|View: HTML | Text | PS | PDF | RTF | Wiki | DocBook | DocBook Inline | changelog | about this header||
Circle Jeff Boweron
Before rooting your phone you should know what you're doing. If you want to root just for the sake of rooting, you shouldn't do it. If you have a specific application that requires root or a function you want to perform, make sure you understand what you're getting into. Android Central has a nice rooting Q&A that you should browse. This method is only slightly modified from the method published on Android Central.
Note that this document is a bit outdated and here for historical purposes. If you have a more modern OS you're probably better off looking at my Droid X Hacking page. If you want to know a bit about the Froyo rageagainstthecage root vulnerability read on. Luckily, this was closed in Gingerbread. While z4root was a benign app that let you easily root, malware used the same exploit to root without your knowledge with a silent version of Superuser and then used their power to steal data.
You should also consider whether you REALLY need to tether before installing one of the applications that lets you do it for free, while Verizon has chosen to turn a blind eye to tethering rest assured it's trivial for them to detect that you're tethering and they could do pretty much whatever they want. They can terminate your service, forcing you onto AT&T's wonderful network. They can back bill you for all the bandwidth you've used. As this constitutes Theft of Services they can even file criminal charges. That said, you'll hear from a ton of people who say it's perfectly safe, but for me it's well worth either forking out the $20/month for the service or simply not tethering at all - but it's your call.
The requirements for this method are pretty simple. You'll need a computer or Virtual Machine running Linux (I use Ubuntu Desktop 32-bit). You'll need a Droid X running the Verizon stock Froyo/2.2 release. And you'll need a USB cable.
You'll also need some bravery, this is a potentially dangerous procedure and I can't be held responsible if you end up with a pretty paperweight when you're done with the procedure!
First, download the SDK here, I'll assume it's in ~/Downloads. Now open a terminal window and issue the following commands:
cd ~ # The download is listed as a .tgz file, but actually downloads as a .tar # Running both commands will cover either case but only one is needed. tar -vxzf ~/Downloads/android-sdk*linux_x86.tgz tar -vxf ~/Downloads/android-sdk*linux_x86.*.tar echo 'PATH=$PATH:$HOME/android-sdk-linux_x86/tools' >> ~/.bashrc exit
Now if you open a new terminal window you should be able to run adb. If so, you're all set.
Download the file DroidXRoot.zip and save it someplace. We'll assume it's in ~/Downloads. Now connect your phone, ensure that USB Debugging is enabled (Settings --> Applications --> Development --> USB Debugging on your phone), and open a terminal window. I'm assuming that adb is in your path as described above. Execute the following commands:
# Extract the archive you just downloaded cd /tmp mkdir DroidXRoot cd DroidXRoot unzip ~/Downloads/DroidXRoot.zip adb devices # You should see a connected device here # Copy files to the SD Card adb push Superuser.apk /sdcard/Superuser.apk adb push su /sdcard/su adb push busybox /sdcard/busybox adb push rageagainstthecage-arm5.bin /data/local/tmp/rageagainstthecage-arm5.bin # Open up a shell adb shell
You should have just extracted all of the root files to your /tmp/DroidXRoot directory and pushed a bunch of them to the SD Card. The last command opens up a shell on the phone itself and you now have a new prompt. Execute the following commands on the phone to root it:
cd data/local/tmp chmod 0755 rageagainstthecage-arm5.bin ./rageagainstthecage-arm5.bin
Don't enter any more commands until you get kicked out of the shell prompt and back to your terminal. This is what's breaking into the root account for you and takes a little while to run. Once you're back to your Linux prompt execute the following:
adb kill-server adb devices # Again, make sure there's a connected device adb shell
You should now have a "#" prompt. If not, execute the commands cd data/local/tmp and ./rageagainstthecage-arm5.bin and try again. Once you have the "#" prompt, run the following to finish rooting.
mount -o rw,remount -t ext3 /dev/block/mmcblk1p21 /system cp /sdcard/Superuser.apk /system/app/Superuser.apk cp /sdcard/su /system/bin/su cp /sdcard/busybox /system/bin/busybox chmod 4755 /system/bin/su chmod 4755 /system/bin/busybox mount -o ro,remount -t ext3 /dev/block/mmcblk1p21 /system exit
Now reboot your phone. You should see the Superuser application listed, and if you open a terminal (using adb shell from your desktop or the Android Terminal Emulator) you should be enable to go from the "$" prompt to the "#" prompt by typing the command su.