 2/others: pending
Q: I need a video to guide me through
A: Check out this one: https://youtu.be/_Ezh7Oi-jyM
(Note: these are for earlier version)
and this one: http://youtu.be/eAQ4WBg9xj0
To all sent me PM: I'm sorry that the reply could be delayed. Currently we are busy working on supporting of new ROMs and fixing bugs. To all those providing useful info/suggestion, thanks a ton!