• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Root ZTE Zmax Pro Official Root Discussion

Status
Not open for further replies.
Someone found a backdoor for rooting Qualcomm devices using Engineer Mode is it possible for us to use and if so is Emode the same as engineer mode because it shows Emode in show system apps.
 
avinelyigel44 said:
https://goo.gl/uoXS96
The vulnerability was found in a Qualcomm-made system app that comes pre-installed on devices like the OnePlus 5, 3T and 3.
Click to expand...
just checked zte removed qcom engineering app and replaced it by their emode... you can access all tests using *983*0# they removed every diag mode or command....... so unfortunately we still don't have entry point but i will examine that emode app sometime later..
 
Last edited:
ExtoliS said:
Because we are not ready to publicly announce anything further, and I have been informed not to share anything else until it is complete. Thank you
And mods have informed everyone here to not attack people.. any of us could've achieved root at anytime, but no one is getting paid to release or even work on this project. There are people saying they have achieved root but have no evidence to back them up. Those people should not be listened to any further.
Click to expand...
Where's the link to the discord? Can I get it?
 
Buying a temporary phone tomorrow so if we want to crack root on this zmax pro now is our chance. My zmax pro will be ours to use. My laptop is up and running so who's down?
Currently trying to flash my LG K7 to nougat...
 
Hey any of you on the b14 version have a stock recovery? I couldn't help my self staring at the blade all night at work I upgraded to it an I have a stock recovery this could be the tipping point for all of us
 
;) Now that's a tipping point. However this is all. i'm just offering proof.
Something no one else has been able to do... *cough* *cough*
 

Attachments

  • root.png
    root.png
    33.9 KB · Views: 432
Last edited by a moderator:
It's temporary for now. With dm-verity disabled we're working on disabling SELinux so that changes aren't reset on reboot. Then onto su binary and unlocking the bootloader. SapphireEX will release when it's done and he's ready. I don't claim responsibility for the exploit. My fiance(SapphireEX) is the one who developed it. However it's confirmed to work on B08, B14 and B20. Doesn't seem to work all too well for B21 so blueborne still seems to be the best route for that.


So theres your update everyone. Now i'm back to abyss. I'll try not to get this account banned :p

edit: freaking w key.
 
Last edited by a moderator:
Current issues right now is getting the correct context. With applypatch able to overwrite any file/ partition now, I can get the contexts I need. I disables DM-Verity a long time ago, so the only thing left to do is to set SELinux to permissive. Won't be difficult.

The users in my discord server should already have the latest installer+ root shell capability.
 
SapphireEx said:
Current issues right now is getting the correct context. With applypatch able to overwrite any file/ partition now, I can get the contexts I need. I disables DM-Verity a long time ago, so the only thing left to do is to set SELinux to permissive. Won't be difficult.

The users in my discord server should already have the latest installer+ root shell capability.
Click to expand...

Still, nice job!
Kernel switch or perm script? Actually, don't tell me in forum. ZTE been stalking all of us here
 
rellik232 said:
I have tried dirtycow, it seems it is patched for z982 b14
Click to expand...

ZMAX4EVER said:
I thought we were close to root? Was it just more talk?
Click to expand...

1. Dirtycow is working on B08 and below.
2. Recowvery is working on B20 and below.
3. My exploit works on B20 and below. With moderate success on B21 via a modified applypatch.
4. Join our discord if you want to see actual progress.
5. Not hush root at all. The exploit is unstable and unfinished due to SELinux still enforcing, preventing u:r:init:s0 and u:r:kernel:s0. When I'm done, I'll release it publically. The members of my discord already have the alpha and beta releases, and every person on B20 or below have a working root shell.

Considering the amount of drama, bullshit, and idiots lurking around on AF, I'd rather not waste my time here.

Also; I'm still waiting for proof Loony. You know, the thing my fiance posted showing a root shell. I'll wait.
 
We have a temporary rootshell. Until we get sepermissive the context is still a small issue
 
Status
Not open for further replies.
Back
Top Bottom