root android 2.2

Jailbreak Android 2.2 phones with z4root

I have tested this rooting application on two of my Android devices

1. Samsung Galaxy TAB

2. Samsung Galaxy S

It worked without a fuss. One of the device, as you know is a tablet. Both of them has the stock 2.2 Froyo ROM. I downloaded the apk, transferred it on to a SD card and than copied it to my phone and ran it. I first tested it with the temporary root option. I have heard that the permanent root option does not work on some devices.

Here are the devices that are compatible with the permanent root option in z4root.

  • Samsung Galaxy S (All variants)
    Backflip
    Sony X10
    Xperia Mini
    Droid 2
    Galaxy Tab
    Galaxy I5700
    Galaxy 3 I5800
    Droid X
    Samsung Acclaim
    Cricket Huawei Ascend
    Motorola Cliq
    Huawei 8120
    Hero
    G1
    Optimus T
    Droid 1
    Garmin Asus A50
    Motorola Defy
    LG Ally
    Motorola Flipside
    Motorola Milestone 2
    Dell streak
    X10 Mini Pro
    Smartq v7 android 2.1

The following devices do not work with permanent root option, however the temporary root option works

  • Desire (requires nand unlock)
    Desire HD (requires nand unlock)
    Magic (unknown)
    Evo (requires nand unlock)
    G2 (requires nand unlock)
    Archos 70 (unknown)
    myTouch 3G (unknown)
    Wildfire
    Droid Incredible

NOTE: For z4root to work, the USB debugging option must be enabled. You can enable it from Settings.

If you can not find the USB debugging option, do not worry. Follow these steps

1. Download Launcher Pro app

2. Install it

3. Long press on the home button and choose Launcher Pro from the menu

4. Now the home screen should be running on Launcher Pro, long press on Desktop and choose shortcuts

5. Scroll down on the popup menu that appears and select “Activities”

6. Select “Setting” from the Activities menu.

7. Now select “Development”, it will create a shortcut on the home screen.

8. Press the back button or home screen button and go back to the home screen.

9. Press the “Development” shortcut.

10. You should see the USB Debugging option, you can disable or enable it, as you wish.

z4Root  Download

The download link is at the bottom of this page.

How to make z4root work?

You do not have to resort to any fancy tricks, just copy it on to your phone or tablet and run it. The options in the app are self explanatory. If you are not sure, use the temporary root option.It will also install Busybox.

How Z4root works?

It uses a vulnerability in the Linux kernel, in which it takes advantage of a ‘Constant’ that defines how many child process or forked process a parent process can have. The exploit was coded by Sebastian Krahmer, it forks of processes till the fork() function fails, which indicates that the maximum number of process for the given UID has been reached.

The function now communicates with the parent exploit process and signals it to kill the adb daemon (adbd). This where it all goes sideways, when the adb daemon restarts, it starts with ‘root’ privileges and after some maintenance work it runs as a normal shell user.

Normally the process counter should decrement the number of processes for the root user, but, since process count is already at maximum after running the exploit, it will fail and continue running with root privileges.

Now the exploit connects back with the adb daemon and gets a root shell on the device. Pretty clever.

The exploit was named Rage-Against-the-Cage and is used by z4root.

What is the current status of the vulnerability?

The vulnerability is patched and the exploit will not work on the newer Android versions released after Android 2.2.

Posted in Root | Tagged , , , , | 13 Comments

Android Phones

Categories

Link1 | Link2 | Link3

Copyright © 2013. All Rights Reserved.

Designed by Jailbreak Android.