Am working on root with tungkick currently ;)

[Honestly Annoying]

Hold tight fellas... tungkick is at it again and just made a ZV4 TOT and is now modifying it. Will keep you all updated!

UPDATE: he is copying the TOT file now, getting ready to edit

UPDATE 2: he is now editing the TOT, should be done soon!

UPDATE 3: TOT is finished, about to flash

UPDATE 4: FLASHING

UPDATE 5: 99% done...

UPDATE 6 ( ): The phone boots into fastboot mode, but does not recognize the "fastboot oem unlock" command or any flashing commands. If anyone would like to test, I will ask tungkick if I can provide links for the TOTs

 

[arjuna_]

Hope it works for you!!

 

[kchannel9]

Wishing you luck! :good::highfive:

 

[Honestly Annoying]

Thanks guys!

 

[wacko37]

So the Sprint has a locked bootloader right?

Sent from my LG-H860 using XDA-Developers mobile app

 

[tungkick]

Fastboot oem unlock
...
FAILED (remote: unknown command)

Can not install TWRP

 

[wacko37]

Yes same as H860n

Sent from my LG-H860 using XDA-Developers mobile app

 

[kchannel9]

Wait how are you flashing it if the bootloader is still locked?

 

[arjuna_]

Sorry man. It was worth a shot.

 

[wacko37]

Has anyone ever bypassed a locked bootloader on any device before?

Is root on a device like this ever been accomplished?

Just need to know if its time to trade in for a h850 or not

Sent from my SM-N9005 using XDA-Developers mobile app

 

[~~Tito~~]

Bootloaders have been unlocked before, or bypassed. Just takes time to find the exploit, and get it right. Seems like there is a way todo it on this device, so we will get it eventually.

 

[paperWastage]

Has anyone ever bypassed a locked bootloader on any device before?

Is root on a device like this ever been accomplished?

Just need to know if its time to trade in for a h850 or not

Sent from my SM-N9005 using XDA-Developers mobile app

Not sure why you have a sprint lg g5 (unless you got it very cheap)

If you are on sprint, afaik no other models work on sprint

If you are using a GSM carrier (and don't care about volte/WiFi calling), and want root, go for the unlockable Intl version h850(if the lte/GSM frequency bands are compatible)

 

[wacko37]

Not sure why you have a sprint lg g5 (unless you got it very cheap)

If you are on sprint, afaik no other models work on sprint

If you are using a GSM carrier (and don't care about volte/WiFi calling), and want root, go for the unlockable Intl version h850(if the lte/GSM frequency bands are compatible)

Thanks for the reply/advise.

No i do not have a sprint device. Sorry i have just been following all the action where the possibility of Root for my device is greatest. Not much going on anywhere else since root was achieved on h830.

Sadly there is no section for H860n Hong Kong variant， but both devices have locked bootloaders so if root happens here it surely will work for me.

I apologize if i have offended anyone by commenting on the sprint thread

Sent from my LG-H860 using XDA-Developers mobile app

 

[comp101inc]

Does modified tot file have root if so can you release it without twrp

Sent from my LGLS992 using XDA-Developers mobile app

 

[l33tlinuxh4x0r]

How do you modify a tot file? I know how to extract them but I haven't seen how to put them back together before. The reason that I ask is because this would be useful for what I'm trying to do too. Root the sprint G4 on MM. Thanks in advance for the help. @tungkick

 

[blarg]

Does modified tot file have root if so can you release it without twrp

Sent from my LGLS992 using XDA-Developers mobile app

+1!

just getting AdAway and freezing a couple of services I don't use would be YUUUUUUGE.

 

[autoprime]

How do you modify a tot file? I know how to extract them but I haven't seen how to put them back together before. The reason that I ask is because this would be useful for what I'm trying to do too. Root the sprint G4 on MM. Thanks in advance for the help. @tungkick

if the goal if to patch a system.img with root then add it into a TOT.. this wouldn't work on M due to security in the boot.img... you'd need to unlock the bootloader to edit the boot.img to then allow the modification of system for root.

Patched TOT files work with devices pre-M or devices with unlocked bootloaders, like in the case of the TOT in this thread.

For root on M with a locked bootloader.. a privilege escalation bug is required (usually something kernel level). Altering system.img and finding ways to get it flashed will no longer cut it from M on.

This goes for all the G5 users with locked bootloaders as well.

 

[l33tlinuxh4x0r]

if the goal if to patch a system.img with root then add it into a TOT.. this wouldn't work on M due to security in the boot.img... you'd need to unlock the bootloader to edit the boot.img to then allow the modification of system for root.

Patched TOT files work with devices pre-M or devices with unlocked bootloaders, like in the case of the TOT in this thread.

For root on M with a locked bootloader.. a privilege escalation bug is required (usually something kernel level). Altering system.img and finding ways to get it flashed will no longer cut it from M on.

This goes for all the G5 users with locked bootloaders as well.

Could we make a tot that just enters download mode without flashing anything for using send_command.exe. I hear that if you don't unplug the phone at the exact right time that you can brick. I think that it would be good for development and flashing roms if we had a tot that did what I just mentioned. Also It would be nice for personal knowledge. I have all sorts of ideas but I need download mode for them and don't want to brick my phone.

 

[wacko37]

if the goal if to patch a system.img with root then add it into a TOT.. this wouldn't work on M due to security in the boot.img... you'd need to unlock the bootloader to edit the boot.img to then allow the modification of system for root.

Patched TOT files work with devices pre-M or devices with unlocked bootloaders, like in the case of the TOT in this thread.

For root on M with a locked bootloader.. a privilege escalation bug is required (usually something kernel level). Altering system.img and finding ways to get it flashed will no longer cut it from M on.

This goes for all the G5 users with locked bootloaders as well.

Is that what team codefire is working on?

Sent from my LG-H860 using XDA-Developers mobile app

 

[Honestly Annoying]

if the goal if to patch a system.img with root then add it into a TOT.. this wouldn't work on M due to security in the boot.img... you'd need to unlock the bootloader to edit the boot.img to then allow the modification of system for root.

Patched TOT files work with devices pre-M or devices with unlocked bootloaders, like in the case of the TOT in this thread.

For root on M with a locked bootloader.. a privilege escalation bug is required (usually something kernel level). Altering system.img and finding ways to get it flashed will no longer cut it from M on.

This goes for all the G5 users with locked bootloaders as well.

So far my thought process has been to make a modified boot.img with dm-verity disabled. I made this but have not flashed it yet. If I flash a stock TOT with a modified boot.img with dm-verity disabled, will this still brick the phone?