• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

[Verizon] Galaxy Nexus root / un-root without unlocking bootloader

scary alien

not really so scary
Mar 5, 2010
22,305
23,781
Indy
.
Introducing the Samsung Galaxy Nexus root / un-root without needing to unlock your bootloader. Yep! ;) :p :D

Note: it appears that this will only work for GNex phones running Android ICS 4.0.2--the exploit that this method utilizes does not seem to work for 4.0.4; if you use this method to gain root in 4.0.2 and wish to retain it later in 4.0.4, be sure to use a utility like my app Android Root Toolkit or OTA RootKeeper to save root in 4.0.2 so that you don't lose it when you install the 4.0.4 OTA.

I've now updated this with un-root options and support for Linux (32-bit installs) and Mac/OSX.

Download for the simple-gnex-root-unroot.zip package is located at the bottom of this post.

How to use:
1. Download simple-gnex-root-unroot.zip to your PC

2. Extract the contents of the above .zip file to a working folder on your PC

3. Start-up a command (Windows) or Terminal (Linux or Mac/OSX) session

4. Change to (cd) to folder (directory) location where you've extracted the simple-gnex-root-unroot.zip file's contents

5. For Windows PCs, make sure you have the proper USB adb drivers installed:

.....How to install the adb & fastboot USB drivers

6. Make sure you have USB debugging enabled on your device:

.....Settings -> Developer options -> USB debugging (checked)

7. Connect your phone to your PC via the USB cable

8. Run the desired script:


  • Windows:

    to root:

    Code:
    [COLOR="blue"][B]c:\temp> root-for-windows.bat[/B][/COLOR]

    to un-root:

    Code:
    [COLOR="blue"][B]c:\temp> unroot-for-windows.bat[/B][/COLOR]

  • Linux (32-bit installs):

    note: there's a sudo invocation for the first adb command in the shell script; this will cause you to be prompted for entry of your administrator / root password (this is so that the adb daemon is started-up with the proper privileges to work on your Linux system)

    to root or unroot (you'll be prompted to select option):

    Code:
    [B][COLOR="Blue"]. ./root-unroot-for-linux.sh[/COLOR][/B]

  • Mac (OSX):

    note: there's a sudo invocation for the first adb command in the shell script; this will cause you to be prompted for entry of your administrator / root password (this is so that the adb daemon is started-up with the proper privileges to work on your Linux system); I'm not sure if this is necessary for the Mac/OSX system, so you might need to remove it from the script if needed

    to root or unroot (you'll be prompted to select option):

    Code:
    [B][COLOR="Blue"]. ./root-unroot-for-mac-osx.sh[/COLOR][/B]
Notes:
  1. this root exploit should work on any Linux kernel 2.6.39 and above; this means that it should currently work on both the GSM and the VZW LTE variants of the Samsung Galaxy Nexus (and indeed, several other devices running this Linux kernel; the key to using the exploit lies in using different hex values corresponding to the offset of the exit() function)

  2. this current root package I have assembled for you has been tested on a VZW (LTE/CDMA) Samsung Galaxy Nexus running Android 4.0.2 using both a Windows 7 and Linux 10.x PC; I believe that it should work on a Mac/OSX system, but I am unable to test that at this time

  3. it appears that the adb-linux binary included with this root package only works on 32-bit installs of Linux; I and another member were unable to get the adb binary to execute properly on a 64-bit install of Ubuntu 11.10 (it worked just fine on the 32-bit version)

  4. since this rooting package / method doesn't require you to unlock your bootloader, you don't have to risk that operation and its warranty implications; additionally, you could use an application like Titanium Backup to save your applications and their data/setup for easier recovery and re-setup later

  5. note that this rooting method does not allow you to install a custom recovery and therefore you will be unable to make a Nandroid backup, or install a custom ROM or theme or kernel--you would still need to unlock your bootloader to do these things

  6. you should also take all due precautions and care when undertaking any modifications to your phone (especially system-related apps) without having the protection of a custom recovery and a Nandroid backup; you always have the fall-back option of unlocking your bootloader and restoring back to stock, too: How to un-root (return to stock)

  7. if you use this rooting method on 4.0.2 as a stepping-stone towards manually installing the 4.0.4 OTA, you might want to think about using an app like OTA RootKeeper to preserve root and have the option to restore it once you are on 4.0.4 (currently, this rooting exploit does not appear to work on ICS 4.0.4)
Credits / references:
Original thread content:
Okay, I did a little searching and haven't seen that anyone else has yet posted something like this (apologies if they have), but I was reading around this afternoon and discovered a couple of cool things that allows you to install the root binaries without unlocking your bootloader.

Yes...you heard right: root the Samsung Galaxy Nexus without unlocking the bootloader ;) :).

I just did this process manually myself and it works great.

Note: this does involve using adb and assumes that you've already got the proper USB adb drivers installed (although these are usually less finicky than the fastboot drivers (not an issue for Mac or Linux users, though)).

Okay, here's the details of what I did:
  • re-flashed my device back to stock 4.0.2 and re-locked the bootloader

  • used adb to push the exploit and root binaries over to /data/local:

    c:\gnex\root-exp> adb push mempodroid /data/local/mempodroid
    c:\gnex\root-exp> adb push su /data/local/su
    c:\gnex\root-exp> adb push Superuser.apk /data/local/Superuser.apk
    c:\gnex\root-exp> adb shell chmod 777 /data/local/mempodroid
  • the remaining operations take place using adb:

    c:\gnex\root-exp> adb shell
    -
    - navigate to where the my files are:
    -
    $ cd /data/local
    -
    - remount /system as read-write using the exploit binary:
    -
    $ ./mempodroid 0xd7f4 0xad4b mount -o remount,rw '' /system
    -
    - verify /system now mounted as r/w (other mount info redacted):
    -
    $ mount
    /dev/block/platform/omap/omap_hsmmc.0/by-name/system /system ext4 rw,relatime,barrier=1,data=ordered 0 0
    -
    - use the exploit binary to start-up root shell (could've done this earlier, too):
    -
    $ ./mempodroid 0xd7f4 0xad4b sh
    -
    - navigate back to /data/local (probably could have done "sh -"):
    -
    # cd /data/local
    -
    - install and secure the root binaries:
    -
    # cat su > /system/bin/su
    # cat Superuser.apk > /system/app/Superuser.apk
    # chmod 6755 /system/bin/su
    -
    - that's it...root has been installed! :)
    -
    # exit
    $ exit
    c:\gnex\root-exp>

Next, I just downloaded and launched Titanium Backup to verify that my apps have root (I also did another "adb shell" and then "su" to test root that way, too). Works great.
MS/Windows-compatible script available at the end of this post.

Here's what it looks like when you run it:
Code:
ECHO is off.
# ==========================================================================
# Samsung Galaxy Nexus Simple Root by AndroidForums "scary alien"
#
# Written for and tested on Samsung Galaxy Nexus running stock Android 4.0.2
#
# This script will install the root binaries (su, busybox, Superuser.apk) on
# an unrooted GNex without needing to unlock the bootloader
#
# For additional details, credits, etc., please visit:
#
# [url]http://androidforums.com/verizon-galaxy-nexus-all-things-root/499117-root-gnex-without-unlocking-bootloader-yep.html[/url]
#
# Instructions:
#
# 1) Make sure you have the adb USB device drivers installed
#
# 2) Make sure you have USB debugging enabled on your phone
#
# 3) Connect your phone and computer via your USB cable
#
# 4) Run this script from the same directory where the rest of the
#    files from the extracted .zip file are located
#
# ==========================================================================
#
The system cannot find the file specified.
Press any key to continue . . .
[-] waiting for adb USB connectivity to your device
#
[-] connectivity established! here we go! :)
#
[-] pushing our binaries and scripts over to the phone...
1915 KB/s (37273 bytes in 0.019s)
1985 KB/s (22364 bytes in 0.011s)
3327 KB/s (1867568 bytes in 0.548s)
3324 KB/s (843503 bytes in 0.247s)
60 KB/s (124 bytes in 0.002s)
169 KB/s (520 bytes in 0.003s)
#
[-] securing work files...
#
[-] rooting the phone...
 [-] running the exploit script...
  [-] remounting /system
  [-] installing root binaries
   [-] installing su
   [-] installing Superuser.apk
   [-] installing busybox
 [-] exploit completed, root installed
#
[-] cleaning-up /data/local...
#
# Congratulations, your GNex has just been rooted :)
#
# Use your new root powers carefully and wisely.
#
# --- all done ---
Press any key to continue . . .
Hope you found this interesting.

Cheers and let me know if you have any questions.

-SA


Notes / Cautions:

- this works for the Samsung Galaxy Nexus running Android 4.0.2 and should work for both the GSM/HSPA+ and the VZW LTE/CDMA version of the phone; I also suspect that it will work for 4.0.1 but I haven't test that (yet)

- rooting your device without unlocking your bootloader will basically only let you run root apps; you won't be able to install (or run) a custom recovery, a custom ROM / theme / kernel, etc.

- since you can't install a custom recovery, you won't be able to make a Nandroid backup to put yourself back to a safe, known setup, so keep this in mind when doing any root-related operations (such as using SetCPU for underclocking, or making any system tweaks that can only be done with root) [although you'll always be able to unlock your bootloader and How to un-root (return to stock) the old-fashioned way].
simple-gnex-root-unroot.zip:

.....File size: ..........946,051 (bytes)
.....MD5 checksum: d562b501a37a7fbb7e4174c335f5c881
.....Download: ........View attachment simple-gnex-root-unroot.zip


Example rooting session outputs:

.....View attachment windows-root-example.txt
.....View attachment windows-unroot-example.txt
.....View attachment linux-root-example.txt
.....View attachment linux-unroot-example.txt

Kudos and props to onfire4g05 for the tweaked version of the shell script for the Mac/OSX system! Thank you!!!
 
Have any Mac commands?

Well, this really isn't Windows or Mac specific...its mostly adb-specific. So, if you know and are familiar with adb, its fairly straight-forward.

There's a ADB Guide that contains a "Mini-SDK" section with a downloadable sdk-tools.zip file that contains an "adb-mac" file that you can use in place of the "adb" referenced above.

Also, I think I could script this...it should be possible to do this, but I've just finished playing-around with this myself (need a few minutes to finish some other stuff up ;) :)).

Lemme know if you have other questions :).

Cheers!

edit: you ninja'd me with your edits, LOL....yes, you basically start-up a terminal session and prefix your "adb" (or adb-mac) references with "./" (as in "./adb devices", etc.).
 
Upvote 0
Would this allow you to place the 4.0.4 OTA in the cache folder and install the OTA without unlocking?

I suppose so...

Since you'll be gaining basic root ability (su / Superuser.apk, etc. (busybox installation is easy, too), you'd be able to place the file in the /cache partition.

Its been a while since I've done this (did it once on my Eris a long while back).

Also, the way the exploit works, you wouldn't even have to root to do this...you could just tweak the process and use the exploit binary to start a temporary rooted shell to accomplish your copies (no need to insert the su and Superuser binaries).

By the way, I'm working on making this into a script...still testing and playing.

Cheers!
 
  • Like
Reactions: Paul1201
Upvote 0
Total noob on this also but it is my understanding that unlocking the bootloader is the step that wipes your data from the phone. Also unlike the OG Droid where you could just rename the OTA update.zip and load the OTA early, the GNex requires the file to be loaded into the cache partition which requires root. Using the method discussed by scary alien those who wish to remain stock but have the update early may be able finally accomplish it without having their phones data wiped.

Of course the other advantage is that if you can gain root first you can download Titanium Backup and backup your phone prior to unlocking the bootloader. There is a way to backup using ADB commands but I think Titanium may be easier to restore your data on your phone.
 
  • Like
Reactions: jmar
Upvote 0
The biggest reason for unlocking your bootloader is the ability to flash new files such as a custom recovery (and thereby custom ROMs / themes / kernels), as well as being able to flash back to stock / factory images.

While I've not been a big fan of simple one-click root packages (because it makes rooting too easy for some and sometimes get people into trouble), this method falls in line to make rooting the Galaxy Nexus similar to other phones in that a particular exploit will give root access without having to have an unlocked bootloader.

I did more testing last night and have a simple script that one could run from your PC that will install root, but I've got a little polishing I need to do on it before posting.

Additionally, I believe I can make an Android app out of this, too :).

Stay tuned.
 
Upvote 0
Scary alien,

Thank you for investigating this. I have always chosen to unlock/root and run stock roms anyhow so this will make it possible for those like me to use apps that require root (TB, Root Explorer, etc.) and stay on a stock rom.

No problem, Paul! I'm happy to help re. this (and its been a fun and interesting challenge ;)).

I'm pretty sure I can "simply" (yeah, its really not that simple ;)) throw these commands in an app and make this a one-click rooter. I'm hopeful that the exploit will remain open for near-future versions of ICS besides 4.0.2.

More to come later!
 
Upvote 0
.
Okay, I did a little searching and haven't seen that anyone else has yet posted something like this (apologies if they have), but I was reading around this afternoon and discovered a couple of cool things that allows you to install the root binaries without unlocking your bootloader.

Yes...you heard right: root the Samsung Galaxy Nexus without unlocking the bootloader ;) :).

I just did this process manually myself and it works great.

Note: this does involve using adb and assumes that you've already got the proper USB adb drivers installed (although these are usually less finicky than the fastboot drivers (not an issue for Mac or Linux users, though)).

Okay, here's the details of what I did:
  • re-flashed my device back to stock 4.0.2 and re-locked the bootloader

  • used adb to push the exploit and root binaries over to /data/local:

    c:\gnex\root-exp> adb push mempodroid /data/local/mempodroid
    c:\gnex\root-exp> adb push su /data/local/su
    c:\gnex\root-exp> adb push Superuser.apk /data/local/Superuser.apk

  • the remaining operations take place using adb:

    c:\gnex\root-exp> adb shell
    -
    - navigate to where the my files are:
    -
    $ cd /data/local
    -
    - remount /system as read-write using the exploit binary:
    -
    $ ./mempodroid 0xd7f4 0xad4b mount -o remount,rw '' /system
    -
    - verify /system now mounted as r/w (other mount info redacted):
    -
    $ mount
    /dev/block/platform/omap/omap_hsmmc.0/by-name/system /system ext4 rw,relatime,barrier=1,data=ordered 0 0
    -
    - use the exploit binary to start-up root shell (could've done this earlier, too):
    -
    $ ./mempodroid 0xd7f4 0xad4b sh
    -
    - navigate back to /data/local (probably could have done "sh -"):
    -
    # cd /data/local
    -
    - install and secure the root binaries:
    -
    # cat su > /system/bin/su
    # cat Superuser.apk > /system/app/Superuser.apk
    # chmod 6755 /system/bin/su
    -
    - that's it...root has been installed! :)
    -
    # exit
    $ exit
    c:\gnex\root-exp>

Next, I just downloaded and launched Titanium Backup to verify that my apps have root (I also did another "adb shell" and then "su" to test root that way, too). Works great.
Hope you found this interesting.

Cheers and let me know if you have any questions.

-SA


Notes / Cautions:

- this works for the Samsung Galaxy Nexus running Android 4.0.2 and should work for both the GSM/HSPA+ and the VZW LTE/CDMA version of the phone; I also suspect that it will work for 4.0.1 but I haven't test that (yet)

- rooting your device without unlocking your bootloader will basically only let you run root apps; you won't be able to install (or run) a custom recovery, a custom ROM / theme / kernel, etc.

- since you can't install a custom recovery, you won't be able to make a Nandroid backup to put yourself back to a safe, known setup, so keep this in mind when doing any root-related operations (such as using SetCPU for underclocking, or making any system tweaks that can only be done with root) [although you'll always be able to unlock your bootloader and How to un-root (return to stock) the old-fashioned way].


Credits / references:



So I was able to push update.zip to /cache with minor adjustments. More to come
 
Upvote 0
So I was able to push update.zip to /cache with minor adjustments. More to come

Cool! Looking forward to it.

Yeah, I did some streamlining to the process in the scripts I built and tested last night.

I'll be posting a script later this evening (at least that's my plan). Will have to flash back to stock 4.0.2 for about the 14th time now (I'm losing count :p) to test this.

What's cool about this is that you can re-purpose this exploit to gain selective root access when you want.

Cheers!
 
  • Like
Reactions: jmar
Upvote 0
My GNex was on 4.0.2 with locked boot loader, non-root and completely stock. I wanted to remain locked and non-rooted (promised the wife) but wanted to see if 4.0.4 was able to fix the random reboot and increase battery life.

Need to know how to use adb and not responsible for bricking the phone.

I used scary alien steps and had to add chmod 777 where it was need.

Download the following files and place it in C:\Android\platform-tools directory or what ever directory you want.:
Android 4.0.4
mempodroid
su

used adb to push the exploit and root binaries over to /data/local:
used adb to push the update.zip to /cache

Upgrade from 4.0.2 to 4.0.4 section
C:\Android\platform-tools> adb push mempodroid /data/local
C:\Android\platform-tools> adb push su /data/local

the remaining operations take place using adb:

C:\Android\platform-tools> adb shell
$ cd /data/local
$ chmod 777 mempodroid
$ chmod 777 su
$ ./mempodroid 0xd7f4 0xad4b mount -o remount,rw '' /cache
$ PATH=/data/local:$PATH
$ ./mempodroid 0xd7f4 0xad4b sh
# chmod 777 /cache

Open another command prompt or term and browse to your
browse to directory you placed update.zip in /cache
adb push update.zip /cache

the remaining operations take place using adb from above:
# chmod 770 /cache
# PATH=/sbin:/vendor/bin:/system/sbin:/system/bin:/system/xbin
---Optional--- If you want to remove these files from /data/local. You can also do a factory wipe
# cd /data/local
# rm mempodroid
# rm su
exit

* Power off phone
* Press and hold the volume up/down buttons then press the power button
* Arrow to Recovery
* Phone will reboot in to recovery mode
* With Android laying down, press and hold the power button and volume up (possible volume up couple of times)
* apply update from /cache
* reboot

For Upgrade 4.0.4 to newest 4.0.4

Looks like the exploit that was in 4.0.2 kernel has been patched. Looking for workarounds.
Untested, will test late tonight.
used adb to push the exploit and root binaries over to /data/local:
used adb to push the update.zip to /cache

C:\Android\platform-tools> adb push mempodroid /data/local
C:\Android\platform-tools> adb push su /data/local

the remaining operations take place using adb:

C:\Android\platform-tools> adb shell
$ cd /data/local
$ chmod 777 mempodroid
$ chmod 777 su
$ ./mempodroid 0xd7cc 0xad27 mount -o remount,rw '' /cache
$ PATH=/data/local:$PATH
$ ./mempodroid 0xd7cc 0xad27 sh
# chmod 777 /cache

Open another command prompt or term and browse to your
browse to directory you placed update.zip in /cache
adb push update.zip /cache

the remaining operations take place using adb from above:
# chmod 770 /cache
# PATH=/sbin:/vendor/bin:/system/sbin:/system/bin:/system/xbin
---Optional--- If you want to remove these files from /data/local. You can also do a factory wipe
# cd /data/local
# rm mempodroid
# rm su
exit

* Power off phone
* Press and hold the volume up/down buttons then press the power button
* Arrow to Recovery
* Phone will reboot in to recovery mode
* With Android laying down, press and hold the power button and volume up (possible volume up couple of times)
* apply update from /cache
* reboot


Hope this helps.
 
Upvote 0
My GNex was on 4.0.2 with locked boot loader, non-root and completely stock. I wanted to remain locked and non-rooted (promised the wife) but wanted to see if 4.0.4 was able to fix the random reboot and increase battery life.

I used scary alien steps and had to add chmod 777 where it was need.

Download the 4.0.4 update, mempodroid and su and place it in C:\Android\platform-tools directory or what ever directory you want.
used adb to push the exploit and root binaries over to /data/local:
used adb to push the exploit update.zip to /cache

C:\Android\platform-tools> adb push mempodroid /data/local
C:\Android\platform-tools> adb push su /data/local

the remaining operations take place using adb:

C:\Android\platform-tools> adb shell
$ cd /data/local
$ chmod 777 mempodroid
$ chmod 777 su
$ ./mempodroid 0xd7f4 0xad4b mount -o remount,rw '' /cache
$ PATH=$PATH:/data/local
$ ./mempodroid 0xd7f4 0xad4b sh
#chmod 777 /cache

Open another command prompt or term and browse to your
browse to directory you placed update.zip in /cache
adb push update.zip /cache

the remaining operations take place using adb from above:
# chmod 770 /cache
# PATH=/sbin:/vendor/bin:/system/sbin:/system/bin:/system/xbin
exit

Reboot in to recovery mode
apply update from /cache
reboot

Hope this helps.

So I use the steps to update my wife's Galaxy Nexus and removed a step.

My wife's GN was completely stock with locked boot loader and non-rooted.
 
  • Like
Reactions: scary alien
Upvote 0
Little thread bump to let everyone know that I've finished the installation script.

Here's how to use the script:

1. Download the simple-gnex-root.zip file to your MS/Windows PC (found at the bottom of the first post of this thread)

2. Extract the contents to a folder

3. Make sure you have USB debugging enabled on your phone (Settings -> Developer options -> USB debugging (checked))

4. Make sure you the proper adb USB drivers installed:

How to install the adb & fastboot USB drivers (MS/Windows users only)

5. Connect the phone and your computer together with your USB cable

6. Double-click the runme.bat file that's in the folder where you extracted the contents of the simple-gnex-root.zip file

7. The installation goes pretty quickly.

8. Enjoy your new root abilities :).


Obligatory root disclaimer / reminder:

As always, you are ultimately responsible for any root-related activities on your phone.

You should understand not only the benefits of rooting, but also any possible consequences (voided warranty, boot-loops, bricking, etc.) that might occur as a result of your root-related actions.

AndroidForums.com / Phandroid.com, its owner, and staff are not liable for any root actions you might undertake as a result of information used from this site.

Reading, researching, understanding, and carefully following the published steps and instructions can go a long way towards helping to make your rooting efforts a successful one.
 
  • Like
Reactions: Paul1201
Upvote 0

So I use the steps to update my wife's Galaxy Nexus and removed a step.

My wife's GN was completely stock with locked boot loader and non-rooted.

How do you do last step ?

Whenever I reboot my completely stock phone into recovery mode I get the damn dead droid icon with the red triangle and then after a little bit it reboots.

How do I complete the last part of applying the update?

Thanks
 
Upvote 0
How do you do last step ?

Whenever I reboot my completely stock phone into recovery mode I get the damn dead droid icon with the red triangle and then after a little bit it reboots.

How do I complete the last part of applying the update?

Thanks

Once you are at the robot laying down press and hold the power button and press volume + and use the arrow keys to move up and down and power button to select.
 
Upvote 0
It shows the big droid laying down and then I chose recovery and hit the power button, this brings me to another screen with small droid laying down with red triangle.... at this point no buttons work .... Help!


Edit: Ok I get it, now I am not seeing the update.zip file in there even though it had successfully copied over.... this is weird

Edit: Must have done something wrong, just redid all the steps and now I see the file. Update is being applied.

Thanks for these instructions and help.
 
Upvote 0
It shows the big droid laying down and then I chose recovery and hit the power button, this brings me to another screen with small droid laying down with red triangle.... at this point no buttons work .... Help!


Edit: Ok I get it, now I am not seeing the update.zip file in there even though it had successfully copied over.... this is weird

On this menu if you choose apply update from cache now it does nothing?

android_system_recovery-06.jpg


If so I would suggest rebooting and trying again.

@SA this method will not prevent OTA updates so if an OTA comes I take it root would be lost. If so should this work should this work on newer version of the OS in theory?

This may be a good thing to add to the beginning of the how to root process to allow people to make backups of the app data then unlock the bootloader which wipes everything, once the phone is fully rooted someone could push the backups back to the phone and restore the app data...just a thought
 
Upvote 0
@SA this method will not prevent OTA updates so if an OTA comes I take it root would be lost. If so should this work should this work on newer version of the OS in theory?

This may be a good thing to add to the beginning of the how to root process to allow people to make backups of the app data then unlock the bootloader which wipes everything, once the phone is fully rooted someone could push the backups back to the phone and restore the app data...just a thought

Yeah, an OTA will kill root because the su binary gets its execute and SUID-bit permissions reset.

I'm pretty sure that this will work on future versions of ICS unless and until the exploit is patched in the kernel (or a different compiler is used by Google that breaks the exploit).

I'm a little fuzzy on your last paragraph...are you talking about using something like TiBu to back stuff up and later restore after an OTA comes in and you've re-rooted?

(sorry for being fuzzy, LOL, I'm working on a 1-click app version of this method (and was up way too late last night with it ;) :))

Cheers!
 
Upvote 0
I'm a little fuzzy on your last paragraph...are you talking about using something like TiBu to back stuff up and later restore after an OTA comes in and you've re-rooted?

(sorry for being fuzzy, LOL, I'm working on a 1-click app version of this method (and was up way too late last night with it ;) :))

Cheers!

No problem on the fuzziness ;)

Using TiBU or a similar app was my thought exactly. You would need to transfer the data to a CPU or a dropbox type thing before unlocking the boot loader but it would basically be a loss less root
 
  • Like
Reactions: scary alien
Upvote 0
Ugh! I'm a doofus! :p

Totally spaced the blurb in the exploit details:

Further, run-as bails early on if it is not either a) already running as root (which would defeat the purpose) or b) not running as the adb shell user, so this unfortunately cannot be integrated into a "one-click root" app. You therefore already need working adb shell access to the device in order to install/run this program and escalate to root.

so, my (failed) efforts last night and tonight trying to create a 1-click app were all for naught :p.

Oh, well, the script is easy enough to use...

I'll concentrate on updating the first post with the stuff discussed just above, and making a Mac and Linux version of the .zip.

Cheers!
 
Upvote 0
This could not have been easier. Worked perfectly, took five minutes including downloading the drivers. Such a great option to be able to root, use Titanium Backup and then unlock the bootloader without losing all my app data. The solution I've been looking for. Thanks scary alien.

Thanks, Rick! :)

It was a gas reading through the threads and getting the realization that this would work.

It should actually work for several devices running ICS and/or the certain kernel version (you'd just need to adjust the hex offset values that are used by mempodroid--maybe I'll make the script a little more generic).

Glad it worked for you :).

I'll get the first post updated tomorrow with what you and Yeahha mentioned above.

Cheers!
 
Upvote 0

BEST TECH IN 2023

We've been tracking upcoming products and ranking the best tech since 2007. Thanks for trusting our opinion: we get rewarded through affiliate links that earn us a commission and we invite you to learn more about us.

Smartphones