Root Root Zte warp elite N5918

[PDX1911]

does this ROM/kernel have init.d support? I've read elsewhere that you can use a script to auto setenforce 0
Create script as follows:

#!/system/bin/sh
setenforce 0

(Note: If you're using an app to emulate init.d, use su -c setenforce 0 if just setenforce 0 doesn't work)

Save it as set_permissive.sh, move it to /system/etc/init.d/ directory and give it permissions 755.

ofcourse this is all assuming you've got a way to make things stick which is what we want...

if we can get things to stick we could add this:

ro.build.selinux.enforce=0

to our build.prop

so for now, do this:

su
setenforce 0

then try mouting the system as rw? hope any of your changes stick, also, look into dm-verity

 

[roadkill42]

Over my head right now I'm recovering from Brian sugary

 

[roadkill42]

The dm vertity dose not work
Do you have this phone?

 

[bcrichster]

does this ROM/kernel have init.d support? I've read elsewhere that you can use a script to auto setenforce 0
Create script as follows:

<ul style='margin-top:0; margin-bottom:0;'>
<li dir='ltr'><tt>#!/system/bin/sh </tt></li>
</ul>

<ul style='margin-top:0; margin-bottom:0;'>
<li dir='ltr'>setenforce 0 </li>
</ul>

<ul style='margin-top:0; margin-bottom:0;'>
<li dir='ltr'>&#160; </li>
</ul>

<ul style='margin-top:0; margin-bottom:0;'>
<li dir='ltr'>[/LIST] (Note: If you're using an app to emulate init.d, use su -c setenforce 0 if just setenforce 0 doesn't work) </li>
</ul>

<ul style='margin-top:0; margin-bottom:0;'>
<li dir='ltr'>Save it as set_permissive.sh, move it to /system/etc/init.d/ directory and give it permissions 755. </li>
</ul>

<ul style='margin-top:0; margin-bottom:0;'>
<li dir='ltr'>ofcourse this is all assuming you've got a way to make things stick which is what we want... </li>
</ul>

<ul style='margin-top:0; margin-bottom:0;'>
<li dir='ltr'>if we can get things to stick we could add this: </li>
</ul>

<ul style='margin-top:0; margin-bottom:0;'>
<li dir='ltr'><tt>ro.build.selinux.enforce=0 </tt></li>
</ul>

<ul style='margin-top:0; margin-bottom:0;'>
<li dir='ltr'>[/LIST] to our build.prop </li>
</ul>

<ul style='margin-top:0; margin-bottom:0;'>
<li dir='ltr'>so for now, do this: </li>
</ul>

<ul style='margin-top:0; margin-bottom:0;'>
<li dir='ltr'><tt>su </tt></li>
</ul>

<ul style='margin-top:0; margin-bottom:0;'>
<li dir='ltr'>setenforce 0 </li>
</ul>

<ul style='margin-top:0; margin-bottom:0;'>
<li dir='ltr'>[/LIST] then try mouting the system as rw? hope any of your changes stick, also, look into dm-verity

</li>
</ul>



No init.d support without a modified kernel. Locked bootloader = no luck

 

[PDX1911]

Well, shit in a straw and call me ****stick.

 

[bcrichster]

Well, shit in a straw and call me ****stick.

If that thing wasn't so locked down, I'd have already tried making TWRP and mods the kernel

 

[PDX1911]

I bricked a ZTE Rapido /boot section messing around with it... didn't think such an old cheap phone would be bootloader locked, and afaict if i flashed back the /revovery to stock using my backup img it worked.. too bad something went wrong when i repacked the boot img.. so i knew you were right about this phone.. unrelated.. i did get zte to release the source for the rapido. xD


the rapido, too seems to completely ignore the bootloader command from adb... ZTE just sucks. -_- Not to mention the violate the GPL as much as they can get away with.

 

[Pachi]

At this point I'm only interested in deleting the bloatware, god speed

 

[roadkill42]

Until u can get system rw not happening might b able to try and get in download mode and see if u can get adb commands to work like u can on HTC bolt just an idea my PC down so I can't try

 

[Heckerpead]

I think there is a solution. One would have to recompile the kernel though. Source has been available for a year or more now. This is a link to boot and recovery. If I can find system I'll post it up. I've tried DD'ing boot to the recovery partition , but it just gets replaced when you try to boot to it. The dirty cow exploit was our best bet. I did get a root shell with it a a while back but I don't have time to mess with it now. It is possible though I think.

 

[roadkill42]

I think there is a solution. One would have to recompile the kernel though. Source has been available for a year or more now. <span style='font-size:22px';>Thishttps://drive.google.com/open?id=0B7gazdzft5-oUHJsN2pkVW56aEU</span> <span style='font-size:15px';>is a link to boot and recovery. If I can find system I'll post it up. I've tried DD'ing boot to the recovery partition , but it just gets replaced when you try to boot to it. The dirty cow exploit was our best bet. I did get a root shell with it a a while back but I don't have time to mess with it now. It is possible though I think. </span>

I think so too just going to take time I'm afraid

 

[CagyNightOwl]

Got a $50 bounty so far? Cool!!

I'm in for $20

 

[CagyNightOwl]

King Root v.5.3.2 actually achieves Root but when you try to authorize apps to use it, an error message pops up; "This device has a block that prevents authorizing apps from using root." In other words, the success King Root achieves is worthless. Multiple attempts all resulted in the same, Root achieved! and then the error message that it can't be used.

 

[CagyNightOwl]

Oh yeah I forgot lol the last time I used metamorphosis was on my mate35 haha it's been a while well any suggestions on where to start? Maybe toy with sending and receiving video files from messaging or hangouts and running kingroot I know it's not setup for stagefright however there could be other vulnerabilities that aren't yet discovered while hangouts is going through the interger overflow deal

Might work. King Root comes close to achieving root, but cannot hold it.

 

[CagyNightOwl]

This is a good, light weight terminal emulator you can get at the Google Playstore.

 

[Aschmiechen]

I'm not quite sure as to how the he'll I got it to take permanent root but some how I did.

 

[bcrichster]

'somehow'? Lol, OMG.
Plz reiterate the procedures ya took..??

 

[roadkill42]

Yes please I need my rooted

 

[bcrichster]

Yes please I need my rooted

Come on down to the Moto E4 Plus forum (stock v7.1), we also have TWRP, Root, ROMs available..

 

[hokiescoot]

Come on down to the Moto E4 Plus forum (stock v7.1), we also have TWRP, Root, ROMs available..

I have been checking both of the Moto E4 Plus forums on here. Not sure why there are 2 , but I don't see anything from you on either. Am I missing it? I sure would like for you to post the root instructions and such if you would please. Thank you.

 

[bcrichster]

I have been checking both of the Moto E4 Plus forums on here. Not sure why there are 2 , but I don't see anything from you on either. Am I missing it? I sure would like for you to post the root instructions and such if you would please. Thank you.

I haven't made anything worth posting for the E4 Plus yet except maybe the Sprint/Boost VVM.apk. I've been working on the device trees, trying to reduce the file copies from 7GB+ down to like 1.5GB (1.3GB of that is kernel files) to help get custom built easier. I've made my own personal Remix-v5.8 5 but that one has already been posted by someone else too.
As for a Root guide, use fastboot:
- just follow the E4 bootloader unlock guide,
- flash TWRP,
- flash Magisk &amp; dmverity.zip..

 

[CowBrain]

For the unfortunate souls who also cheaped out on a Ting phone: Magisk can give a perm systemless root.

Listed software versions used are for posterity's sake. None of the attached is owned by me in anyway (Edit: Uploading at a later date, new acc restrictions I think). Proceed at your own risk.
1. Enable OEM unlock and USB debugging in developer options, and put the phone in MTP mode.
2. Install Magisk Manager(v 7.4.0), Root Checking Software (Root Checker off Google Play), and, optionally, BusyBox (I used BusyBox Free).
3. Reboot phone.
4. Temp Root with KingRoot v4.9.6. Verify with root checker.
5. Plug android device into computer with ADB. Open up a cmd window and enter "adb shell". Enter "su" and "setenforce 0" (the $ should become a # in the terminal window, i.e. it should be root shell).
6. Enter "ls -l dev/block/*/by-name" to list the partitions by name. Make backups of everything you don't want to lose with dd, and aboot and boot. E.g. "dd if=/dev/block/mmcblk0p18 of=/sdcard/aboot.bak"
7. Enter "exit" twice to leave root and shell. Use adb pull command (e.g. adb pull sdcard/aboot.bak) or file manager to copy aboot to your PC.
8. On you phone, start up Magisk Manager and click install magisk. "Select and Patch a File" and choose boot.img. Verify the patched boot img is in your device storage.
9. On your PC, using a hex editor (I use HxD), open up aboot and find the hex "41 4E 44 52 4F 49 44 2D 42 4F 4F 54 21 00 00 00 00" at offset 0x007FFE00.
Change it to "41 4E 44 52 4F 49 44 2D 42 4F 4F 54 21 00 00 00 01". Save this change, and save the file as patched_aboot. Move it to your phone (adb push, or a file manager).
10. Flash boot and aboot via dd (e.g. dd if=/sdcard/magisk_patched.img of=/dev/block/mmcblk0p20 and dd if=/sdcard/patched_aboot of=/dev/block/mmcblk0p18).
11. Phone should stay rooted now (and not be stuck in a bootloop) provided I remembered everything right. You can uninstall KingRoot, but some caveats are noted below.

system/ is still read-only and can't be remounted with rw permissions, but as noted before the kernel source is released (https://opensource.ztedevices.com/, N9518 Lollipop Kernel (3.10.49)) and so I understand that can be rectified.
Further, with Qualcomm chips' EDL mode, one can supposedly always flash or backup the device with QPST, making it 'unbrickable'. I get an error akin to "can't switched to DL mode" trying to get dumps though. If anyone has more success with this avenue, please do share. Do be wary of malware though.

Hope this helps. Cheers.

 

[Alexenferman]

9. On your PC, using a hex editor (I use HxD), open up aboot and find the hex "41 4E 44 52 4F 49 44 2D 42 4F 4F 54 21 00 00 00 00" at offset 0x007FFE00.
Change it to "41 4E 44 52 4F 49 44 2D 42 4F 4F 54 21 00 00 00 01". Save this change, and save the file as patched_aboot. Move it to your phone (adb push, or a file manager).
Hope this helps. Cheers.

Please answer. Will this work to also patch other ZTE phones? Does this unlock the bootloader?
Thank you for any help!

 

[Mrfunkee]

So is that it? We just giving up on this one?