• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Root ZTE ZMAX Pro (Z981) root discussion

Status
Not open for further replies.
lambo352 said:
I was thinking that. ZTE signs ota before metro does their thing, correct? In the beginning when we question the missing fastboot, ZTE said metro is the last person to handle updates. So I'm thinking maybe we need tmo/ metro signing keys or there are ways around it.
Click to expand...
So again just my understanding, so I could be wrong, but I believe it's more like ZTE creates / tests the software. There they sign it with their key which allows phones to verify the signature with a public key. Look up pgp encryption. Then they pass it on to metro not for changes but to be made available on their update servers at whatever interval. I know some other lg phones get a kdz bin of updates or stock rom, and they are free to download so that must mean when the carrier gets it they don't t do anything other than distribute.
 
jhoak1 said:
@scary alien posted a few pages back on a guy named @Bigcountry907 that found a way to sign ota in stock recovery maybe he could help
Click to expand...
Post the link please, but I do recall someone somewhere back did sign a package but would not get it to pass, phone was verifying the signature. Maybe that's who you are thinking of.

We can't sign a package ourselves and install it (custom ROM?) Because the public key the phones have from ZTE will not verify the signature. We need a custom recovery to flash any darn file we want. To be able to flash recovery we need root basically. We need to builda custom two and we need access to the phone to do that. Some people mentioned they wanted to try some twrp that they never specified where it came from. Right more we can't even flash if we wanted to, but be careful people if you somehow try to flash some twrp not specific to the phone you can do serious harm
 
scary alien said:
I'm pretty sure that a signing server is not involved. Notice that you can download an OTA and install it later without even being connected to wi-fi or 3G/4G.

I'm pretty sure (*) that the stock recovery contains all of the information needed to compare and verify that a file that is being requested to flash / install matches the signature that it has in it's RAM disk--i.e., the signing keys from the manufacturer.

- - - - - -

* see @Bigcountry907's posts in this thread where he was able to modify the stock recovery with his own signing keys and then flash .zip files that were signed with his signing keys; in essence, it was still a stock recovery (with just it's functions/features) but could do the important function of flashing .zip file--albeit ones that had to be re-signed with his special signing keys
Click to expand...
Here's the post from scary alien
 
I just got confirmation that the bootloader is indeed locked. They said that none of their phones have unlocked bootloaders. I would have asked more questions but I'm at work. If you want to contact a zte customer rep simply go to their website and click live chat. Maybe someone else will have better questions for them.
 

Attachments

  • Screenshot_20161209-164811.png
    Screenshot_20161209-164811.png
    77.9 KB · Views: 211
Last edited:
Saw it in a couple posts back, but you can totally get youtube to play in the background without root, its called mozilla firefox :) looks like the community has tackled a good group of things you would otherwise need root for, so the device is great even without root, worth the wait if you ask me, or you could downgrade to a smaller less powerful device (metro). Gaining root is going to make this phone incredible, one of the best at metro even without root so im sure we can all imagine :)
 
Hey guys I was playing with a dirtycow method I came across they we're using on the lg v20 ( I'm at work now I can add links when I get home) the problem I'm having is when the phone boots back into recovery ADB isn't detecting the device. Is this a driver issue? I see there are multiple USB settings under developers options maybe I need to change one of these settings?
 
Flare106 said:
Hey guys I was playing with a dirtycow method I came across they we're using on the lg v20 ( I'm at work now I can add links when I get home) the problem I'm having is when the phone boots back into recovery ADB isn't detecting the device. Is this a driver issue? I see there are multiple USB settings under developers options maybe I need to change one of these settings?
Click to expand...
The most important part in the dirtycow exploit is when u disable the selinux , also if we have a locked bootloader here it won't work...
 
OK guys I never said I got root lol! I just wanted people to actually read the past post instead of asking the same questions over and over again. If you went back and read them Pat yourself on the back and be happy like me. :)
 
Odin89 said:
Saw it in a couple posts back, but you can totally get youtube to play in the background without root, its called mozilla firefox :) looks like the community has tackled a good group of things you would otherwise need root for, so the device is great even without root, worth the wait if you ask me, or you could downgrade to a smaller less powerful device (metro). Gaining root is going to make this phone incredible, one of the best at metro even without root so im sure we can all imagine :)
Click to expand...

You can also pay for YouTube red or play music and have YouTube play in the background
 
jaykoerner said:
What did you need? AdAway? Or hotspot? Cuz if it's hotspot we already developed a few non root bypasses, and if it's AdAway/AdBlocker you can run them in internal proxy mode. Outside of a few things like YouTube background play, audio cast through bubble and the like I can't find a need exactly for root. But I just use this phone as mobile internet and do everything on my rooted tablet.
Click to expand...

Honestly it's just that I listen to so much music and I need Viper4Android. Then my unlimited skipping in Pandora. Just minor little things but they're more important than I thought lol
 
Christogq said:
Honestly it's just that I listen to so much music and I need Viper4Android. Then my unlimited skipping in Pandora. Just minor little things but they're more important than I thought lol
Click to expand...

I just googled unlimited skipping in Pandora and even in spotify and there are apps for this with no root. Some weirdo here went apeshit on me on the other site just coz this phone can't be rooted. LOL.
 
Last edited by a moderator:
The Reach said:
I just got confirmation that the bootloader is indeed locked. They said that none of their phones have unlocked bootloaders. I would have asked more questions but I'm at work. If you want to contact a zte customer rep simply go to their website and click live chat. Maybe someone else will have better questions for them.
Click to expand...
I think most if not all bootloader's are locked by default. Standard security thing, you can really compromise the security with an unlocked leader. That being said I had the ZTE zmax a while back and the bootloader was actually easy to unlock. So of course they say they are all locked, we just have to work the other way. :)
 
cbc0201 said:
Thank you...but do any of you know? Zte doesn't make anything easy?
Click to expand...
I don't have the phone but it's probably in a folder on your internal/sd called "OTA" or "Update".

There's no reason so make it a hard file to access, as it has no value if it's edited. [They're signed packages.]
 
jhoak1 said:
Here's the post from scary alien
Click to expand...
Thanks for the link. I took a look at it and it was a little confusing. Send he modified recovery to allow him to flash something without the ZTE key. And yop that's basically how it works. But to do that we need unlock the bootloader and hey access to recovery. We do both of those things and I'm pretty sure you could flash something signed by hello Kitty. Meaning you unlock bootloader and do whatever to recovery and signing is moot. But we still need access to bootloader with which to flash the file you have
 
enesha said:
Thanks for the link. I took a look at it and it was a little confusing. Send he modified recovery to allow him to flash something without the ZTE key. And yop that's basically how it works. But to do that we need unlock the bootloader and hey access to recovery. We do both of those things and I'm pretty sure you could flash something signed by hello Kitty. Meaning you unlock bootloader and do whatever to recovery and signing is moot. But we still need access to bootloader with which to flash the file you have
Click to expand...
That ZTE phone that he did it on has a locked bootloader but Kingroot was able to root it but they can't flash a custom recovery because their bootloader is locked down
 
Odin89 said:
Saw it in a couple posts back, but you can totally get youtube to play in the background without root, its called mozilla firefox :) looks like the community has tackled a good group of things you would otherwise need root for, so the device is great even without root, worth the wait if you ask me, or you could downgrade to a smaller less powerful device (metro). Gaining root is going to make this phone incredible, one of the best at metro even without root so im sure we can all imagine :)
Click to expand...
There's a no root O.G. YouTube app and MicroG app for download that allows background play and also downloading and convert to mp3
 
Status
Not open for further replies.
Back
Top Bottom