• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Root ZTE Zmax Pro Official Root Discussion

Status
Not open for further replies.
jdoggawesomex said:
Why not? He's a great hacker
Click to expand...
One of the biggest problems is where would he post a link if he did? Mods will take it down for posting a free paid app.

Could always talk to whoever develops that app to see if the pro-max users could have a free version just with they're phone drivers activated keeping the rest behind a pay wall if using the loaders won't work
 
Been sitting or I guess "lurking", waiting very impatiently for the moment I will finally get to root this bastard. Rooted two phones and read some incredibly entertaining and at times a bit creepy conversation during this long year and a half. I ,of course managed to buy the only two unrootable Android's. Luckily, the S8+ wasn't hard, now my ZMax Pro is just a vendetta. Thank you for all the hard work and stress you guys and gals put into this sometimes thankless job. I for one greatly appreciate it and am sooooooo looking forward to the final post on this thread. :D:blushDroid:
 
Hello. Im not by any means a newbie to Android. I have been in it since the beginning, got the G1 on release day, I was there when Cyanogen released his first Donut builds, and was the founder/admin of the Cyanogenmod IRC channel for the first couple years. However, I am not a developer. Im a tester and an admin and all around gadget enthusiast.
Ive been watching this forum since it started and waiting for the magical moment when we get to realize the potential of this device. I have kept in the back as I am not a dev and don't have a whole lot to contribute to the project. Today however I happened to come across something that may actually be of some help, and the dev behind the project might actually be interested in helping us as it could also benefit his work as well.
For the technical folks, have a look at this github. The guy is working out an open source tool set for qcom msm devices to replace the proprietary kits like qfil and the like.
https://github.com/openpst

When you look at the tools like Uni and z3x and MiracleBox and blah blah blah the hundered other box based phone flasher kits (yes I know Uni is boxless), all they are is a GUI frontend that pulls together a bunch of tools that are readily available in individual form somewhere on the web. For Uni they have the ADB section, theres the Qualcomm section, the MTK section and so on, which all just call to the various tools inside the program directory,.. its all there, SP Flashtool, x10Flasher, etc, EXCEPT.. no QPST stuff anywhere.. Weird. Im pretty sure these opportunistic fellows aren't so smart that they wrote their own loaders and whatnot for the qcom platform. If they were, they would have much more value to say a company like qcom themselves, than selling another in a long line of phone unlocking kits that capitalize on other people's tools and work. I think these groups spend more time and money in r&d on how to make their "software" uncrackable than they do on the actual product itself...
Anyway, somehow they have managed to wrap the qcom loader bits and the signature bits we need inside that blasted exe file, and Im thinking the guy at that github may have some ideas on how they did that...

I have not contacted him and prefer a more technically inclined person do so, as I may just be waaaayyyy of base here, but it might be worth the 5-10 minutes it would take one of you dev types to start up a conversation with the fellow. And by "one of you dev types" i obviously mean @Astr4y4L

One little observation that I want to make regarding this Uni tool method... You guys realize that It's not actually Uni that is doing the rooting of the device. Its Magisk that places the necessary binaries and patches the system. All we need uni for is to get TWRP onto the device. That's it. Its still not rooted until you flash Magisk. SO, my point is, no one is charging ANYTHING for rooting here. The cost is for a software product that among it's 1000 other features, will allow flashing firmware, and thus recovery images to the z981. The Uni folks make no claims whatsoever that they can ROOT the device and for that matter, that is not even their goal. They are focused on SIM unlocking and FRP bypassing on as many different devices as they can.
 
Last edited by a moderator:
thedeanius said:
Hello. Im not by any means a newbie to Android. I have been in it since the beginning, got the G1 on release day, I was there when Cyanogen released his first Donut builds, and was the founder/admin of the Cyanogenmod IRC channel for the first couple years. However, I am not a developer. Im a tester and an admin and all around gadget enthusiast.
Ive been watching this forum since it started and waiting for the magical moment when we get to realize the potential of this device. I have kept in the back as I am not a dev and don't have a whole lot to contribute to the project. Today however I happened to come across something that may actually be of some help, and the dev behind the project might actually be interested in helping us as it could also benefit his work as well.
For the technical folks, have a look at this github. The guy is working out an open source tool set for qcom msm devices to replace the proprietary kits like qfil and the like.
https://github.com/openpst

When you look at the tools like Uni and z3x and MiracleBox and blah blah blah the hundered other box based phone flasher kits (yes I know Uni is boxless), all they are is a GUI frontend that pulls together a bunch of tools that are readily available in individual form somewhere on the web. For Uni they have the ADB section, theres the Qualcomm section, the MTK section and so on, which all just call to the various tools inside the program directory,.. its all there, SP Flashtool, x10Flasher, etc, EXCEPT.. no QPST stuff anywhere.. Weird. Im pretty sure these opportunistic fellows aren't so smart that they wrote their own loaders and whatnot for the qcom platform. If they were, they would have much more value to say a company like qcom themselves, than selling another in a long line of phone unlocking kits that capitalize on other people's tools and work. I think these groups spend more time and money in r&d on how to make their "software" uncrackable than they do on the actual product itself...
Anyway, somehow they have managed to wrap the qcom loader bits and the signature bits we need inside that blasted exe file, and Im thinking the guy at that github may have some ideas on how they did that...

I have not contacted him and prefer a more technically inclined person do so, as I may just be waaaayyyy of base here, but it might be worth the 5-10 minutes it would take one of you dev types to start up a conversation with the fellow. And by "one of you dev types" i obviously mean @Astr4y4L

One little observation that I want to make regarding this Uni tool method... You guys realize that It's not actually Uni that is doing the rooting of the device. Its Magisk that places the necessary binaries and patches the system. All we need uni for is to get TWRP onto the device. That's it. Its still not rooted until you flash Magisk. SO, my point is, no one is charging ANYTHING for rooting here. The cost is for a software product that among it's 1000 other features, will allow flashing firmware, and thus recovery images to the z981. The Uni folks make no claims whatsoever that they can ROOT the device and for that matter, that is not even their goal. They are focused on SIM unlocking and FRP bypassing on as many different devices as they can.
Click to expand...

SRY been busy but just seen this post.
Looked at the git hub, it's like you said an opensourced work based on QPST, which is basicly the same as Qfil or QXDM.

The file we need to make flashing firmware possible is the FIrehose.mbn for this particular chipset.

that's closed source software, I've contacted my people at Qcom, they wont release it to me unless I buy OEM license to produce an android device similar to this using the same chipset.. Which is yet another reason I can't stand corporations and such, but to stay on topic.
what the UNI-tool does is use that firehose file to allow side-loading and booting A TWRP recovery, from there, TWRP gives you the option to flash UN-signed zip files (update.zip) and that's how they are rooting it, using the twrp to flash Magisk...

It's just too damn bad i can't find an official ZTE tool to flash signed updates to the device...
then it's just a matter of changing the program to allow flashing of individual partitions and such As I've managed to do with some other Qcom devices...
anybody know where I can look at a copy of this UNI tool?
anybody got that, and IDA pro?

Set break-points and run the program, watch for the program to create it's own configuration files in it's installed directory IE: (C: \Programfiles\UNI) or where ever it's installed.
and then copy past any config files it creates while the IDA has the UNI program paused....

I may be far off base, but I'm willing to bet that this program works very similar to all of the others....

I'm going to try to get a copy of this to dissect but I'm not paying for it PERIOD.

if we can get the firehose extracted , I know Sapphire already has a free program ready. it's just missing the one dependency .

and , No it's NOT Cracked UNI,
PERIOD,
Sapphire has written his own tool from scratch,
So NO the Mods would be making a big mistake to Krap on his link when he posts the final product of his research.
And one more thing,
Everybody needs to get off of @LV426
He's doing his Job here, If everybody can't quit pissing and complaining, I have a feeling that , I and My team and probably the other Dev's working on this, will leave ALL of you OUT IN THE COLD when this all comes together.

So Party on dudes, Be good to each other, be happy some of us are still working on this thing. and QUIT Squabbling !

Thanks

Astr4y4L
Team_Astr4y4L
 
ibnbazooka said:
I need some guy with enough experience to extract the loader of z981 from uni uat tool
I believe it's encrypted file
Then upload it to me
I will make it 1 click root
Pls extract zte loader
Click to expand...

You're aware your asking publicly for someone to infringe copyright laws?

if you could build a 1-click, you'd extract it your self.
 
Astr4y4L said:
SRY been busy but just seen this post.
Looked at the git hub, it's like you said an opensourced work based on QPST, which is basicly the same as Qfil or QXDM.

The file we need to make flashing firmware possible is the FIrehose.mbn for this particular chipset.

that's closed source software, I've contacted my people at Qcom, they wont release it to me unless I buy OEM license to produce an android device similar to this using the same chipset.. Which is yet another reason I can't stand corporations and such, but to stay on topic.
what the UNI-tool does is use that firehose file to allow side-loading and booting A TWRP recovery, from there, TWRP gives you the option to flash UN-signed zip files (update.zip) and that's how they are rooting it, using the twrp to flash Magisk...

It's just too damn bad i can't find an official ZTE tool to flash signed updates to the device...
then it's just a matter of changing the program to allow flashing of individual partitions and such As I've managed to do with some other Qcom devices...
anybody know where I can look at a copy of this UNI tool?
anybody got that, and IDA pro?

Set break-points and run the program, watch for the program to create it's own configuration files in it's installed directory IE: (C: \Programfiles\UNI) or where ever it's installed.
and then copy past any config files it creates while the IDA has the UNI program paused....

I may be far off base, but I'm willing to bet that this program works very similar to all of the others....

I'm going to try to get a copy of this to dissect but I'm not paying for it PERIOD.

if we can get the firehose extracted , I know Sapphire already has a free program ready. it's just missing the one dependency .

and , No it's NOT Cracked UNI,
PERIOD,
Sapphire has written his own tool from scratch,
So NO the Mods would be making a big mistake to Krap on his link when he posts the final product of his research.
And one more thing,
Everybody needs to get off of @LV426
He's doing his Job here, If everybody can't quit pissing and complaining, I have a feeling that , I and My team and probably the other Dev's working on this, will leave ALL of you OUT IN THE COLD when this all comes together.

So Party on dudes, Be good to each other, be happy some of us are still working on this thing. and QUIT Squabbling !

Thanks

Astr4y4L
Team_Astr4y4L
Click to expand...
lol
 
fidounlocks said:
lol
Click to expand...

FidoUnlocks – Professional Remote Unlocking: Fidounlocks
https://fidounlocks.com.cutestat.com/
fidounlocks.com is 2 months 1 week old. It is a domain having .com extension. This website is estimated worth of $ 8.95 and have a daily income of around $ 0.15. As no active threats were reported recently by users, fidounlocks.com is SAFE to browse.

LOL 2 months 1 week old
This website is estimated worth of $ 8.95 and have a daily income of around $ 0.15.
Click to expand...
more LMFAO
 
Status
Not open for further replies.
Back
Top Bottom