• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Root ZTE Zmax Pro Official Root Discussion

Status
Not open for further replies.
The same methods used on older IOS jailbreaks might work , browser based vulnerabilities may not be the best move but if we were able to modify an app that can be installed to system with certain permissions with an embedded program similar to a DLL windows file exploit it might work , or instead of flashing a custom bootloader why not add some more options to the inbuilt if thats possible with the dumps that have been curated these past months , another idea if we can find someone over at XDA to write a virus that takes over the phone but instead of stealing user information it dumps the phone or , compile a fake virus scanner that can retrieve information or dump to system , but I feel an embedded app approach could work - I'm just a tinkerer not a developer
 
Upvote 0
So where are we actually at here. If someone has the got backup. Which is the first 17408 bytes of the Emmc I can accomplish some stuff with it.

I also heard someone say keys.
Is this both the public half and private half of the key. For example. Pk8 and. X509. If you have the private half of the key I have a bash script for signing zip files. After signing the zip you can flash anything using the stock recovery and updater script.

GPT and Keys please.

I'll send you back a big mack and you'll be singing that I'm loving it song.

Please just don't dress like ronald
 
Upvote 0
So where are we actually at here. If someone has the got backup. Which is the first 17408 bytes of the Emmc I can accomplish some stuff with it.

<br>

<br> I also heard someone say keys.

<br> Is this both the public half and private half of the key. For example. Pk8 and. X509. If you have the private half of the key I have a bash script for signing zip files. After signing the zip you can flash anything using the stock recovery and updater script.

<br>

<br> GPT and Keys please.

<br>

<br> I'll send you back a big mack and you'll be singing that I'm loving it song.

<br>

<br> Please just don't dress like ronald
Check it PM BC.
 
Upvote 0
send me an invite.username is the same as here.
Anybody can join in. It is just the invite got moved to the Irma thread.

"*Edit I've set up a Discord here: https://discord.gg/6s2JkDv, which should allow faster communication between people. I'll still be using this forum for posting general exploits and similar."

This is where the sausage is being made.
 
Upvote 0
The same methods used on older IOS jailbreaks might work , browser based vulnerabilities may not be the best move but if we were able to modify an app that can be installed to system with certain permissions with an embedded program similar to a DLL windows file exploit it might work , or instead of flashing a custom bootloader why not add some more options to the inbuilt if thats possible with the dumps that have been curated these past months , another idea if we can find someone over at XDA to write a virus that takes over the phone but instead of stealing user information it dumps the phone or , compile a fake virus scanner that can retrieve information or dump to system , but I feel an embedded app approach could work - I'm just a tinkerer not a developer
So you're saying use privilege escalation?
Why have we never thought of that before /s

Freal tho that's the basis for every root exploit ever, use what's already there to escalate from user privs to system privs.
 
Upvote 0
Pretty much doing anything on any device requires you to elevate privileges. It's when those privileges are locked pretty much the Only way is getting a system app with low level privileges to call a script and run it with those fore-mentioned low level privs.

<br>

<br> For example the flashlight app in the old Evo 3Ds for some freaking reason had system privileges and that was their way in.
Apparently a lot of our media decoders also have kernel level RWX
 
Upvote 0
Pretty much doing anything on any device requires you to elevate privileges. It's when those privileges are locked pretty much the Only way is getting a system app with low level privileges to call a script and run it with those fore-mentioned low level privs.

For example the flashlight app in the old Evo 3Ds for some freaking reason had system privileges and that was their way in.
Apparently a lot of our media decoders also have kernel level RWX
Yush.
 
Upvote 0
Here people keep asking for this.

Btw the quadcore do you mean the app that lets you scan? @SapphireEx
 

Attachments

  • ic-2986.png
    ic-2986.png
    102.4 KB · Views: 305
  • Like
Reactions: pyro357 and Y314K
Upvote 0
Jumping in here .....


I'm not quite an expert in mobile devices or Android programming, but I'm pretty good with English, and I think it's possible we've all missed something on this topic.

In "Settings > Developer Options" (once you've activated Developer Options by tapping), there's an option to unlock the bootloader for OEM processes:


allow2.jpg



When you activate the slider, you first get a warning:


warnng.jpg



Okay, this option is likely merely part of the OS, and it's functionality is likely stymied by whatever ZTE blockages have given rise to all the angry and lengthy threads on this topic, but ....

BUT: Android does say "Device protection features won't work on this device . . ." If that's not true, and device protections DO still work on this device, isn't that something Google/Android would want to know?
 

Attachments

  • allow.jpg
    allow.jpg
    26.9 KB · Views: 227
  • warning.jpg
    warning.jpg
    31 KB · Views: 257
Upvote 0
@CaseyRockStar, those Settings -> Developer menu options work in conjunction with the dm-verity and other device integrity checks and I'm pretty sure aren't in play unless the bootloader is actually unlocked (which you guys cannot (yet) do for this device).

For the Nexus/Pixel line of devices (for example, that have those same Settings), you do indeed have to enable/allow bootloader unlocking before you (or try to) unlock the bootloader from fastboot.

If/when you have unlocked the bootloader (like I have on my Nexus 6P) you'll get warnings when you reboot that the device integrity cannot be checked--i.e., because the bootloader has been unlocked and is therefore "open" to modification (i.e., untrusted).

BTW, I keep my bootloader unlocked (on my devices) for recovery purposes...not necessarily to have root installed anymore.
 
Upvote 0
So what would be my best option as an upgrade for the zmax Pro out of Metro's current line up under $200? I am looking at getting an upgrade on Friday and I would like something actually better than this phone if I am buying a new one. Also taking root into consideration with this. I can deal with a .5" smaller screen, as much as I don't want to, if the phone at least is rootable.
 
Upvote 0
So what would be my best option as an upgrade for the zmax Pro out of Metro's current line up under $200? I am looking at getting an upgrade on Friday and I would like something actually better than this phone if I am buying a new one. Also taking root into consideration with this. I can deal with a .5" smaller screen, as much as I don't want to, if the phone at least is rootable.
Nothing else unless you want a Samsung which is 500+.

Look into the Moto g5+
 
Upvote 0
I think I may give the Stylo 3 Plus a shot. Closest to this phone it looks like, and it has root already. My volume up button no longer works, and my touch screen on the ZMP is getting a bit off. It has been over a year with this, and honestly, I have gotten bored with it. Bright side, I'll have a throwaway ZMP to try and break.
 
Upvote 0
I would LOVE an S8 but they are too damn expensive. What about the lower levep Samsung phones they have? Even comparable to the ZMP? Or that new Blade max? Then again, probably can't root thay either

I think I may give the Stylo 3 Plus a shot. Closest to this phone it looks like, and it has root already. My volume up button no longer works, and my touch screen on the ZMP is getting a bit off. It has been over a year with this, and honestly, I have gotten bored with it. Bright side, I'll have a throwaway ZMP to try and break.

I wouldnt do a blast max.. I just had the zte Max xl which is another zmax pro with different specs... It looked identical but still could not be rooted and was pretty decent like the pro.

As far as the Stylo.. well I've given up on LG phones so I can't speak on it.
 
Upvote 0
Status
Not open for further replies.

BEST TECH IN 2023

We've been tracking upcoming products and ranking the best tech since 2007. Thanks for trusting our opinion: we get rewarded through affiliate links that earn us a commission and we invite you to learn more about us.

Smartphones