NEW Root method for Motorola Android Phones

Search This thread
Feb 9, 2012
47
41
La Rioja
Hi! I just created this thread to let you know that thanks to user dettofatto and me, there's a new root method for Motorola Android Phones (I don't know if it will work for other brands).

NOTE: I tried this method with Gingerbread, I don't know if this will work with other versions.

The method is far from easy, but it works if none of the existing exploits and tricks don't.

Ok, there are some simple-like steps to root your phones:

1. If you have an unrooted gingerbread, ask for a rooted gingerbread userdata partition image (aka CG37) with a modified local.prop file and USB debugging enabled.

The value that you need to modify is ro.sys.atvc_allow_all_adb from 0 to 1.

IMPORTANT: The best you can do is to double wipe the phone and then modify local.prop an allow USB debugging, so the data partition doesn't have any of your personal information.

Then you can create a userdata partition image by typing this in the shell (with root access)

Code:
dd if=/dev/block/userdata of=/sdcard/CG37.smg

or

Code:
busybox dd if=/dev/block/userdata of=/sdcard/CG37.smg

and let it do its work.

2. Once you got your CG37.smg in the SD card, you will have to boot into linux (so you can use sbf_flash).

3. When you are in linux, you need to extract the folder contained in the zip that you can download here mediafire.com/?n100jj66130lgra

4. Then you need to copy the CG37.smg and your original SBF (the non rooted one) to that folder.

5. Now you'll have to start a terminal with root permissions, and move to the folder by typing

Code:
cd <folder>
(where folder is the folder I just mentioned, without the <>, you can drag the folder to the terminal if you don't want to type its address)

4. Then you need to resize that partition to 200 Mb, since sbf_flash won't allow you to flash a big image (approx. 1,1 Gb). You have to type this

Code:
efsck -f CG37.smg
resize2fs CG37.smg 200M

5. Then you need to type

Code:
chmod +x sbf_flash

and then you need to start your phone into bootloader and connect it to the computer, then you type

Code:
./sbf_flash -r --userdata CG37.smg ORIGINAL.sbf
(where ORIGINAL corresponds to the name of your SBF)

and let it its work.

5. Once the phone started up, you now need to run this command

Code:
bash finishroot.sh

And let it finish the work.

6. Now you have your phone rooted. You can just reboot into recovery mode and do a double wipe, because the files that we needed are now in system partition.
 
Last edited:

Prometeo88

Senior Member
Aug 22, 2010
161
15
didn't upload the sbf_flash, the one i use it stuck in waiting for devices. can't enter bootloader mode, when press @ doesn't appear the menu option. any ideas?
 

Mioze7Ae

Retired Recognized Developer
Dec 27, 2010
2,153
2,053
Queen City of the West
Do you actually need the full userdata (I mean userdata as initialized after first boot following a wipe)? Or is having an essentially empty userdata with just the adb directive in local.prop all that's needed? Or does local.prop get ignored if you trigger some "first boot after wipe" tripwires? XT720 is eclair/yaffs2 so some details would be different but the concept is good. I'm just wondering about the "how could you get a rooted userdata" chicken/egg problem if no other rooting method already existed for the phone...
 
Last edited:

nicofff

Member
Apr 18, 2011
20
21
I suggest you to ask for it in the Milestone 2 Forum. Thanks.

I've just created a thread there, let's hope someone helps us :)

Do you think we could use the CG37 from other (similar) devices?
For example, as far as i know, the milestone 2 is very similar to the defy and the Pro looks similar too.
We just need it to boot, so we can push the needed files to system.
Have you uploaded your CG37 somewhere, so i can test in on my MS2?
 
Feb 9, 2012
47
41
La Rioja
I've just created a thread there, let's hope someone helps us :)

Do you think we could use the CG37 from other (similar) devices?
For example, as far as i know, the milestone 2 is very similar to the defy and the Pro looks similar too.
We just need it to boot, so we can push the needed files to system.
Have you uploaded your CG37 somewhere, so i can test in on my MS2?

Try it! :) http://www.mediafire.com/?aweayb68szubuci
 

Skreelink

Senior Member
Nov 28, 2010
302
182
Could it be possible to re-upload the required files? The mediafire link in the OP says it has been removed for violation... I was going to try this method for a DX 621, despite having the 604 root method, it would be nice to actually have the 621 kernel.
 

omyg

Senior Member
Oct 30, 2010
176
128
3. When you are in linux, you need to extract the folder contained in the zip that you can download here mediafire.com/?n100jj66130lgra
Could it be possible to re-upload the required files? The mediafire link in the OP says it has been removed for violation... I was going to try this method for a DX 621, despite having the 604 root method, it would be nice to actually have the 621 kernel.
system.zip
 

Attachments

  • system.zip
    1.6 MB · Views: 360
  • Like
Reactions: DrBajwa

Skreelink

Senior Member
Nov 28, 2010
302
182
I am working on this for the DX right now, there's an issue with making the .smg via dd, as the data partition on the DX is 8GBs. Most microSD cards are FAT32, which doesn't support an 8GB file (4GB max filesize). I got around this by piping dd through gzip and moving the file off for testing.

You can follow my progress on this over on rootzwiki; rootzwiki.com/topic/19318-important-information-regarding-621-system-update/page__st__320#entry635557
 

Top Liked Posts

  • There are no posts matching your filters.
  • 11
    Hi! I just created this thread to let you know that thanks to user dettofatto and me, there's a new root method for Motorola Android Phones (I don't know if it will work for other brands).

    NOTE: I tried this method with Gingerbread, I don't know if this will work with other versions.

    The method is far from easy, but it works if none of the existing exploits and tricks don't.

    Ok, there are some simple-like steps to root your phones:

    1. If you have an unrooted gingerbread, ask for a rooted gingerbread userdata partition image (aka CG37) with a modified local.prop file and USB debugging enabled.

    The value that you need to modify is ro.sys.atvc_allow_all_adb from 0 to 1.

    IMPORTANT: The best you can do is to double wipe the phone and then modify local.prop an allow USB debugging, so the data partition doesn't have any of your personal information.

    Then you can create a userdata partition image by typing this in the shell (with root access)

    Code:
    dd if=/dev/block/userdata of=/sdcard/CG37.smg

    or

    Code:
    busybox dd if=/dev/block/userdata of=/sdcard/CG37.smg

    and let it do its work.

    2. Once you got your CG37.smg in the SD card, you will have to boot into linux (so you can use sbf_flash).

    3. When you are in linux, you need to extract the folder contained in the zip that you can download here mediafire.com/?n100jj66130lgra

    4. Then you need to copy the CG37.smg and your original SBF (the non rooted one) to that folder.

    5. Now you'll have to start a terminal with root permissions, and move to the folder by typing

    Code:
    cd <folder>
    (where folder is the folder I just mentioned, without the <>, you can drag the folder to the terminal if you don't want to type its address)

    4. Then you need to resize that partition to 200 Mb, since sbf_flash won't allow you to flash a big image (approx. 1,1 Gb). You have to type this

    Code:
    efsck -f CG37.smg
    resize2fs CG37.smg 200M

    5. Then you need to type

    Code:
    chmod +x sbf_flash

    and then you need to start your phone into bootloader and connect it to the computer, then you type

    Code:
    ./sbf_flash -r --userdata CG37.smg ORIGINAL.sbf
    (where ORIGINAL corresponds to the name of your SBF)

    and let it its work.

    5. Once the phone started up, you now need to run this command

    Code:
    bash finishroot.sh

    And let it finish the work.

    6. Now you have your phone rooted. You can just reboot into recovery mode and do a double wipe, because the files that we needed are now in system partition.
    1
    3. When you are in linux, you need to extract the folder contained in the zip that you can download here mediafire.com/?n100jj66130lgra
    Could it be possible to re-upload the required files? The mediafire link in the OP says it has been removed for violation... I was going to try this method for a DX 621, despite having the 604 root method, it would be nice to actually have the 621 kernel.
    system.zip
Our Apps
Get our official app!
The best way to access XDA on your phone
Nav Gestures
Add swipe gestures to any Android
One Handed Mode
Eases uses one hand with your phone