• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

Rooted NK2 AT&T t337a w/ Tutorial

Search This thread
M

moonbutt74

Guest
Just had a had a thought, maybe we could tweak a twrp version for say the t-mobile version and try to code safestrap into that and make it boot on our t337a? Recently had the need for a recovery and I want to help get it working! Do you think there is any chance with the one linked here?: http://forum.xda-developers.com/tab-4/general/sm-t235-lte-rooted-twrp-2-8-alpha1-sm-t3027059

C,

hi, i am basically at a dead end with the 337a and safestrap, what the community need is for some who isn't a total asswit like me :silly:
to unlock the bootloader.

I had also tried to negotiate the LK QCOM bootloader exploit but can't seem to figure out how to get the modus to generate the signing key.
@pre4speed hooked me up with a dump of the bootloader but i could not locate the private key which means it's not in the bootloader or
it means i'm an asswit :silly:
@vortox 's thread on the subject is here http://forum.xda-developers.com/kin...ol-signing-tool-pre-3-2-4-booloaders-t2992435 and as he points out and the rest of us know samsung has a real hard-on for dry fisting it's customers.

m
 

vortox

Senior Member
Jan 20, 2012
50
132
@vortox 's thread on the subject is here http://forum.xda-developers.com/kin...ol-signing-tool-pre-3-2-4-booloaders-t2992435 and as he points out and the rest of us know samsung has a real hard-on for dry fisting it's customers.

The modulus shouldn't matter in most cases. It's just an upper bound for the generated sigature. To use my tool for the exploit it's more important to understand the format of the signature. The samsung ones i've seen are different for the reference implementation.

That's the reason I'm no longer buying Samsung phones ;)
 
M

moonbutt74

Guest
The modulus shouldn't matter in most cases. It's just an upper bound for the generated sigature. To use my tool for the exploit it's more important to understand the format of the signature. The samsung ones i've seen are different for the reference implementation.

That's the reason I'm no longer buying Samsung phones ;)

I hear you on that, but they're in my price range and fairly solid, being a clutz, i beat the hell out of these things and they just keep going !
I would love to go Nexus but not having external storage/expansion is inexcusable, all that duplicitous corporate philosophical crap can blow bubbles. :silly:

A quick question, would using the entry in the public key as modulus work?
 
Last edited:

vortox

Senior Member
Jan 20, 2012
50
132
A quick question, would using the entry in the public key as modulus work?

No. As I said it's necessary to understand the format of the signature.
In the reference implementation the signature is is simply 256 bytes long and PKCS#1 v1.5 padded.
On this device however it's this way:
  • First some 32 byte magic number
    Code:
     SEANDROIDENFORCE
  • then 256 bytes, maybe the encrypted signature (?)
  • and at the end 224 bytes that look a PKCS#1 v1.5 padded decrypted signature
This makes 512 bytes and is incompatible with my tool!
 
  • Like
Reactions: pre4speed

pre4speed

Senior Member
Apr 17, 2011
2,735
764
lancaster
Samsung Galaxy S21 Ultra
If the way things are done on the Note 3 and the S5 are the same as this method, you should be able to flash the new kernel AFTER you have rooted then be ready for the next OTA that drops. I ended up freezing anything OTA related after rooting so I'm not forced into an unrootable update. But actually, I'm not even sure I'll get the updates because I'm prepaid AT&T service.
 

ericyao

Member
Oct 20, 2011
20
0
I followed your steps. After trying to install towel root.apk, it tells me App not installed, although I checked Google's warning and chose Install Anyway. Then I got a Security Notice popped up, saying "Unauthorized actions have been detected. Restart your tablet to undo any unauthorized changes". Any ideas?
 
Jul 19, 2014
2,585
1,884
Chicopee
I followed your steps. After trying to install towel root.apk, it tells me App not installed, although I checked Google's warning and chose Install Anyway. Then I got a Security Notice popped up, saying "Unauthorized actions have been detected. Restart your tablet to undo any unauthorized changes". Any ideas?

In Settings > Security, check the Unknown Sources box (Allow installation of apps from sources other than the Play Store) and uncheck the Verify Apps box (Block or warn before installing apps that may cause harm). Make sure you're not getting automatic security updates. If your tablet comes pre-installed with any sort of security/anti-virus app (e.g. my Samsung AT&T phone came with an app called Lookout before I could get rid of it) go to Settings > Application manager > All and select whatever security app there is and force stop it.
 

ericyao

Member
Oct 20, 2011
20
0
Thanks for the help. I did the Security Settings as you said before installing towel root. It turns out I downloaded a wrong apk. After installing the correct towel root, my Tab 4 is rooted now. But the Security Notice keeps popping up from time to time on the top. I couldn't find any security app installed. There are several security related apps or process in the Application Manager. I will just leave the warning there for now.
 
Jul 19, 2014
2,585
1,884
Chicopee
Thanks for the help. I did the Security Settings as you said before installing towel root. It turns out I downloaded a wrong apk. After installing the correct towel root, my Tab 4 is rooted now. But the Security Notice keeps popping up from time to time on the top. I couldn't find any security app installed. There are several security related apps or process in the Application Manager. I will just leave the warning there for now.

You can freeze or uninstall them with Titanium Backup if you know the name(s) of the app(s) or process(es) responsible
 

greenturtles

New member
Feb 24, 2015
1
0
This worked for me but I did have some unexpected results along the way. FYI, I bought the T337A on Feb 15 2015, and it had NF4 with build date of Nov 10 2014. When the NK4 ota update was applied (darn it, I tried to stop it!), it changed to NK2, and kept the same build date. I followed this tutorial and it only changed the build date, to June 10 2014, and it did not change the build no or baseband no, which is still NK2. I figured the build date change to June 10 2014 was the important thing as some other users have reported that towelroot won't work on builds after June 2014.

Once I finished the tutorial, I started getting popup messages that "unauthorized actions have taken place". Oh my. But I proceeded to install towelroot anyway. It took a few tries over the course of an hour or so for it to work. I'm not sure why. Every time I clicked on the "make it ra1n" button in towelroot, it said successful, but when I tried to enable "root explorer" in ES FileExplorer, it would enable for 10 seconds or so, then say, "test access failed, you are not rooted". Root Checker also said I was not rooted. I rebooted a few times, tried Towelroot a few times, and eventually, ES FileExplorer was able to enable root explorer, and root checker also had success.

Once rooted, I installed SuperSU (and selected option to disable KNOX) so that other apps cannot take advantage of my root access and also to stop those security check warnings, probably caused by KNOX (developer says it does not trip KNOX, however I don't know how to verify that). Then I froze some apps related to ota updates with Titanium Backup Pro, renamed a file, and changed permissions on a folder...So hopefully I've nailed the ota updates down.

This is my first android device and my first time trying anything like this! Thanks for posting!

Frozen apps in Titanium Backup Pro:
Att software upgrade
FWUpgrade
Local FOTA
wssyncmlnps

Renamed file:
/etc/security/otacerts.zip to otacerts.zip.bak

Unchecked all permissions boxes for folder:
data/fota
 

pre4speed

Senior Member
Apr 17, 2011
2,735
764
lancaster
Samsung Galaxy S21 Ultra
We should start a thread and try to gather everything we know. I would love to have a custom rom for my tab 4, stock is so slow... Will do anything I can to help get this working.
@moonbutt was trying already but he struck out. However, there is a new tool called FlashFire from the dev of SuperSU that works for the AT&T S5 locked bootloader that *may* be worth checking out. I am NOT a dev, so I can't elaborate on it. If someone with that talent wants to check it out, maybe we can have something for our Tab4.
 

Top Liked Posts

  • There are no posts matching your filters.
  • 20
    ******UPDATE FIX YOUR T337A WITH LOLIPOP FRIMWARE FILE******* I do not take credit for this file at all, all credit goes to MichaelSaya. Here is a direct quote from him "Here is the link to my Google drive with the Official Lollipop Firmware for the AT&T TAB 4, SM-T-337-A https://mega.nz/#!0Q4AXQgZ!Df-pTUo6eA80kGTrzpYCAJ0ilGbUzMYCE4nRtvume6s Place in AP slot in Odin and flash. Be aware that many have been bricked. Only root with Kingroot and when you reboot, you will lose root. Simply re-root with Kingroot and you will be fine. DO NOT REPLACE KINGROOT WITH SUPERSU!!!!! YOU WILL BRICK!!!!! But we have the firmware now so we can now play around knowing that if we mess something up, we can fix it."


    I found a way to re-root the t337a with the latest OTA NK2. Not sure if I was the only one in this boat or whatever but I got bored and started experiment. First thing i did was Flash the older NF4 kernel with ODIN. Put this in the PDA slot and flash! It was successful, I downloaded Towel root, and bam! Root working again ! :) Cheers!

    Tutorial:

    1. Get the latest drivers to make sure everything goes smooth http://org.downloadcenter.samsung.c...NG_USB_Driver_for_Mobile_Phones_v1.5.45.0.exe
    2. Get Odin if you don't have it yet: http://forum.xda-developers.com/attachment.php?attachmentid=1168421
    3. Download the NF4 kernel from the attachment below
    4. Go into Odin.
    5. Click on PDA, search for the file you downloaded boot.tar and select it. Pic: http://i.imgur.com/XrqVPLZ.png
    6. Now, put your tablet into download mode! If you don't know how to enter download mode go here: https://www.youtube.com/watch?v=dDE1oB2-nYw its the s5 but same concept.
    7. Plug in your tablet and it should say something like this in message window in odin: http://i.imgur.com/uWFc4YX.png
    8. Now, hit start. Let the process run. If all goes well it should say RESET! I dont know what happened to this pic lol http://i.imgur.com/AbH5qW7.png but hopefully you get the point.
    9. Give the tablet a few minutes to boot. Keep it plugged in until you see PASS! http://i.imgur.com/eTuHDUl.png
    10. Go get towel root. Run it. And BAM! You are rooted again :)



    *** WARNING *** This doesn't work with the lolipop update. I have tried to downgrade my tablet and it did softbrick it. Do not try to downgrade your tablet/try this method if you are running lolipop 5.1.1. This only works on kitkat. HOWEVER. I have the lolipop boot.tar. Use the instructions above to unbrick your tablet (This will not give you root access. I'm going to look at it and see if I can figure something out to get root access). I have not tested this myself because mine is at a friends house BUT this should work. Cheers
    2
    Do you need the 5.1.1 boot.img or the kitkat one?

    Here is a link to the 5.1.1 OTA .cfg file. Change the extension to .zip and you can open it as an archive.
    2
    I found more info regarding flashfire. Here's what someone tested

    - Will run on Android v4.x.x/5.0.x.<br />
    - Will not trip your Knox Warranty Flag.<br />
    - Will flash ROM's (use "flash .zip or ota" option).<br />
    - No AROMA installer ROM's.<br />
    - <font color="Red">Caution!</font> FF flashes to the boot partition, i.e. flashing custom kernels will result in soft brick!<br />
    - You can drop a Full Odin .tar or .zip file containing the raw images onto your device and it will flash system, kernel, cache, and recovery (will not flash modem, non-hlos, or bootloader) (use "flash firmware package" option).<br />
    - You can flash the remaining partitions via a .zip at the same time or via your PC using Odin.<br />
    - Flashes .tars with unsigned images, e.g. system.img.ext4, modem.bin. (use "flash firmware package" option).<br />
    - You can also flash individual (un-.tar'd) images, e.g. recovery.img, boot.img.<br />
    - Flashes .zip files, e.g. mod's, SuperSu Update.zips, etc (use "flash .zip or ota" option).<br />
    - Makes Backups of and Restores all partitions.<br />
    - Wipes partitions.<br />
    - Injects Root.<br />
    <br />


    -DUHA
    2
    anyone know how to unroot so I can return back to store

    need the stock firmware T337A
    4.4.2

    http://forum.xda-developers.com/showthread.php?t=3013128

    That thread has the firmware, and I have a copy. Problem is that you can't flash KK over LL. If you find a way, let me know.
    2
    No and there never will be unless we get a safestrap type recovery for it.

    We should start a thread and try to gather everything we know. I would love to have a custom rom for my tab 4, stock is so slow... Will do anything I can to help get this working.