• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Root ZTE Zmax Pro Official Root Discussion

Status
Not open for further replies.
SapphireEx

If that really is the release key, there's tons of things we can do with it. We need a way to flash images though.



If we can get someone to modify the root script where it won't freeze up and panic. So we can get temp root and install flashfire or flashify then install @messi2050 TWRP recovery then we will all set. Even though no one knows if the custom recovery works or not

.

I know the original zmax had to get temp root by kingroot i believe . Then download an app to install TWRP
.
 
Brandonleee1996 said:
SapphireEx

If that really is the release key, there's tons of things we can do with it. We need a way to flash images though.



If we can get someone to modify the root script where it won't freeze up and panic. So we can get temp root and install flashfire or flashify then install @messi2050 TWRP recovery then we will all set. Even though no one knows if the custom recovery works or not

.

I know the original zmax had to get temp root by kingroot i believe . Then download an app to install TWRP
.
Click to expand...

Technically if what I'm reading is correct, it doesn't necessarily have to be the signing keys, you can create your own as long as it's signed. Haven't had time to deep look again, but disabling trusted certs gains a bit more access to files and sub-dirs in the root dir. Also it seems that "keychain/keystore" don't directly handle the keys, but they have the information about them and can access them. So it may be possible that with a "keychain/keystore dump" the information we need about the keys can be gotten.
 
Nyrixa said:
Technically if what I'm reading is correct, it doesn't necessarily have to be the signing keys, you can create your own as long as it's signed. Haven't had time to deep look again, but disabling trusted certs gains a bit more access to files and sub-dirs in the root dir. Also it seems that "keychain/keystore" don't directly handle the keys, but they have the information about them and can access them. So it may be possible that with a "keychain/keystore dump" the information we need about the keys can be gotten.
Click to expand...

That's if it accepts any signature. I'd much rather have the OEM keys that are nearly impossible to get. I'll give it a go with self signing though.
 
SapphireEx

I think you messed your quote up a bit. I haven't been able to find the keys yet. Been at work all day.

Found this key idk if im right or not is worth the share
location or file

/etc/security/

Mac_permissions.xml
signature='308204ae30820396a003020102020900abf652fde78f3bc3300d06092a864886f70d0101050500308196310b300906035504061302434e3111300f060355040813085368616e676861693111300f060355040713085368616e67686169310c300a060355040a13035a544531223020060355040b1319536d61727470686f6e6520536f66747761726520446570742e310c300a060355040313035a54453121301f06092a864886f70d0109011612737570706f7274407a74652e636f6d2e636e301e170d3131303330383037313234345a170d3338303732343037313234345a308196310b300906035504061302434e3111300f060355040813085368616e676861693111300f060355040713085368616e67686169310c300a060355040a13035a544531223020060355040b1319536d61727470686f6e6520536f66747761726520446570742e310c300a060355040313035a54453121301f06092a864886f70d0109011612737570706f7274407a74652e636f6d2e636e30820120300d06092a864886f70d01010105000382010d00308201080282010100bf9aadaf6257265ebc6cc4127ab591046fff7df5cb9e5bf2dc6d86d6932f70d2218fc1070cfb66c22d5189d3156e29917233473570379748c2e1c49cd700e8851ec339f4008befaef5cf85f536f22807755c0eab9695d76fcbf8ab2c65d80975a37d859d6784a03e72bf761348c596f042a8e0d323cd57ce97001e47121493bd4c2a34bf62d1d0d09166d965e808348be551a27c1c6e9244762d3afebb3c7bba4ee9b3985c3d426c694cf7338d045c76244a6de4f686c7f84f210b9d25a6b3c8907b097c35c138abcca4cef0d7e29f1155e0c42566b7e4b5bb37fea17dcc39de2b2f9d0d4d3b17f732676c1c21002c84edce336c87b95cfdcadc6745c83f4e4b020103a381fe3081fb301d0603551d0e04160414aba2a127783c12ea32794e657dcbd8342d70680e3081cb0603551d230481c33081c08014aba2a127783c12ea32794e657dcbd8342d70680ea1819ca48199308196310b300906035504061302434e3111300f060355040813085368616e676861693111300f060355040713085368616e67686169310c300a060355040a13035a544531223020060355040b1319536d61727470686f6e6520536f66747761726520446570742e310c300a060355040313035a54453121301f06092a864886f70d0109011612737570706f7274407a74652e636f6d2e636e820900abf652fde78f3bc3300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100 7e35025f08ef1b0a0fb023dafb5d878aa460fa2fef626a9de6f5b59f3183cd0783c8426216f47d03e3b9af873880725198a85bb559eab4e277488d8220709fee7a5d281c9701b89eb30f0c9c6ea6d97abc9e8b76f6ce6e53483980868f8b3c7f2dff1fd73574830c2bb29882223d62683fa84f5108fe7f7435cbb2f32d8e0d28f94367708d02287232982f63c981871f7dcfb24e1faeb586fc255de4ad302fc4b53d7d6b43c84d53d3172024a0b8b0964f0deeca0e3a2fcb9199898c0cbf0d03cb6cace6c92817e1fccd53604f99dec8f2c130388d34cf96d300286726c6dcbea83b38dd12769ac94df9fa6b298aedf617fccc8ff9f503338015f94a8ae0ac88
 
Last edited:
brandonlee199966 said:
SapphireEx

I think you messed your quote up a bit. I haven't been able to find the keys yet. Been at work all day.

Found this key idk if im right or not is worth the share
location or file

/etc/security/

Mac_permissions.xml
signature='308204ae30820396a003020102020900abf652fde78f3bc3300d06092a864886f70d0101050500308196310b300906035504061302434e3111300f060355040813085368616e676861693111300f060355040713085368616e67686169310c300a060355040a13035a544531223020060355040b1319536d61727470686f6e6520536f66747761726520446570742e310c300a060355040313035a54453121301f06092a864886f70d0109011612737570706f7274407a74652e636f6d2e636e301e170d3131303330383037313234345a170d3338303732343037313234345a308196310b300906035504061302434e3111300f060355040813085368616e676861693111300f060355040713085368616e67686169310c300a060355040a13035a544531223020060355040b1319536d61727470686f6e6520536f66747761726520446570742e310c300a060355040313035a54453121301f06092a864886f70d0109011612737570706f7274407a74652e636f6d2e636e30820120300d06092a864886f70d01010105000382010d00308201080282010100bf9aadaf6257265ebc6cc4127ab591046fff7df5cb9e5bf2dc6d86d6932f70d2218fc1070cfb66c22d5189d3156e29917233473570379748c2e1c49cd700e8851ec339f4008befaef5cf85f536f22807755c0eab9695d76fcbf8ab2c65d80975a37d859d6784a03e72bf761348c596f042a8e0d323cd57ce97001e47121493bd4c2a34bf62d1d0d09166d965e808348be551a27c1c6e9244762d3afebb3c7bba4ee9b3985c3d426c694cf7338d045c76244a6de4f686c7f84f210b9d25a6b3c8907b097c35c138abcca4cef0d7e29f1155e0c42566b7e4b5bb37fea17dcc39de2b2f9d0d4d3b17f732676c1c21002c84edce336c87b95cfdcadc6745c83f4e4b020103a381fe3081fb301d0603551d0e04160414aba2a127783c12ea32794e657dcbd8342d70680e3081cb0603551d230481c33081c08014aba2a127783c12ea32794e657dcbd8342d70680ea1819ca48199308196310b300906035504061302434e3111300f060355040813085368616e676861693111300f060355040713085368616e67686169310c300a060355040a13035a544531223020060355040b1319536d61727470686f6e6520536f66747761726520446570742e310c300a060355040313035a54453121301f06092a864886f70d0109011612737570706f7274407a74652e636f6d2e636e820900abf652fde78f3bc3300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100 7e35025f08ef1b0a0fb023dafb5d878aa460fa2fef626a9de6f5b59f3183cd0783c8426216f47d03e3b9af873880725198a85bb559eab4e277488d8220709fee7a5d281c9701b89eb30f0c9c6ea6d97abc9e8b76f6ce6e53483980868f8b3c7f2dff1fd73574830c2bb29882223d62683fa84f5108fe7f7435cbb2f32d8e0d28f94367708d02287232982f63c981871f7dcfb24e1faeb586fc255de4ad302fc4b53d7d6b43c84d53d3172024a0b8b0964f0deeca0e3a2fcb9199898c0cbf0d03cb6cace6c92817e1fccd53604f99dec8f2c130388d34cf96d300286726c6dcbea83b38dd12769ac94df9fa6b298aedf617fccc8ff9f503338015f94a8ae0ac88
Click to expand...

This could be interesting, but I can't do a lot with it. Knowing linux, which generally has keys for PAM modules in etc/security, it's currently meaningless until we can find why these keys are here.
 
Now, I leave you all with one giant chunk of information to do with what you will.......

Build Details

Manufacturer: ZTE
Model: Z981

Brand: ZTE
Board: urd
Device: urd
Hardware: qcom
Product: P895T20_MPCS

Serial Number:

Bootloader: unknown
Radio: -8952_GEN_PACK-1.89347.1.93758.3

Build Fingerprint: ZTE/P895T20_MPCS/urd:6.0.1/MMB29M/20170418.111425:user/release-keys

Release: 6.0.1
Codename: REL
Build Version: MMB29M
Build Type: user
Build Tags: release-keys
Build Date: 2017-04-17
Built By: xuzhenxuan@newsuper3
Build Number: 20170418.111425

API level: 23

CPU ABIs: arm64-v8a

Kernel Version: Linux version 3.10.84-perf-gcdba782-00692-gf675825 (xuzhenxuan@newsuper3) (gcc version 4.9.x-google 20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Tue Apr 18 11:53:28 CST 2017


Found in /Etc title is Xtra_Root_Cert.pem


Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12233244687336499494 (0xa9c5373a87206926)
Signature Algorithm: sha1WithRSAEncryption
Issuer: O=QUALCOMM, Inc., OU=Cryptographic Operations Group, CN=XTRA Admninistrative Root v1
Validity
Not Before: Mar 24 20:03:47 2011 GMT
Not After : Mar 20 20:03:47 2026 GMT
Subject: O=QUALCOMM, Inc., OU=Cryptographic Operations Group, CN=XTRA Admninistrative Root v1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a7:de:dd:6d:49:f9:0b:3b:e2:91:94:a9:1c:e5:
64:7a:fc:7b:35:10:04:e4:e3:e5:c9:4d:eb:6c:ed:
71:08:77:b1:b4:aa:60:a5:10:a6:18:45:e6:a6:27:
cd:df:74:38:6a:d4:ac:7f:44:08:a0:f8:aa:f5:6b:
5b:61:9b:0c:53:c0:d9:62:b2:ee:48:51:fa:3f:d3:
bd:7d:5c:aa:33:4b:19:66:99:fd:ed:fa:cb:0f:b4:
fe:fe:7e:eb:f8:fa:92:76:84:49:9e:b4:c3:d6:46:
8f:d6:25:49:b9:94:9a:5b:eb:1c:c7:c4:c8:cc:22:
43:31:fe:aa:58:fd:33:86:2c:ea:21:d1:61:6f:81:
2d:80:19:11:90:4c:54:c6:c4:34:c4:49:81:11:3a:
db:c9:d4:84:a3:dd:1b:7b:ac:0b:91:18:29:02:d5:
36:d3:c6:4a:08:6a:c6:70:d2:82:35:2a:7d:4c:39:
30:2e:7d:15:e3:4f:07:91:0f:a2:37:0e:31:5a:93:
54:45:61:84:a0:dd:e1:f2:13:b3:f8:ed:cc:e8:bd:
92:47:11:f6:d4:fe:02:9c:b8:f4:02:0e:c5:a8:0d:
f9:25:d5:2d:a1:e4:ad:f1:45:09:9e:ff:64:80:18:
77:5f:4a:fd:a1:cd:b4:fa:ec:25:65:33:ae:65:6e:
92:91
Exponent: 3 (0x3)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:1
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: sha1WithRSAEncryption
39:1d:9a:c0:81:a5:91:b8:e1:c2:5a:7c:1c:dc:a7:bc:c8:33:
9e:ff:7e:67:bc:2e:ec:5b:17:47:f9:d0:21:c7:d8:51:d1:3f:
e1:ce:2d:90:11:a8:70:45:20:3f:83:f3:e8:48:0e:ed:c5:42:
bb:59:83:f4:91:b1:c3:be:76:f1:a3:74:82:dc:a7:be:d2:d1:
09:de:d4:af:53:2e:ed:7a:68:c0:60:c2:05:a6:af:89:88:44:
6f:ee:a6:a1:7d:de:a5:41:cc:ee:9f:7c:64:7a:b8:70:04:ed:
7b:4f:fe:c4:5c:2c:6d:f8:4e:62:20:4e:d5:c4:5a:10:d2:24:
7b:dc:8e:57:1f:90:5e:fe:90:c2:c7:52:b4:5c:8f:6d:0c:4e:
08:0a:91:69:03:90:20:74:8f:21:bd:ad:90:7d:b3:5d:bb:98:
46:63:10:c9:04:7a:85:e2:df:73:6f:57:ca:8e:d8:28:44:c8:
a3:cf:96:92:90:4f:bb:57:82:14:b4:59:f2:bb:dd:f4:8d:4a:
65:9a:4e:65:25:2f:c3:7d:45:be:74:b8:0d:2b:65:d6:ab:34:
36:08:ee:3a:89:4a:51:85:80:4d:be:ba:c1:e8:78:80:c5:40:
ad:82:e9:98:5a:dd:d8:96:95:bb:3c:17:77:e8:31:72:88:7c:
55:61:bf:1a



Release letter.x509.pem


-----BEGIN CERTIFICATE-----
MIIErjCCA5agAwIBAgIJAOuCYND5gmZOMA0GCSqGSIb3DQEBBQUAMIGWMQswCQYD
VQQGEwJDTjERMA8GA1UECBMIU2hhbmdoYWkxETAPBgNVBAcTCFNoYW5naGFpMQww
CgYDVQQKEwNaVEUxIjAgBgNVBAsTGVNtYXJ0cGhvbmUgU29mdHdhcmUgRGVwdC4x
DDAKBgNVBAMTA1pURTEhMB8GCSqGSIb3DQEJARYSc3VwcG9ydEB6dGUuY29tLmNu
MB4XDTExMDMwODA3MTM0M1oXDTM4MDcyNDA3MTM0M1owgZYxCzAJBgNVBAYTAkNO
MREwDwYDVQQIEwhTaGFuZ2hhaTERMA8GA1UEBxMIU2hhbmdoYWkxDDAKBgNVBAoT
A1pURTEiMCAGA1UECxMZU21hcnRwaG9uZSBTb2Z0d2FyZSBEZXB0LjEMMAoGA1UE
AxMDWlRFMSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QHp0ZS5jb20uY24wggEgMA0G
CSqGSIb3DQEBAQUAA4IBDQAwggEIAoIBAQC6XMcxr5zlAnZfYCeKPgt+w4y/fmB7
SzZSJvCx4hFKKq6m9CHg60vhlVQ4gLkuKb1l+pFbJdrP8yL1YKQqSrWWDAhPcuIl
Lj3UcmzfbMRQhM4mrXf49ees2xyVZO38KjtSSBw/ygvH5PSrX6KFUqQdxVeciLga
tYYoOEpRGKZdeL+HAI0EMFssOow00jPP44IB9Vi9UiEHOqvTHVmDIdQWOmAgWXlA
36sdWsSebLzWXjm2vB6OJaPV93zxy+tym33mkduc2DHQiH6TFUr4YmtDOZJ7y3jZ
2VzJU3VViYNunm/Da0NAPYwtbyeOgr+5npV7CfzY436lqLYaAlHJjx37AgEDo4H+
MIH7MB0GA1UdDgQWBBS6NVREsJ5wGdTi/26mEwf8h2KDfzCBywYDVR0jBIHDMIHA
gBS6NVREsJ5wGdTi/26mEwf8h2KDf6GBnKSBmTCBljELMAkGA1UEBhMCQ04xETAP
BgNVBAgTCFNoYW5naGFpMREwDwYDVQQHEwhTaGFuZ2hhaTEMMAoGA1UEChMDWlRF
MSIwIAYDVQQLExlTbWFydHBob25lIFNvZnR3YXJlIERlcHQuMQwwCgYDVQQDEwNa
VEUxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRAenRlLmNvbS5jboIJAOuCYND5gmZO
MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAKSJA12gqyhorPk0EkHN
gUTLJoytol5SHPksdhbMjTOTEsaPiOVQZ0sHk9JDPoXRJlZvLXIvZCtzG+YCjpF8
Gv/uK47jHJsBG5L9LyI/LNctPOTefj3aBQklLxUgeblaaK2AFGb+ygmX8plGSwOz
9p4mgr8UQtPsdXP6gxEejI3oZ8Bz4HmttL+GwabCZAxuF9O2Z4vX1oCYbAVLAKz+
SUoMVXY9hzSa/Ttx+HeH0oHPXdZ0A2VyxpLiFIXdbdC9zWjB8AGQgmYINDHlQRG4
hPH9+NppDljxd19T1cEzkFERFEI8dWkTCaE8mRNQfShSt7N3vW+kfELq8rlkvDMW
9JM=
-----END CERTIFICATE-----



Found with search of .pem


Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:1a:00:88:05:9a:3a:be:4a:fb:65:20:a6:f7:49:d8
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=T-Mobile USA Root CA
Validity
Not Before: Jan 4 20:54:35 2007 GMT
Not After : Jan 4 21:00:47 2027 GMT
Subject: CN=T-Mobile USA Root CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:9d:67:c5:35:f8:f0:1e:e9:68:45:6e:b3:89:2f:
40:b5:81:18:f2:00:93:36:46:6b:6a:6e:21:b5:27:
3a:7d:14:dd:94:85:9e:13:10:7c:ff:27:76:a6:bd:
cd:e6:9f:22:5d:16:08:cb:54:64:53:0d:a2:4f:d0:
fb:3a:65:f2:3a:1d:0c:2c:6e:b4:a1:8c:2d:3a:77:
75:90:cb:53:c0:14:b5:84:66:86:f7:88:7d:31:bf:
88:57:c0:31:5c:ad:72:66:ca:11:84:52:7f:d9:fb:
1e:9d:59:32:3d:f7:10:eb:9b:83:dd:fa:48:56:41:
85:7c:25:d9:e1:c5:da:31:a3:71:3f:11:b8:04:2b:
a7:c0:ac:1c:ac:5c:cf:97:0b:e7:2a:bf:50:b9:fb:
8e:15:62:28:61:27:70:9c:df:ac:04:df:25:18:94:
8b:a9:e5:ae:ef:13:ca:6c:57:2f:5c:cd:7a:d3:ee:
21:56:5e:44:1f:db:c9:68:75:2b:ce:3c:2d:78:43:
2d:87:a0:96:4d:8a:0d:ab:4b:bc:76:19:5a:38:a8:
df:c0:dc:83:1e:11:dd:bf:7a:a1:e0:e0:33:88:b8:
d8:93:91:43:4f:e3:7d:76:15:aa:e1:19:f6:7a:47:
39:5c:36:b2:fe:5b:40:38:d0:8f:b9:7c:85:90:09:
3d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage:
Digital Signature, Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
E5:C1:B4:20:15:E8:A7:78:20:E6:C1:F9:E5:EF:E9:5A:76:7A:F7:A6
1.3.6.1.4.1.311.21.1:
...
Signature Algorithm: sha1WithRSAEncryption
02:05:72:db:c9:2d:75:d3:06:ff:74:74:80:15:57:7a:9b:fb:
f9:cc:6e:56:88:d6:5f:0f:29:39:85:2e:30:09:f9:e7:78:8d:
31:f0:c3:bc:73:8c:df:1f:4d:72:b8:18:ab:63:c9:10:a5:be:
bd:c7:dc:af:1d:ab:4e:f9:05:75:41:68:bb:8f:75:bd:39:b8:
57:6e:7a:52:ff:47:12:7d:b0:dd:20:95:5e:8f:f2:50:36:d6:
58:11:8b:c7:ad:bc:cc:7e:20:44:43:46:c2:5b:8a:b8:6b:d0:
70:af:81:20:5b:a5:45:98:fd:89:0c:a1:d7:05:b4:9e:28:20:
49:d8:0a:af:a9:a7:fa:f4:bf:fe:3a:7e:90:68:6a:65:e2:43:
83:e0:0d:1d:48:75:84:4a:13:60:e2:90:5d:99:02:01:6d:f7:
be:5c:b9:1d:f1:31:5b:90:4b:3e:83:05:7d:f0:30:f5:46:f8:
3a:cc:69:15:e6:fd:9b:56:89:32:e2:dd:3f:33:e0:91:64:7a:
4e:ea:66:bb:6d:45:0b:3c:77:5a:27:eb:17:d0:5c:da:41:c6:
51:cf:67:f2:d4:66:d8:9a:55:dd:9b:7e:fd:50:29:fc:b4:54:
d0:28:b4:f8:14:e1:5e:c7:09:1b:c4:f5:02:a9:88:99:3e:a3:
94:70:63:0c



Android.{46b117b….pk}


MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCiiByw0W40uhK+khvIEneisE1pPtvId6ewOeFm4ohO0UVmcnB6RCJz7/J+xk4jlEfqJyfXm5BcRyxdERcbK4uzmDOwSgd4XaV2X+A4iN2EgJ5PdY6kZuWzJ0L2/gyFgbIs+0FWUOc449VoLojPcH/CNmwZultVSU2oBx0+GS7e8QIDAQAB


Android.{46b116b….pn}


BKh5htx/uctqIeTPXYKQeg==,JSELJGrruhYoMjWmTyDIbg==,+e4FeP4cyU3nSCvUGsyzKQ==,ln36NlEPaSPGJRMDPpDgsg==,p+1qMoPzUP9sd6GlVK5W0g==,wTYFRgMH9MlrHBOiTABP/g==,wDzbMeqqHEsC1iEhdW/aew==,umU4HDKB9C/OjhfFIPocqA==,ITosw/OKLkTWhpNAW2bZrA==,aA0DZ5YA968LTHAMaycP5w==,za8EKI70sWksGRK3s7IaJA==,1hVOcCffvhMichY3YySWjA==,siK/E+fc+mk/hHfTrsGb2Q==,JQBIS+G7oxyfMpdLZjTdGQ==,obG75fY9W5bBoPh8GX6/rg==,KNlS2eSRpPXnB9XFa6sHww==,0CHMY/66mmNtk8AN84ecHw==,Qqw38N8Bm2YVKL6QiLxG0A==,jfocHUwv0lkqoShKwB4A6g==,K8P7MC2jaODIbD0O9zTq/Q==,KEEpQUwRFhhv8e6u0zxnhw==,3jIW2Yt2znChbdm91aNAGQ==,FpwhGpoYmhFT08T4RDA2yg==,1PGtepnXDVhz7oy53WXwkw==,OCKsDinP7IlwBZuyHQHwXg==,5rSm9GPfWkOTiVW5+zu6Gw==,xfzxecmHpzjOeyqzxGJkbg==,mBX1OCyo8dJAZ3q1o66hpw==,nIbk1npIr1m3lyvs4MUPnQ==,sIG8g9qQg7Clv8/h6Kq2mw==,UkUOGDLvu1dJj6YtgCJKjw==,YYIg3vyhqa5yeCt1WufeiA==,fy1YChQDQztQDA9odvH87Q==,q/ysxExW6152gZ8kF17Xag==,F2FhvpAODimTSvyoPrET+A==,IU9IeUlWXJ2KfmYMsv0tTg==,hTq2DwbW+QVHncb33ppoJA==,9hrglJF6mqFcUAWpTjseyA==,QnViDp0YacNXzwXQQbH6UA==,jUhUhNKQ7BdVXnrMg9Aagw==,U2xwK0dCnQAVxRN14plVLQ==,qu1w+CG/96NXuFqBOYl/bg==,C1JBgxB0XHJcqwrU5n5TQQ==,Vce2gAAEPXUc8+R44MBUtw==,Vm/M+zQoiD7xGJ7Qpliwsw==,Wq3stoFwXhyn5EOrlklh5Q==,AcCFqpKbFZn93U6m1oEsLQ==,hrp/F7uYeV4i0rEayS1vow==,wwJeXOUP/cKHa0h6VGhhjQ==,Asru2kIUengRjRouyUTNEg==,h9q6EW4AvSTC7cKJO0tpSA==,S/lQ7K3Ky3UbbjCqsr6uhA==,2C6qVGkWM75HFc6kKPA/hQ==,m6ez1V7gDP8/Y6+TX/pSNA==,seiVA0K96uUrV8A4TVXCvQ==,ytEqLh/ISJ0dakKjhal3eQ==,wZ763BhqjdubWh3TTQOeJA==,NIz2Y0yPJcqzqGL1gbcWcA==,+6fgxA5rAtBtXW6BRdOdsQ==,NyOday/JK0FPBLz08IwV5g==,taXFywLKCceExdiBYOLsJA==,LzGEIgB66sNqcxNkyEX09A==,AjYZOfgwij3ALQIyImyZbg==,Z6Bt537Y4NYSBdgfO2LnNA==,f/xjiU85gto9Yy6IZEmMzQ==,NRS+L5mCDH6s+G0FdB/28Q==,QJ+AM89/HOmQY0tCus06Ug==,GE452E0vS51XBdPy3EmrDQ==,eMiIhvlok9TCjv9D+40tMA==,TrgLMsp8o0TjwUxDjOU7yA==,rZyJHLhdtKxTKHxjtLjtOQ==,3oV7MOjI2Uk9O5T4uRt8GQ==,TVo8Spoxg/w7hCtOQCG2VA==,Xis6RJnn3M+tQ8oYPscxgQ==,wxsyNkzhnKj80VCkF+zOWA==,a6WJs1zKX/jyNNtp9Eh+jw==,GAsF+v5yaRsr1XglP7hQLA==,zzz3K9jlOw233bCm8iCK+Q==,+IN8bBRGYpSWDcVI3vEa5g==,iIMre0vIhmr5WXCHPF6Mfw==,wRN+CcV6hv4EmOYuLlJpIA==,mhQ7LC7ygV4/aUnTyA9Dsg==,VlFAY5BJmAmacpD9uGH6lQ==,HDN2RvKYdWcrWmEZK5AQ+Q==,rx4MbkgQBzRPlDZ5CMkIxg==,MD0naGQy2SWbu77WMtKpUA==,wB3GsPUoavtVPZAMQFOojg==,4wej+d+fOA668Qbh3JgLtg==,oiOvlgnrNBf7S//gUcITRw==,il9HJvdFPHe42TYVzttVbQ==,gdURLDtbrdsinutUzFIOOw==,hFmfwh09SLFkJsW+43Kx1g==,1MlgoUdJA4BcPhMMgnEODA==,NjGg7HILnXJstNXGN4oUeg==,VuOm6+q1TYnaL/PE/Fbphg==,ReaGxZR2gGatmRHVTZb3Kw==,2hJ46SiLcSbSHCXQ+ay1aA==,kwOtC/4BIMvDpds/4mBZdw==,KsHt8lbl5WfdDQbX6nWCHA==,FZ6/6cGKIMxraxG64938dQ==,u39Hw3vPzEprNmxqvDjH5Q==,FMRv72IndB+iXdBrazyHMQ==,iiqImXGNrZq0/uY+oiLfBQ==,+GIG+f9auY9Z51ZGp39bxA==,jeYAXJaa82VD7WLLPpSGWA==,39OLCNDeDXo+gRadQDHV0g==,7YMsg/q9KO2+KCO2OY7b7w==,7ARRB3BwjGqP29jeCwunJw==,A1uFBZL/FGvkRT/CzUZAQg==,9giSEvrqAnR/QejkT2C+EQ==,gyBVluW8UPRh0fse34L4tA==,eR7eINp46n0zFlToAOZN+Q==,pzUV0vtl0k24bbT8GWkfew==,wX3xLbR0BbREsRxVAAymgA==,k26iSwA8GPr8G8eDUBkLnA==,hGtEZD7GCfUHgoh4dB4fmg==,PUBWFxPoo7yei8UqXXRAGg==,l4PPia0mQqYmVqVUnfgKYg==,Us503GyebQ9WmujLnP81Fw==,Gzm5O0jWwybpD8ZDkdu9fA==,AIWBm8JY2UBa7PN+m0QRUw==,mBEK8Xi95FDnj/4NTaOO2Q==,CrEaKEaSkT83Kmeyl+qaTw==,UhIIQr51OtYfoMt7r7PEuQ==,TXuN77gJYvn41g2VgK34GA==,4tWz8yt53h1FrNH62W+7Dw==,PZER4tMXG/SII2n0kMCHtA==,sFBMPhAV/Frf+cFC7XwziQ==,ZqOxwsGB/5K4v5RedItvtw==,K5I+q77GR1l2PT+vvRHyJw==,jSrOtxTtFRGEEB0mDawP8w==,dcLteR1RoHzXtfAFANKWsg==,/bdVzcovKduA2b9fcf/SNw==,GgJK3HidPFAH4L8ratXU8w==,CzKOnRQce+a5NqOFR5ZAVg==,Z7+ow5RXOBDm7y8rlrrbDA==,iiWBo/SjE77zUSm/n8jQzQ==,VwB2gKnYx3TnPD0McSzLLg==,Ig/KdJrNn/Q5zpLl6cNvkg==,VLKhXXpq/XyPhlBP8O5fvw==,QN60Abn/6OHfLxzFukgLEg==,6w1C6uAFgqzXCebCfjR+7Q==,mm8qJdQ/9zK43zhCoNNaSQ==,A7KNYS990E8dDk4dvp+a8Q==,fC/0pNuvEz7HaiiBa5eP2Q==,AXDll7wYh42TsK8Kz6+iJw==,G2jmF+yFSgBRBI6wk3rNrA==,PXPpixrTvSV196VlE9iaDA==,Txbz73RJtbTijBVqvMBuFQ==,96o0ghX11Wb55MqGD0dCCQ==,EjUTGe08GEox24cwh6Jvew==,pu89O+NuO/805aWsLlvnnQ==,9W1EjfeOhRImHUv7yzl4xw==,2BS99RqUbWpgNgdHdzLapA==,jPb4AntRcgjgF0VIcmgZ5g==,fLdxjx9ZF2u+LmW5nr2IRg==,fqJMjvkRp5ytckvlMOuA6g==,0oLPiuVRf8Zf03mMRoYyDQ==,KuvGlNXydf8f212iqe50Fw==,XIMAtlUBKxkw8uCnuBv2qQ==,nTC9AD9TM5cxZqrXjGRaTQ==,AouOd01tnZ1GK7dIj8oSAA==,PGKUrC5znJzr2Aap4V4X9A==,FIftrPCcMpa58OaexsHVyA==,Su0yV/J4/Pe/o6vWROIzMw==,I5Xuv8vxMn8H4gXWZp/7qw==,ZrK5Oygxypq2O/cQZprqSw==,ZY9cxflBMymo9SyL/X0VTQ==,7y4IbBXfk4hou/u1gjsKsA==,llu/TRjSBfeCxrhAnFdzpA==,CyprsNskO8MDLlEcaY1Htg==,lGBrfRcSp1PNS+rITtJRFQ==,Qqh21ElAzd2XtTuuiDHtNQ==,BDjrklmY3yCzSC7CVJnSJg==,WDpNN4Lpv4lXZ1YkgJXbrw==,W3JGM9z1Hau9FS7gQfLdrA==,Nt+u3hVv/Zvgy05FoLQwjQ==,yw/0spENkrpZSlRBTIGFwg==,ojsgP9Oq/G3LhOQ43aZ4tg==,A26HQ+VWjsaTcv0zQUouxg==,JkHkYPT/Sdd9fpT6vhWKLA==,Rql5CfVkFt6g8Txh6acuxg==,KgsNYE0NyZ4Evf481Dg7jA==,mBY5YXf4Z5N2p/32SKojwg==,RLHBqDRNqQHXjiHOhAFJuA==,+f5eU3QfhtzDfiWxGTdjbA==,URnWmvppM0M79LoaX58VTA==,lH8rRkqTHJgFIDcjoilrmw==,4OZ8Gq8XGbb7UOx+kgPd4Q==,eodyUOlZnCRX5i6zs4IG9g==,yEDhv5MlsgRrzOXh4TnSZg==,lWfJWoRPbxdlZ9caAGl1xQ==,voCuwduaK1PJ05nbDGAhgQ==,gsipF/MRM4/7rwRgTcx07A==,NU2KL2i8l3XtPJNj2sfjYg==,FeKFrukRrVp7MUDnzDbklw==,kUswT5LTJ0ybVL53ecWgPA==,zS5ofymDqXnxPz6yiVXtyQ==,4gVgBiLKlRHgzBLGyOQ0HQ==,/ADe6cof9uFsaBuxz9bTaw==,DLETHwO2tvlLaje7xJsbRA==,w12MkGugkiadsJReTS2R0Q==,/HBOaxPE+ya/XkEfddqE8g==,7HhaYFlkWxODqEvkkN8Oag==,apVRViK7ZkvWEPrWsJSqsQ==,Hg1dequz3l74BpojbTQjyg==,t/fGyvXfWUkC9gQQqRGBlw==,7TNBbFMMguXT+qerdoK3eg==,3CzUxDMdE1jZIUlZDgYYuA==,/vxjl5p6K2pmqzcVDY/G7w==,qJ/AdhbThMR9bDRac3khdw==,bZm3/Xit1CJbV5G873xhaw==,6Awy7LkJvleWjgBtgh3z9A==,KeG7XqGK8bNqPwAC3ucypw==,GRbVSsrRybL5+1bS+xXZ3g==,PmAZ0FFC66rBNU32OoI22g==,uRnl7JRE3xfe077dG6vhKw==,YaI96HWtMvur2bVhGpvmzQ==,nXwJmct4zrTtT37khh3a7w==,FvENAbnXFA3ncxFPr4Cmbg==,77lbXl9jEqVeop2n6DyWEA==,LGxgjbmzbJxZFmgPELAVsA==,BjL2v2cTuY9JiVZScDISKQ==,b496amnyqil2QSQW7LhPeg==,+dLt61CT96eChNRGx5V8vw==,bPZU+RAhtrwILZ8qdqYleA==,QmpViMURDNAdWvF+R62yIw==,CEqzvDT3qnzP+DZT9Sq6/A==,yaRlYB4XUk3acQpwoXCTng==,1av/6UEq8HzF/WNDWiWmLw==,4K0xMNjLwU5gSsg6BHJn8Q==,gm9KLa6Ff416qQXA9czs9A==,+odyCQNsoZQFkWpgv+pPbQ==,SbPX7ej4KcBMoNvAjayxrA==,dBt/urhooy9gw2RM4NsABg==,4xDje9kjwUZId9RtmuxBOw==,g9sUvkZS7Cs27WB4lkh9Zg==,E8tfQNN6Iqor8KVI7KM43A==,JVZJ0h0SY188tbI25sw7UQ==,mJ58flRzau9J0HIcnIoHYg==,snbds7nidDV+mOL26IJx+Q==,hYhK5cCq9s8nUO/TCoBcXQ==,QbPhQmi8jQ70UradN9UidA==,JypI6xAgYWLFVdxdKUgAGQ==,zB6+82agQOYIrKf6GWhqqA==,x8pH5WEE7qjjpxVq1PEe+w==,7jWp9DK59vN7kxlig2NY3Q==,qIauOpG1XTrHEzFpY0g2Uw==,vFgnQ81z0bG7PmfRot/Zcg==,PE2vn6FTws8OB2wjwJlsTw==,X+D8V/mjqW4EjbpiODWd+w==,0L7bSvGBp/Q5vFGe5PQtaA==,cp9f0bzpTahhfyGNpAKzyA==,Rft0Z5Vnih3tM/rvPFjpxw==,1OkeVoxh7WDc16UjOa+lIw==,hTHYqeRwPPjXPhuVyI2YaQ==,fYkxyHUs66FDUNSvjZqq4Q==,GIPH+FHwG6FuMvDzV9L1aw==,RlEcndORETS3JQBNZuBb4A==,ahhNhJ5Qkseye1G2IGVnnQ==,2aZlIH3BFLNa5QxURVjV5w==


Android.{46b117b….60}


Mhz1Qpy5jqK1rwGQJPWzqQ==


Android.{46b117b….wr}


com.estrongs.android.pop
 
Both methods recently posted.. disable dm-verity and signing boot image with certain keys..

First zte ALWAYS requires oem keys so do not sign a boot with your own keys or upload an unsigned boot.

Second to disable dm-verity is not possible at this current moment as you cannot pull or push a new boot image.

IF someone could manage to pull the boot img so we may get to the ramdisk then YES we could disable dm-verity using dirtyc0w.

But in the end both require flashing a new boot.
 
loonycgb2 said:
Both methods recently posted.. disable dm-verity and signing boot image with certain keys..

First zte ALWAYS requires oem keys so do not sign a boot with your own keys or upload an unsigned boot.

Second to disable dm-verity is not possible at this current moment as you cannot pull or push a new boot image.

IF someone could manage to pull the boot img so we may get to the ramdisk then YES we could disable dm-verity using dirtyc0w.

But in the end both require flashing a new boot.
Click to expand...

I thought you pulled the boot a bit ago?
 
Sorry guys. I am new at this part. Where is the boot.img located on our devices? I have been very lucky with extracting and modifying pre-existing system files on all my devices in the past. I will try whatever comes to mind to try and extract it.
 
I'm sorry guys, you guys are really close to where I was when I stumbled on the blood diamond. Re-read some of what has been posted, the SUID is there, think outside the box. DMVERITY is where you need to look.
 
loonycgb2 said:
I have seen everything about the china backdoors and such, but wheres the actual proof of what you "found".

I cant find any sodu.ja or even find a single blip of network connections to unknown sources..

How would you be able to know of a modem backdoor without direct access to a decompiled modem partition or even a kernel backdoor?

On top of it all you have a semi temp root and instead of passing the info you delete it all because you feel your done?

I seriously doubt you honestly found any real traces of anything.

Traces of a secondary root can be found in the emode decompiled source. It is the only way that is currently linked to unlocking system read and write. It was also placed in place along with ftm mode.
Click to expand...
Much appreciated for the skepticism, nothing to prove here, I got what I came for and in the process lost the faith in humanity to continue with this device. Re-read what I said carefully, and perhaps you'll figure it out.
 
Y314K said:
This has been obvious to me since the first inklings that the phone was lock down like it is not to keep us out. But to keep what it is doing behind the curtain secret. They only way we will be able to confirm anything will be thru discovery. And the real targets should be MetroPCS, TMobile & to a lesser extent the other carriers if they also did not include fastboot or a method to peak at what ZTE & the repubic of fine china is up to. Since ALL businesses from China are nothing but an extension of said completely corrupt state. The only people that can put any pressure on ZTE is MetroPCS & TMobile.

If I am not mistaken, ZTE is still under probation from getting caught for illegal sales of tech to NK & Iran.

The only award that should be accepted, other then lawyer fees. Should be the unlocking of every bootloader on any ZTE device past, present & future.
Click to expand...
For the millionth time, carriers have NOTHING to do with loading software. MPCS phones ship directly from ZTE. Notice the box color (purple) of different handsets is different? Yeah well it's because they ship direct. THE OEM LOADS MPCS SOFTWARE!
 
I haven't read everything and I'm no expert but why isn't simply flashing recovery in fastboot with TWRP and using TWRP to root not working?

My phone has the OEM unlock option in developer options so the bootloader is unlocked, right?
 
<font color ='#9e9e9e'>Phoenix7331 </font>
<font color ='#9e9e9e'>I haven't read everything and I'm no expert but why isn't simply flashing recovery in fastboot with TWRP and using TWRP to root not working? </font>

<font color ='#9e9e9e'>My phone has the OEM unlock option in developer options so the bootloader is unlocked, right? </font>



No! read all 97 pages then ask questions
 
Last edited:
Jon Greenwood said:
For the millionth time, carriers have NOTHING to do with loading software. MPCS phones ship directly from ZTE. Notice the box color (purple) of different handsets is different? Yeah well it's because they ship direct. THE OEM LOADS MPCS SOFTWARE!
Click to expand...
Like you had faith in humanity to begin with lol
 
Im New to all this. So please excuse my stupidity. But you guys are really making progress. One question. Can we compleetly wipe the phone of its os by now
 
Status
Not open for further replies.
Back
Top Bottom