Exploit on Jelly Bean - Root with locked Bootloader
- Thread starter bgumble
- Start date
Re: Exploit on Jelly Bean - Root without locked Bootloader
Yeah tried it on my Telstra Australia ROM got the read only file system error some of the other people are getting.
Could be something I'm doing wrong. Haven't had another go yet.
Sent from my Nexus 7 using XDA Premium HD app
Yeah tried it on my Telstra Australia ROM got the read only file system error some of the other people are getting.
Could be something I'm doing wrong. Haven't had another go yet.
Sent from my Nexus 7 using XDA Premium HD app
Well, i tried it several times, no luck. Got also the read only filesystem error. I am in contact with the dev, will report the findings here.
Sent from my XT925 using xda app-developers app
Sent from my XT925 using xda app-developers app
I tried...
Well, I tried this on my VZW Razr Maxx HD. There was one issue for me, this phone's File Manager app does not allow you to mount a remote location like a Samba share. Instead it only has backup assistant as an option with all the local storage. Unless I just missed that option.
With that said, I did try some third party File Managers (Astro and ESstrongs). You need to do it with the Motorola File Manager though. It looks like the Motorola File Manager will mount the share as /storage/rfs0/ or something similar. The other file managers do not do this. When it comes to the "sudo /tmp/share/adb shell /storage/rfs0/pwn" part of the instructions no rfs0 exists on my phone to work that way. I couldn't find it under a different folder name either.
Lenny
Well, I tried this on my VZW Razr Maxx HD. There was one issue for me, this phone's File Manager app does not allow you to mount a remote location like a Samba share. Instead it only has backup assistant as an option with all the local storage. Unless I just missed that option.
With that said, I did try some third party File Managers (Astro and ESstrongs). You need to do it with the Motorola File Manager though. It looks like the Motorola File Manager will mount the share as /storage/rfs0/ or something similar. The other file managers do not do this. When it comes to the "sudo /tmp/share/adb shell /storage/rfs0/pwn" part of the instructions no rfs0 exists on my phone to work that way. I couldn't find it under a different folder name either.
Lenny
I did that on my Atrix HD, worked awesome, I'm allready rooted on jb with my HD so I can't try it on that.
Sent from my DROID RAZR HD using xda app-developers app
Sent from my DROID RAZR HD using xda app-developers app
but when it comes to this point of the instructions you already worked with the samba folder. you downloaded motoshare.gz, extracted it, gave permissions etc.. so this folder must have exist.
maybe it's
Code:
sudo /tmp/share/adb kill-server
Hey, Yeah I tried it too kept getting the same error. And I've been going at it for days. Just have to hope and wait for an exploit that'll work properly for us. Also yes please do keep us updated. Very very much appreciated.
Also To Lenny Someone else has had that problem too I'm not sure if it was you who posted. But someone did send a link for the file manager apk so you can find that and try again i guess.
Hey bgumble,
You're right, I did download to the samba share, but that was all on the host PC running Ubuntu, not on my phone. This folder existed on my host as /tmp/share. I successfully downloaded motoshare.gz there and extracted the files, changed permissions, etc.
I'm not sure what would happen if I skipped those parts of the instructions, I don't recall an error when I ran it. I believe the way this exploit works is when File Manager mounts the samba share on your phone it does so as /storage/rfs0/. That's why you can then run /storage/rfs0/pwn as if it were being executed locally on your phone. My error at this point was that /storage/rfs0/pwn could not be found.
Since the VZW version of the File Manager doesn't allow you to mount network shares and third party apps don't mount shares as /storage/rfs0 (I don't know where they mount them), I couldn't get this to work.
There is a chance I'm not understanding how this works, but I'm pretty sure this is it.
Thanks,
Lenny
---------- Post added at 08:34 PM ---------- Previous post was at 08:32 PM ----------
Yeah, good heads up on the File Manager. I did download it and try to install it, but I get an error saying it could not be installed, I think because it tries to install as a system app.
On a side note, after unsuccessfully trying to install it, my real File Manager disappeared. I'm not heart broken, but its kinda weird.
Thanks,
Lenny
Didn't get an answer from the dev yet.
The ones without the stock filemanager app could try with a different file manager. Once the samba "share" folder is mounted on the device, you could type "adb shell mount" on the host machine or just "mount" on the device in an terminal emulator. This will give you a list with all mounted file systems, The "mount list" should output the mount path of the "share" folder on the host machine.
Now replace the path "/storage/rfs0/" with the path you could find in the "mount list". For example "sudo /tmp/share/adb shell [your-mount-path]/pwn".
Please note that this exploit will never work with a third party filemanager if the hack is based on a stock filemanager vulnerability...
The ones without the stock filemanager app could try with a different file manager. Once the samba "share" folder is mounted on the device, you could type "adb shell mount" on the host machine or just "mount" on the device in an terminal emulator. This will give you a list with all mounted file systems, The "mount list" should output the mount path of the "share" folder on the host machine.
Now replace the path "/storage/rfs0/" with the path you could find in the "mount list". For example "sudo /tmp/share/adb shell [your-mount-path]/pwn".
Please note that this exploit will never work with a third party filemanager if the hack is based on a stock filemanager vulnerability...
Same read only issue here, decided to give up waiting and unlocked bootloader 
Yeah that's my next step, just got to get find the time. Did unlocking the bootloader wipe you're phone ?
Sent from my XT925 using XDA Premium HD app
Sent from my XT925 using XDA Premium HD app
I hope he does eventually respond. Did you maybe try writing to the 2nd poster in the thread, the one who promised to give tech support?
If you guys have XT926, You can just downgrade to Ice Cream Sandwhich, use the working root, then upgrade back to JB with VooDoo's OTA root keeper.
Is there a generally accepted way to do that downgrade (JB to ICS on a Verizon XT926)? Something that's relatively simple for the noob-ish? I have a Razr Maxx running ICS and a Razr Maxx HD running JB (both rooted) and I'd like to try running ICS on the Maxx HD for a bit.
Razr HD Utility. Is the method. You'll need to google it.
can't use atrix root exploit on vzw droid razr hd, can't unlock bootloader either
I get to the same step, `adb /storage/rfs0`
but if I run `adb mount` there is no rfs0
I can't add remote storage to my droid razr
I have the atrix filemanager.apk, but I can't install it
I can't unlock my bootloader (and that's not what I want anyway, not ready yet for cm10, still happy with moto) bc not vzw dev model
sigh
I can wait
---------- Post added at 01:50 AM ---------- Previous post was at 01:22 AM ----------
Trying to install atrix file manager.apk also removed my files app (or at least I can't see it anymore) for me too.
Sent from my DROID RAZR HD using xda app-developers app
---------- Post added at 01:57 AM ---------- Previous post was at 01:50 AM ----------
Same situation for me
Sent from my DROID RAZR HD using xda app-developers app
+1 *2Same read only issue here, decided to give up waiting and unlocked bootloader
I get to the same step, `adb /storage/rfs0`
but if I run `adb mount` there is no rfs0
I can't add remote storage to my droid razr
I have the atrix filemanager.apk, but I can't install it
I can't unlock my bootloader (and that's not what I want anyway, not ready yet for cm10, still happy with moto) bc not vzw dev model
sigh
I can wait
---------- Post added at 01:50 AM ---------- Previous post was at 01:22 AM ----------
Trying to install atrix file manager.apk also removed my files app (or at least I can't see it anymore) for me too.
Sent from my DROID RAZR HD using xda app-developers app
---------- Post added at 01:57 AM ---------- Previous post was at 01:50 AM ----------
Same situation for me
Sent from my DROID RAZR HD using xda app-developers app
I talked with dev (@djrbliss) and the exploit absolutely does depend on the Motorola stock FileManager app that can mount network shares as rfs0. So droid RAZR HD/MAXX HD users are out of luck.
There is no writable executable place to manually mount a network share ala `mount -t smbfs -o blah blah` so you can't manually use this exploit either on RAZR HD.
Finally, the FileManager application is a system app so you **can't** install this app. In fact trying to will make your original droid RAZR HD File app disappear along with access to vzw cloud storage.
I really appreciate Dan's work on this - it's nothing short of amazing - but the sad truth for RAZR HD users is that there is no way to use this exploit. It's a catch22 - you need root to use it.
Sent from my DROID RAZR HD using xda app-developers app
There is no writable executable place to manually mount a network share ala `mount -t smbfs -o blah blah` so you can't manually use this exploit either on RAZR HD.
Finally, the FileManager application is a system app so you **can't** install this app. In fact trying to will make your original droid RAZR HD File app disappear along with access to vzw cloud storage.
I really appreciate Dan's work on this - it's nothing short of amazing - but the sad truth for RAZR HD users is that there is no way to use this exploit. It's a catch22 - you need root to use it.
Sent from my DROID RAZR HD using xda app-developers app
Sounds like the dev doesn't realize there is a difference between xt926 and xt925
Those of us with xt925 are not on verizon, and DO have the stock filemanager app on our phone.
Now if the RazrHD filemanager app is somehow different than the Atrix's, that's a different story.
Those of us with xt925 are not on verizon, and DO have the stock filemanager app on our phone.
Now if the RazrHD filemanager app is somehow different than the Atrix's, that's a different story.
And that's the rub - @djrbliss says the exploit absolutely does depend on the stock FileManager app.
Also - 3rd party apps do not (can not) mount remote storage using libc.mount() because that requires root which no app has. Again catch-22 - can't use matrix HD exploit on RAZR HD. Sorry.
Sent from my DROID RAZR HD using xda app-developers app
---------- Post added at 08:05 PM ---------- Previous post was at 07:58 PM ----------
Telstra can root using Motorola's boot loader unlock code here:
https://motorola-global-portal.custhelp.com/app/answers/detail/a_id/87215
Then download Koush's clockworkmod recovery and fast boot. Then in recovery install clockworkmod su. See this xda post:
http://forum.xda-developers.com/showthread.php?p=39167385#post39167385
Sent from my DROID RAZR HD using xda app-developers app
Also - 3rd party apps do not (can not) mount remote storage using libc.mount() because that requires root which no app has. Again catch-22 - can't use matrix HD exploit on RAZR HD. Sorry.
Sent from my DROID RAZR HD using xda app-developers app
---------- Post added at 08:05 PM ---------- Previous post was at 07:58 PM ----------
Telstra can root using Motorola's boot loader unlock code here:
https://motorola-global-portal.custhelp.com/app/answers/detail/a_id/87215
Then download Koush's clockworkmod recovery and fast boot. Then in recovery install clockworkmod su. See this xda post:
http://forum.xda-developers.com/showthread.php?p=39167385#post39167385
Sent from my DROID RAZR HD using xda app-developers app
Sorry I don't see what the "rub" is?
RAZR HD (xt925) has stock FileManager app.
Is someone saying that the RAZR HD FileManager app is different than the one on Atrix? If so, why would the dev say this should work on RAZR HD? There's some confusion here...
Our Apps
Get our official app!
The best way to access XDA on your phone
Nav Gestures
Add swipe gestures to any Android
One Handed Mode
Eases uses one hand with your phone