• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Root ZTE Zmax Pro Official Root Discussion

Status
Not open for further replies.
Alright, so small update. I most likely did something wrong, but I was unable to repack the image and keep it the same size. I tried flashing anyways (via adb sideload) but got a signature verification error. I'm going to try the root tools next.
 
iancc86 said:
SapphireExAlright, so small update. I most likely did something wrong, but I was unable to repack the image and keep it the same size. I tried flashing anyways (via adb sideload) but got a signature verification error. I'm going to try the root tools next.
Click to expand...
You're doing good
Click to expand...

You can use the Cloud Server as your computer as well as other drives too install other software on your phone, including that update that you're trying to get
 
SapphireEx said:
Alright, so small update. I most likely did something wrong, but I was unable to repack the image and keep it the same size. I tried flashing anyways (via adb sideload) but got a signature verification error. I'm going to try the root tools next.
Click to expand...
Do you have a link to the b14 update?
 
iancc86 said:
Try to side load the apk in the article I posted. See where that goes. I didn't side load it. Just installed and ran. Waiting now.
Click to expand...
Did that ever get you anywhere? I'm running out of ideas here, and I really don't want to take the phone apart
 
lol cant believe some are still trying to root this phone. 9 months this phone has been released..
Get over this phone already. There are other phones that are Rootable. Example LG G Stylo 2 Plus ..on sale for 69.99 .You'll have root and a %100 working twrp .Thanks Messi....
No on ZTE
no on 15!
revenge of the nerds in paradise humor.lol
 
let me help you guys out who are determined.
Bootloader needs to be Unlocked.
or pray kingroot gives you temp root one day.
Period.
zte will not give you access to the bootloader nor any signing keys nor fastboot capabilities..
hope this helps those who can invest their time into more productive activities.
 
jhgfrtu said:
let me help you guys out who are determined.
Bootloader needs to be Unlocked.
or pray kingroot gives you temp root one day.
Period.
zte will not give you access to the bootloader nor any signing keys nor fastboot capabilities..
hope this helps those who can invest their time into more productive activities.
Click to expand...
We have physical access. That's all we need. I'd rather attempt and fail hundreds of times than never try once. No environment is secure, and the longer the phone is out, the more vulnerable it'll become.
 
iancc86 said:
Literally just finished hammering 80000 bits with no success. On to the next...
Click to expand...
We could go down the list of CVEs and just brute force the list. I couldn't get anywhere with dirty cow (I really think my compiler hates me), but I doubt ZTE managed to patch every public exploit out there.
 
CVE-2017-0410 could be very interesting. There's no public information on it, and the framework is rather large, but at least we have an entry point.
 
I just took a look over the source. I'll need to attach a debugger to confirm, but it seems it's calling out to an external library. After I get my debugger going, I'm going to fiddle with that library and see if AudioServer can execute bash code inside it.
 
SapphireEx said:
I just took a look over the source. I'll need to attach a debugger to confirm, but it seems it's calling out to an external library. After I get my debugger going, I'm going to fiddle with that library and see if AudioServer can execute bash code inside it.
Click to expand...
Sounds like some really outside the box thinking here, and at this point, it is exactly what we need. I may be speaking too soon, but hopefully Mr. Smith left us a present somewhere in there.
 
Not much of a coding guru myself(unless you count about 27 years ago on VIC-20 BASIC) especially with Java, but I have been known a time or two to catch somthings (and learn a bit more every time) just by looking at the code. So you talk about it calling an external library.. Would that be the AudioConfiguration.java file?
 
Jimmy Dixx said:
Not much of a coding guru myself(unless you count about 27 years ago on VIC-20 BASIC) especially with Java, but I have been known a time or two to catch somthings (and learn a bit more every time) just by looking at the code. So you talk about it calling an external library.. Would that be the AudioConfiguration.java file?
Click to expand...
Aye. I'm not sure if it's an internal package or external, but my debugger should tell me directly what files it is calling.
 
SapphireEx said:
It's tmobile b3 to b9(I think). I couldn't find the metro variant.
Click to expand...

You'd be correct, this is TMO_Z981_V1.0.0B09, B04 to B09 update (December security patch level). I seem to be one of the few with the T-Mobile variant, as such I can't grab the metro updates, but I will pull every T-Mo update that crosses my phone, and upload them with that update. Hope my posting that update was helpful to someone.
 
Status
Not open for further replies.
Back
Top Bottom