[4.4 ROOT] SlapMyMoto 1.0 (Works with MotoWPNoMo)

Search This thread

jcase

Retired Forum Mod / Senior Recognized Developer
Feb 20, 2010
6,331
15,778
Sequim WA
My apologies for taking so long, life is hectic. This is a "root path" for the 4.4 update, and in this case you will retain your stock recovery so features like remote wipe will continue to work. It requires you downgrading to 4.2.2 or already be on 4.2.2 before updating to 4.4.

First you must use MotoWPNoMo, if you haven't then you will need to. Use RockMyMoto to gain root, then use MotoWPNoMo, and then restore to the 4.2.2 Camera update.

SlapMyMoto requires you to be on the 4.2.2 Camera update, you can find the firmware for your device below:
ATT- http://sbf.droid-developers.org/download.php?device=0&file=22
Verizon - http://sbf.droid-developers.org/download.php?device=0&file=55

Step1)

Unzip SlapMyMoto-1,0.zip and push the jar file to your internal storage
Code:
adb push SlapMyMoto.jar /sdcard/SlapMyMoto.jar

Step2)

Use http://www.cydiaimpactor.com/ to open up a telnet session as system user on port 2222. We covered how to use Impactor and telnet in the RockMyMoto root, I won't be covering it again since this post is going to be long enough already, see here -> http://forum.xda-developers.com/showthread.php?t=2509590 or http://rootzwiki.com/topic/107098-root-rockmymoto-yes-even-the-first-ota/


Connecting over telnet, and run Stage1 with this command:
Code:
dalvikvm -cp /sdcard/SlapMyMoto.jar SlapMyMoto

When the device tells you to reboot, do this manually with "adb reboot" or your power button. It will not auto reboot on this step

Step3)

Once the device has rebooted, run Impactor again and connect over telnet just like in the previous step, then run the same command
Code:
dalvikvm -cp /sdcard/SlapMyMoto.jar SlapMyMoto

Once the device has rebooted, please take the 4.4 OTA.

Step4)
Now that we are on 4.4, we can finish the process with adb shell:

Code:
adb shell
cp /sdcard/install.sh /data/local/tmp/install.sh
chmod 755 /data/local/tmp/install.sh
echo "/data/local/tmp/install.sh" > /sys/kernel/uevent_helper

Then either wait, or toggle your bluetooth. Once the device reboots, you will have root.
 

Attachments

  • SlapMyMoto-1.0.zip
    132.1 KB · Views: 509,016
Last edited:

AaronCompNetSys

Senior Member
Jun 19, 2007
305
86
alert_animated.gif
After taking the 4.4 OTA in step 3, if you then take on the 4.4.2 OTA update afterwards, the write protection off will be reverted and /system/ will once again be locked. There is no known way at this time to reverse this for users with locked bootloaders.

If you are on 4.2.x, you will be prompted for the 4.4 OTA update before getting the 4.4.2 OTA. You should complete step 4 before deciding to take on the 4.4.2 OTA or not.

Other relivent quotes from jcase:

The only thing i didn't understand was the "restore to 4.2.2 camera update" part, and [...] i'm already on 4.2.2.

[...]you skipped a step...

Rooted devices rarely handle OTAs very well, especially if they do not have a recovery anymore. Restore to [stock], and continue.
^(From another thread, but a comon question in this one)^

Quoting from Step 3: "Once the device has rebooted, please take the 4.4 OTA."

So what happens if the only OTA available is 4.4.2?
The device is not rooted at the step when you are taking the 4.4 OTA. The 4.4 update.zip is available from other sources and can be sideloaded in recovery.
Possible mirror, not verified: magnet:?xt=urn:btih:CDARPSOTRY7CO4EY6K6SNWVASPBPX46S

Ok ... so what if you use the 0.5c method, where you replace the recovery with the customized boot image, that enabled write protection?
You can't boot a customized image.
Will that method work for 4.4.2 when it comes along?
No it won't work in 4.4.2, nor will it work with the 4.4 bootloaders.


I know you stated before that you have no intention on developing new root methods for the Moto X.
But is there any chance you have reconsidered and decided to take a look on 4.4.2?
No time, sorry.

No one mentions custom bootloader.

I am aware 0.5c works, but it has it's own flaws hence no longer beign available. Don't take OTAs with root, it is not a smart move.

JC

[What is] the benefit gained by this procedure.
Starting with the MotoX, Motorola started applying low level write protection to parts of the flash memory (in this case just /system). Root alone does not give us the ability to modify anything in system. My original hackjob that we used to bypass this has been fixed in Android 4.4. This is required if you want to actually install su into the /system partition.

What happened to the flashing recovery.img, before taking the update to 4.4 and then flashing the 4.2.2 bootloader.
Previously we were using my workaround to write to system, now we are using MotoWPNoMo to gain write to system, as it is a better solution. No more recovery hackery needed.


Note: I will be reviewing threads and duplicating posts here to ease others finding them. PM me if you feel you have been misquoted or have something I missed.
 
Last edited:

freak4dell

Senior Member
Aug 10, 2008
732
193
Says he won't release a root method for 4.4, has to deal with whiny, entitled people that think he's selfish for doing so, and still ends up releasing something. Now that's what I call a class act.
 

jcase

Retired Forum Mod / Senior Recognized Developer
Feb 20, 2010
6,331
15,778
Sequim WA
Says he won't release a root method for 4.4, has to deal with whiny, entitled people that think he's selfish for doing so, and still ends up releasing something. Now that's what I call a class act.

Actually, i didn't really release a new exploit, and I won't be. This is the same primary exploits as motoroot/rockmymoto/pwnmymoto, just instead of installing su, it plants a "backdoor". Since they allowed us to downgrade, we were able to do this.
 

freak4dell

Senior Member
Aug 10, 2008
732
193
Actually, i didn't really release a new exploit, and I won't be. This is the same primary exploits as motoroot/rockmymoto/pwnmymoto, just instead of installing su, it plants a "backdoor". Since they allowed us to downgrade, we were able to do this.

True, but a method is a method, in my eyes.

I gotta wonder if Motorola left the ability to downgrade as somewhat of a subtle way of making up to the community for not being able to unlock the AT&T and Verizon versions. They're just too good at making secure bootloaders to make me think that it was just overlooked.
 

monkespit

Senior Member
May 12, 2009
74
4
Thank you for all the great and hard work you do for everyone in the consumer motox community.
I will not whine or nag, I will wait patiently until it is complete and ready. I don't have as much time for testing and tinkering like in the droidx days.
So again, jcase, thank you thank you!

Sent from my XT1060 using Tapatalk
 
  • Like
Reactions: wfpabst

goose71

Senior Member
Aug 8, 2010
52
6
Austin, TX
wifi tethering

This is awesome news, however, does anyone know if wifi tethering works on 4.4? I've heard that it's broken on kk.
 

Sinderan

Senior Member
Sep 29, 2009
98
10
Marietta
Do you mean gpt.bin and logo.bin? Those are only ones in the camera OTA. I really should have checked before pushing the setup.sh, cause now I just boot to fastboot and don't wanna flash the wrong thing.
 
G

GuestK0077

Guest
Awesome! Can't test it yet though, as I am in Canada on Rogers and we haven't gotten the update yet. It's still a relief knowing that I can get root when I get the update though. Thanks!
 

mercado79

Senior Member
Oct 4, 2008
1,049
395
Boston, MA
@jcase, i know we're waiting for an update/fix for the reboot recovery issue, but i thought i'd mention that step 5 didn't work as described for me:

Step 5)
adb push recovery.sh /data/local/tmp/setup.sh
adb reboot
(It will reboot, then quickly reboot straight to the bootloader)

the last part didn't happen. after pushing the recovery.sh file (to data local as setup.sh), then doing an adb reboot, the phone never automatically reboots to the bootloader. maybe i'm missing something though. are we supposed to "quickly reboot" or is this supposed to happen on its own?
 
@jcase, i know we're waiting for an update/fix for the reboot recovery issue, but i thought i'd mention that step 5 didn't work as described for me:



the last part didn't happen. after pushing the recovery.sh file (to data local as setup.sh), then doing an adb reboot, the phone never automatically reboots to the bootloader. maybe i'm missing something though. are we supposed to "quickly reboot" or is this supposed to happen on its own?

It is supposed to do it automatically, but the Verizon model is missing some dependency for this method.
Jcase said he has a fix and will work on it soon, but for now, do not do this on the Verizon model. Return to 4.2.2 for now.
 

Top Liked Posts

  • There are no posts matching your filters.
  • 155
    My apologies for taking so long, life is hectic. This is a "root path" for the 4.4 update, and in this case you will retain your stock recovery so features like remote wipe will continue to work. It requires you downgrading to 4.2.2 or already be on 4.2.2 before updating to 4.4.

    First you must use MotoWPNoMo, if you haven't then you will need to. Use RockMyMoto to gain root, then use MotoWPNoMo, and then restore to the 4.2.2 Camera update.

    SlapMyMoto requires you to be on the 4.2.2 Camera update, you can find the firmware for your device below:
    ATT- http://sbf.droid-developers.org/download.php?device=0&file=22
    Verizon - http://sbf.droid-developers.org/download.php?device=0&file=55

    Step1)

    Unzip SlapMyMoto-1,0.zip and push the jar file to your internal storage
    Code:
    adb push SlapMyMoto.jar /sdcard/SlapMyMoto.jar

    Step2)

    Use http://www.cydiaimpactor.com/ to open up a telnet session as system user on port 2222. We covered how to use Impactor and telnet in the RockMyMoto root, I won't be covering it again since this post is going to be long enough already, see here -> http://forum.xda-developers.com/showthread.php?t=2509590 or http://rootzwiki.com/topic/107098-root-rockmymoto-yes-even-the-first-ota/


    Connecting over telnet, and run Stage1 with this command:
    Code:
    dalvikvm -cp /sdcard/SlapMyMoto.jar SlapMyMoto

    When the device tells you to reboot, do this manually with "adb reboot" or your power button. It will not auto reboot on this step

    Step3)

    Once the device has rebooted, run Impactor again and connect over telnet just like in the previous step, then run the same command
    Code:
    dalvikvm -cp /sdcard/SlapMyMoto.jar SlapMyMoto

    Once the device has rebooted, please take the 4.4 OTA.

    Step4)
    Now that we are on 4.4, we can finish the process with adb shell:

    Code:
    adb shell
    cp /sdcard/install.sh /data/local/tmp/install.sh
    chmod 755 /data/local/tmp/install.sh
    echo "/data/local/tmp/install.sh" > /sys/kernel/uevent_helper

    Then either wait, or toggle your bluetooth. Once the device reboots, you will have root.
    14
    Don't mistake this for a rant or an attack, just getting it out there.

    This process assumes a degree of 'able to figure some things out on your own.' It says you need to be on 4.2.2 camera update, stock version. Why would an individual flash to it if that's what they already have. It is not the job of this or any Dev to hold every users hand and write out a step by step for every scenario with diagrams and footnotes. If you don't know how to do something like flash an fxz or enable telnet, there are tools like the xda search tool and Google. If someone needs a picture book for every mod they want to do for their phone, this is the wrong hobby.

    If, however, someone is trying to learn how to make something work such as communicating through adb or flashing an fxz and a search did not return any clear results, there is a Q and A forum for such questions. If you ask, someone will answer. I'm not against 'newbs' trying to get their teeth wet and being confused, we've all been there, but this thread's OP was as clear as he needed to be.

    Sent from my XT1060

    This is right on.

    This is a "beta" preview, as I knew I wouldn't have time to get a clean one built and tested for quite a while. However I knew it would work for those that took the time to play with it, and knew what they were doing. People got spoiled with the simplicity of PwnMyMoto. One clicks are a double edged sword, they save me time when they are possible, yet it does not allow the end user to learn the more advanced stuff.

    Dunno, maybe I'll drop a Christmas gift or something to make this all simple again. Depends how generous I feel and how much time I have.
    9
    Updated to handle phones that have no write protection (MotoWPNoMo)
    8
    Wish you could have finished helping me with my problem, but I'm sure whatever your reason is, it was necessary. We'll still be here when you come back.

    I help a ton of people, and if they are not persistant, or catch me on IRC, its unlikely to get finished. Catch me on IRC. My family is more important than XDA users, so I am limiting my XDA time until things smooth out here
    7
    Ok peoples, here is the VZW camera update file.

    VZW_XT1060_4.2.2-13.9.0Q2.X-116-MX-17-57-X-1_CFC_1FF.xml.zip

    Edit: I have updated the above linked file. The new one already has the "get var" line omitted from the xml.

    There original unedited file can be found here