• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Root ZTE Zmax Pro Official Root Discussion

Status
Not open for further replies.
Beany23 said:
I'm not sure I follow
Click to expand...
In just about every Android phone the OTA is downloaded to the cache partition. Which you can usually READ aka see the file.

But certain phones like zte download the OTA to cache, but cannot copy the file because the partition is restricted.

So you have to use logcat to find the URL being used to download the OTA and download the file on a computer.
 
Phoenix7331 said:
I haven't read everything and I'm no expert but why isn't simply flashing recovery in fastboot with TWRP and using TWRP to root not working?

My phone has the OEM unlock option in developer options so the bootloader is unlocked, right?
Click to expand...

To put it simply, this phone doesn't have fastboot. It has EDL. EDL requires specialized software from Qualcomm, and also requires signed files from ZTE themselves. So in other words, off limits to standard end users.
 
a few months back I was so desperate to try to root my zmax pro that I tried to root by using a method i had used a long long time ago with an alcatel one touch fierce 2 and the method was by keeping the phone busy in the background with antutu benchmark while trying to use King root to root at the same time and after trying about 8 to 10 times king root had said root was successful but I found out it really wasn't successful and on the root checker app it had said i had no root access but ever since then I can not update via ota and it has been stuck on build number b08 and it always stops around 45 percent and shows a message saying there has been a mismatch with the package and says there is an error in the cache partition and counts down and reboots and when it comes back on it says update failed and says either from problem with update package or it has detected my phone is rooted and I had bought a second zmax pro and it updated perfectly all updates including the recent b20 build, I wish there was something I could flash that could wipe out the cache partition and the root detection sort of like how some previous lg phones have had the option to flash a root detection reset and it allows the phone to update ota packages normally afterwards, I love the pro and it would be one heck of a phone with a rom like broken on it or a new custom one similar to it to free up the space from deleting the metro bloatware and over clock the shit out of it smh its too bad there are so many obstacles that stand in the way of mass zmax pro user euphoria
 
Not trying to be pushy or anything, but I am just wondering.. Why not just let everybody know exactly what is happening with this phone that scares you so much? If more people could see exactly what you are referring to, maybe more people would be calling the authorities, or if anything, making ZTE's crimes widely known, if it turns out that they happen to be working with actors inside the US government (NSA, CIA anybody?). I am just curious as to why if there is such a massive problem, why isnt it being announced all over the place? Just saying, if I were to discover something like that, I would not only be screaming from the rooftops that it exists, but also what to look for and how to find it.

Also, did you ever contact the feds? If so, how did they respond?
Jon Greenwood said:
I'm sorry guys, you guys are really close to where I was when I stumbled on the blood diamond. Re-read some of what has been posted, the SUID is there, think outside the box. DMVERITY is where you need to look.
Click to expand...
 
Regardless, if its something that bad, and they refuse to let us do anything to fix it, shouldnt we, at the very least, be pushing some type of class action against ZTE and all the carriers selling this phone?
 
Who was it that was going on before about how they had something figured out, but weren't going to share it because of ZTE datamining? Are you after money or something? I mean honestly, just come out and say it if so. Douchey as that would be, at least we could finally have root. The worst thing you could possibly do is withhold info from everyone here. You don't need to root your device if that scares you, but some of us don't care and would love the choice to.
 
Hopefully I'll have my computer up and running in a few days. I'm going to see what I can do. I started rooting in the days when one click roots weren't even out yet for Android or iOS. So maybe I'll be able to figure out some kind of work around
 
MatreyuC said:
Who was it that was going on before about how they had something figured out, but weren't going to share it because of ZTE datamining? Are you after money or something? I mean honestly, just come out and say it if so. Douchey as that would be, at least we could finally have root. The worst thing you could possibly do is withhold info from everyone here. You don't need to root your device if that scares you, but some of us don't care and would love the choice to.
Click to expand...
It is that Jon g guy..

The reason I put him on the spot is because every year there's always one guy claiming to have found a root or exploit..

Then in the end they are claiming there work off others and choose to hide there "claims" when they have no proof to back it up.

That's why us devs choose to either share or only hint when we have actual proof to back it up.
 
I swear this is gonna end up on national television if @Jon Greenwood is telling the truth, time will tell. Check DMVerity ya'll. I'll run some tests with some old vulns tonight and tomorrow but hopefully (No offense Jon) he's lying. I REALLY don't want ZTE to be pulling more garbage under our noses.
 
Regardless if Jon is hiding something, or anything else, this needs to get back on topic. If it's not about explicitly exploiting the Z981, find somewhere else to post it. The previous thread was locked down due to the thread going off topic too much.
 
SapphireEx said:
Regardless if Jon is hiding something, or anything else, this needs to get back on topic. If it's not about explicitly exploiting the Z981, find somewhere else to post it. The previous thread was locked down due to the thread going off topic too much.
Click to expand...
And, once we TRULY have root, we may discuss the findings of ZTE's nastiness? Not saying to continue now, and dilute the work, but, once we have concrete evidence.
 
GarnetSunset said:
And, once we TRULY have root, we may discuss the findings of ZTE's nastiness? Not saying to continue now, and dilute the work, but, once we have concrete evidence.
Click to expand...

There's an entire website here with which you can create any thread you want about anything. This one in particular is about rooting the Z981. If you want to create a "ZTE is stealing from you" thread, go right ahead.
 
SapphireEx said:
Regardless if Jon is hiding something, or anything else, this needs to get back on topic. If it's not about explicitly exploiting the Z981, find somewhere else to post it. The previous thread was locked down due to the thread going off topic too much.
Click to expand...

Indeed ;)

SapphireEx said:
There's an entire website here with which you can create any thread you want about anything. This one in particular is about rooting the Z981. If you want to create a "ZTE is stealing from you" thread, go right ahead.
Click to expand...

In fact there is an off-topic root discussion thread right here, which people are very welcome to use:

https://androidforums.com/threads/z...-root-discussion.1094781/page-19#post-7517657

But really, between people trying to moderate this thread, repeating questions, and total lack of progress, is this thread going anywhere? The previous shut down root discussion thread was a lot shorter than this one, and no conclusion was arrived at. If anyone is inclined to read up on what's already been tried, you can trawl back through this current thread, and the previous incarnation of the discussion:

https://androidforums.com/threads/zte-zmax-pro-z981-root-discussion.1055354/page-69

Maybe it would help if some kind soul could provide an overall summary?
 
LV426 said:
Indeed ;)



In fact there is an off-topic root discussion thread right here, which people are very welcome to use:

https://androidforums.com/threads/z...-root-discussion.1094781/page-19#post-7517657

But really, between people trying to moderate this thread, repeating questions, and total lack of progress, is this thread going anywhere? The previous shut down root discussion thread was a lot shorter than this one, and no conclusion was arrived at. If anyone is inclined to read up on what's already been tried, you can trawl back through this current thread, and the previous incarnation of the discussion:

https://androidforums.com/threads/zte-zmax-pro-z981-root-discussion.1055354/page-69

Maybe it would help if some kind soul could provide an overall summary?
Click to expand...

My current progress is a standstill. I've been researching EDL mode rather hard though. A user on a seperate forum found you can initiate python calls to EDL, and it'll respond, asking for a file.
Recovery mode is a dead end as it's just standard recovery.
The bootloader seems to be unlocked, and might actually support user signed packages. Haven't gotten around to testing it though.
A few reboot -* commands are available, which Messi posted about a while ago. They could be interesting.
Temp root is available, but the method I use is highly unstable.
That about covers what I personally know so far
 
<font color ='#9e9e9e'>SapphireEx </font>
<font color ='#9e9e9e'>My current progress is a standstill. I've been researching EDL mode rather hard though. A user on a seperate forum found you can initiate python calls to EDL, and it'll respond, asking for a file. </font>
<font color ='#9e9e9e'>Recovery mode is a dead end as it's just standard recovery. </font>
<font color ='#9e9e9e'>The bootloader seems to be unlocked, and might actually support user signed packages. Haven't gotten around to testing it though. </font>
<font color ='#9e9e9e'>A few reboot -* commands are available, which Messi posted about a while ago. They could be interesting. </font>
<font color ='#9e9e9e'>Temp root is available, but the method I use is highly unstable.</font>
<font color ='#9e9e9e'>That about covers what I personally know so far </font>




im not try to be greedy or anything but..... Would you mind sharing your exploit to public so maybe someone can kickoff where you left off to see if someone can edit your exploit.
 
brandonlee199966 said:
<font color ='#9e9e9e'>SapphireEx </font>
<font color ='#9e9e9e'>My current progress is a standstill. I've been researching EDL mode rather hard though. A user on a seperate forum found you can initiate python calls to EDL, and it'll respond, asking for a file. </font>
<font color ='#9e9e9e'>Recovery mode is a dead end as it's just standard recovery. </font>
<font color ='#9e9e9e'>The bootloader seems to be unlocked, and might actually support user signed packages. Haven't gotten around to testing it though. </font>
<font color ='#9e9e9e'>A few reboot -* commands are available, which Messi posted about a while ago. They could be interesting. </font>
<font color ='#9e9e9e'>Temp root is available, but the method I use is highly unstable.</font>
<font color ='#9e9e9e'>That about covers what I personally know so far </font>




im not try to be greedy or anything but..... Would you mind sharing your exploit to public so maybe someone can kickoff where you left off to see if someone can edit your exploit.
Click to expand...

I didn't create the exploit. I just use it. I'm sure someone will figure out how to prevent the panics though.
 
SapphireEx said:
I didn't create the exploit. I just use it. I'm sure someone will figure out how to prevent the panics though.
Click to expand...

I know you guys said this command (reboot disemmcwp) don't work.....

But i threw that command in device shell then it rebooted my zmax pro?
Did it work or do something to my phone since it rebooted right when i entered the command?
 
So I tried to use 2 methods for sh*ts and gigs and noticed nothing happened on Odin so then I tried Heimdall fronted and got "unable to find compatible download device" but when I adb reboot edl and click the find device button it now goes blank instead of showing that error^ said above so I thought that was interesting. Another thing was that is it possible to use a "deep flash cable" I know its for xiaomi but hey it's possible that ZTE stole that method and didn't say anything.
 
Status
Not open for further replies.
Back
Top Bottom