• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

[ROOT] Rooting for SGP611 with giefroot (Bootloader Locked)

Search This thread

rurie

Member
Jan 28, 2015
15
15
WARNING: This instruction may brick your device permanently. I am not
responsible for any your loss or damage.



The following is the instruction to get root for SGP611 with giefroot(http://forum.xda-developers.com/crossdevice-dev/sony/giefroot-rooting-tool-cve-2014-4322-t3011598)

Requirement:
Bootloader Locked Z3 Tablet Compact Wi-Fi 16GB (SGP611)
D6603(Generic GLOBAL 23.0.A.2.93) firmware (You can got it from XperiFirm)
Flashtool
Install driver included in Flashtool
Patched version of giefroot_v3 (View attachment giefroot_v3_sgp611_fix1.zip)

Download:
View attachment giefroot_v3_sgp611_fix1.zip

Small Instruction:
1.Backup
2.Flash SGP611 firmware (23.0.1.A.0.167) if other version is installed
3.Flash D6603 system partition (23.0.A.2.93)
4.Enable [USB Debug] and [mock locations] and [Unknown Source] , then run install.bat in (View attachment giefroot_v3_sgp611_fix1.zip)
5.You got root!
6.Backup TA, Back to SGP611 firmware

Instruction:
1. Backup all your data (including application data and internal storage)

2. Get SGP611(23.0.1.A.0.167) firmware

3. Get D6603 firmware(Generic GLOBAL 23.0.A.2.93 ftf) from somewhere

4. If firmware version of your device is not 23.0.1.A.0.167, then flash all
contents of ftf to back to 23.0.1.A.0.167
(Start Flashtool and click "flash device", then choose "Flashmode".
On "Firmware Selector" select SGP611 firmware.
Uncheck APPSLOG, CACHE, DATA in Wipe menu.
Check all checkbox in Exclude menu.
Unckeck KERNEL in Exclude menu.
Then click Flash button.
Shutdown your device and connect USB on holding volume down.
Wait 20minute or more to finish.
)

5. Flash only system partition of D6603 (23.0.A.2.93)
(Open "Firmware Selector" with same instruction above.
select D6603 firmware.
Uncheck APPSLOG, CACHE, DATA in Wipe menu.
Check all checkbox in Exclude menu.
Unckeck SYSTEM in Exclude menu.
Then click Flash button.
And flash with same instruction above.
)

6. Power on your device, then enable [USB Debugging] and [Allow mock
locations] in Developer options. And enable [Unknown sources] in Security
setting.
Added:
Disable [Verify apps over USB] in Developer options, and disable [Verify apps] in Security setting.
Thanks kvi!


7. Install usb driver included in Flashtool

8. Download giefroot_v3_sgp611.zip and extract zip

9. Run install.bat in extracted folder, then wait for about 1minute

10. You got root!

11. Backup TA

12. Restore stock firmware by following insruction of this thread http://forum.xda-developers.com/z3-...-to-rooted-stock-sgp621-firmware-drm-t3015494
(replace SGP621 to SGP611 in the instruction)

Thanks to zxz0O0 for giefroot and some other tools.
zxz0O0 spend so much time to make giefroot work on SGP611 kernel.

Thanks to lowtraxx for root instruction for SGP621.
(http://forum.xda-developers.com/z3-...t/root-root-locked-bootloader-sgp621-t3013534)

Thanks to CubicU07 for instruction to restore stock firmware.


The old version (giefroot_v3_sgp611.zip) does not work.
Please try new version (View attachment giefroot_v3_sgp611_fix1.zip).
I'm sorry.
 
Last edited:

moritz31

Senior Member
May 30, 2013
318
148
For me its not working:
Got a Z3TC 16GB WIFI, installed the Z3TC ftf, then flashed the system from the Z3, then used the tool but always get a device not rooted error
 

rurie

Member
Jan 28, 2015
15
15
For me its not working:
Got a Z3TC 16GB WIFI, installed the Z3TC ftf, then flashed the system from the Z3, then used the tool but always get a device not rooted error

It may not succeed in one time.
Plaese try again 3 or 4 or more times.
If you still fails, please let's me know results of commands below.

Code:
adb shell cat /data/local/tmp/giefrootlog
adb shell cat /data/getrootlog
adb shell ls -l /data/local/tmp/scsi_wait_scan.ko
 

moritz31

Senior Member
May 30, 2013
318
148
It may not succeed in one time.
Plaese try again 3 or 4 or more times.
If you still fails, please let's me know results of commands below.

Code:
adb shell cat /data/local/tmp/giefrootlog
adb shell cat /data/getrootlog
adb shell ls -l /data/local/tmp/scsi_wait_scan.ko

hey, i got it the problem seems to be on one site windows10,
on my mac i had to unplug replug the device after reboot before pressing continue
 

rurie

Member
Jan 28, 2015
15
15
I noticed a mistake.
I fixed and upload again. (giefroot_v3_sgp611_fix1.zip)
Please try new file.
This file fixes both exploit itself and install.sh(for Linux/OS X).
 

kvi

Member
Jun 23, 2009
26
3
rooted OK disabling all options for check/verify apps ! (1 option in security + 1 option in Developer options) , Backup TA OK
TA restored on rooted stock firmware , drm keys OK
Thx!
 
Last edited:
  • Like
Reactions: rurie

rurie

Member
Jan 28, 2015
15
15
rooted OK disabling all options for check/verify apps ! (1 option in security + 1 option in Developer options) , Backup TA OK
TA restored on rooted stock firmware , drm keys OK
Thx!

Thank you for reporting and information!
I added your information to the instruction.
 

basajaun

Member
Mar 7, 2009
21
5
FtF global z3 or z3 tablet?

edited:

I was asking if need to build de ftf firmw using z3 as device or z3 tablet, but It works with z3 :)

Works for me, actually running stock android with root and TA partition restored.

THANKS A MIL!
 
Last edited:

kvi

Member
Jun 23, 2009
26
3
I do not speak English, I use google translator
Do not know which section you mean, 5 or 12. If I did 5 you see in this picture
http: // oi59.tinypic.com / 2my85qc.jpg
 

Angelusz

Senior Member
Nov 16, 2008
1,307
10
Nijmegen
:eek: Root with the bootloader intact, that is amazing! Will this also work on the WiFi 4G version? That's the one I have and I don't want to mess it up.
 

alboon2000

Member
May 17, 2013
9
6
I'm a bit confused at step 12 : first thing to do when following CubicU07 instructions is to follow ... lowtraxx instructions...
If we follow CubicU07 thread, we first have to back up TA, but that was step 11 of this current thread. sso I guess we should follow lowtraxx instructions, but this one specifies that it won't work for SGP611, and sends us to this thread. Back to square one, then.

My guess is that we have to follow CubicU07 thread, no matter what he says first (so, I won't follow lowtraxx instructions).

Could you please be more specific for step 12 ? Do we finally have to use Advanced stock kernel, PRFCreator, SonyRICDefeat, ... as described in CubicU07 thread (which also involves unlocking BL) ?
Thank you.
 

Top Liked Posts

  • There are no posts matching your filters.
  • 13
    WARNING: This instruction may brick your device permanently. I am not
    responsible for any your loss or damage.



    The following is the instruction to get root for SGP611 with giefroot(http://forum.xda-developers.com/crossdevice-dev/sony/giefroot-rooting-tool-cve-2014-4322-t3011598)

    Requirement:
    Bootloader Locked Z3 Tablet Compact Wi-Fi 16GB (SGP611)
    D6603(Generic GLOBAL 23.0.A.2.93) firmware (You can got it from XperiFirm)
    Flashtool
    Install driver included in Flashtool
    Patched version of giefroot_v3 (View attachment giefroot_v3_sgp611_fix1.zip)

    Download:
    View attachment giefroot_v3_sgp611_fix1.zip

    Small Instruction:
    1.Backup
    2.Flash SGP611 firmware (23.0.1.A.0.167) if other version is installed
    3.Flash D6603 system partition (23.0.A.2.93)
    4.Enable [USB Debug] and [mock locations] and [Unknown Source] , then run install.bat in (View attachment giefroot_v3_sgp611_fix1.zip)
    5.You got root!
    6.Backup TA, Back to SGP611 firmware

    Instruction:
    1. Backup all your data (including application data and internal storage)

    2. Get SGP611(23.0.1.A.0.167) firmware

    3. Get D6603 firmware(Generic GLOBAL 23.0.A.2.93 ftf) from somewhere

    4. If firmware version of your device is not 23.0.1.A.0.167, then flash all
    contents of ftf to back to 23.0.1.A.0.167
    (Start Flashtool and click "flash device", then choose "Flashmode".
    On "Firmware Selector" select SGP611 firmware.
    Uncheck APPSLOG, CACHE, DATA in Wipe menu.
    Check all checkbox in Exclude menu.
    Unckeck KERNEL in Exclude menu.
    Then click Flash button.
    Shutdown your device and connect USB on holding volume down.
    Wait 20minute or more to finish.
    )

    5. Flash only system partition of D6603 (23.0.A.2.93)
    (Open "Firmware Selector" with same instruction above.
    select D6603 firmware.
    Uncheck APPSLOG, CACHE, DATA in Wipe menu.
    Check all checkbox in Exclude menu.
    Unckeck SYSTEM in Exclude menu.
    Then click Flash button.
    And flash with same instruction above.
    )

    6. Power on your device, then enable [USB Debugging] and [Allow mock
    locations] in Developer options. And enable [Unknown sources] in Security
    setting.
    Added:
    Disable [Verify apps over USB] in Developer options, and disable [Verify apps] in Security setting.
    Thanks kvi!


    7. Install usb driver included in Flashtool

    8. Download giefroot_v3_sgp611.zip and extract zip

    9. Run install.bat in extracted folder, then wait for about 1minute

    10. You got root!

    11. Backup TA

    12. Restore stock firmware by following insruction of this thread http://forum.xda-developers.com/z3-...-to-rooted-stock-sgp621-firmware-drm-t3015494
    (replace SGP621 to SGP611 in the instruction)

    Thanks to zxz0O0 for giefroot and some other tools.
    zxz0O0 spend so much time to make giefroot work on SGP611 kernel.

    Thanks to lowtraxx for root instruction for SGP621.
    (http://forum.xda-developers.com/z3-...t/root-root-locked-bootloader-sgp621-t3013534)

    Thanks to CubicU07 for instruction to restore stock firmware.


    The old version (giefroot_v3_sgp611.zip) does not work.
    Please try new version (View attachment giefroot_v3_sgp611_fix1.zip).
    I'm sorry.
    3
    Success with SGP612

    I couldn't find anyone, anywhere, who had successfully rooted a bootloader locked SGP612 (Z3TC 32GB WiFi variant), so I took the plunge and tried it myself using this method. And....

    It works!

    By replacing any SGP611 specific firmware with SGP612 firmware, this method was successful for me. It took about 10 attempts, and I did a factory reset after installing the D6603 firmware, but it worked! So even though the exploit references SGP611, it works fine on SGP612 too. The only difference between these devices is their onboard storage anyway.
    1
    rooted OK disabling all options for check/verify apps ! (1 option in security + 1 option in Developer options) , Backup TA OK
    TA restored on rooted stock firmware , drm keys OK
    Thx!
    1
    Has anyone got this working with SGP612 yet? (32gb Wifi only version). I have't seen this mentioned anywhere, but it should be similar to SGP611?
    1
    Thank you for confirming the SGP612. Now I'm rooted too.

    The Giefroot script didn't worked on my Windows 8.1 x64 PC and I tried it ~15 times. After executing the commands from the script manually in cmd.exe, it worked in the first running.

    Do you already upgraded to Lollipop with a flashable zip? Do we have to wipe data, when upgrading?

    Glad to hear it worked! I just upgraded to Lollipop now and no data wipe is required. Make a pre-rooted zip using PRF creator and flash from TWRP. To get system R/W access back, run SGP621-RICDefeat.zip from one of the other threads here.