Rooting Android

From Android Wiki

(Difference between revisions)
Jump to: navigation, searcha
(Start and connect to telnetd)
(Instructions for adb port forwarding)
Line 8: Line 8:
<br>
<br>
This gives you a root shell (basically, but not technically.... its confusing, dont ask) which you can use to gain more power.
This gives you a root shell (basically, but not technically.... its confusing, dont ask) which you can use to gain more power.
 +
 +
Alternatively, you can use adb to forward a local port on your linux host to a port on the phone.  This avoids the need to install a terminal on the phone:
 +
<pre>
 +
# Type "telnetd\r" ON THE PHONE KEYBOARD, then:
 +
adb forward tcp:9988 tcp:23
 +
telnet localhost 9988
 +
</pre>
==Add busybox==
==Add busybox==

Revision as of 06:22, 7 November 2008

Obtaining a root shell on the G1

Start and connect to telnetd

This has been tested and is known to work on OTA Updates RC19 and RC29 on the G1. Google has already promised to patch this so check you version.
1: download pterminal and run it
2: start the telnetd service ("cd /system/bin" then "telnetd")
3: telnet into the device

This gives you a root shell (basically, but not technically.... its confusing, dont ask) which you can use to gain more power.

Alternatively, you can use adb to forward a local port on your linux host to a port on the phone. This avoids the need to install a terminal on the phone:

# Type "telnetd\r" ON THE PHONE KEYBOARD, then:
adb forward tcp:9988 tcp:23
telnet localhost 9988

Add busybox

1: download busybox by tapping and holding (long pressing) this file and choosing save link to your sd card (using android browser)
2: remount system as read-write

mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system

3: copy and rename busybox.xxx to /system/bin/busybox

dd if=/sdcard/download/busybox.xxx of=/system/bin/busybox

4: make it executable

chmod 4755 /system/bin/busybox

5: go there

cd /system/bin/

6: this gives you cp (great for making more symlinks)

busybox cp -s busybox cp

7: start sh (on emulator enables up/down command memory)

busybox sh

8: to make more symlinks (busybox has hundreds of commands that are missing on G1) you do:

cp -s busybox <command>

for example, "cp -s busybox tar" will give you tar command :)

I would recommend you DO NOT OVERWRITE ANY EXISTING SYMLINKS!!! G1 has toolbox for most commands and the syntax is different. If you change the syntax, updates or scripts (like init.rc) could stop working.

P.S. if you want it all at once so you can paste it in one chunk, here you go:

mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
dd if=/sdcard/download/busybox.xxx of=/system/bin/busybox
chmod 4755 /system/bin/busybox
cd /system/bin/
busybox cp -s busybox cp
busybox sh
Personal tools