The shoutbox is currently out of service. Join us on Discord instead.
You can help CodeWalrus stay online by donating here.

Permanent root for Hisense CMB405

Started by gameblabla, November 06, 2016, 04:05:33 am

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

gameblabla

November 06, 2016, 04:05:33 am Last Edit: November 06, 2016, 04:29:49 am by gameblabla
A year ago, i bought this decent device for pretty cheap. (50€)
Unfortunely, i later discovered that, unless you use the annoying KingoRoot, you can't have root.
On top of that, KingoRoot is not permanent so you will have to download it and wait each freaking time you reboot your device.
TowelRoot, FramaRoot... all of them didn't work either.
Lastly, i found absolutely no documentation for the device. (other than some benchmarks websites)

Just now, i was finally able to root my device permantly without some chinese apps that don't last a reboot.
I'll explain how i did it, as it might help you if you also happen to own some unknown device.

First of all, i discovered some useful commands to adb.
adb shell reboot bootloader
adb shell reboot recovery

On my device, it is the only way to access the bootloader : no buttons combinaison work here.
But the default bootloader doesn't allow you to flash any zip packages unfortunely...
So it was clear that i needed to find a CWM recovery file for my device.

I started looking at what kind of SoC it was using.
I eventually found out it was using a SnapDragon MSM8916.
So i started looking for devices that were using the same SoC but had a recovery available.

I found that the Lenovo A6000 was a similar device with the same SoC and operating system but with a bigger screen...
Here is the link that i found : http://www.gizmoadvices.com/install-cwm-recovery-root-lenovo-a6000/

Still, after downloading it, i launched this command :
flashboot boot myfirmwareimage.img
It booted but since it was designed for a bigger screen resolution, it looked horrible...
I tried looking for more alternatives but so far, none of them even worked.

I did with what i had and tried to flash the root package that was provided in the tutorial.
It seemed to have worked so i tried to reboot it but my device would get stuck...
No problem tho, i simply removed my battery and put it back.

After a slow startup, i found out SuperSU was correctly installed and my root apps were working perfectly.
The provided SuperSU Apk was old tho so i installed the newer one and after a reboot (and updating the su binary),
it worked just fine.

So yeah, even if nobody was even mentionning the device, i had managed to have permanent root on it.
I just wish i knew that for my 2 earlier software-hardware bricked tablets...

Do you happen to own some not well known Android smartphones ?
Let me know in the comments down below.

Juju

Dirty COW should work on every Android phone the kernel has been compiled until last month or so.
Read Zarmina!
YUKI-CHAAAANNNN
In the beginning there was walrii. In the end there will be walrii. All hail our supreme leader :walrii: --Snektron



if you wanna throw money at me and/or CodeWalrus monthly it's here

gameblabla

November 06, 2016, 04:23:16 am #2 Last Edit: November 06, 2016, 04:28:42 am by gameblabla
Quote from: Juju on November 06, 2016, 04:19:35 am
Dirty COW should work on every Android phone the kernel has been compiled until last month or so.

Before that, i actually tried dirtycow using this proof-of-concept here :
https://github.com/timwr/CVE-2016-5195

Sadly, it didn't work on my device because i later discovered that while the proc is 64-bits, the OS (or at least userspace) is 32-bits
and it was unable to execute my 64-bits executable.
I heard that it has some issues on Android ARM64.
Even if it did work, you would need to defeat SELinux on Android 4.4+ as well and this has not been done (yet).

Powered by EzPortal