S
SapphireEx
Guest
Oh I know. That's why I want to see an exploitable bug in our bootloaders to actually get the ball rolling on breaking the phone.
-
After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.
Root ZTE Zmax Pro Official Root Discussion
- Thread starter anubis2048
- Start date
-
- Tags
- root zte zmax pro
- Status
Bigcountry907
Well-Known Member
Well about all i can think of to do now is try to burn a sd card with the axon 7 partitions and GPT. The hope would be that our device reads the fbop partition and opens up fastboot access.
If there was a temp root or a way to get a backup of our devices the chances i could make it work would be much higher.
So generally i am passing some time.
My skills aren't so great when it comes to aboot disassembly. I'm pretty good with a hex editor and linux terminal but i need to learn arm code and dissassembly.
If there was a temp root or a way to get a backup of our devices the chances i could make it work would be much higher.
So generally i am passing some time.
My skills aren't so great when it comes to aboot disassembly. I'm pretty good with a hex editor and linux terminal but i need to learn arm code and dissassembly.
S
SapphireEx
Guest
We have temp root, but it lasts for literally a few CPU cycles before restarting and clearing the root.
If you can manage to get a aboot image I can deal with the arm code and removing encryption flags.
Only other way someone can get a copy that I know of is to take the time to convert the patch file in one of the updates to a regular image.
GrifterGrifts
Member
I've heard that the screen executed by adb reboot unauth is on its own partition hidden until the phone is modified maybe with any of the possible above exploits if we could disable it completely we could make the whole partition useless so adb reboot unauth would be no different than typing adb reboot ysydhd which will default to system giving it's possible root if paired with an exploit idk it's all speculation
Last edited:
messi2050
Android Enthusiast
Yes it get enabled when the device detect changes on boot, It can't be disabled as built in kernel, no communications are available when you are in this mode is just a way to force you to not use your device after making modifications to it.
Chloe936
Lurker
Hey, Everyone. Sorry to say I am one of the few that has been lurking since the old post got taken down due to off topic stuff.
Anyways! I have a zmax pro on b01 I have never updated. It was from Walmart on T. I did say I was lurking for awhile, as for b00 I never knew it existed. I got my zmax pro back in Aug of last year.
(Honestly I wonder if the ones still left in Walmart are on b01...)
Anyways! I have a zmax pro on b01 I have never updated. It was from Walmart on T. I did say I was lurking for awhile, as for b00 I never knew it existed. I got my zmax pro back in Aug of last year.
(Honestly I wonder if the ones still left in Walmart are on b01...)
Nyrixa
Newbie
My charger crapped out on me, so I have to get a new one. However I did come across the Google source site that says we need the dev key for signing recovery images, it's for Oreo, but maybe it can help us to remove verity or get rolling on a permanent root for our 981. https://android.googlesource.com/platform/build/+/oreo-r6-release/target/product/verity.mk#17
Y314K
Well-Known Member
Doubt about them still being available at Walmart. But you never know. Maybe the ones that can dump them can check a few stores. Is that phone your daily driver ? Would you want to just donate it or would you prefer to exchange your T-B01 for a M-B08. Or would you like to get specifics instructions on how to try to dump your phones FW yourself. Not sure what it would all in tale. What are your thoughts right now ?
Last edited:
messi2050
Android Enthusiast
Does issuing the command
Adb reboot bootloader
Send you to fastboot or it just reboots back to system
Y314K
Well-Known Member
Now you are reading B01 in the Build Number right ? & Not on the BaseBand ?
Y314K
Well-Known Member
Wasn't there a setting regarding unlocking the bootloader or something in Settings. For most of us that setting didn't do anything but I wonder for the original FW phones?
Info posted on this post. Part 1.
https://androidforums.com/posts/7474252/#post-7474252
Last edited:
MustangLife
Well-Known Member
Glad to see folks with the knowledge still trying to get root on this phone. I've been an owner for over a year now, patiently waiting. Most of what's talked about lately is past my knowledge. Seems like some progress has been made though
GarnetSunset
Member
If only we could underclock this thing to shit, give us some time to work with.
GarnetSunset
Member
*snip*
Last edited:
GarnetSunset
Member
That doesn't unlock the bootloader. If it did, we would've had root like 7 months ago. That is just a switch to say "yeah I might want to flash unsigned stuff in the future"
This is bootloader level stuff, so no.
Wanna break into ZTE and steal the dev key? lol
boi whatre you doin
Chloe936
Lurker
It reboots system.
This is my main phone it is on b01 but in about a month anyone can use it for testing.
Attachments
Y314K
Well-Known Member
Seems correct. Can you plead post a pic that shows the bottom info including Build Number. It seems it got cut off the first pic. Hopefully you can dump what is needed.
Y314K
Well-Known Member
Was just wondering if that OEM option might only work or might be needed switched to on in the original B01 and B03 FW that suppose to have an unlocked Bootloader.
Last edited:
messi2050
Android Enthusiast
Adb reboot disemmcwp
Then kingroot should root your device easily..
Y314K
Well-Known Member
Once rooted then he should be able to install your TWRP & dump all the inners you would need to help the next FW versions ?
GarnetSunset
Member
Root wont get Bootloader but itll help dump partitions and the likes.
- Status