• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Root ZTE ZMAX Pro (Z981) root discussion

Status
Not open for further replies.
okay so i have flashed the img and it didnt stick its either the flash tool or the way the flash img was compiled had no effect on the device as it did not stick and ive done this before your phone should not brick
 
Shadowskater1031 said:
okay so i have flashed the img and it didnt stick its either the flash tool or the way the flash img was compiled had no effect on the device as it did not stick and ive done this before your phone should not brick
Click to expand...
Screenshot_20161029-162844.png
Do you have OEM unlocking turned on in developer options?
 
yes i did thats the first thing i do when i get an android phone ive flashed imgs like this i had a samsung galaxy core and i flashed the twrp img of the galaxy core duo and it orked so this should work as long as the chipset is similar
 
Shadowskater1031 said:
yes i did thats the first thing i do when i get an android phone ive flashed imgs like this i had a samsung galaxy core and i flashed the twrp img of the galaxy core duo and it orked so this should work as long as the chipset is similar
Click to expand...
What, did you try to flash it with Odin? If so then that is your problem.
 
Masterchief87 said:
What, did you try to flash it with Odin? If so then that is your problem.
Click to expand...
There is also the chance the flash tool is for mediatek chips, zte has a ton of phone that use them and some of the flash tools I've found for there phone are for non Qualcomm CPUs, make sure to double check that the tool is for the right type of chips, also it could be because we can't get into a unlocked edl mode, if i remember correctly our device does not support unsigned imgs in its supported version of qpst, without a signed firehouse we are out of luck, unless you guys have a different mode to do this in
 
Last edited:
I didn't use Odin I tried fastboot but didn't work then I tired the tool that was provided on page 32 and it flashed but didn't stick I've been rooting since 2010 I'm not a dev just a tester with experience and the know-how to flash
 
I've spent the past few hours digging through several threads & hundreds of posts on XDA and it looks like the dirty cow vulnerability might be able to be exploited in order to push/pull a recovery image...it's too complex for me though
 
Masterchief87 said:
I've spent the past few hours digging through several threads & hundreds of posts on XDA and it looks like the dirty cow vulnerability might be able to be exploited in order to push/pull a recovery image...it's too complex for me though
Click to expand...

Yep! Been following along there, too (mostly here -- lots of smart and enterprising folks updating that GIT thread)...

I don't have your guys' device, but I've been compiling and playing with the code on my Nexus 5 just to see how things work...many of the executables need to be compiled for a specific architecture and word/instruction size (32 or 64, etc.), so not 100% sure I could build something specific for you guys.

I'm also using an old NDK on Windows...feel like I need to bust-out my Linux box and do things properly from there...I might start doing that tonight...

Have patience...progress does seem to be being made (I'm just lurking and playing for my own interests)--they've just got to find the right combo of things.

:)
 
Shadowskater1031 said:
I will attempt to do the dirty cow payload on my PC I'm going to setup a VM then I will install FlashFire and flash the twrp IMG and see if it works
Click to expand...
You need to pull the stock recovery.img before you try to flash twrp. You don't want to end up with a broken recovery and no stock recovery backup.
 
I've gotten the DirtyCow exploit running on my Zmax but there is MUCH more work to be done before it is rooted. I can execute any script as root. Give me something to run and I can run it.
 
anubis2048 said:
I've gotten the DirtyCow exploit running on my Zmax but there is MUCH more work to be done before it is rooted. I can execute any script as root. Give me something to run and I can run it.
Click to expand...
See if you can run this command.

root@urd:/# dd if=/dev/block/bootdevice/by-name/recovery of=/sdcard/recovery.img

Edit: I just realized there was a space where it wasn't supposed to be...damn auto correct...fixed it now.
 
Last edited:
anubis2048 said:
Ran it, didn't say anything... What did you make me do to my phone?
Click to expand...
Lol don't worry I wouldn't ask you to do anything risky without warning you of the danger. The command in my above post should make a backup of the stock recovery and copy it to your internal storage.

The auto correct on my phone messed up the command by putting a space where it didn't belong, so instead of bootdevice it said boot device. I fixed it but idk if you tried the command before or after I made the correction.
 
Both. Doesn't seem to work. DirtyCow claims that the phone can be exploited using it. I will try to look at my android NDK to make sure the modules are installed correctly.
 
Status
Not open for further replies.
Back
Top Bottom