• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

[ROOT][N960U/U1/W] Extreme Syndicate

Search This thread

elliwigy

Forum Moderator / Recognized Dev / Dev Relations
Staff member
XDA App Taskforce
This method is brought to you entirely by @elliwigy He is the reason for this exploit and method.
With that being said, Extreme Syndicate Root is now available!


Disclaimer:

The Extreme Syndicate team and it's affiliates are not responsible for your actions or your device if any issues are to arise. You flash this and utilize these files at your own risk. You have been warned!


The Adventure!:

I will not get into any technical details here. Just know that this method has taken me ~1 year from start to finish. I also went through a number of devices during this time (at least 7 devices), even sold my original N9 then somehow ended up with another one before this root method was found. Some of us devs might be a bit burnt out so don't get upset if we are not in here all day every day answering everyones questions. We hope users will help eachother, that is what XDA is all about! Also, if you want more real time conversation/support then please join our Telegram group (link posted below) as this is easier for us to moderate and allows discussion to be had in real time. I don't always check XDA messages or PM's as it can be a lot and very tiresome so your best bet is Telegram!

Also, donations/money is not expected or required but if you feel obliged to share what you can then that would be greatly appreciated! Donations keep me on the grind and sometimes can even help me in acquiring other devices to work on. I had issues with Paypal a while back (SamPWND days) and do not have a Paypal account. I do however have a Venmo and Transferwise accounts that work in most situations.

Venmo - http://www.venmo.com/Thomas-Huntington-10

Transferwise - PM @elliwigy for info to donate using Transferwise.


Now Let's get into the files/method!

Notes:
- This does NOT trip KNOX so don't ask.
- Bootloader is of course still locked.
- This uses some partitions from combo firmware which means 80% battery.
- Each variant will have its own post in its own section. N9 in N9 section, S9 in S9 section, S9+ in S9+ section.. Make sure youre in the right one!
* Variants this should work on are: N960U/U1/W, G965U/U1/W, G960U/U1/W. If you do not have one of these variants then this forum is not for you!
- Initial files/method will leave you on Oreo stock root.
* Some users were successful in running Pie GSI but the initial posts will not include this. Others will do this and maybe down the road threads will be updated.
- It works on latest rev's from rev1 up to the most recent revs.
- As of the initial first release, all variants have an issue with MTP not working, we are working on it however.
- S9 and S9+ also might have some issues with the selfie cam. Also being looked into.
- There will be 3 threads created as this method works on 3 different variants. These groups will be facilitated by the following:
- Note 9 @elliwigy
- S9+ @klabit87
- S9 @jrkruse
- Telegram Support Group for All 3: https://t.me/joinchat/DxwvAlhtzHjg4EI9973BGQ


INSTRUCTIONS:

1. Downloads: https://www.androidfilehost.com/?fid=4349826312261712216
MD5: 8eff557da284dabb44a55fd5225f41a3

MIRROR until AFH fixes their links:

https://drive.google.com/file/d/1vm4csJZV_zKmWLnf1iGmK1-lnvFy8Sfp/view?usp=drivesdk

2. In odin folder flash the combo firmware

3. Once combo is booted up run the root bat. When done phone will reboot to download.

4. In odin flash the bootswap.tar.md5 file. What this does is swaps the boot and recovery images which allows system to be mounted rw.

5. Now when done flashing you need to hold the buttons to boot to recovery but since we swapped boot and recovery images it will boot system.

6. Now put your phone in airplane mode. This must be done whenever using Flashfire. Copy the system.img, vendor.img, and ODM zip files to your phone.

7. In Flashfire, choose zip and select the odm zip. Then choose firmware and choose the system.img and the vendor.img. Then choose data wipe and wipe user and system data (the default choices). Make sure inject super su is NOT enabled. Disable it. Do not let flashfire inject root!!

8.. Now click flash. When finished you will have to hold buttons to reboot to recovery until you see boot animation. You must do this on every reboot. If you do not it will reboot to stock recovery. If it reboots to stock recovery just reboot system and hold buttons to reboot to recovery again.

9. When rom is booted up your computer will not recognize the phone for mtp file transfer. Adb does still work so you can transfer stuff that way (you need to switch to ptp transfer method in the dropdown) or use USB adapter and use a thumb drive.

10. Biometrics do not work so don’t try to setup fingerprint or face recognition.

Some GSI may work. YMMV


ShoutOuts:

@jrkruse - Helping me over the years and for all his contributions.
@klabit87 - Ditto
@me2151 - Ditto
@gsm-CHEN - Ditto
@mweinbach - For always posting my achievements on the XDA News portal as well as giving me someone to troll sometimes when bored.
@ShaDisNX255 - He was our best tester, give him credits for testing out GSI as well!
@everyone else I am forgetting!


ENJOY!


XDA:DevDB Information
Extreme Syndicate, ROM for the Samsung Galaxy Note 9

Contributors
elliwigy, jrkruse, klabit87, me2151
ROM OS Version: 8.x Oreo
ROM Kernel: Linux 4.x
ROM Firmware Required: Provided
Based On: Touchwiz

Version Information
Status: Beta
Current Beta Version: v1
Beta Release Date: 2020-01-31

Created 2020-01-31
Last Updated 2020-01-31
 
Last edited:

billa

Senior Member
Mar 30, 2006
731
356
Gotta whip out my "old" N9 and try this... sadly as usual with combi firmware there are some restrictions, but hey better than nothing.
Too bad we can't even flash combi on S10's... yet.
 
Last edited:

elliwigy

Forum Moderator / Recognized Dev / Dev Relations
Staff member
XDA App Taskforce
Gotta whip out my "old" N9 and try this... sadly as usual with combi firmware there are some restrictions, but hey better than nothing.
Too bad we can't even flash combi on S10's... yet.

i been flashin combo on my g975u and n976v sibce release day.. you just need to obtain the right files and kno the vuln to flash without tokens.. still no root yet tho on 10 n up devices
 

elliwigy

Forum Moderator / Recognized Dev / Dev Relations
Staff member
XDA App Taskforce
I've waited forever to do this. Have a N960 still in the sealed box. Can I flash Magisk with this method or is SU the only root tool?





:eek::good:
i dunno wat to tell u.. this is not an unlocked BL so no, magisk as it stands will not be possible.. same as every other locked bl device that has got root over last years and years.. nothing has changed..

that being saidtechnically u can use magisk but it sill b installed in system/daemon mode and modules n everything will not work.. i use supersu bcuz its morestable in system mode and some older root apps like flashfire dont work with magisk su.

if u need more info than this then should research more online on bootloaders, avb, etc etc

Sent from my SM-G977P using Tapatalk
 
  • Like
Reactions: sw1173

DJBhardwaj

Recognized Contributor
Apr 23, 2011
5,050
2,707
27
Delhi
Very happy to see this! Thanks, everybody on the team for the development.

Sorry for the question, but I am confused. Would this work on a Note 9 running Android 10? Or, does it need the phone to be running Android 8.0/8.1 Oreo?
 

billa

Senior Member
Mar 30, 2006
731
356
i been flashin combo on my g975u and n976v sibce release day.. you just need to obtain the right files and kno the vuln to flash without tokens.. still no root yet tho on 10 n up devices

You da man, much respect! I'm glad you found a way to bypass the combi authorization that's normally needed.
So, if you can flash the combi, what's holding back running a properly crafted root script?
Kernel's not SELinux permissive with combi or something else?

Now I'm just afraid that Samsung will probably patch this boot/recovery switcheroo exploit... is that possible with a kernel update, or is it hard coded in the hardware?
 
Last edited:

elliwigy

Forum Moderator / Recognized Dev / Dev Relations
Staff member
XDA App Taskforce
Very happy to see this! Thanks, everybody on the team for the development.

Sorry for the question, but I am confused. Would this work on a Note 9 running Android 10? Or, does it need the phone to be running Android 8.0/8.1 Oreo?

use the included files.. root on android 10 not possible
 

elliwigy

Forum Moderator / Recognized Dev / Dev Relations
Staff member
XDA App Taskforce
You da man, much respect! I'm glad you found a way to bypass the combi authorization that's normally needed.
So, if you can flash the combi, what's holding back running a properly crafted root script?
Kernel's not SELinux permissive with combi or something else?

Now I'm just afraid that Samsung will probably patch this boot/recovery switcheroo exploit... is that possible with a kernel update, or is it hard coded in the hardware?

huh?
 

Top Liked Posts

  • There are no posts matching your filters.
  • 33
    This method is brought to you entirely by @elliwigy He is the reason for this exploit and method.
    With that being said, Extreme Syndicate Root is now available!


    Disclaimer:

    The Extreme Syndicate team and it's affiliates are not responsible for your actions or your device if any issues are to arise. You flash this and utilize these files at your own risk. You have been warned!


    The Adventure!:

    I will not get into any technical details here. Just know that this method has taken me ~1 year from start to finish. I also went through a number of devices during this time (at least 7 devices), even sold my original N9 then somehow ended up with another one before this root method was found. Some of us devs might be a bit burnt out so don't get upset if we are not in here all day every day answering everyones questions. We hope users will help eachother, that is what XDA is all about! Also, if you want more real time conversation/support then please join our Telegram group (link posted below) as this is easier for us to moderate and allows discussion to be had in real time. I don't always check XDA messages or PM's as it can be a lot and very tiresome so your best bet is Telegram!

    Also, donations/money is not expected or required but if you feel obliged to share what you can then that would be greatly appreciated! Donations keep me on the grind and sometimes can even help me in acquiring other devices to work on. I had issues with Paypal a while back (SamPWND days) and do not have a Paypal account. I do however have a Venmo and Transferwise accounts that work in most situations.

    Venmo - http://www.venmo.com/Thomas-Huntington-10

    Transferwise - PM @elliwigy for info to donate using Transferwise.


    Now Let's get into the files/method!

    Notes:
    - This does NOT trip KNOX so don't ask.
    - Bootloader is of course still locked.
    - This uses some partitions from combo firmware which means 80% battery.
    - Each variant will have its own post in its own section. N9 in N9 section, S9 in S9 section, S9+ in S9+ section.. Make sure youre in the right one!
    * Variants this should work on are: N960U/U1/W, G965U/U1/W, G960U/U1/W. If you do not have one of these variants then this forum is not for you!
    - Initial files/method will leave you on Oreo stock root.
    * Some users were successful in running Pie GSI but the initial posts will not include this. Others will do this and maybe down the road threads will be updated.
    - It works on latest rev's from rev1 up to the most recent revs.
    - As of the initial first release, all variants have an issue with MTP not working, we are working on it however.
    - S9 and S9+ also might have some issues with the selfie cam. Also being looked into.
    - There will be 3 threads created as this method works on 3 different variants. These groups will be facilitated by the following:
    - Note 9 @elliwigy
    - S9+ @klabit87
    - S9 @jrkruse
    - Telegram Support Group for All 3: https://t.me/joinchat/DxwvAlhtzHjg4EI9973BGQ


    INSTRUCTIONS:

    1. Downloads: https://www.androidfilehost.com/?fid=4349826312261712216
    MD5: 8eff557da284dabb44a55fd5225f41a3

    MIRROR until AFH fixes their links:

    https://drive.google.com/file/d/1vm4csJZV_zKmWLnf1iGmK1-lnvFy8Sfp/view?usp=drivesdk

    2. In odin folder flash the combo firmware

    3. Once combo is booted up run the root bat. When done phone will reboot to download.

    4. In odin flash the bootswap.tar.md5 file. What this does is swaps the boot and recovery images which allows system to be mounted rw.

    5. Now when done flashing you need to hold the buttons to boot to recovery but since we swapped boot and recovery images it will boot system.

    6. Now put your phone in airplane mode. This must be done whenever using Flashfire. Copy the system.img, vendor.img, and ODM zip files to your phone.

    7. In Flashfire, choose zip and select the odm zip. Then choose firmware and choose the system.img and the vendor.img. Then choose data wipe and wipe user and system data (the default choices). Make sure inject super su is NOT enabled. Disable it. Do not let flashfire inject root!!

    8.. Now click flash. When finished you will have to hold buttons to reboot to recovery until you see boot animation. You must do this on every reboot. If you do not it will reboot to stock recovery. If it reboots to stock recovery just reboot system and hold buttons to reboot to recovery again.

    9. When rom is booted up your computer will not recognize the phone for mtp file transfer. Adb does still work so you can transfer stuff that way (you need to switch to ptp transfer method in the dropdown) or use USB adapter and use a thumb drive.

    10. Biometrics do not work so don’t try to setup fingerprint or face recognition.

    Some GSI may work. YMMV


    ShoutOuts:

    @jrkruse - Helping me over the years and for all his contributions.
    @klabit87 - Ditto
    @me2151 - Ditto
    @gsm-CHEN - Ditto
    @mweinbach - For always posting my achievements on the XDA News portal as well as giving me someone to troll sometimes when bored.
    @ShaDisNX255 - He was our best tester, give him credits for testing out GSI as well!
    @everyone else I am forgetting!


    ENJOY!


    XDA:DevDB Information
    Extreme Syndicate, ROM for the Samsung Galaxy Note 9

    Contributors
    elliwigy, jrkruse, klabit87, me2151
    ROM OS Version: 8.x Oreo
    ROM Kernel: Linux 4.x
    ROM Firmware Required: Provided
    Based On: Touchwiz

    Version Information
    Status: Beta
    Current Beta Version: v1
    Beta Release Date: 2020-01-31

    Created 2020-01-31
    Last Updated 2020-01-31
    5
    u dont get it, thats y u shouldnt use it lol

    oreo because the combo firm is oreo.. ppl have had success booting 9 and Q gsis tho but i dont expect you to get it lol..

    if u cant think of any uses for root then stay stock, wont bother us at all

    Well..... I was being civilized and respectful until someone had to make an asinine comment. I know the benefits of rooting when the bootloader is unlocked and there is a custom recovery. With Adguard and Package Disabler today, I didn't understand what else is really wanted from a rooted phone. I asked a question politely and you of.course had to find away to attack someone that has a different view then you. Very Democractic. Congrats. Do you feel better trying to school someone that's been in this since the start? Just close your mouth and put your hands back in your pockets. Troll.
    4
    *snaps*

    Posts deleted, thread cleaned.

    Inevitable Moderator action is inevitable.

    Please report rule violations instead of replying to them. Moderators are here to help.

    Carry on my wayward sons.

    :good:
    3
    Hello! I would like to root my Note9 N960U so that I may use an app called DiskDigger to recover older files. After some research, it seems that even after rooting your device, all data is wiped? Not to mention the potential of breaking (bricking?) your phone. One of the responses above says that if this is my only device , then I should not root this phone; so are there any alternatives out there? Please and thank you.



    Call the FBI and tell them you suspect this phone has kiddy porn on it. They’ll recover your files for you


    Sent from some device I modified

    ---------- Post added at 05:00 PM ---------- Previous post was at 04:36 PM ----------

    Honestly they are probably lost. Some people say dr phone works but I know nothing about it


    Sent from some device I modified
    3
    @elliwigy , hope you realize not all of us here at XDA are as blind to their entitlement. I don't dare quote the person in question, but I for one, appreciate everything you have brought here to us and furthermore what you've done for our community as a whole.

    You my good sir, rock. Like a boulder.

    lol all good.. they dont bother me, if anything ill try to make some fun out of it.. its the only thing u can do sometimes.