I found something that I can use to root as the virtual machine start.... Anyway i need to reflash because i corrupted files ....
WP 10 - Android 4.4 inside
- Thread starter onecosmic
- Start date
uploaded the whole Android build for you guys here.
its the extracted install.wim
http://WindowsPhone.livedrive.com/item/fe46ba5412014b63b1101a8151d96db7
its the extracted install.wim
http://WindowsPhone.livedrive.com/item/fe46ba5412014b63b1101a8151d96db7
Last edited:
Ok, did anyone had any luck with GAPPS? As they're always redistributed as recovery zip, how about this tool?
http://forum.xda-developers.com/showthread.php?t=2250555
I will test that l8r today.
http://forum.xda-developers.com/showthread.php?t=2250555
I will test that l8r today.
Now I can restart adb as root BUT it kill itself and i lose the root permissions....
I tell you what I tried to do:
Modify default.prop > set userdebug and then, with that i can set adb root but when restarting is kill itself | Fail
Modify build.prop > set adb as root but it doesn't work | Fail
Modify init.rc > add script like chmod to set permission for binary like SU and BUSYBOX to get root access but it doesn't work (it's get replaced after restart the VM?) | Fail
^ Tried to modify init.hyperv.rc and init.usb.rc too.
Modify adbd > replace adbd binary with an insecure adbd (with that I can get root without commands ) but after making this, adbd stop work (after writing wconnect usb, adb seems the device as offline) | Fail
I attached a zipped script if you want to try yourself.
Modify default.prop > set userdebug and then, with that i can set adb root but when restarting is kill itself | Fail
Modify build.prop > set adb as root but it doesn't work | Fail
Modify init.rc > add script like chmod to set permission for binary like SU and BUSYBOX to get root access but it doesn't work (it's get replaced after restart the VM?) | Fail
^ Tried to modify init.hyperv.rc and init.usb.rc too.
Modify adbd > replace adbd binary with an insecure adbd (with that I can get root without commands ) but after making this, adbd stop work (after writing wconnect usb, adb seems the device as offline) | Fail
I attached a zipped script if you want to try yourself.
Guys, the android build inside W10 is using SELinux, is a secure distribution and it's not so easy to modify or change permissions, if you want to try to hack into it, i'll recommend to go and give a quick read here to start:
https://fedoraproject.org/wiki/SELinux/Understanding
Also i update the first post each time i found something interesting, just look for the EDIT: red labels
Cheers!
https://fedoraproject.org/wiki/SELinux/Understanding
Also i update the first post each time i found something interesting, just look for the EDIT: red labels
Cheers!
So, let's sum up: this is SELinux Android running in Hyper-V.Guys, the android build inside W10 is using SELinux, is a secure distribution and it's not so easy to modify or change permissions, if you want to try to hack into it, i'll recommend to go and give a quick read here to start:
https://fedoraproject.org/wiki/SELinux/Understanding
Also i update the first post each time i found something interesting, just look for the EDIT: red labels
Cheers!
What if we just take part of the files that are neccessary on WP, do an AOSP build with WP stuff,
pack it as a system for HyperV, replace the VM on WP and then just run it?
So far i've not yet looked at the virtualization side of this, i'm not sure if it looks for a particular OS/configuration or just run, let's say like hyper-v, with a config file.
Also there is like i mentioned before, a MS compiled kernel which run's the android subsystem and we need to see what modification it has, it's not an easy job(i seriously doubt ms left at least the config files inside).
Everything could be tested, any suggestions are welcome, however as i mentioned, is not going to be an easy task (not an impossible one either), at least until we get a full unlock for the phone.
Cheers!
Seems that there's no kernel here. Also no kernel modules, firmwares, so something is missing.
Sadly for now I don't own WP to look for this files (I bet that somewhere you'll find kernel and initrd, please upload it if it happen)
look at my download link , i also uploaded the .cab file where the .wim is stored.
It could be the kernel modules and firmware are already on the phone when you update the phone to the latest win10mobile build.
Last edited:
Yeah, but where are they? I cannot find the kernel anywhere on the C:\.
Kernel (or kind of kernel) sits in LXCore.sys in system32/drivers. You can unpack it a bit by 7zip.
Interesting files are PAGE (384KB) where you can find kernel info string, and .rdata, where you can find plaintext like, well...
Interesting files are PAGE (384KB) where you can find kernel info string, and .rdata, where you can find plaintext like, well...
Code:
Name: State: Tgid: Pid: PPid: TracerPid: 0
Uid: Gid: FDSize: Groups:
VmPeak: 0 kB
VmSize: 0 kB
VmLck: 0 kB
VmHWM: 0 kB
VmRSS: 0 kB
VmData: 0 kB
VmStk: 0 kB
VmExe: 0 kB
VmLib: 0 kB
VmPTE: 0 kB
Threads: SigQ: 0/0
SigPnd: 0000000000000000
ShdPnd: 0000000000000000
SigBlk: 0000000000000000
SigIgn: 0000000000000000
SigCgt: 0000000000000000
CapInh: CapPrm: CapEff: CapBnd: Cpus_allowed: 00000001
Cpus_allowed_list: 0
Mems_allowed: 1
Mems_allowed_list: 0
voluntary_ctxt_switches: 150
nonvoluntary_ctxt_switches: 545
R S D Z T t X R (running)
S (sleeping)
D (waiting)
Z (zombie)
T (stopped)
t (tracing)
X (dead)
k e r n e l d e v f s s u n r p c v m ŘŘ mA 0đ čŘ đŘ 4Ě řŘ Ů ÷ éö rootfs / rootfs ro, relatime 0 0
tmpfs / dev tmpfs rw, seclabel, nosuid, relatime, mode = 755 0 0
devpts / dev / pts devpts rw, seclabel, relatime, mode = 600 0 0
proc / proc proc rw, relatime 0 0
sysfs / sys sysfs rw, seclabel, relatime 0 0
selinuxfs / sys / fs / selinux selinuxfs rw, relatime 0 0
tmpfs / mnt / secure tmpfs rw, seclabel, relatime, mode = 700 0 0
tmpfs / mnt / asec tmpfs rw, seclabel, relatime, mode = 755, gid = 1000 0 0
tmpfs / mnt / obb tmpfs rw, seclabel, relatime, mode = 755, gid = 1000 0 0
/ dev / block / mtdblock0 / system yaffs2 ro, seclabel, nosuid, nodev, relatime 0 0
/ dev / block / mtdblock1 / data yaffs2 rw, seclabel, nosuid, nodev, relatime 0 0
/ dev / block / mtdblock2 / cache yaffs2 rw, seclabel, nosuid, nodev, relatime 0 0
/ dev / block / vold / 179:0 / storage / sdcard vfat rw, dirsync, nosuid, nodev, noexec, relatime, uid = 1000, gid = 1015, fmask = 0702, dmask = 0702, allow_utime = 0020, codepage = cp437, iocharset = iso8859 - 1, shortname = mixed, utf8, errors = remount - ro 0 0
tmpfs / storage / sdcard / .android_secure tmpfs ro, seclabel, relatime, size = 0k, mode = 000 0 0
0
Limit Soft Limit Hard Limit Units
Max cpu time unlimited unlimited seconds
Max file size unlimited unlimited bytes
Max data size unlimited unlimited bytes
Max stack size 8388608 unlimited bytes
Max core file size 0 unlimited bytes
Max resident set unlimited unlimited bytes
Max processes 8041 8041 processes
Max open files 1024 4096 files
Max locked memory 65536 65536 bytes
Max address space unlimited unlimited bytes
Max file locks unlimited unlimited locks
Max pending signals 8041 8041 signals
Max msgqueue size 819200 819200 bytes
Max nice priority 40 40
Max realtime priority 0 0
Max realtime timeout unlimited unlimited us
ifname total_skb_rx_bytes total_skb_rx_packets total_skb_tx_bytes total_skb_tx_packets rx_tcp_bytes rx_tcp_packets rx_udp_bytes rx_udp_packets rx_other_bytes rx_other_packets tx_tcp_bytes tx_tcp_packets tx_udp_bytes tx_udp_packets tx_other_bytes tx_other_packets
eth0 148226380 1359007 920689 10046 1392783 4495 144857101 1324402 1976496 30110 552909 4689 41450 658 326330 4699
lo 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
idx iface acct_tag_hex uid_tag_int cnt_set rx_bytes rx_packets tx_bytes tx_packets rx_tcp_bytes rx_tcp_packets rx_udp_bytes rx_udp_packets rx_other_bytes rx_other_packets tx_tcp_bytes tx_tcp_packets tx_udp_bytes tx_udp_packets tx_other_bytes tx_other_packets
2 eth0 0x0 0 0 138045410 1257998 367460 5360 668 11 136068030 1227874 1976712 30113 728 12 40442 650 326290 4698
3 eth0 0x0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
4 eth0 0x0 1000 0 1028 11 1119 12 356 4 672 7 0 0 447 5 672 7 0 0
5 eth0 0x0 1000 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
6 eth0 0x0 1014 0 343 1 504 4 0 0 343 1 0 0 0 0 336 1 168 3
7 eth0 0x0 1014 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
8 eth0 0x0 10014 0 1385384 4466 548982 4651 1385384 4466 0 0 0 0 548982 4651 0 0 0 0
9 eth0 0x0 10014 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
10 eth0 0x0 10019 0 1714 6 1284 10 1714 6 0 0 0 0 1284 10 0 0 0 0
11 eth0 0x0 10019 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
12 eth0 0x0 10034 0 4661 8 1468 11 4661 8 0 0 0 0 1468 11 0 0 0 0
13 eth0 0x0 10034 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
Linux
eth0 1 0 0 0 0 436309364 5841977 1075633 10379
lo 1 0 0 0 0 0 0 0 0
3.4.0-Microsoft
initrd=/initrd.img root=/dev/ram0 rw androidboot.hardware=hyperv console=tty0 console=ttyS0 video=hyperv_fb:1024x768 BOOT_IMAGE=/kernel Linux version 3.4.0-Microsoft ([email protected]) (gcc version 4.7 (GCC) ) #1 SMP PREEMPT Wed Dec 31 14:42:53 PST 2014
MemTotal: 1031052 kB
MemFree: 680736 kB
Buffers : 34032 kB
Cached : 188576 kB
SwapCached : 0 kB
Active : 167556 kB
Inactive : 157876 kB
Active(anon) : 103104 kB
Inactive(anon) : 17440 kB
Active(file) : 64452 kB
Inactive(file) : 140436 kB
Unevictable : 0 kB
Mlocked : 0 kB
HighTotal : 139208 kB
HighFree : 272 kB
LowTotal : 891844 kB
LowFree : 680464 kB
SwapTotal : 0 kB
SwapFree : 0 kB
Dirty : 0 kB
Writeback : 0 kB
AnonPages : 102824 kB
Mapped : 71404 kB
Shmem : 17720 kB
Slab : 13868 kB
SReclaimable : 6744 kB
SUnreclaim : 7124 kB
KernelStack : 2848 kB
PageTables : 2524 kB
NFS_Unstable : 0 kB
Bounce : 0 kB
WritebackTmp : 0 kB
CommitLimit : 515524 kB
Committed_AS : 3450064 kB
VmallocTotal : 122880 kB
VmallocUsed : 21296 kB
VmallocChunk : 66044 kB
DirectMap4k : 12280 kB
DirectMap4M : 897024 kB
nodev sysfs
nodev rootfs
nodev bdev
nodev proc
nodev tmpfs
nodev binfmt_misc
nodev debugfs
nodev sockfs
nodev usbfs
nodev pipefs
nodev anon_inodefs
nodev devpts
ext3
ext2
ext4
nodev ramfs
nodev hugetlbfs
vfat
msdos
iso9660
fuseblk
nodev fuse
nodev fusectl
yaffs
yaffs2
nodev mqueueFor me hardcoded /proc/cpuinfo does not sound exactly like linux kernel.
Even if source is available, it's still built into windows driver that has to be signed by MS to run on device.
Even if source is available, it's still built into windows driver that has to be signed by MS to run on device.
They emulate linux kernel? I think it hard, same as rewrite most of kernlel. Or make android HAL for WinMobile kernel, but why Heper-V?
So far i've been seen some weird stuff, i doubt MS take the path of emulating a kernel, not impossible but don't seems like the best option.
I think the easyest way is to use virtualization, hyper-v in this case, but i can be horribly wrong, unfortunatelly i have to work with limited access until a unlock finally appear for lumia phones; @djamol has archived the unlock, but it won't be public until a w10 full stable rom is available.
I'm dowloading now the leaked 10240 rom to unpack it and have a better look.
Virtualization is easy way. If MS make Hyper-V for arm, we will have to see hyper-v guest support in linux same as x86:
https://github.com/torvalds/linux/commit/a2a47c6c3d1a7c01da4464b3b7be93b924f874c1
https://github.com/torvalds/linux/commit/a2a47c6c3d1a7c01da4464b3b7be93b924f874c1
I wonder if we can make Astoria to work on non-supported devices if we put aow.wim on C:\Windows\System32\aow\
Sent from Ponyville
Sent from Ponyville