(No progress yet)Root dev for Galaxy S9 Plus SM-G965U (Snapdragon)

[partcyborg]

it's still better than .0000000000000000000000000000000000000000000000%

tell this to those who bought anything international on ebay and had trouble returning

us warranty is a must. everything is made like **** these days. i end up returning 99% of things i buy, and that's not even electronics but anything. i never buy extended warranty for electronics because i don't waste money on anything warranty-worthy. partly for tax reason. other reason it'll likely fail anyway. my current phones cost $1.

Right but I'm pretty sure that'd brick you. But general rule of thumb, if it was that easy don't you think we'd already have root. But even if, best case scenario, let's say they could work and don't brick us, I'm doubtful we would make it through secure boot. Unless those tars are signed by Samsung and pass the secure boot/Odin security check. And we would have to flash everything, I'm guessing that includes the userdata too because if we just flash one part it and it has one piece to getting around one check, another part might be required to get through another check. I just doubt the **** would boot if we tried flashing it because it would fail the PBL sector.



I don't know honestly the only known ones are the ones posted with guides in the forum.


Also attached is me asking them to release the ENG firmware. For the keks Bois.

Even if they released it, it would not work on your device. To be able to run eng firmware (and consequently, be essentially oem unlocked on a us device), knox requires a special certificate be installed on the device, which is signed by the trust chain and tied directly to the DID# of the individual device. Only then can you boot eng firmware on any device s8 or later.

It took them over a decade to do it, but tthey seem to have finally covered all their bases and closed the remaining exploit vectors

 

[alvinator94]

To be able to run eng firmware (and consequently, be essentially oem unlocked on a us device), knox requires a special certificate be installed on the device

TDIL

 

[Heathmcdonald]

Oh that just killed all my hope, if part cyborg says it can't be done I'm gonna believe him, after the magic he pulled off on the s8 I tend to think he knows exactly what he's talkin about lol

 

[honam1021]

There's still a tiny bit of hope for anyone who has US Snapdragon device:
https://forum.xda-developers.com/galaxy-note-9/how-to/n960u-u1-t3897797

elliwigy has so far managed to get root on a Note9 combination firmware but the kernel panics as soon as he tries to remount partition or install su.

 

[Heathmcdonald]

@partcyborg Idk if this helps but # *9900# brings up this menu where you can turn upload mode on. Was that why the s8 method won't work on s9?

 

[Heathmcdonald]

Qualpwn is our hope

 

[joeldf]

Like I said in the other thread... over a year and nothing yet.

Not every device gets root. Time to move on.

Sent from my Amazon KFKAWI using XDA Labs

 

[Heathmcdonald]

Like I said in the other thread... over a year and nothing yet.

Not every device gets root. Time to move on.

Why when there is obviously an exploit that is able to get root and if u have to learn to code my self I'm going to do it simply because you think it can't be done for whatever reason in spite of documentation to the contrary. You aren't even posting from an s9 anyway so I'm not sure why you care but it's all good

 

[ve6ay]

Nothing recently, but has anyone looked into this new Qualpwn situation? Or the V4L2 escalation bug?

 

[joeldf]

Why when there is obviously an exploit that is able to get root and if u have to learn to code my self I'm going to do it simply because you think it can't be done for whatever reason in spite of documentation to the contrary. You aren't even posting from an s9 anyway so I'm not sure why you care but it's all good

Actually, I do have an S9. I have several devices that I might post from. I also post from a Fire HD 8, a work PC, and a home PC.

If such an exploit existed for this specific device, XDA wouldn't be hiding it so well. They'd be screaming about it from the rooftops.

If something new is found, great. I hope for the best.

 

[Heathmcdonald]

It is a known exploit. Nobody has made it into a script or anything like that but it has definitely been done and Is possible on this device as long as you haven't taken the August update, it's a flaw in the modem that we share with alot of qualcomm devices and it allows you to hijack the kernel so I'm not sure why it is that you think it doesn't exist when it's been publicly announced. I mean how much more proof could you need?

 

[Warlockguitarman]

Diagnostic boot screen?

Im playing with a black listed s9 on bootloader v5, flashed it with combo file and in factory binary mode im typing in secret codes to the dialer and changed a few settings and I get the same boot screen I do on my s8+ and note 8 that have samfail root and safestrap installed. Could this be a start to getting root?

 

[joeldf]

It is a known exploit. Nobody has made it into a script or anything like that but it has definitely been done and Is possible on this device as long as you haven't taken the August update, it's a flaw in the modem that we share with alot of qualcomm devices and it allows you to hijack the kernel so I'm not sure why it is that you think it doesn't exist when it's been publicly announced. I mean how much more proof could you need?

An actual rooted device with repeatable process posted on xda would be a start. If it's that easy, what's stopping you?

Im playing with a black listed s9 on bootloader v5, flashed it with combo file and in factory binary mode im typing in secret codes to the dialer and changed a few settings and I get the same boot screen I do on my s8+ and note 8 that have samfail root and safestrap installed. Could this be a start to getting root?

Try it and let us know.

 

[partcyborg]

Im playing with a black listed s9 on bootloader v5, flashed it with combo file and in factory binary mode im typing in secret codes to the dialer and changed a few settings and I get the same boot screen I do on my s8+ and note 8 that have samfail root and safestrap installed. Could this be a start to getting root?

No

 

[Warlockguitarman]

I flashed a file to root it like the Chinese versions and it went all the way to recovery before it failed. I wonder if I could use a program to break the md5 file down and change the recovery file out with a stock one and get it to work

 

[Heathmcdonald]

If I was a programmer I would ****, it's documented and was the reason for the August update, if I called myself a programmer/hacker I would be glad to post an article about it but I'm not. That doesn't change the fact that it's been proven possible, that's all I'm sayin for christ sake never said it was easy just possible

 

[joeldf]

I know what you're saying. All I'm saying is that we need real world application of this exploit. There are plenty of people in this group that do this kind of stuff all the time.

I mean, over in the Amazon Fire Tablet group, they finally got into the recent HD 8 models. And, it's not like that device has a huge root following. Certainly not as much as there is for the Galaxy lines. If that exploit can be used, someone would have done it by now. The fact that it hasn't happened yet tells me more about the possibility.

I'm not a programmer or hacker either, but I do keep up with what's actually happening with some of these devices - usually if it's one that I have myself.

I was able to root and load a custom ROM on an old first gen Kindle Fire tablet a couple of years ago thanks to these forums.

But, hey, if someone posts a root method on the Snapdragon S9 tomorrow, great. Then we'd finally have something. Don't think no one is trying.

 

[partcyborg]

I flashed a file to root it like the Chinese versions and it went all the way to recovery before it failed. I wonder if I could use a program to break the md5 file down and change the recovery file out with a stock one and get it to work

What you wrote here literally makes no sense and isn't how any of these technologies work. You may as well have just said you were going to reroute the encryptions

 

[partcyborg]

If I was a programmer I would ****, it's documented and was the reason for the August update, if I called myself a programmer/hacker I would be glad to post an article about it but I'm not. That doesn't change the fact that it's been proven possible, that's all I'm sayin for christ sake never said it was easy just possible

You would what? WHAT is documented?!?!

 

[pocketrussian]

You would what? WHAT is documented?!?!

Not sure, maybe he is referring to this https://www.bleepingcomputer.com/ne...roid-zero-day-impacts-google-samsung-devices/