[Root] Stump Root for LG Devices (2012 - 2014) Big update 1.2.0

Search This thread
By:
Advanced…
jcase

jcase

Retired Forum Mod / Senior Recognized Developer
Feb 20, 2010
6,332
15,785
Sequim WA
Stump root is discontinued, no further development will happen. It has been patched. Please dont ask in thread nor email me for additional support.

Again, I WILL NOT ADD FURTHER DEVICES, I will ignore your PMs, eMails, Quotes, Phone Calls, SOS signals. Please don't ask.


Donations: If you decide do donate, please split it between the four people in this post, and don't just send it to 'jcase'


IOMonster - jcase - Autoprime - PlayfulGod - Team Codefire proudly presents

v4Bwcrj.png

Hey bro where is that root you promised your friends were dropping? O wait you deleted your XDA account? Don't step into the fire if you can't take the heat.
This application may not be redistributed, rehosted, repackages, added to your "elite" h4x0r script. Dude it's an app, it doesnt need a script front end.

Credits

IOMonster (thecubed) - Vulnerability & Logic Flow - Paypal
jcase - Exploit Development & Logic Flow - Paypal
autoprime - Logic Flow & Development Support - Paypal
PlayfulGod - UI Development - PayPal

Tunes by azureflux - License: http://creativecommons.org/licenses/by-nc-sa/4.0/
http://freemusicarchive.org/music/Azureflux/Mean_Machine/01_azureflux_-_wizard_house


Known supported models & Firmware:
See https://docs.google.com/spreadsheets/d/1hs0qlcGP80gl9wC0r9bs0AWMD-1D9iGgC9ulCG9roMs/edit#gid=0



Usage:
Install StumpRoot
Run StumpRoot
Reboot after app tells you to
Install SuperSU APK from market
Uninstall StumpRoot

WARNING: This is a root exploit, it makes low level changes to your device. Use at your own risk! By using this app, you agree not to hold it's developers responsible for any damage. This tool should not cause data loss, but it is entirely possible something could bad happen. Backup your data!

Downloads:
Stump Root v1.2.0


Change Log:
v1.2.0
Rewrote Bruteforcer, time reduced from typical 1-2hour to 1-2minutes
Added support for older/other LG devices, like LG OG and LG GPad (all 2012-2014ish devices should be rootable with stump now)
Added a lot of devices to known offset list

v1.1.1
Added Support for LG-F400L Build/KVT49L.F400L10k
Added Support for LG-D851 Build/KVT49L.D85110c
Added Support for LG-D855 Build/KVT49L.A1407214586
Added Support for LG-D855 Build/KVT49L.A1406439589
Added Support for LG-D855 Build/KVT49L.A1407214586
Added Support for LG-D855 Build/KVT49L.A1405331481
Added Support for LG-D858 Build/KVT49L.D85810a


v1.1.0
Spelling corrections
Added Support for LG-D855 Build/KVT49L.A1407411578 (Some firmwares) - Yay whoever did this, first result from the bruteforcer!

v1.0.2
Added bruteforce mode for unsupported models
Added Support for Flex D959 TMobile

v1.0.1
Added patch detection
Added Support for D852 Bell 10B
Added Support for D852 Rogers 10B
Added Support for D852G Videotron 10C

v1.0.0 - initial release
Support for Sprint LG G3 release firmware
Support for AT&T LG G3 release firmware
Support for T-Mobile LG G3 release firmware
Support for Verizon LG G3 release firmware



FAQ:
What is bruteforce mode?
We need to know the right location to "attack", we hardcode it for models/firmwares we have encountered. When Stump hits a device it does not "know" it can bruteforce the location. This can take upwards of 2 hours, but once down (if the phone has an internet connect) it will report it to us, and future builds can include the location.

It says my device is not supported, what do I do?
Let us know what device and firmware it is running as a reply to this thread, and we will try to add it.

Can I unroot, then reroot with Stump?
Sorta, try and if it fails then you will need to restore stock firmware to regain root.

What Superuser app should I use?
The instructions say SuperSU, so probably SuperSU?

What phones does is work on?
Most LGs from mid 2012 to at least mid 2014

Will it work on Moto G (XT1028) by bruteforce??
See above
Click to expand...
Click to collapse
 
Last edited by a moderator:
  • Like
  • Love
Reactions: roirraW "edor" ehT, Justyouforme, EgoEnemy and 509 others
thecubed

thecubed

Inactive Recognized Developer
Aug 19, 2008
1,046
10,458
Austin, TX
It's up guys!

Hats off to the team here, we went from an exploit concept to a fully functional root in under 3 days.
Great job!

Special thanks again to @justinswidebody for sending me a Sprint G3 so we could get this ball rolling.


I should also add that this application is *ONLY* compatible with phones listed in the spreadsheet linked to in the OP.
If you try this on anything other than what's listed, it will NOT work.

Also, if you unroot after rooting, you will need to flash your phone back to 100% stock in order to re-root. This is by design currently.
This root only works on unmodified phones.
 
Last edited:
  • Like
Reactions: SmartAceW0LF, gorillaz28, Sine. and 60 others
autoprime

autoprime

Recognized Dev / Inactive Recognized Contributor
Jun 23, 2010
2,642
11,921
ioroot and purpledrake is kewler!
jk.. stump is the best LG root so far! has potential to support lots of devices.

Picture below is for historic documentation. The YouTube video is the song playing in Stump app.

8rnq9MC.png
Stump-v1.0.0.apk
 
Last edited:
  • Like
Reactions: OnedeeTentee, gorillaz28, Crossvxm and 42 others
milky1112

milky1112

Senior Member
Apr 24, 2011
1,383
881
Somewhere on Earth.
jcase said:
IOMonster - jcase - Autoprime - PlayfulGod - Team Codefire proudly presents

v4Bwcrj.png

Hey bro where is that root you promised your friends were dropping? O wait you deleted your XDA account? Don't step into the fire if you can't take the heat.

This application may not be redistributed, rehosted, repackages, added to your "elite" h4x0r script. Dude it's an app, it doesnt need a script front end.

Credits

IOMonster (thecubed) - Vulnerability & Logic Flow - Paypal
jcase - Exploit Development & Logic Flow - Paypal
autoprime - Logic Flow & Development Support - Paypal
PlayfulGod - UI Development - PayPal

Tunes by azureflux - License: http://creativecommons.org/licenses/by-nc-sa/4.0/
http://freemusicarchive.org/music/Azureflux/Mean_Machine/01_azureflux_-_wizard_house


Known supported models & Firmware:
See https://docs.google.com/spreadsheets/d/1hs0qlcGP80gl9wC0r9bs0AWMD-1D9iGgC9ulCG9roMs/edit#gid=0

Usage:
Install App
Run App
Reboot after app tells you to
Install SuperSU APK from market
Uninstall app

WARNING: This is a root exploit, it makes low level changes to your device. Use at your own risk! By using this app, you agree not to hold it's developers responsible for any damage. This tool should not cause data loss, but it is entirely possible something could bad happen. Backup your data!

Change Log:
v1.0.0 - initial release

Downloads:
Stump Root v1.0.0
Click to expand...
Click to collapse


thank you fellas!
 
  • Like
Reactions: Filmerlondon
SilverZero

SilverZero

Senior Member
May 18, 2010
1,549
409
Well done team! Confirmed working for me. Thanks for the hard work!

Sent from my LGLS990 using XDA Free mobile app
 
B

bhint15

Senior Member
Mar 9, 2008
288
90
Manhattan
Thank you very much! Just ran on my Sprint LG G3 (ZV4 software) "grind" instantly took then I manually rebooted. It rebooted quickly and then showed lockscreen for a second then rebooted again on its own. 2nd reboot stayed up for me to install SuperSU from market - updated binary through "normal" method and it stuck. Root is fully functional and I appreciate your efforts!

---------- Post added at 05:49 PM ---------- Previous post was at 05:48 PM ----------
Wikd said:
Question.. Why do we need to uninstall supersu after opening it?
Click to expand...
Click to collapse

Uninstall stump root not supersu
 
  • Like
Reactions: strskysun1, solis888, bacchus258 and 1 other person
Will32

Will32

Senior Member
May 12, 2011
1,523
659
Benton
bhint15 said:
Thank you very much! Just ran on my Sprint LG G3 (ZV4 software) "grind" instantly took then I manually rebooted. It rebooted quickly and then showed lockscreen for a second then rebooted again on its own. 2nd reboot stayed up for me to install SuperSU from market - updated binary through "normal" method and it stuck. Root is fully functional and I appreciate your efforts!

---------- Post added at 05:49 PM ---------- Previous post was at 05:48 PM ----------



Uninstall stump root not supersu
Click to expand...
Click to collapse
Well that makes more sense. Derp
 
You must log in or register to reply here.

Similar threads

F
[ROM][OFFICIAL] CyanogenMod 13.0 Nightlies for the LG G3 (d855)
Replies
4K
Views
747K
E
ezantera
F
[ROM][OFFICIAL] LineageOS 14.1 Weeklies for the LG G3 (d855)
Replies
3K
Views
627K
G
gledis96
thecubed
Bump! - Unlock your LG G3 with TWRP! (D855 / D852 / D852g / F400)
Replies
856
Views
687K
F
fail lg
AngelBob
[ROM][D855] CyanogenMod 12 OFFICIAL Nightly [Android 5.0 Lollipop]
Replies
5K
Views
992K
loop4444
loop4444
Tectas
[Kernel][26/11/14][LG][D855|F400|D852]Rin Kernel 1.8.5[KITKAT]
Replies
821
Views
194K
C
charles8273

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 512
    jcase
    jcase
    Stump root is discontinued, no further development will happen. It has been patched. Please dont ask in thread nor email me for additional support.

    Again, I WILL NOT ADD FURTHER DEVICES, I will ignore your PMs, eMails, Quotes, Phone Calls, SOS signals. Please don't ask.


    Donations: If you decide do donate, please split it between the four people in this post, and don't just send it to 'jcase'


    IOMonster - jcase - Autoprime - PlayfulGod - Team Codefire proudly presents

    v4Bwcrj.png

    Hey bro where is that root you promised your friends were dropping? O wait you deleted your XDA account? Don't step into the fire if you can't take the heat.
    This application may not be redistributed, rehosted, repackages, added to your "elite" h4x0r script. Dude it's an app, it doesnt need a script front end.

    Credits

    IOMonster (thecubed) - Vulnerability & Logic Flow - Paypal
    jcase - Exploit Development & Logic Flow - Paypal
    autoprime - Logic Flow & Development Support - Paypal
    PlayfulGod - UI Development - PayPal

    Tunes by azureflux - License: http://creativecommons.org/licenses/by-nc-sa/4.0/
    http://freemusicarchive.org/music/Azureflux/Mean_Machine/01_azureflux_-_wizard_house


    Known supported models & Firmware:
    See https://docs.google.com/spreadsheets/d/1hs0qlcGP80gl9wC0r9bs0AWMD-1D9iGgC9ulCG9roMs/edit#gid=0



    Usage:
    Install StumpRoot
    Run StumpRoot
    Reboot after app tells you to
    Install SuperSU APK from market
    Uninstall StumpRoot

    WARNING: This is a root exploit, it makes low level changes to your device. Use at your own risk! By using this app, you agree not to hold it's developers responsible for any damage. This tool should not cause data loss, but it is entirely possible something could bad happen. Backup your data!

    Downloads:
    Stump Root v1.2.0


    Change Log:
    v1.2.0
    Rewrote Bruteforcer, time reduced from typical 1-2hour to 1-2minutes
    Added support for older/other LG devices, like LG OG and LG GPad (all 2012-2014ish devices should be rootable with stump now)
    Added a lot of devices to known offset list

    v1.1.1
    Added Support for LG-F400L Build/KVT49L.F400L10k
    Added Support for LG-D851 Build/KVT49L.D85110c
    Added Support for LG-D855 Build/KVT49L.A1407214586
    Added Support for LG-D855 Build/KVT49L.A1406439589
    Added Support for LG-D855 Build/KVT49L.A1407214586
    Added Support for LG-D855 Build/KVT49L.A1405331481
    Added Support for LG-D858 Build/KVT49L.D85810a


    v1.1.0
    Spelling corrections
    Added Support for LG-D855 Build/KVT49L.A1407411578 (Some firmwares) - Yay whoever did this, first result from the bruteforcer!

    v1.0.2
    Added bruteforce mode for unsupported models
    Added Support for Flex D959 TMobile

    v1.0.1
    Added patch detection
    Added Support for D852 Bell 10B
    Added Support for D852 Rogers 10B
    Added Support for D852G Videotron 10C

    v1.0.0 - initial release
    Support for Sprint LG G3 release firmware
    Support for AT&T LG G3 release firmware
    Support for T-Mobile LG G3 release firmware
    Support for Verizon LG G3 release firmware



    FAQ:
    What is bruteforce mode?
    We need to know the right location to "attack", we hardcode it for models/firmwares we have encountered. When Stump hits a device it does not "know" it can bruteforce the location. This can take upwards of 2 hours, but once down (if the phone has an internet connect) it will report it to us, and future builds can include the location.

    It says my device is not supported, what do I do?
    Let us know what device and firmware it is running as a reply to this thread, and we will try to add it.

    Can I unroot, then reroot with Stump?
    Sorta, try and if it fails then you will need to restore stock firmware to regain root.

    What Superuser app should I use?
    The instructions say SuperSU, so probably SuperSU?

    What phones does is work on?
    Most LGs from mid 2012 to at least mid 2014

    Will it work on Moto G (XT1028) by bruteforce??
    See above
    Click to expand...
    Click to collapse
    View
    63
    thecubed
    thecubed
    It's up guys!

    Hats off to the team here, we went from an exploit concept to a fully functional root in under 3 days.
    Great job!

    Special thanks again to @justinswidebody for sending me a Sprint G3 so we could get this ball rolling.


    I should also add that this application is *ONLY* compatible with phones listed in the spreadsheet linked to in the OP.
    If you try this on anything other than what's listed, it will NOT work    .

    Also, if you unroot after rooting, you will need to flash your phone back to 100% stock in order to re-root. This is by design currently.
    This root only works on unmodified phones.
    View
    45
    autoprime
    autoprime
    ioroot and purpledrake is kewler!
    jk.. stump is the best LG root so far! has potential to support lots of devices.

    Picture below is for historic documentation. The YouTube video is the song playing in Stump app.

    8rnq9MC.png
    Stump-v1.0.0.apk
    View
    21
    jcase
    jcase
    I was always told to keep my mouth shut if i didn't know what I was talking about. I don't always do it, but I try. Sometimes it saves me from looking foolish.

    Its a root exploit, it gains root without needing a su binary. IT CAN ADD PERMISSIONS AT RUN TIME, AND DO THINGS ABOVE AND BEYOND ANY STANDARD ANDROID API.

    This goes for anything running as root. Its root, it needs no freaking permissions, it was a courtesy of being upfront and open by adding them into the manifest. Anyone freaking out about permissions a root app uses, doesn't even know in the slightest what they are talking about. Sure it could be doing something bad, but if i was hiding something bad, why would I declare the permissions when I don't need to?

    Would you rather me build it with no permissions, and then add them at run time without letting you know? I mean, its an app that can gain root without su/superuser, and thats only like an extra 10 lines of code to add all those permissions at run time, without you ever knowing. I could be disabling signature checks to trustzone, and installing a rootkitted trustzone, I could be spying on you at a level far below and out of reach of Android. You might want to burn that phone, cause I mean I'm American, and a hacker. Americans == NSA, hacker == spy.

    If you want to hint that im being suspicious or doing something bad, put it on the table, show me and tell me what I'm doing, other wise you are the suspicious one. Either you have no idea what you are talking about, or you are trying to smear me. So which is it?


    Enddo said:
    Don't get me wrong. I'm not saying the work they did is any less appreciated. That entire team has done a lot to advance community development for the LG G3 and I appreciate that immensely. No matter how much I appreciate it though, that doesn't make it ok to avoid answering questions like the ones that were presented.

    If the reasons are to protect the ip address of their server then that should be explained. If there are reasons why they need access to Google now(which I assume gives them access to search queries) then that should be explained. Even if it is done vaguely to protect their closed source information

    I'm not saying that I demand they remove these permission and I'm not saying that they should give all their secrets away. I just think the way that question was answered is very, very suspicious.
    Click to expand...
    Click to collapse

    mickfitz said:
    I've since deleted this app. Thank you.
    Unsubscribed.

    Sent from my LG-D858
    Click to expand...
    Click to collapse

    hijax2001 said:
    Some oddities with this apk:

    * Wants permission to pass queries to Maluuba (https://play.google.com/store/apps/d....android&hl=en)
    * Wants to manage IPsec connections - why would a root app need to establish a vpn connection?
    * Wants permission to Google Now Remote Access

    All of this seems fishy... so the app could remote into my phone via an encrypted VPN (so no trace of the source), and do whatever - including screen my search queries...

    I don't think so.
    Click to expand...
    Click to collapse
    View
    21
    jcase
    jcase
    cb3ck said:
    This reply is one of the biggest red flags I've ever seen that this apk is malicious.

    It's just how these things work? BS. If everything really was fine, with nothing fishy going on, why won't you reply to the straight question with a straight answer? Is it beneath you to provide a technical answer to the posed question?

    Clearly you are dodging here and unless you can give a clear answer to why the permissions are the way they are, I would steer very clear of this apk folks. As stated in the Verizon thread, this app has the potential to open a VPN with your device and query the search. That information has value in today's world.
    Click to expand...
    Click to collapse

    I never discussed why I added the permissions to iomoster/thecubed or anyone. I added them. ME ME ME ME ME. Not thecubed, not autoprime, not anyone. Me. I added them. Don't blame him, bring the bIame to me. I didn't discuss the reasoning behind it with anyone. It's none of your business, if you don't like it, dont use it. Why did I add them? Because I can, it consumes time trying to figure out why I added them (ie time of LG trying to fix it, extending how long stump lasts). The negative side effect, is that it brings out the conspiracy theories, and those that don't have a clue what they are talking about. If you want to smear me like this, I expect you to show me where this malicious code is.

    This kind of bull is why I hate working with the LG crowd. You people have pulled all the fun from these kinds of projects. I can't wait until Purple Drake and Stump are patched.

    Show me the potential for it to open a VPN and "query the search", it is all java, it disassembles and decompiles cleanly. Put it on the table. I wrote the damn code, I know damn well that code doesn't exist. At this point you are just smearing me and the others, probably jealous of the fact that some of us can do this kind of work, when you lake the skill set.

    Next LG exploit I write will be $25, no matter how simple it is, or how quick it is made. If I have to listen to people who have not one clue what they speak of, I should at least get paid enough to be drunk through it.


    Elvis is alive, its all a KGB conspiracy.
    View

New posts