Didn't actually have to use the exploit until now, but it worked great!
199.18KB 52 downloads
Posted 22 April 2013 - 07:56 PM
come Saturday, when I actually have a good amount of time to invest, I'll be giving this a go. can't wait!
Posted 22 April 2013 - 07:57 PM
At first this did not work for me. But I knew when going through the instructions I had a part that didn't feel right, I copied
:
cd /tmp/share
wget http://vulnfactory.org/public/motoshare2.tgz
tar xvf motoshare2.tgz
sudo chmod 755 run.sh
and it ran without me hitting enter. I went back, hand typed the whole thing, no enter/line brakes and it downloaded LOTS more stuff. Once complete, I had Root!!!
Huge thanks to Dan and Sam for all your help in getting these things up and going.
Now I just need to find those little permissions so I can run wifi and USB tether without checking with Daddy Warbucks (aka Big Red/Verizon)
Posted 22 April 2013 - 08:00 PM
No go, this is what I am getting, Ubuntu 13 on USB drive, 32 bit
ubuntu@ubuntu:/tmp/share$ cd /tmp/share/
ubuntu@ubuntu:/tmp/share$ sudo ./run.sh
[+] Waiting for device...
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
[+] Device found.
[+] Pushing exploit...
1108 KB/s (366952 bytes in 0.323s)
5794 KB/s (1867568 bytes in 0.314s)
5271 KB/s (64391 bytes in 0.011s)
5470 KB/s (1578585 bytes in 0.281s)
pkg: /data/local/tmp/Superuser.apk
Failure [INSTALL_FAILED_ALREADY_EXISTS]
[+] Rooting phone...
[+] Your phone may appear to reboot. Please ignore this and continue with the exploit.
/system/bin/sh: /storage/rfs0/pwn: not found
[+] Please press any hardware button on your phone.
[+] Don't worry if the phone is unresponsive at this time.
[+] Press enter to continue once you have pressed a hardware button.
[*] Cleaning up...
[*] Exploit complete. Press enter to reboot and exit.
Installed SU BUT cannot get root. It appears it is MISSING or not using a file. Help?
Non potest esse nisi unus
Posted 22 April 2013 - 08:01 PM
Is anyone else having trouble getting their phone to mount to the Linux share? I get up to setting the remote storage but when I try to connect, I get a network error message saying there's a problem in my network connection with the remote host.
I'm using the 32-bit CD (12.04) and my laptop and phone are both on the same wifi network
For the Host IP Address, I used the address after "inet addr" that came up when I used ifconfig
Below is what I had in the terminal up until that point. Any suggestions would be appreciated.
ubuntu@ubuntu:~$ mkdir /tmp/share
ubuntu@ubuntu:~$ sudo apt-get install samba
Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:
The following packages have unmet dependencies:
samba : Depends: samba-common (= 2:3.6.3-2ubuntu2) but 2:3.6.3-2ubuntu2.3 is to be installed
Depends: libwbclient0 (= 2:3.6.3-2ubuntu2) but 2:3.6.3-2ubuntu2.3 is to be installed
Recommends: tdb-tools but it is not going to be installed
E: Unable to correct problems, you have held broken packages.
ubuntu@ubuntu:~$ sudo apt-get update
Ign cdrom://Ubuntu 12.04.2 LTS _Precise Pangolin_ - Release i386 (20130213) precise InRelease
Ign cdrom://Ubuntu 12.04.2 LTS _Precise Pangolin_ - Release i386 (20130213) precise/main TranslationIndex
Ign cdrom://Ubuntu 12.04.2 LTS _Precise Pangolin_ - Release i386 (20130213) precise/restricted TranslationIndex
Ign cdrom://Ubuntu 12.04.2 LTS _Precise Pangolin_ - Release i386 (20130213) precise/main Translation-en_US
Ign cdrom://Ubuntu 12.04.2 LTS _Precise Pangolin_ - Release i386 (20130213) precise/main Translation-en
Ign cdrom://Ubuntu 12.04.2 LTS _Precise Pangolin_ - Release i386 (20130213) precise/restricted Translation-en_US
Ign cdrom://Ubuntu 12.04.2 LTS _Precise Pangolin_ - Release i386 (20130213) precise/restricted Translation-en
Ign precise-security InRelease
Get:1 precise-security Release.gpg [198 B]
Get:2 precise-security Release [49.6 kB]
Get:3 precise-security/main i386 Packages [259 kB]
Get:4 precise-security/restricted i386 Packages [4,620 B]
Get:5 precise-security/main TranslationIndex [74 B]
Get:6 precise-security/restricted TranslationIndex [72 B]
Get:7 precise-security/main Translation-en [120 kB]
Get:8 precise-security/restricted Translation-en [1,253 B]
Ign precise InRelease
Ign precise-updates InRelease
Hit precise Release.gpg
Get:9 precise-updates Release.gpg [198 B]
Hit precise Release
Get:10 precise-updates Release [49.6 kB]
Hit precise/main i386 Packages
Hit precise/restricted i386 Packages
Hit precise/main TranslationIndex
Hit precise/restricted TranslationIndex
Get:11 precise-updates/main i386 Packages [613 kB]
Get:12 precise-updates/restricted i386 Packages [10.0 kB]
Get:13 precise-updates/main TranslationIndex [3,564 B]
Get:14 precise-updates/restricted TranslationIndex [2,461 B]
Hit precise/main Translation-en
Hit precise/restricted Translation-en
Get:15 precise-updates/main Translation-en [269 kB]
Get:16 precise-updates/restricted Translation-en [2,432 B]
Fetched 1,385 kB in 9s (147 kB/s)
Reading package lists... Done
ubuntu@ubuntu:~$ sudo apt-get install samba
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
libwbclient0 samba-common smbclient tdb-tools
Suggested packages:
openbsd-inetd inet-superserver smbldap-tools
ldb-tools ctdb
The following NEW packages will be installed:
samba tdb-tools
The following packages will be upgraded:
libwbclient0 samba-common smbclient
3 upgraded, 2 newly installed, 0 to remove and 178 not upgraded.
Need to get 22.4 MB of archives.
After this operation, 23.0 MB of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 precise/main tdb-tools i386 1.2.9-4 [22.8 kB]
Get:2 precise-security/main libwbclient0 i386 2:3.6.3-2ubuntu2.6 [31.0 kB]
Get:3 precise-security/main smbclient i386 2:3.6.3-2ubuntu2.6 [14.0 MB]
Get:4 precise-security/main samba-common all 2:3.6.3-2ubuntu2.6 [326 kB]
Get:5 precise-security/main samba i386 2:3.6.3-2ubuntu2.6 [8,013 kB]
Fetched 22.4 MB in 47s (467 kB/s)
Preconfiguring packages ...
(Reading database ... 147580 files and directories currently installed.)
Preparing to replace libwbclient0 2:3.6.3-2ubuntu2.3 (using .../libwbclient0_2%3a3.6.3-2ubuntu2.6_i386.deb) ...
Unpacking replacement libwbclient0 ...
Preparing to replace smbclient 2:3.6.3-2ubuntu2.3 (using .../smbclient_2%3a3.6.3-2ubuntu2.6_i386.deb) ...
Unpacking replacement smbclient ...
Preparing to replace samba-common 2:3.6.3-2ubuntu2.3 (using .../samba-common_2%3a3.6.3-2ubuntu2.6_all.deb) ...
Unpacking replacement samba-common ...
Selecting previously unselected package samba.
Unpacking samba (from .../samba_2%3a3.6.3-2ubuntu2.6_i386.deb) ...
Selecting previously unselected package tdb-tools.
Unpacking tdb-tools (from .../tdb-tools_1.2.9-4_i386.deb) ...
Processing triggers for man-db ...
Processing triggers for ureadahead ...
Processing triggers for ufw ...
Setting up libwbclient0 (2:3.6.3-2ubuntu2.6) ...
Setting up samba-common (2:3.6.3-2ubuntu2.6) ...
Setting up smbclient (2:3.6.3-2ubuntu2.6) ...
Setting up samba (2:3.6.3-2ubuntu2.6) ...
Generating /etc/default/samba...
Importing account for nobody...ok
update-alternatives: using /usr/bin/smbstatus.samba3 to provide /usr/bin/smbstatus (smbstatus) in auto mode.
smbd start/running, process 6605
nmbd start/running, process 6641
Setting up tdb-tools (1.2.9-4) ...
update-alternatives: using /usr/bin/tdbbackup.tdbtools to provide /usr/bin/tdbbackup (tdbbackup) in auto mode.
Processing triggers for libc-bin ...
ldconfig deferred processing now taking place
ubuntu@ubuntu:~$ sudo gedit /etc/samba/smb.conf
(gedit:6659): GLib-GIO-WARNING **: Missing callback called fullpath = /root/.local/share/recently-used.xbel
ubuntu@ubuntu:~$ sudo useradd guest -m -G users
ubuntu@ubuntu:~$ sudo passwd guest
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
ubuntu@ubuntu:~$ sudo smbpasswd -a guest
New SMB password:
Retype new SMB password:
Added user guest.
ubuntu@ubuntu:~$ sudo restart smbd
smbd start/running, process 6727
ubuntu@ubuntu:~$ cd /tmp/share
ubuntu@ubuntu:/tmp/share$ wget
--2013-04-23 04:14:59--
Resolving vulnfactory.org (vulnfactory.org)... 199.188.204.9
Connecting to vulnfactory.org (vulnfactory.org)|199.188.204.9|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 3304852 (3.2M) [application/x-tar]
Saving to: `motoshare2.tgz'
100%[============>] 3,304,852 1.24M/s in 2.5s
2013-04-23 04:15:04 (1.24 MB/s) - `motoshare2.tgz' saved [3304852/3304852]
ubuntu@ubuntu:/tmp/share$ tar xvf motoshare2.tgz
adb.linux
adb.osx
busybox
pwn
run.sh
su
Superuser.apk
ubuntu@ubuntu:/tmp/share$ sudo chmod 755 run.sh
ubuntu@ubuntu:/tmp/share$
Posted 22 April 2013 - 08:04 PM
Im going to have to wait till middle of next month, i burned 1.65GB trying to get my usb working...download unbuntu twice kept giving me corrupt file on LiLi till i figured out fat32 doesnt like 64Bit, and im on broad band with a data cap thxs to big red.
I feel so stupid.
Thanks Droidrzr for the continued support of my family and a special thank you to Kaos and Kelly....
Google pixel 32 gig....
Posted 22 April 2013 - 08:07 PM
No go, this is what I am getting, Ubuntu 13 on USB drive, 32 bit
ubuntu@ubuntu:/tmp/share$ cd /tmp/share/
ubuntu@ubuntu:/tmp/share$ sudo ./run.sh
[+] Waiting for device...
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
[+] Device found.
[+] Pushing exploit...
1108 KB/s (366952 bytes in 0.323s)
5794 KB/s (1867568 bytes in 0.314s)
5271 KB/s (64391 bytes in 0.011s)
5470 KB/s (1578585 bytes in 0.281s)
pkg: /data/local/tmp/Superuser.apk
Failure [INSTALL_FAILED_ALREADY_EXISTS]
[+] Rooting phone...
[+] Your phone may appear to reboot. Please ignore this and continue with the exploit.
/system/bin/sh: /storage/rfs0/pwn: not found
[+] Please press any hardware button on your phone.
[+] Don't worry if the phone is unresponsive at this time.
[+] Press enter to continue once you have pressed a hardware button.
[*] Cleaning up...
[*] Exploit complete. Press enter to reboot and exit.
Installed SU BUT cannot get root. It appears it is MISSING or not using a file. Help?
ubuntu 13?? highest i have seen is 12.10...or am i reading it wrong
Thanks Droidrzr for the continued support of my family and a special thank you to Kaos and Kelly....
Google pixel 32 gig....
Posted 22 April 2013 - 08:15 PM
tested this exploit in the xt910.. TEST OK!!!!!!!!! ROOT JELLY BEAN OTA BRASIL
Posted 22 April 2013 - 08:20 PM
It's not connecting to your samba share. Check in files app to make sure the share is connected and that you can see it.
Sent from my Xoom using Tapatalk HD
I logged into it using files, it opens up files. Suddenly it RAN, and then it rebooted and I am waiting to see what happens...nope. This sucks.
Posted 22 April 2013 - 08:44 PM
Sam, what is this error for RSD lite?
Failed flashing process. 5/24 oem fb_mode_set-->phone returns FAIL
--TRYING to FXZ to totally stock JB
RSD lite 6.1.4? it is 6 something. Never saw an RSD FXZ fail like this. I did push the preinstall and system from 246 to get phone UP after the BS fail. Then installed JB update file off SD card. Was trying to go absolutely stock.
Posted 22 April 2013 - 09:21 PM
Posted 22 April 2013 - 10:13 PM
Sam, what is this error for RSD lite?
Failed flashing process. 5/24 oem fb_mode_set-->phone returns FAIL
--TRYING to FXZ to totally stock JB
RSD lite 6.1.4? it is 6 something. Never saw an RSD FXZ fail like this. I did push the preinstall and system from 246 to get phone UP after the BS fail. Then installed JB update file off SD card. Was trying to go absolutely stock.
I'm not Sam, but you can fix this by opening the .xml from the FXZ and search for anywhere it says "OEM" and delete the text beween the angle brackets <like this>
Hard to explain without showing you, but let us know if you need more help.
Posted 22 April 2013 - 10:33 PM
Dan FTW! Donation gladly sent.
Posted 22 April 2013 - 10:48 PM
Awesome stuff!
Posted 22 April 2013 - 11:13 PM
Posted 23 April 2013 - 12:03 AM
For me the exploit goes all the way through, nothing seems to give any sort of error. When it reboots though, Titanium Backup can't get root.
I guess I had the same question as above with the :
I was having this same problem so I factory reset my phone and root went through without a hitch!
Posted 23 April 2013 - 12:24 AM
Ok, never mind my previous issue, I now have the error of not finding the sh file in my temp. I'm looking at it through the remote file system on my phone.
Posted 23 April 2013 - 12:29 AM
at first thank you.
but i have a problem when I'm starting the exploit with ./run.sh everything is ok. I press a hardwarebutton and afterwards enter.
then the terminal says:
./run.sh: line 58: ./adb.linux: No such file or directory
./run.sh: line 59: ./adb.linux: No such file or directory
./run.sh: line 60: ./adb.linux: No such file or directory
i looked into the directory and i found the adb.linux.... any advice
Posted 23 April 2013 - 12:52 AM
first off, when i remote connect my bionic via remote storage the folder is empty (connects fine just empty).
here is what my command terminal says:
./run.sh: line 30: ./adb.linux: No such file or directory
[+] Waiting for device...
./run.sh: line 33: ./adb.linux: No such file or directory
[+] Device found.
[+] Pushing exploit...
./run.sh: line 38: ./adb.linux: No such file or directory
./run.sh: line 39: ./adb.linux: No such file or directory
./run.sh: line 40: ./adb.linux: No such file or directory
./run.sh: line 42: ./adb.linux: No such file or directory
./run.sh: line 43: ./adb.linux: No such file or directory
[+] Rooting phone...
[+] Your phone may appear to reboot. Please ignore this and continue with the exploit.
./run.sh: line 49: ./adb.linux: No such file or directory
[+] Please press any hardware button on your phone.
[+] Don't worry if the phone is unresponsive at this time.
[+] Press enter to continue once you have pressed a hardware button.
[*] Cleaning up...
./run.sh: line 58: ./adb.linux: No such file or directory
./run.sh: line 59: ./adb.linux: No such file or directory
./run.sh: line 60: ./adb.linux: No such file or directory
[*] Exploit complete. Press enter to reboot and exit.
./run.sh: line 65: ./adb.linux: No such file or directory
./run.sh: line 66: ./adb.linux: No such file or directory
I'm using the 32-bit version 12.10. I tryed repeating the process but it wouldn't work. if its any help my phone never rebooted after pressing enter on the last comand
Posted 23 April 2013 - 01:57 AM
Thank You So much...... : .......
long live ................. :
0 members, 5 guests, 0 anonymous users