[XAP] WP7 Root Tools 0.8 for MANGO

THIS THREAD IS DISCONTINUED!
WP7 ROOT TOOLS 0.9 HAS BEEN RELEASED!

Download here: www.wp7roottools.com

Further discussion: here
__________________________________________________

With this tool you get root-access to parts of your WP7 device. This version contains a registry-editor, a file-explorer with basic file-operations and a certificate-installer with write-access to the certificate-stores.

This tool is in alpha stage. That means that it is not feature complete and it is not yet properly tested. This tool also provides you with high privileges with which you can alter low level settings and data on this device. All this may result in unexpected and undesired behavior, which may ultimately damage your device. Use this tool with care and use it at your own risk. The developer of this tool cannot be hold responsible for any kind of damages, caused directly or indirectly by using this tool.

The current version of this tool can only be used on Samsung devices. A small part of the code uses Samsung-specific functionality. The performance of the tool may sometimes be slow. This is the result of the way access to the system is elevated. The next version of WP7 Root Tools will run on more devices, like HTC and LG. Also the access is elevated more directly.

IMPORTANT NOTICE: If you get error 0x81030120 when you deploy WP7 Root Tools to your device, then please read this guide!

Your phone needs to be INTEROP-UNLOCKED. On WP7 there are already a lot of different unlocks:

• Developer-uplock/ChevronWP7 unlock: This will allow you to side-load apps from your desktop to your phone. A legit developer-unlock costs $99 per year (this will also allow you to deploy your apps in the Marketplace). ChevronWP7 made an unlock tool, which allows you to dev-unlock your phone for free. This method only works on WP7 version 7.0.7004.0 and 7.0.7008.0. It does not work anymore since version 7.0.7355.0 (pre NoDo). But it is possible to unlock your phone on version 7.0.7008.0 and then use some tricks to upgrade your phone and keep the unlock. You can even upgrade to Mango RTM and still have the unlock. Look in this thead to get full instructions. Also the ChevronWP7 team will release an unlock-method that will only cost a few bucks and will apply an official dev-unlock on any version of WP7, but it won't allow you to release apps to the Marketplace.
• Interop-unlock: On RTM and NoDo versions of WP7 it was possible to run apps with native code. These apps would use a COM-Interop-Bridge to transit between managed and native code. These apps need to be tagged with the Interop-capability called "ID_CAP_INTEROPSERVICES". These apps don't seem to run on Mango. Not even when you have a legit Developer Unlock. There are two reasons for that. The first reason is that most native libraries need some modifications to run on Mango. I found out how to do this and modified WP7 Root Tools so that it is compatible with Mango. The other reason is a deployment-restriction. That is the Interop-Lock that needs to be Unlocked. If you have a normal Dev-unlock on Mango and you try to deploy an app with that uses COM interop, the deployment will fail with error 0x81030120. contable and Marvin_S found out that the MaxUnsignedApp registry-value is responsible for the Interop-Lock. I did more research and I identified the code that checks this value. In fact, if you have the MaxUnsignedApp value set to 300 or higher, your interop will be unlocked. The value of MaxUnsignedApp is determined by the type of developer-unlock you have. A normal AppHub account will have it set to 10 and a student account will have it set to 3. So a value of 300 or higher is not a realistic value for a normal developer account. It is probably only set to this value for Microsoft employees and OEM developers. Until now, the only way to do an INTEROP-UNLOCK for MANGO meant that you have to downgrade to NoDo first, then prepare your device by loading provxml files to your device, upgrade to MANGO and then use OEM tools to execute the provxml files and do the necessary unlocks. But that is a lot of work and for some devices not even possible, because there are simply no ROM's available. But I have found an exploit that works on Samsung and HTC devices, which allows you to UNLOCK INTEROP your MANGO device. For it to work, it must already be developer-unlocked! Read this guide for instructions.
• FullUnlock: This a type of unlock which allows you to run Native Executables. Normally you can only compile Silverlight apps, which will be run in a sandbox. The app is compiled as a DLL, which will be run in TaskHost.exe. I you would like to compile Test.exe, you won't be able to run it, because there is a policy-system and certificate-system that prevent you from running it. Cotulla already cooked a ROM with FullUnlock, but unfortunately this is not yet working as expected. I also did research on this together with fiinix. Thanks go out to him for working with me on that matter. We did not get it working back then, but I think I now have enough exploits to get this working. I will do some more testing on this later on. WP7 Root Tools does not need FullUnlock to be able to run.
• Full Root Access: As stated previously, Silverlight apps and system executables have their own sandbox, which is defined by a Least Privilege based policy system. Even when you break into native code, you are still running in your sandbox. For example, you can try to copy a file in managed code. You will only have access in Isolated Store. If you use COM interop to call native code and you try to use the FileCopy() API, you can still only copy files in your Isolated Store. To break out of the sandbox, there are a couple of possible exploits. But they are still limited in their possibilities. To get unrestricted access to the API's and Resources on your device you will need to completely bypass the policies that the system has defined for your app. YukiXDA and I have in close contact with eachother for a period of time and we learned a lot from eachother. I found some of the exploits, thanks to him! YukiXDA unfortunately has left the community. A very big thanks to YukiXDA for working with me on this matter. Before he left he cooked a ROM for HTC HD2 which has Full Root Access cooked into it. The way he did it was to effectively shut down the policy-sytem. Although this opens up a lot of possibilities for homebrew, this is also kind of risky, because the system is also open to malware. And this technique only works on devices which have an unlocked bootloader (currently HTC HD2 and most HTC WP7 devices have unlocked bootloaders). I developed another type of Full Root Access. I can enable Full Root Access for the entire device (differt than what YukiXDA did, but effectively the same). But I can also enable/disable this per app. So the user can decide which app is trusted enough to get Full Root Access. Other apps will still run in their predefined sandbox. I am currently developing a new version of WP7 Root Tools which will support Full Root Access. To do this I will apply Full Root Access for WP7 Root Tools first. A user can use WP7 Root Tools to enable Full Root Access for another app. So if a developer wants to create an app that needs Full Root Access (for example some type of backup-app), the user of the app must use a ROM which has Full Root Access cooked into it, or the user must run WP7 Root Tools to allow Full Root Access for the app. There are two disadvantages. WP7 Root Tools must first install Full Root Access for itself. Obviously WP7 Root Tools does not have Full Root Access at that moment yet. So there are other exploits necessary to apply this. Currently I have exploits for this, but they use some device-specific features. I have exploits for Samsung, HTC and LG. Other brands, or possibly a device-independent exploit, may follow later. This means that WP7 Root Tools only works on these devices, and with that also the apps that need Full Root Access will only work on these devices. The other disadvantage is that, with the current state of Interop-unlocking, all users of WP7 Root Tools, and with that also all users of the apps that need Full Root Access, will need to be on dev-unlocked-NoDo first, in order to apply an Interop-Unlock for Mango. Because WP7 Root Tools and all apps that use Full Root Access need Interop Unlock. When I have the version of WP7 Root Tools with Full Root Access finished I will release an SDK, which will make access to the system a lot easier. The SDK will consist of a native library and a managed wrapper library. Developers will be able to access the Registry and Filesystem using only managed code and the libraries from the SDK. The app will of course need to be unlocked, using WP7 Root Tools on the device. But using the SDK is mandatory. You can also write your own native code. I will write a guide on how to do that later on. An app that has Full Root Access (provided by ROM or by WP7 Root Tools does not need any device-specific libraries. All API's can be used. For API's that are not in the SDK libraries you need to write your own COM wrapper.

Registry Editor

The current version of the registry editor has an issue with string-values that contain special unicode characters and non-ansi-characters. There was no quick fix for that. So currently I have marked these values with "<INVALID STRING>" and made them non-editable. I think I can fix this in the next version of WP7 Root Tools.

File Explorer

I specifically mentioned that this version has basic file-operations, because not everything is implemented. This is what you can do:

- Cut / Copy / Paste / Delete / Rename single files
- Delete empty folders
- Create new folders

This is what you can't do (will be possible in later versions):

- Cut / Copy / Paste multiple files or entire folders
- Delete folders with content
- Rename folders

Certificate Installer

You might wonder why I created a certificate installer, because it is already possible to add certificates. When you email a certificate to yourself and tap that attachment, WP7 will install it. But if you install like this, the certificate will always be installed in the "Root" certificate store. With my certificate installer you can also install in "CA", "My" and "Code Integrity" stores. This may be very useful for hacking attempts. You can install a certificate by browsing to the ".cer" file and tap it. The possibilities for getting a certificate file on your phone will follow below. If you start installing certificates on your phone you should consider making backups in advance. I once experienced Zune going totally bezerk after installing certs. Zune took 100% and lost connection with the phone all the time. Everything was back to normal when I deleted the certs. In this version there is no view on the certificate stores available yet. In a future version you will be able to view the contents of all the certificate store and also uninstall certificates from there.

Desktop Sync

This version does not have a connection with the desktop computer. So it is not possible to use WP7 Root Tools to transfer files between the phone and the desktop. I hope to add this feature soon. Currently you can use other tools to get files onto your phone and then use WP7 Root Tools to move the files to the desired location. WP7 Root Tools has write access on every folder of your phone.

How to transfer files to your phone:

1. Mail the file to yourself. Use your phone to go to your mailbox (not webmail). The attachment will be downloaded in the background. Then use WP7 Root Tools to navigate to \Application Data\Volatile\EmailAttachments\Attachments(number). You have to look which attachment is the one you want. The filename may be changed. The extension is the same.
2. If you have RTM or NoDo, you can install Davux' webserver on your phone. Configure a password in that webserver. The IP of the phone is visible in the webserver app. Browse to the phone like this: http://192.168.1.2/IsolatedStorage using the IP of the phone. Upload a file to the phone. Open WP7 Root Tools 0.5 alpha. Navigate to this folder: \Applications\Data\9BFACECD-C655-4E5B-B024-1E6C2A7456AC\Data\IsolatedStore\. There's your file. You can copy it to another location if you want.
3. Use the Zune storage hack, described here and here. If you copied the files to your phone in this way, they will be located at \My Documents\Zune\Content in one of the subfolders. Again, the files here are renamed. You have to find the file you want and then rename it.

If you like this, hit the "Thanks" and/or "Donate to me" button.

Ciao,
Heathcliff74

Some screenshots:



Version history

0.1 - 2011/04/04 - Initial release: only registry-editor
0.2 - 2011/04/13 - Performance improvements and minor fixes
0.3 - 2011/04/14 - Bugfix in registry-editor
0.4 - 2011/06/14 - File browser added
0.5 - 2011/06/24 - File Explorer with basic file operations and certificate installer
0.6 - 2011/09/17 - Compatible with Interop-Unlocked Samsung Mango devices
0.7 - 2011/09/17 - Bugfix in registry-editor
0.8 - 2012/01/02 - Session and Multi-Tasking awareness + Mango UI improvements (better responsiveness)

History: http://xdaforums.com/showthread.php?t=1021135

Teaser!!



New version of WP7 Root Tools is nearing completion.

It **SHOULD** support these devices if they are Interop Unlocked:

- Samsung 1st generation
- Samsung 2nd generation
- LG
- HTC 1st generation with Mango v1 drivers
- HTC 1st generation with custom unlocked roms

Working hard on support for other devices too, but there's no way of telling which and when that will happen!

Ciao,
Heathcliff74

Hi everyone,

Let me start by wishing everyone a lot of health for 2012.

I'm aware that the current version of WP7 Root Tools expired today. I'm constantly working on new hacks and new versions of my tools; totally free for everyone to use. I'm working on support for more devices and I'm trying to answer support-questions about my tools and hacks as much as possible (forums, PM's, twitter, etcetc and I don't charge $0.50 pm for helpdesk support).

I had some days off for the holidays, and I had planned some time to finish a new version of WP7 Root Tools before it would expire. But I had some really difficult days. My free days were spent working for my boss, because we had problems with our software and we needed to get a customer live before january 1st. Also, I'm now in the car with family. We visited my grandma, who's candlelight has almost burned out on this earth. I got more bad news, but I will spare the details. Anyway, I didn't have much time for hacking over the last days. I hope you understand.

I will try to release a new version later today, which will allow you to use WP7 Root Tools. No new features yet. I will also release a test tool for Focus S and Omnia W, which should provide me the details I need to support those devices too.

Now I need to answer mister James Allan. Because I don't easily get pissed off, but this ungrateful man is doing a real good job.

JamesAllen said:

Has anyone downloaded the xap since these notifications have begun appearing? It would be highly irresponsible to allow a xap to be available for download when that xap has expired. It should be removed immediately. I have pm'd the dev and expressed my concern that there was no warning about this ever happening (that I can easily find) and this could have been handled in many other ways other than executing code on our phones that affects a working app. I love his apps and will continue to use them but this was no way to handle this situation. He could merely have said that version .7 Alpha would no longer be supported (don't ask me anymore questions, I will not be monitoring this thread etc.) and that it needed to be uninstalled prior to the installation of the new version (if he was concerned about the upgrade process).

Click to expand...

Click to collapse

JamesAllen said:

I use several of your xaps, specifically because you developed them and I find your efforts useful and stable. I am 63 years old and have been in the business of supporting "bleeding edge" software releases for over 40 years. What you have done with the alpha .7 release is not standard practice by any means. You effectively reached into my device and removed the use of software without any notice. This is hardly standard or acceptable. You could have;

1. Provided a notice that did not require a search to find it,
2. Offered some information about a replacement,
3. Ideally, people should have been made aware of this from the onset.

There was no reason to do this, even if you knew a replacement would not overwrite the installed alpha version. You could have merely let people know they had to deinstall the alpha version and that the alpha version would no longer be supported.

Just offering some advice, the damage to trust and credibility is already done, IMHO. I will still use your xaps with enthusiasm, but what you did here with .7 alpha version has made me pause a bit.

Click to expand...

Click to collapse

OMG James Allan! Are you for real? Are you being arrogant or are you being ignorant?

Don't try to give me a responsibility lesson here!! I'm providing free tools and free support! I do my best to give everybody most potential out their device. SORRY IF I'M ONE DAY LATE MAN!!

You say you're 63 and you release bleeding edge software. Well, WHOOHOO! I should respect you for that? Then don't patronize me! I'm 37, married, 2 kids, I release bleeding edge software too, for my boss and in my free time too. And I have my priorities straight. Sorry you're not on top of my list right now! Tsss!

Again, I'm doing this in my free time. No commercial gain. I'm also not doing this to earn anyone's respect or something. Most people who come here are just plain leechers anyway. Over 18.000 downloads (only this version) and 63 people took the effort to click on "thanks"..... This is a hobby for me. Some people like making crossword-puzzles. I like trying to outsmart big companies and make something useful out of it for everyone. And I've spent countless hours on that.

So if you expect me to finish on deadlines, you should hire me and and pay me a good salary. If not, I'll be more faithful to my boss, than to you

I'm sorry I don't have the advantage of the update-mechanisms of the market-place, but Microsoft doesn't really support my work. But you release bleeding edge software, so you should be able to use google/bing to find an update on XDA.

I really don't need your lessons. Please use my tools and hacks without moaning!!

Happy new year!!
Heathcliff74

Don't worry! REALLY!

WP7 Root Tools 0.8 alpha released

Download from opening post.

Changes:
- Session and Multi-Tasking awareness
- Mango UI improvements (better responsiveness)
- Minor bugfixes

Let me know how it works!
Have fun!

Heathcliff74