Jump to content


Photo

[ROOT] Motoshare 2: Old Bug, New Exploit


  • Please log in to reply
985 replies to this topic

#921 livinginkaos

livinginkaos

    I don't know what I'm doing anymore.....

  • Administrator
  • 15,282 posts
  • Google+:Hangouts - livinginkaos@gmail.com
  • LocationOregon
  • Current Device(s):Samsung S8+ / Pixel XL 128gb / iPhone 7+ 256gb / iPad Pro 12.9" / Samsung Chromrbook Plus / Pixel C / Nexus 6p 128gb / Nexus 6 / Nexus 6 on Fi / Nexus 9 / Moto 360^2 / Nvidia Shield TV Pro / Nvidia Shield Tablet / HTC EVODesign on FreedomPop / Chromecast / Surface Pro 3 i7 / Samsung Tab Pro 12.2 / Lenovo Win8 Tab / Eee Slate / '13 Nexus 7

Posted 29 June 2013 - 03:10 PM

There is nothing "outdated" with the exploit posted in the OP. Are you not connecting via a samba share in a Linux environment? If not, the exploit will not function correctly.

b2wvCBn.png

Sig by livinginkaos
Samsung S8+ / Pixel XL 128gb / iPhone 7+ 256gb / iPad Pro 12.9" / Samsung Chromrbook Plus / Pixel C / Nexus 6p 128gb / Nexus 6 / Nexus 6 on Fi / Nexus 9 / Moto 360^2 / Nvidia Shield TV Pro / Nvidia Shield Tablet / HTC EVODesign on FreedomPop / Chromecast / Surface Pro 3 i7 / Samsung Tab Pro 12.2 / Lenovo Win8 Tab / Eee Slate / '13 Nexus 7


#922 SamuriHL

SamuriHL

    Android Warrior

  • Smod
  • 44,210 posts
  • Current Device(s):S21 Ultra, Pixel 6

Posted 29 June 2013 - 03:12 PM

NAS isn't exactly the same as a Linux SAMBA share.  I was never able to use Windows to drive the process even from a Linux SAMBA share.  it's got to be done from Linux.


  • Int_Rnd_Pooka and livinginkaos like this

Non potest esse nisi unus


#923 knitterb

knitterb

    n00b

  • Members
  • Pip
  • 2 posts

Posted 29 June 2013 - 03:30 PM

I should have been more clear.  My NAS _is_ a Sama share.  Home built server with Samba.  I'll give it a shot directly connected to an Ubuntu instance in VirtualBox.  I wonder why...adb is adb?!?!

 

Update: tried against directly connected to my Linux/Samba server...it worked.  Not sure why it required a direct connection, but alas it did! :)



#924 livinginkaos

livinginkaos

    I don't know what I'm doing anymore.....

  • Administrator
  • 15,282 posts
  • Google+:Hangouts - livinginkaos@gmail.com
  • LocationOregon
  • Current Device(s):Samsung S8+ / Pixel XL 128gb / iPhone 7+ 256gb / iPad Pro 12.9" / Samsung Chromrbook Plus / Pixel C / Nexus 6p 128gb / Nexus 6 / Nexus 6 on Fi / Nexus 9 / Moto 360^2 / Nvidia Shield TV Pro / Nvidia Shield Tablet / HTC EVODesign on FreedomPop / Chromecast / Surface Pro 3 i7 / Samsung Tab Pro 12.2 / Lenovo Win8 Tab / Eee Slate / '13 Nexus 7

Posted 29 June 2013 - 03:39 PM

Permissions handling is native in Linux and I believe windows adb mucks that up
  • Int_Rnd_Pooka likes this

b2wvCBn.png

Sig by livinginkaos
Samsung S8+ / Pixel XL 128gb / iPhone 7+ 256gb / iPad Pro 12.9" / Samsung Chromrbook Plus / Pixel C / Nexus 6p 128gb / Nexus 6 / Nexus 6 on Fi / Nexus 9 / Moto 360^2 / Nvidia Shield TV Pro / Nvidia Shield Tablet / HTC EVODesign on FreedomPop / Chromecast / Surface Pro 3 i7 / Samsung Tab Pro 12.2 / Lenovo Win8 Tab / Eee Slate / '13 Nexus 7


#925 SamuriHL

SamuriHL

    Android Warrior

  • Smod
  • 44,210 posts
  • Current Device(s):S21 Ultra, Pixel 6

Posted 29 June 2013 - 03:46 PM

Yea, I spent quite a bit of time trying to get it to work from Windows.  Nada.


  • Int_Rnd_Pooka and knitterb like this

Non potest esse nisi unus


#926 adogKutla

adogKutla

    n00b

  • Members
  • Pip
  • 1 posts

Posted 06 July 2013 - 10:09 PM

Late to the game but finally rooted my Bionic using this method and backed up with Titanium Pro! I used Ubuntu 12.04, LiveCD. I had some issues with the install samba command but if you type sudo apt-get update first it should work fine. Next, the restart command works the other way around, ie sudo smbd restart. Next, I had some problems either with not pressing the hardware button fast enough or with Superuser. However, I found that you have to be really fast with the hardware button press (vol + or - or pwr works fine). Don't forget to hit enter after the first or second buzz. Then if you open Titanium, it should ask for root access which will then prompt Superuser to load. If it doesn't load, or if you get an error about needing to update su binaries, just uninstall Superuser and try the sudo ./run.sh command again. I uninstalled Superuser because I was getting an ALREADY_INSTALLED error the first time. You might also have to reboot the phone at certain points too. Just play around with it, keep trying, and it'll work just fine. Thanks to Dan too!


  • Gatorman likes this

#927 beelo03

beelo03

    n00b

  • Members
  • Pip
  • 1 posts

Posted 07 July 2013 - 02:21 PM

I tried doing this on an Ubuntu virtual machine and I can't connect to the remote storage. I tried all the IP addresses and still nothing. Is there a step that I'm missing. Help thanks.



#928 livinginkaos

livinginkaos

    I don't know what I'm doing anymore.....

  • Administrator
  • 15,282 posts
  • Google+:Hangouts - livinginkaos@gmail.com
  • LocationOregon
  • Current Device(s):Samsung S8+ / Pixel XL 128gb / iPhone 7+ 256gb / iPad Pro 12.9" / Samsung Chromrbook Plus / Pixel C / Nexus 6p 128gb / Nexus 6 / Nexus 6 on Fi / Nexus 9 / Moto 360^2 / Nvidia Shield TV Pro / Nvidia Shield Tablet / HTC EVODesign on FreedomPop / Chromecast / Surface Pro 3 i7 / Samsung Tab Pro 12.2 / Lenovo Win8 Tab / Eee Slate / '13 Nexus 7

Posted 07 July 2013 - 04:09 PM

Did you set you lan in the VM to bridged? If the IP of your Linux VM doesn't follow that of your PC, it will never connect. If your PC is 192.168.1.xx and your Linux is something weird like 192.65.148.xx the networks will not talk.

b2wvCBn.png

Sig by livinginkaos
Samsung S8+ / Pixel XL 128gb / iPhone 7+ 256gb / iPad Pro 12.9" / Samsung Chromrbook Plus / Pixel C / Nexus 6p 128gb / Nexus 6 / Nexus 6 on Fi / Nexus 9 / Moto 360^2 / Nvidia Shield TV Pro / Nvidia Shield Tablet / HTC EVODesign on FreedomPop / Chromecast / Surface Pro 3 i7 / Samsung Tab Pro 12.2 / Lenovo Win8 Tab / Eee Slate / '13 Nexus 7


#929 sharklasers

sharklasers

    n00b

  • Members
  • Pip
  • 22 posts

Posted 08 July 2013 - 05:19 PM

I'm on a verizon Droid Bionic, XT875, running 4.1.2

 

System version: 98.72.22.XT875.Verizon.en.US

 

I'm afraid my root fails while running the "pwn" binary.   If I run it by hand, it exits early, and never does anything:

 

 

shell@cdma_targa:/ $
shell@cdma_targa:/ $
shell@cdma_targa:/ $
shell@cdma_targa:/ $ /storage/rfs0/pwn 1
[+]
[+] Motoshare 2: Motorola 4.1.2 root exploit
[+] Copyright 2013 Dan Rosenberg (@djrbliss)
[+] Version 1.1
[+]
[+] Tested on Droid Bionic, Droid Razr (XT910)
[+]
[+] Missing required privileges.
1|shell@cdma_targa:/ $



#930 BrknScrn

BrknScrn

    Member

  • Dedicated Supporter
  • PipPip
  • 38 posts
  • LocationWestern MA
  • Current Device(s):2 Bionics, one for use and one for dev, Galaxy Note Tab 2

Posted 13 July 2013 - 05:44 AM

Good morning, I just bought my second Bionic FXZed it to 4.1.2 and used the ubuntu root method.  The first phone I successfully completed this on over a month ago and it's running perfectly.  This phone, all went well, I have root access, installed SS 3.11 but there is one problem.  I get a message that my internal SD card is unmounted or has an invalid file structure.  When I go into SS to do a backup, I see the following

 

E:failed to mount /sdcard (invalid argument)

 

How should I proceed? Should I format the internal SD and then copy my other Bionic files over to the new machine or go back into ubuntu and reroot to try to fix the problem?  Thanks for your help!


ET....Phone Home

#931 Int_Rnd_Pooka

Int_Rnd_Pooka

    Member

  • Members
  • PipPip
  • 284 posts
  • Current Device(s):Bionic

Posted 13 July 2013 - 07:09 AM

Format internal sd

#932 mberk007

mberk007

    n00b

  • Members
  • Pip
  • 2 posts

Posted 13 July 2013 - 08:01 PM

I am having some trouble rooting my droid bionic. I'm getting an error msg after step 3.  Can someone tell if I am doing something wrong?

 

ubuntu@ubuntu:~$ sudo apt-get install ia32-libs
Reading package lists... Done
Building dependency tree       
Reading state information... Done
E: Unable to locate package ia32-libs
ubuntu@ubuntu:~$ mkdir /tmp/share
ubuntu@ubuntu:~$ sudo apt-get install samba
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 samba : Depends: samba-common (= 2:3.6.3-2ubuntu2) but 2:3.6.3-2ubuntu2.3 is to be installed
         Depends: libwbclient0 (= 2:3.6.3-2ubuntu2) but 2:3.6.3-2ubuntu2.3 is to be installed
         Recommends: tdb-tools but it is not going to be installed
E: Unable to correct problems, you have held broken packages.
ubuntu@ubuntu:~$
 


  • Gatorman likes this

#933 jsvp

jsvp

    n00b

  • Members
  • Pip
  • 1 posts

Posted 17 July 2013 - 04:30 PM

Thanks to all for posting this! After a few issues, I thought I would share for anyone else who already has Ubuntu and/or file shares on the phone. First, the share did not work on our "public" wi-fi network, apparently shares are only allowed on "private" so the phone could not connect to the share. Once we figured this out, and had tried to connect the phone via an existing share, the root would not work as the secondary share was not in the rfs0. So deleting any other file shares are necessary as is deleting any partially installed superuser apps. Hope this may help others!
 



#934 albertazzo

albertazzo

    n00b

  • Members
  • Pip
  • 6 posts
  • LocationItaly
  • Current Device(s):XT910

Posted 18 July 2013 - 10:53 PM

I tried applying this method but what I got is:

 

[+] Rooting phone...
[+] Your phone may appear to reboot. Please ignore this and continue with the exploit.
/system/bin/sh: /storage/rfs0/pwn: not found
[+] Please press any hardware button on your phone.
[+] Don't worry if the phone is unresponsive at this time.
[+] The device will vibrate when the exploit is complete.
[+] Press enter to continue once the device has vibrated.

 

Of course the phone did not vibrate at all...

What is "/system/bin/sh: /storage/rfs0/pwn: not found"???

 

 

 

 

 

 



#935 albertazzo

albertazzo

    n00b

  • Members
  • Pip
  • 6 posts
  • LocationItaly
  • Current Device(s):XT910

Posted 19 July 2013 - 01:26 AM

I found that that was a "problem" in my phone that was addressing rfs1 instead of rsf0 (I checked out the 1st line of the window of Files app when I connect to "share") and so I edited the run.sh file (it should be Line 47):

 

echo "[+] Rooting phone..."
echo "[+] Your phone may appear to reboot. Please ignore this and continue with the exploit."
$adb shell /storage/rfs0/pwn 1   --->   $adb shell /storage/rfs1/pwn

 

changed this line as indicated and it worked smoothly!

 



#936 mberk007

mberk007

    n00b

  • Members
  • Pip
  • 2 posts

Posted 25 July 2013 - 08:30 PM

I'm getting the following error:

 

michael@michael-desktop:/tmp/share$ cd /tmp/share/
michael@michael-desktop:/tmp/share$ sudo ./run.sh
[+] Waiting for device...
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
[+] Device found.
[+] Pushing exploit...
5371 KB/s (366952 bytes in 0.066s)
5347 KB/s (1867568 bytes in 0.341s)
1578 KB/s (64498 bytes in 0.039s)
4587 KB/s (1578585 bytes in 0.336s)
    pkg: /data/local/tmp/Superuser.apk
Failure [INSTALL_FAILED_ALREADY_EXISTS]
[+] Rooting phone...
[+] Your phone may appear to reboot. Please ignore this and continue with the exploit.
/system/bin/sh: /storage/rfs0/pwn: not found
[+] Please press any hardware button on your phone.
[+] Don't worry if the phone is unresponsive at this time.
[+] The device will vibrate when the exploit is complete.
[+] Press enter to continue once the device has vibrated.
 

What does this mean and how do I fix it. 

 

Thank you.



#937 livinginkaos

livinginkaos

    I don't know what I'm doing anymore.....

  • Administrator
  • 15,282 posts
  • Google+:Hangouts - livinginkaos@gmail.com
  • LocationOregon
  • Current Device(s):Samsung S8+ / Pixel XL 128gb / iPhone 7+ 256gb / iPad Pro 12.9" / Samsung Chromrbook Plus / Pixel C / Nexus 6p 128gb / Nexus 6 / Nexus 6 on Fi / Nexus 9 / Moto 360^2 / Nvidia Shield TV Pro / Nvidia Shield Tablet / HTC EVODesign on FreedomPop / Chromecast / Surface Pro 3 i7 / Samsung Tab Pro 12.2 / Lenovo Win8 Tab / Eee Slate / '13 Nexus 7

Posted 26 July 2013 - 03:31 AM

It means that you were not connected to your samba share prior to connecting the device with the USB.
  • Int_Rnd_Pooka and Gatorman like this

b2wvCBn.png

Sig by livinginkaos
Samsung S8+ / Pixel XL 128gb / iPhone 7+ 256gb / iPad Pro 12.9" / Samsung Chromrbook Plus / Pixel C / Nexus 6p 128gb / Nexus 6 / Nexus 6 on Fi / Nexus 9 / Moto 360^2 / Nvidia Shield TV Pro / Nvidia Shield Tablet / HTC EVODesign on FreedomPop / Chromecast / Surface Pro 3 i7 / Samsung Tab Pro 12.2 / Lenovo Win8 Tab / Eee Slate / '13 Nexus 7


#938 Gatorman

Gatorman

    n00b

  • Members
  • Pip
  • 6 posts
  • Current Device(s):Droid Bionic

Posted 26 July 2013 - 07:25 PM

I cant get samba to install without throwing errors. I know this process works, I'm having trouble the second time around.

 

Any ideas?

 

ubuntu@ubuntu:~$ sudo apt-get install samba
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 samba : Depends: samba-common (= 2:3.6.3-2ubuntu2) but 2:3.6.3-2ubuntu2.3 is to be installed
         Depends: libwbclient0 (= 2:3.6.3-2ubuntu2) but 2:3.6.3-2ubuntu2.3 is to be installed
         Recommends: tdb-tools but it is not going to be installed
E: Unable to correct problems, you have held broken packages.

 

SOLUTION FOUND -- POST #926


Edited by Gatorman, 27 July 2013 - 08:34 AM.


#939 smegun

smegun

    n00b

  • Members
  • Pip
  • 10 posts
  • Locationfl
  • Current Device(s):bionic 1156 1155 droid pro

Posted 29 July 2013 - 05:01 AM

WOrks Great     Matt on 4.2.1 OTA rooted with Samba  

 

is it my fear that this is the path of the future  no longer being able to *.apk an app to get past permissions   but overall a good experience

 

 

 o well  have to try new things  

 

any tutorial for lighting up the features of the phone are appreciated

 

 

running a mod rom on 4.2.2  after rooting the stock OTA  carries over to the mod that is once your rooted you can mod away  



#940 unmask

unmask

    n00b

  • Members
  • Pip
  • 2 posts
  • Current Device(s):infected htc rezound, droid bionic

Posted 10 August 2013 - 02:42 PM

Need help with this part "Next, move over to your Android device. Ensure you have enabled USB Debugging Mode (under Settings -> Development Settings). Ensure your device is connected via Wifi." do I have to connect the phone to my linux via wireless or do I connect both the linux system and phone to any wireless network?






2 user(s) are reading this topic

0 members, 2 guests, 0 anonymous users