Galaxy Nexus root / un-root without unlocking bootloader


  1. scary alien

    scary alien not really so scary Moderator

    .
    Introducing the Samsung Galaxy Nexus root / un-root without needing to unlock your bootloader. Yep! ;) :p :D

    Note: it appears that this will only work for GNex phones running Android ICS 4.0.2--the exploit that this method utilizes does not seem to work for 4.0.4; if you use this method to gain root in 4.0.2 and wish to retain it later in 4.0.4, be sure to use a utility like my app Android Root Toolkit or OTA RootKeeper to save root in 4.0.2 so that you don't lose it when you install the 4.0.4 OTA.

    I've had this posted in the VZW Galaxy Nexus root area for a little bit, but I've updated it with un-root options and support for Linux (32-bit) and Mac/OSX, so I thought I'd post it here in the GSM area too since it should work identically to the LTE version.

    Download for the simple-gnex-root-unroot.zip package is located at the bottom of this post.

    How to use:
    1. Download simple-gnex-root-unroot.zip to your PC

    2. Extract the contents of the above .zip file to a working folder on your PC

    3. Start-up a command (Windows) or Terminal (Linux or Mac/OSX) session

    4. Change to (cd) to folder (directory) location where you've extracted the simple-gnex-root-unroot.zip file's contents

    5. For Windows PCs, make sure you have the proper USB adb drivers installed:

    .....How to install the adb & fastboot USB drivers

    6. Make sure you have USB debugging enabled on your device:

    .....Settings -> Developer options -> USB debugging (checked)

    7. Connect your phone to your PC via the USB cable

    8. Run the desired script:


    • Windows:

      to root:

      Code (Text):
      1. [COLOR="blue"][B]c:\temp> root-for-windows.bat[/B][/COLOR]
      to un-root:

      Code (Text):
      1. [COLOR="blue"][B]c:\temp> unroot-for-windows.bat[/B][/COLOR]
    • Linux (32-bit installs) / Mac (OSX):

      note: there's a sudo invocation for the first adb command in the shell script; this will cause you to be prompted for entry of your administrator / root password (this is so that the adb daemon is started-up with the proper privileges to work on your Linux system); I'm not sure if this is necessary for the Mac/OSX system, so you might need to remove it from the script if needed

      to root:

      Code (Text):
      1. [B][COLOR="Blue"]. ./root-unroot-for-linux-osx.sh[/COLOR][/B]
      to un-root:

      Code (Text):
      1. [B][COLOR="blue"]. ./root-unroot-for-linux-osx.sh[/COLOR][/B]

    Notes:
    1. this root exploit should work on any Linux kernel 2.6.39 and above; this means that it should currently work on both the GSM and the VZW LTE variants of the Samsung Galaxy Nexus (and indeed, several other devices running this Linux kernel; the key to using the exploit lies in using different hex values corresponding to the offset of the exit() function)

    2. this current root package I have assembled for you has been tested on a VZW (LTE/CDMA) Samsung Galaxy Nexus running Android 4.0.2 using both a Windows 7 and Linux 10.x PC; I believe that it should work on a Mac/OSX system, but I am unable to test that at this time

    3. it appears that the adb-linux binary included with this root package only works on 32-bit installs of Linux; I and another member were unable to get the adb binary to execute properly on a 64-bit install of Ubuntu 11.10 (it worked just fine on the 32-bit version)

    4. since this rooting package / method doesn't require you to unlock your bootloader, you don't have to risk that operation and its warranty implications; additionally, you could use an application like Titanium Backup to save your applications and their data/setup for easier recovery and re-setup later

    5. note that this rooting method does not allow you to install a custom recovery and therefore you will be unable to make a Nandroid backup, or install a custom ROM or theme or kernel--you would still need to unlock your bootloader to do these things

    6. you should also take all due precautions and care when undertaking any modifications to your phone (especially system-related apps) without having the protection of a custom recovery and a Nandroid backup; you always have the fall-back option of unlocking your bootloader and restoring back to stock, too: How to un-root (return to stock)

    Credits / references:

    simple-gnex-root-unroot.zip:

    .....File size: ..........944,566 (bytes)
    .....MD5 checksum: 2ebd6f0d58b26955d7b97d37fa1e0b36

    Attached Files:


    Advertisement
    :
  2. scary alien

    scary alien not really so scary Moderator

    Updated first post above with new version of the .zip root package.

    It does a more complete un-root.

    Cheers!

    -SA
    NexusToo likes this.
  3. NexusToo

    NexusToo New Member

    Great, it works ;)

    Thank you very much sir :)
    scary alien likes this.
  4. scary alien

    scary alien not really so scary Moderator

    Thank you, too, NexusToo! :)

    And welcome to the AndroidForums--we're very pleased you signed-up with us!

    Cheers and have a great rest of your day :).
    NexusToo likes this.
  5. ericzlot

    ericzlot New Member

    As this is not touching the bootloader, I'm guessing that it will NOT wipe all my data?
  6. scary alien

    scary alien not really so scary Moderator

    Eric,

    That is correct :).

    It is simply installing the root binaries (su and Superuser.apk).

    By the way, let me know if you're using a Mac--I haven't updated the .zip package here in the GSM area to include a fixed version of the script--but its available in this same thread in the VZW area (they are identical files).

    I'll get it updated tonight...

    The Linux and Windows scripts should work just fine for you, though.

    Cheers and let me know how it goes :).

    Oh, and welcome to the AndroidForums, too! :)
  7. ncguy2

    ncguy2 Well-Known Member

    Just curious, if you don't install clockworkmod will your phone still receive OTA's?

    Can you even install clockworkmod using this exploit without unlocking?
  8. scary alien

    scary alien not really so scary Moderator

    Yes! :)

    As long as you have a stock recovery, any OTA you receive be able to be applied (you'll actually get the OTA even if you have a non-stock recovery, you just wouldn't be able to install it until you had the stock recovery installed).

    Bear in mind that you might also want to install and run OTA RootKeeper so that you can still get root (recover root) after taking an OTA (like when 4.0.4 comes out).

    Yes! :)

    After you root, just download ROM Manager and use it to flash ClockworkMod custom recovery.

    Cheers!
  9. ncguy2

    ncguy2 Well-Known Member

    Wow. Sounds like you can have your cake and eat it too! Anything left that would still require unlock?
  10. scary alien

    scary alien not really so scary Moderator

    You can't use fastboot to soft-boot or flash anything without having an unlocked bootloader.

    So, if you had to restore back to stock, etc., you'd have to unlock.

    But you should be able to do most root-y things just fine ;) :).

    At least this way, you'll be able to make Titanium Backups and/or a Nandroid backup of your current setup, save that stuff off to your PC or such. Then, when / if you ever to have to unlock, you're just a restore away from being back in the state you were when you made the restore :).

    Cheers!
    ncguy2 likes this.
  11. shabaz786

    shabaz786 New Member

    Hi I have just managed to root my mobile and have got titanium backup working without unlocking the bootloader. Do you have any idea why luckypatcher will not work even when supperuser shows allowed under status. Thanks for your hard work.
  12. scary alien

    scary alien not really so scary Moderator

    No problem, happy to help.

    I've actually never heard of Lucky Patcher before now... I can't say that I agree with its existence or usage, given that I myself am an Android Market and Amazon AppStore app developer.
    shabaz786 and El Presidente like this.
  13. Hoosiers

    Hoosiers New Member

    Thank you very much for this straightforward method.

    Brand new Droid user here (finally gave up on RIM) and your instructions were very helpful.

    Cheers!
    scary alien likes this.
  14. scary alien

    scary alien not really so scary Moderator

    You are most welcome! :)

    And welcome to the AndroidForums (and another Hoosier, if I'm not mistaken? ;) :)).

    Cheers!
  15. Hoosiers

    Hoosiers New Member

    Sure am! I'm finishing up my senior year and am on Spring Break right now.

    Made our trip short this year so we could hopefully go watch us in the NCAA tournament, only to find out we are playing in Oregon :(. Hopefully we can go see another victory against UK in Atlanta (knocks on wood).

    Quick question if you don't mind:

    I used this method so I could save my data before unlocking my bootloader. Do I need the full version of Titanium backup to do this since the GNex only has internal memory and I need to export to my computer?

    Thanks.
  16. scary alien

    scary alien not really so scary Moderator

    Nice! Yeah, March Madness is a great time of the year :).

    I'm not a TiBu expert (I do have the full version, though), but I know that you'd have to do each app one at a time vs. being able to batch them all at one time--I think that's the biggest reason folks purchase the full version.

    Cheers!
  17. MachDelta

    MachDelta Well-Known Member

    Dumb question - will this work on earlier builds (eg: 4.0.1) or only 4.0.2?

    I'm just a newbie that didn't think he'd want to root his phone and then figured out a good reason to do it, and now i'm looking for the least painful way of backup up the last week of playing with my new phone. :rolleyes:
  18. scary alien

    scary alien not really so scary Moderator

    MachDelta,

    Welcome to the AndroidForums!

    Not a dumb question at all. I don't actually know the answer... I've not stayed on 4.0.1 long enough to save a Nandroid for testing like this.

    I'm pretty sure that Jay (saurik) only built and tested this on 4.0.2... Did you not ever receive a 4.0.2 OTA?

    It would simple enough to try it to see...you'll either end-up rooted or you won't ;) (and if you do get root, you'll be able to easily un-root, too). The act of rooting (in this case, anyways) is simply installing the su and Superuser.apk binaries on your phone (so you don't have to use them, even if you do root).

    Cheers and let me know!
  19. MachDelta

    MachDelta Well-Known Member

    My provider is Bell (Canada) and for some reason i'm not particularly familiar with (I've heard more than one explanation, ranging from technical to "they're evil" :p) 4.0.1 is what they ship/push.

    Anyways, i'll give it a shot tonight and let you know if it works, or if it bricks (jk ;))

    Thanks!
    scary alien likes this.
  20. scary alien

    scary alien not really so scary Moderator

    MachDelta,

    I could test it for you, but I can't do it tonight (I'm in the middle of some other things and its getting a little late). But if you really wanted me to, I could try to get to it during the day on Friday.

    The exploit uses particular offsets in the run-as binary and these may very well be different for v4.0.1. So, if it fails, you'll just see that the su and SuperUser.apk files don't get installed (because the mempodroid binary wasn't granted root/superuser permissions itself).

    Sorry for not anticipating that there'd still be 4.0.1 users out there....:eek:.

    Good luck! You've got me curious, now ;) :).
    MachDelta likes this.
  21. MachDelta

    MachDelta Well-Known Member

    It appears to have worked! :D
    [​IMG]

    Thanks SA!
    scary alien likes this.
  22. scary alien

    scary alien not really so scary Moderator

    You are most welcome! :)

    Cheers!
Loading...

Share This Page