Root guide (updated)

Search This thread

LocBox

Senior Member
Aug 16, 2009
178
21
Microsoft Surface Duo
  • Like
Reactions: pvillasuso

pvillasuso

Senior Member
thank you Kindly, i don't know why payload dumper isn't working for me. This whole thing was a breeze for me for the longest, then since September i can't seem to get it rooted again. Always boots to a frozen keyguard.
Same happened to me with that frozen screen
Had to do a factory reset in recovery , after sideloading the latest OS .img from microsoft site , I also relocked the bootloader .
Gonna keep it stock for a while and wait for android 11 , if we dont get it , i will root it again ( Ad blocking , and for viper FX )
 

LocBox

Senior Member
Aug 16, 2009
178
21
Microsoft Surface Duo
Anybody experiencing Auto-rotation issues? my home sceen won't rotate to landscape at all for some reason. Also, this build feels a bit slower and clunkier than last month's etc. Im seeing some stuttering when opening the app drawer and the back swipe gesture doesn't register quite as often as it did before. Like maybe every three back swipes it doesn't read my thumb swipe.
 

LocBox

Senior Member
Aug 16, 2009
178
21
Microsoft Surface Duo
Anybody experiencing Auto-rotation issues? my home sceen won't rotate to landscape at all for some reason. Also, this build feels a bit slower and clunkier than last month's etc. Im seeing some stuttering when opening the app drawer and the back swipe gesture doesn't register quite as often as it did before. Like maybe every three back swipes it doesn't read my thumb swipe.
Looks like a factory reset fixed this for me, but I'm noticing that Riru won't install correctly. It keeps saying selinux permissions aren't setup correctly in the rom. Anyone else with this issue currently?
 

ThrowARoot

Member
Jul 23, 2021
5
1
Microsoft Surface Duo
My Duo randomly decided to update on its in own and broke my root...or something, not really sure. Tried to follow the instructions for updating after root. Couldn't follow it so I ended up doing a factory reset and tried to start over. I am getting stuck on the windows logo again and I can't for the life of me remember how I got past it last time. Anyone have any tips? I've been looking all over as best as I could for other tips and have been unsuccessful.
 

pvillasuso

Senior Member
My Duo randomly decided to update on its in own and broke my root...or something, not really sure. Tried to follow the instructions for updating after root. Couldn't follow it so I ended up doing a factory reset and tried to start over. I am getting stuck on the windows logo again and I can't for the life of me remember how I got past it last time. Anyone have any tips? I've been looking all over as best as I could for other tips and have been unsuccessful.
Best option IMO , is to sideload the latest surface duo "firmware"

Full guide:


Good Luck !
 

Jyers

Member
Jun 13, 2019
6
4
Looks like a factory reset fixed this for me, but I'm noticing that Riru won't install correctly. It keeps saying selinux permissions aren't setup correctly in the rom. Anyone else with this issue currently?
I've been doing a ton of tinkering and figured out that riru v25 will install and works great. I've got edxposed working on my duo so riru is definitely working. Just go to the releases on the riru github and download the latest v25 release
 

Jyers

Member
Jun 13, 2019
6
4
In case anyone is curious, the new android 11 update is rootable with the newest magisk v23!!!!!!

This means riru and everything should work right out the bat.

Happy rooting :)
 

Top Liked Posts

  • There are no posts matching your filters.
  • 3
    Since the last guy hasn't been updating his op, I figured I'd start a fresh thread with what we know and what to do for newcomers.

    I will not be posting patched boot images in this thread, I'm a firm believer of "give you steps to follow from the top so you know what's going on and can do this yourself in the future". The more hands we have in the kitchen, the more we learn, and the better we are off as a community.

    Walkthroughs for both fresh rooting and updating while rooted are both below:

    ==== FRESH ROOT ====

    0. make sure USB debugging is on in settings > developer options
    0. make sure the phone's bootloader is actually unlocked, if the below doesn't work, back up all the data on your phone because we're about to wipe it
    Code:
    .\fastboot.exe flashing unlock
    .\fastboot.exe flashing unlock_critical
    I did both, but it might only require one of the two, if you only did one and it doesn't work you may not be fully unlocked and might have to do the other. Both of these commands from the bootloader will factory reset your phone. if you've already done this, go to step 1.

    1. go here https://support.microsoft.com/en-us/surface-recovery-image put in your serial number (can be found in settings) and download the latest recovery image

    2. download payload_dumper from here https://gist.github.com/ius/42bd02a.../48ffe1eee59af9a7da883d9ec7902d1507428dc4.zip

    3. download the latest platform-tools from here https://developer.android.com/studio/releases/platform-tools

    4. extract all three zips to the same folder, a folder on your desktop is fine, mine is just the name of the current MS zip archive (2021_314_91 at time of writing and used in the below examples)

    5. open powershell, and cd to that folder.

    6. from the folder, run it like this
    Code:
    PS C:\wherever\your\****\is\2021_314_91> python.exe -m payload_dumper ./payload.bin
    (this will extract a bunch of stuff, boot.img is all we care about today)

    6a. if you don't have python, get it from ninite https://ninite.com/pythonx3/ and go back to step 5/6 and try again, you will likely also need to do a "pip install protobuf" to get the required python libraries for payload-dumper

    7. download the latest version of magisk manager (the new magisk app may work, but I've not tested it, this is the exact version I am using on the exact phone you are using. If you feel like trying the app please report in the thread below!) https://github.com/topjohnwu/Magisk/releases/download/manager-v8.0.7/MagiskManager-v8.0.7.apk

    8. install magisk manager on your phone

    9. make a text file, I called mine magisk_channel.txt and put this in it
    Code:
    https://raw.githubusercontent.com/Lethany/magisk_files/0755a7d5f596dc2a351270120b31b665fb561294/stable.json
    this is the "custom" channel we are using to force an older version of magisk that doesn't choke on our device like newer versions do.

    10. use usb data transfer mode to copy the boot.img file we extracted from step 6 and the text file we created in step 8 to your phone's internal storage, I have a folder on the root of the internal storage directory called Z_Phone, but anywhere is fine as long as you know where it is and remember it later.

    11. in magisk manager, click the gear in the top right and then select "update channel" > "custom channel"

    12. use your duo's dank duo mode to open a file browser on the other screen, open the text file we made in step 9

    13. copy and paste the custom channel text into the custom channel field under update channel in magisk so it has the text from step 9 in it. (the text file just saves us typing it out by hand)

    14. go back to the magisk main screen, and click install next to "magisk"
    14b. click next
    14c. click "select and patch a zip file"
    14d. browse to the location we uploaded boot.img to in step 9 and select boot.img
    14e. click let's go
    (this will create the patched boot.img, it'll be named magisk_patched_[some garbage].img)

    15. open the internal storage on your PC again, and go to your phone's "downloads" folder, it'll have that patched boot.img (if you've tried this a bunch of times and don't remember which one we just made, feel free to delete all the old ones and do 14-14e again) copy this patched_boot.img to your computer, I just put it in that same folder as step 4

    16. in powershell, cd back to that same working folder we've been using and run
    Code:
    .\adb.exe reboot bootloader

    The phone will reboot to the bootloader and we can now try booting the patched image

    16. in powershell, run
    Code:
    .\fastboot.exe boot .\magisk_patched_[WHATEVER_YOURS_IS_NAMED].img

    17. if your phone boots, that's a great sign and we're out of the woods, nothing else will probably go wrong from here, if it doesn't boot factory reset your phone and start at step 0.

    18. open an adb shell prompt and make our boot partitions writable with the below 4 lines, run one by one. Right now we're "rooted" but we've booted off an image over usb, what we really want is to boot off the images on your phone so we need to.
    Code:
    .\adb.exe shell
    su
    chmod 777 /dev/block/by-name/boot_a
    chmod 777 /dev/block/by-name/boot_b

    19. write the patched boot image to your boot partitions with the below lines, again run one by one
    Code:
    adb shell
    su
    dd if=/sdcard/[PATH TO IMAGE]/[PATCHED BOOT].img of=/dev/block/by-name/boot_a
    dd if=/sdcard/[PATH TO IMAGE]/[PATCHED BOOT].img of=/dev/block/by-name/boot_b
    (my patched boot image is in a folder called "Z_Phone" and my patched image is called "magisk_patched_ks4OZ.img" so my commands look like:
    Code:
    dd if=/sdcard/Z_Phone/magisk_patched_ks4OZ.img of=/dev/block/by-name/boot_a
    dd if=/sdcard/Z_Phone/magisk_patched_ks4OZ.img of=/dev/block/by-name/boot_b
    )

    20. reboot your phone via the power button menu and if all went well, you're now rooted!

    ==== UPDATE WHILE ROOTED ====

    1. go here https://support.microsoft.com/en-us/surface-recovery-image put in your serial number (can be found in settings) and download the latest recovery image

    2. download payload_dumper from here https://gist.github.com/ius/42bd02a.../48ffe1eee59af9a7da883d9ec7902d1507428dc4.zip

    3. download the latest platform-tools from here https://developer.android.com/studio/releases/platform-tools

    4. extract all three zips to the same folder, a folder on your desktop is fine, mine is just the name of the current MS zip archive (2021_314_91 at time of writing)

    5. open powershell, and cd to that folder.

    6. from the folder, run it like this
    Code:
    PS C:\wherever\your\****\is\2021_314_91> python.exe -m payload_dumper ./payload.bin
    (this will extract a bunch of stuff, boot.img is all we care about today)

    7. boot off of your old magisk patched boot image
    Code:
    .\adb.exe reboot bootloader
    .\fastboot.exe boot ..\[LAST VERSION'S FOLDER]\magisk_patched_[WHATEVER_YOURS_IS_NAMED].img

    8. write the old, unpatched boot partition to your boot partitions with the below lines, again run one by one
    Code:
    adb shell
    su
    dd if=/sdcard/[PATH TO IMAGE]/boot.img of=/dev/block/by-name/boot_a
    dd if=/sdcard/[PATH TO IMAGE]/boot.img of=/dev/block/by-name/boot_b
    (my unpatched boot image is in a folder called "Z_Phone" and my unpatched image in this example is called "boot.img" so my commands look like:
    Code:
    dd if=/sdcard/Z_Phone/boot.img of=/dev/block/by-name/boot_a
    dd if=/sdcard/Z_Phone/boot of=/dev/block/by-name/boot_b
    )

    9. reboot

    10. run the OTA update on your now freshly stock phone

    11. use magisk to patch the new boot image same as in the first root instructions (14a-14e)

    12. copy this patched image off of the phone and into our working directory. leave a copy of this on the phone (I put it in my Z_Phone folder)

    13. reboot to bootloader (in powershell, in that same working folder we've been using run)
    Code:
    .\adb.exe reboot bootloader

    14. Boot your phone using the patched boot image (in powershell, run)
    Code:
    .\fastboot.exe boot .\magisk_patched_[WHATEVER_YOURS_IS_NAMED].img

    15. write the patched boot image to your boot partitions with the below lines, again run one by one
    Code:
    adb shell
    su
    dd if=/sdcard/[PATH TO IMAGE]/[PATCHED BOOT].img of=/dev/block/by-name/boot_a
    dd if=/sdcard/[PATH TO IMAGE]/[PATCHED BOOT].img of=/dev/block/by-name/boot_b
    (my patched boot image is in a folder called "Z_Phone" and my patched image is called "magisk_patched_ks4OZ.img" so my commands look like:
    Code:
    dd if=/sdcard/Z_Phone/magisk_patched_ks4OZ.img of=/dev/block/by-name/boot_a
    dd if=/sdcard/Z_Phone/magisk_patched_ks4OZ.img of=/dev/block/by-name/boot_b
    )

    16. reboot and you're updated and rooted!
    3
    ...
    6a. if you don't have python, get it from ninite https://ninite.com/pythonx3/ and go back to step 5/6 and try again
    ...
    One hint for the ones also getting stuck after this step:
    You also have to install "Protobuf" with the Powershell command
    python -m pip install protobuf
    1
    For anyone who needs it, here is a patched boot.img for ATT Locked 2021_525_63
    1
    That's on a fresh install or after flashing the Magisk-modified boot.img?

    I'm about to restore with the recovery image & start this again, in case there's some different between OTA & recovery.

    EDIT: Doing a factory reset, ADB sideload of the recovery image, creating the new Magisk boot.img, & booting still doesn't work. I'm going to try the guide's version one more time to use the older version of Magisk Manager & the custom channel, but based on previous experience, I'm not hopeful. I only bought this as a device to have fun with because it can be rooted, so I'm regretting this purchase right now =\

    I do have the factory unlocked, not the ATT version. In my experience when your lockscreen touch input is not recognized, that happens when either the boot image doesn't match the factory image, or someone has used the factory unlocked boot on an ATT phone or vice-versa.

    I'd try a dirty flash of the complete applicable factory images (not just boot/recovery) and then factory reset, then start again from the top. It's possible one of your updates didn't complete or something's become inconsistent between A/B
    1
    I am in the same boat as Veritas is. My Duo is from ATT and hangs on the Microsoft logo as well. I am very new to rooting and what goes into it so a lot of this stuff I am seeing for the first time. How do I know if I have the correct boot? I went through the whole process of extracting the boot image from the recovery file for my phone off of the Microsoft website. Does that get me the right boot to use?