Wouldn't be nice if we let people know we are currently trying to actively unlock the bootloader (indicate it somewhere in the post title or even a new post) so people can join at least to test things or to understand how the code works or suggest new ideas. We can add at the beginning of the post some kind of information, for example what we know, what we don't, what is currently being tested or has been tested, tools to use to develop, to disassemble, etc (even upload some of them or suggest them). I think that if we organize well, we can make it done sooner than later.
possible zero-day for vzw pixel 2 xl root
- Thread starter t2noob
- Start date
since there is exploit and been active since fall of 2018 or later I'm going to try Kingo root & kingroot to see if root pixel 2 that arrived yesterday.Its Verizon model locked down but my security patch Oct 2018 so maybe it will work and if break phone just send it back,sean
Is this something new??
https://twitter.com/Digital_Cold/status/1182098907096125441
If this is not good, then please delete....
Its only temporary root, nevermind.....
https://twitter.com/Digital_Cold/status/1182098907096125441
If this is not good, then please delete....
Its only temporary root, nevermind.....
Last edited:
theres already a poc to set permissive n temp root.. now need to figure out bl unlock
not good to install root in the way he does especially on a locked bl withsecure boot enabled.. u could potentially brick..
safer to install systemlessly in daemon mode imo
Would it be safe to alter directories that are not /system ? and is there any way to launch another app from the terminal with elevated permissions?
Last edited:
Is this systemless?Hey everyone!
I am here to post some good news. I have made a set of scripts that can give you temporary root through Magisk. It persists until the next reboot, but setting it up after the initial setup is a lot easier.
The script requires that it be run as root, which means that you need to run the temproot binary provided earlier.
Big thank you to Elliwigy for walking me through the initial process and for providing the commands.
IF YOU DO NOT WANT TO RISK YOUR PHONE BEING BRICKED, DO NOT CONTINUE!
Requirements:
- A Verizon Pixel 2 XL (maybe non XL?) on the September 2019 Security Patch
- A terminal emulator (DO NOT USE TERMUX)
- Some knowledge of how to use the terminal
- The taimentempmagisk.zip file (attached)
- The APK for Magisk Manager (included in the zip)
- Hope
MagiskManager can also be downloaded from here if you wish
- Install the Magisk Manager APK onto your phone
- Push the attached ZIP file provided to /sdcard/Download
- Copy this file to a place where your chosen terminal emulator can run them (This is usually ~)
- Extract the ZIP file with unzip
- Navigate into the scripts folder
- Run ./taimen (you may have to chmod +x it)
- Run ./inittemproot.sh magiskinit64 (you may have to chmod +x it)
- After you have done this, you now have root!
- If you reboot and want root back, just run the temproot executable, then run ./temproot.sh (you may have to chmod +x it)
- Enjoy your root!
edit: sadly it does not work
Attachments
Last edited:
just install systemless root in daemon mode.. easy as that
it does work lol.. im sure more testers will confirm.. posting a screenshot then saying it doesnt work doesnt help us help u in figuring out whats goin on with ur attempt..
yes, it is systemless.. until vzw users find a way to unlock the BL i highly recommend not modifying system or other partitions that are verified on boot bcuz u could hard brick/bootloop and with locked bl end up with no way to revive it.
Basically mostly inspired by tjw github as theres a small section that talks about installing root in daemon only mode.
This means the magiskinit file is pushed to a folder created on data partition. To have minimal impact he uses the odm partition since theres not much use for it by the system and odm/bin is in the path.
magiskinit64 binary is used to create magiskpolicy and magisk binaries. Magiskpolicy patches sepolicy for magisk. Magisk binary is used to start the magisk daemon. su and resetprop are linked to the magisk binary so that when an app calls su it can be granted root. The magiskmanager needs to b installed as it is the root manager, without it if u try to call su the request will b denied.
the folder with the files is on data partition which is bind mounted over /odm.
This creates a "systemless" approach. Only the dir on data is ever modified. Even if u pushed say some binaries to /odm/bin they are actually being written to data..
this is a very basic method.. magisk obviously does a lot more when installed properly but due to the locked bl root can only b installed in daemon mode for now. This means no modules or other stuff. It is basically using the temproot to get a magisk temp root so u can use root apps and not b limited to using a terminal or adb only for root stuff.
We tried installing root in other directories such as /system/bin but of course this causes instability in its current state. odm was the easiest least evasive place we tested to push magisk for now.
its a start.
Does someone know how to change the active partition with root? I need desperately to stay in the September patch but if ai reboot it will go to the October patch. The phone is already buggy like the notification panel not showing up so I need to do a reboot soon.
Edit: tried using
but it doesn't seem to work.
Edit: tried using
Code:
setprop ro.boot.slot_suffix _bAttachments
Last edited:
Not sure you can while actively using one of the partions. Are you trying to switch to slot a or b?
I used
Code:
getprop ro.boot.slot_suffix
Code:
_a
Code:
setprop ro.boot.slot_suffix _b
Code:
setprop: failed to set property 'ro.boot.slot_suffix' to '_b'Just switch off automatic system updates in developer options and you are good to go, it automatically downloaded on my device as well, but i did several reboots, nothing happened
This is what I did. As long as you don't click Restart Now in the updater, it will not apply the updates on reboot.
For real though? It showed a message saying it was installed and that I just had to reboot to apply it.
Edit: Thank you so much, you were right, it's still at the September patch.
Last edited:
New posts
-
[ROM][CFW][10]Havoc-OS v3.12[Begonia][25/12/2020]
- Latest: UnpleasantPeasant
-
Our Apps
Get our official app!
The best way to access XDA on your phone
Nav Gestures
Add swipe gestures to any Android
One Handed Mode
Eases uses one hand with your phone