• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Root ZTE Zmax Pro Official Root Discussion

Status
Not open for further replies.
SapphireEx said:
A hidden partition? Highly doubtful as we can read partitions without root. A hidden file? Of course. It can be anything from a simple md5 of the system image, all the way to a dynamic system watcher that validates files as they change.
Click to expand...
There's something that runs and reverts any changes to the system files back to stock. I haven't been able to figure out how to block it.
 
Greysworld007 said:
I'm afraid your mistaken there was b04 b07 b08 b12 but the point is the new updates didn't roll out till people started talking about rooting
Click to expand...
They're the same updates, they just have different build numbers for each carrier. Both T-Mobile and MetroPCS have only pushed 2 updates each, 1 of which was pulled.
 
Nthall said:
There's something that runs and reverts any changes to the system files back to stock. I haven't been able to figure out how to block it.
Click to expand...
Has anyone tried systemless root? If we can't modify system, we should at least try obtaining root via systemless
 
Nthall said:
I don't know. I wouldn't know where to begin without access to recovery.
Click to expand...
Neither would I. I can run scripts from /data/local/tmp, and chmod them, but other than that I can't get anything to run or change.
 
SapphireEx said:
Neither would I. I can run scripts from /data/local/tmp, and chmod them, but other than that I can't get anything to run or change.
Click to expand...
I can change stuff, but I can't run anything with root privileges. All of the changes get erased after a reboot too.
 
Nthall said:
I can change stuff, but I can't run anything with root privileges. All of the changes get erased after a reboot too.
Click to expand...
What about the mode available via volume up+power, DRP or something 3 letters. From what I've read it's ZTEs replacement for fastboot. If we can access that, we should be free to make changes to anything
 
Adeel123 said:
I got an idea. Some guys managed to install TWRP without unlocking the bootloader, by replacing the recovery.img file on the stock image. I don't have a ZMAX Pro, so I can't try this myself.

https://forum.xda-developers.com/redmi-note-3/how-to/kate-guide-install-lineage-os-locked-t3546154

Make sure the original OTA and the modified one have the same file size. And try renaming files, so file names are unchanged.
Click to expand...
I had considered trying to modify the recovery image. That's what I'm guessing it verifies the system files with. I'm about to go to sleep, but I'll read it tomorrow.
 
SapphireEx said:
What about the mode available via volume up+power, DRP or something 3 letters. From what I've read it's ZTEs replacement for fastboot. If we can access that, we should be free to make changes to anything
Click to expand...
We don't have the software we need to access it.
 
Alright, I'll start working on it. I'm seeing 2 problems out the gate though.

1. The stock img is most likely signed.
2. They are talking about ODIN flashing with the modified image, but download mode doesn't verify signatures.

If it even flashes for me, I highly doubt it won't brick. I'll let you guys know how far I get
 
I'm unable to find a stock image. Didn't someone link it a few days ago?
 
iancc86 said:
If your up for it, try this first. The download link is in the 7th paragraph.
Click to expand...
I'm going to have a busy night it seems. This is what I have planned:
Repack the stock image with twrp. As this has no chance of bricking due to signature verification, it can't hurt.
Use the ZTE Flash tool to get some magic going. I'm expecting a brick.
If all else fails, I'll solder a few wires to the SOC, get some debug output, and fall to my reverse engineering background. Hopefully I won't need to do that though. I'll post my progress some time tomorrow.
 
SapphireEx said:
I'm going to have a busy night it seems. This is what I have planned:
Repack the stock image with twrp. As this has no chance of bricking due to signature verification, it can't hurt.
Use the ZTE Flash tool to get some magic going. I'm expecting a brick.
If all else fails, I'll solder a few wires to the SOC, get some debug output, and fall to my reverse engineering background. Hopefully I won't need to do that though. I'll post my progress some time tomorrow.
Click to expand...
Try to side load the apk in the article I posted. See where that goes. I didn't side load it. Just installed and ran. Waiting now.
 
Status
Not open for further replies.
Back
Top Bottom