How to set up SuperSu root manager after root

Share if the site was helpful

How to set up SuperSu root manager after root

If you have SuperSu on your device you must be familiar with rooting. So what is SuperSu application and what can you do with it? In general it is the tool which manages root permissions for all the applications on the phone which require root, with SuperSu you can select which apps have root access and which do not.

Lets have a look inside SuperSu, inside you have 3 sections: Apps, Logs and Settings.

The 1st section (APPS) shows you list of  applications installed on the device which asked for root access.

Click on app to open menu: next to option ACCESS you can select PROMPT, GRANT or DENY, depending if you want application to gain root privileges. Try to keep list of apps with granted permissions as short as you can, allow permissions only for the apps which either work with root only or have more privileges with it.

Next option is NOTIFICATIONS, you can choose options: “Global Default” to see  notifications if app is gaining access on the screen or “Disabled”, to switch off annoying dialog for specific app.

The 2nd section (LOGS) Shows you which app asked for root permission, time and which action was taken (allowed or denied) in case you switched on Logging option in settings. Pretty simple. Let’s move further!

The 3nd section (SETTINGS) Settings is the largest one and the most important – Settings. Correct set up is of great importance to avoid problems.

Enable SuperSu – switches on/off root on the phone, should have checkmark for root t work;

Re-authentication – disabled in case you do not want SuperSu to ask permissions again in case app is reinstalled or upgraded. If option was enabled SuperSu will always ask again permissions for the app after upgrade/reinstallation. I keep it disabled to avoid annoying dialogue pop-up.

Default access – selects default root access for all apps in case no option was chosen when prompt appears. You can choose GRANT / PROMPT/DENY.

Auto deny countdown (available for PRO version only) – gives you option to set up countdown time on SuperSu prompt asking to grant or deny access, basically that is how long user will see prompt on the screen to decide the destiny of app, in case no option selected – default value is chosen. Keep in mind that setting the countdown more than 10 seconds may cause crashes for apps which are written not in perfect way. As for me it is a bit useless:)

Show notifications – you have two options to select: “Global Default”  – if you wish to see notifications in notification menu bar about gaining access, “Disabled” – in case notifications are annoying for you and you want to get rid of them. I always select second one.

Logging – if you are not a developer, do not plan to be developer and do not need to get debug logs from SuperSu or even do not know what it is  – select option NONE, otherwise if debugging is important choose GLOBAL DEFAULT. Keep in mind it may cause crash of the application in case root permissions are asked great deal of times and logs are saved, stored, fill up memory of the phone.

Clear logs after – time-frame during which SuperSu logs are saved in case Logging is enabled. Otherwise option is grayed out.

Logs date format – choose format of date displayed.

 The Auto-refresh apps and logs tab allows the phone automatically refresh apps and logs tabs as new entries are added. Detection depends on access and notification settings.

PIN code (Pro version only) – gives option to protect SuperSu with PIN, may be useful in case Multiusers option was enabled and different users use device.

Enable Su during boot – applies all permissions during boot in case option enabled. Otherwise, permissions are applied randomly after the boot. Better to keep option enabled for boot settings to be set up properly. This option is disabled by default – make sure you switch it on.

Launcher icon – gives you variety of SuperSu  logo options, also you can select INVISIBLE to hide icon.

Theme – select dark or light theme of SuperSu interface

Language – gives option to select convenient language from the list of available.

Install SuperSu into /system – option to make SuperSu system app, in this case you will not be able to remove it from regular application manager. To delete SuperSu you will need to use either Alternative App manager (Titanium backup), or use ADB, one more option – factory reset of the phone.

Trust system user – option to give root access to the apps that are located in /system/app (System applications).

Reinstall – designed to fix SuperSu crashes (SuperSu has stopped), click on it to clean up previous installation, then install from PlayStore. Not advised to use this option if no SuperSu issues occur.

Switch Superuser app – designed to change root manager, will clean up SuperSu. As for me SuperSu is the best app to manage root access, however if you prefer another one or just want to experiment – can try, that is your choice. Note that root can be lost during process and you will need to start all over again.

Full unroot – important option but tricky. Allows you completely remove root from device. Be careful with it – it can softbrick phone, I am seriously. Before clicking this button very important to switch off option Enable SuperSu, on the top of settings. Once done you can unroot, but not before unless you wish to flash stock firmware.

Pretty wide variety of options. Cannot really skip mentioning what to do if you selected option for SuperSu icon to be invisible.

In case the icon was hidden and you need to launch SuperSu there are a few options:

1) Dial one of codes on the dial pad, one of them may work:*#1234#* or *#*#1234#*#* or *#7873778#* or *#*#7873778#*#* (does not work on Android 6.0)

2) Download Enable_SuperSU.apk  (google it) and manually install on the phone. Once you launch it app will ask root access > hit GRANT. You will see pop-up with options to Enable Su and Make it visible (100% working).

3) Open PlayStore – find SuperSu and follow steps: Uninstall > Install > Open (sometimes may cause issue with updating binaries).

4) Use adb terminal (phone and adb drivers should be installed on PC) and type adb shell am start -a android.intent.action.MAIN -n eu.chainfire.supersu/.MainActivity (100% working)

You can also use Terminal emulator (available on PlayStore) and type there am start -a android.intent.action.MAIN -n eu.chainfire.supersu/.MainActivity

No need to type “adb shell” as you are already in shell 🙂

 

What if you rooted phone with the other application and now have KingUser or SuperUser but SuperSu is in your dreams and you cannot sleep even because of that.

There are several options how you can change root manager app. Keep in mind is not safe.

There are 2 options:

1) Download SuperSume application from PlayStore it costs 4$ approximately. Install it on the phone and launch > you will  get prompt asking root access > hit ALLOW. Then click on large blue button with Android guy and wait, process takes up to 5 minutes. In case nothing happens in 5 minutes – reboot phone and try again.

Phone may be rebooted automatically during process, do not panic. In case you see SuperSu after reboot  – means operation was succeed.

Open SuperSu – application will ask to update binaries – hit Continue and select Normal installation. Updating binaries may take up to 5 minutes, in case it is taking longer – reboot and try again.

In case update was successful – will get notification about that – restart the phone and use SuperSu, you are done and awesome.

In case you get error during binaries update – reboot and try again. Make sure KingUser/Kingroot was removed from the phone, if no – disable it from Application manager and try updating binaries again.

In case Kingroot/SuperUser was removed but SuperSu was not installed – try installing the one from PlayStore.

Keep in mind this method can cause bootloop and is not very safe, in case you do not want such thing to happen to your phone and have headache restoring it  think carefully why do you want to change root manager, what is purpose. Strongly NOT recommended for Alcatel, Huawei, ZTE and other Chinese phones.

2) Use adb or Terminal emulator and script to change icon. This method is more safe, but more difficult.

Firstly download mrw folder, place it in the internal storage of the phone.

Then  download ADB and drivers on the PC, connect phone and make sure it is recognized with adb. Then type: adb shell

In case you do not want to use PC/do not have it try Terminal Emulator from PlayStore on the phone> open it and ALLOW root access.

Now type following in the command line (both, PC or phone):

su

Hit enter, you will get prompt to allow root permissions, hit ALLOW.

The command line will move to next line and you will see # sign.

Now type:

sh /sdcard/mrw/root.sh

hit Enter, you will see code is running, some errors may appear but do not pay attention, SuperSu will be automatically launched in case of Success, application will ask to update binaries – hit Continue and select Normal installation. Updating binaries may take up to 5 minutes, in case it is taking longer – reboot and try again.  Make sure KingUser/Kingroot was removed from the phone, if no – disable it from Application manager and try updating binaries again.

In case update was successful you will get notification about that – restart the phone and use SuperSu. You are done and awesome.

In case SuperSu was not launched after script – check manually if you have it on the phone. If nothing appears – guess what? You are right – reboot and try again from the very beginning.

Note, script will not work in case mrv folder is located in the other location, different from specified /sdcard/mrw/root.sh

-Diana Lisovenko

android stagefright exploit

Share if the site was helpful

What is Android stagefright exploit and how does it effect me? This is the question that everybody is asking so i will be trying to cover it in this post. First lets get an understanding of what StageFright is and can do to your device. StageFright is library or lib that has been around since Android 2.2 and is still being used in android 5.1.1 today. This is the reason that it is such a big exploit and called StageFright.

How does StageFright work?

The easiest way to hack into a device with StageFright is a video sent via MMS. which theoretically could be used as an avenue of attack through the libStageFright, which helps Android process video files. Many text messaging apps including Google’s Hangouts app automatically process that video so it’s ready for viewing as soon as you open the message, and so the attack theoretically could happen without you even knowing it. StageFright could also be exploited by installing a app that has the exploit in it or every by downloading a hacked video file that could run the exploit. If StageFright is implemented on your device the hacker can view and see everything that you do, bank accounts emails and more.

What can we do about it?

First you want to open your messaging app and go into settings and turn off AUTO RETRIEVE MMS. This will keep the a hack from happening automatically at least. You could still open a MMS and get it but that is still one more step that has to happen. Next don’t install apps from unknown sources, which really is always a good idea and last be careful on the Internet. Google will be working on a patch for this and pushing it out in ota updates soon. We all now how long ota updates can take so best to address this yourself.

More info

ASLR (Address Space Layout Randomization) is a method that keeps an attacker from reliably finding the function he or she wants to try and exploit by random arrangement of memory address spaces of a process. ASLR has been enabled in the default Linux Kernel since June 2005, and was added to Android with Version 4.0 (Ice Cream Sandwich). So if your device is android 4.0 and above you are much better protected.

My Thoughts

From what i have heard stagefright isnt a exploit that has been seen working in the wild just discovered by some researchers and not implemented in real world. Since it is already public I dont think that many hackers would spend the time working on it, if it is going to be patch soon anyway.

HERE you can find a StageFright detector app that is interesting but is going to tell you that you are vulnerable unless you have the latest cm12.1 installed which already has been patch for stagefright.

Loot For Root

Share if the site was helpful

Loot For Root

How do you feel about paying for apps like Sun Shine by Jcase and company or programs like MoFoRoot*? Here are some of my thoughts.

rooted

There are two sides to the discussion about paying for exploits and development on your android devices.  One side is obviously the developers and the other is that of the user or android community member who has been waiting for a awesome new root or unlocked bootloader method to be released.  Since there are two sides, I decided it would only be fair to contact Jcase and ask him in person why he has chosen to create a paid-for tool like Sun Shine app*. Let me start this post with a quick note: I am going to try and stay neutral in this matter until the end of the post where you will see my thoughts on the matter, so lets begin.

Here are some of Jcase’s thoughts and some of the questions I asked him.

Q:  Why make everyone pay for the Sun Shine app instead of just releasing the exploit to the android community and the world?

A:   “There are way more complaints with the free exploits than the paid versions” So I asked him to explain. When he releases free exploits they are normally not in a perfect form and may even be a bit buggy, but they still work. Jcase has no desire to make them work any better since he mainly enjoys finding the exploit, not spending tons of time making them noob friendly. Since it isn’t the easiest exploit in the world to perform on a given device, it turns into a big headache for him to deal with and ain’t nobody got time for that!

Q:  What cost is involved for you to find and create these exploits for the Android community?

A:  To answer this question Jcase gave this example. To fully test Sun Shine app he had to buy 30 Motorola Moto G phones to make sure that Sun Shine would be noob friendly. Along with this major cost, there is the time and research. He invests alot of time into the paid versions of his exploits like Sun Shine. “You get what you pay for.”

Q: Why not fund your research and expenses with donations and bounties?

A: He explained that the last bounty only paid out 30% of what was promised in the bounty thread.  Jcase continued to explain that by selling Sun Shine app, he is crowd funding his research and future development.

A few quick notes from our conversation:

1.  Working on android is for fun and done in our free time.

2.  Family time is important and Android takes a lot of time away from them.

3.  If working on Android exploits isn’t enjoyable, then he doesn’t want to do it.

4.  Jcase and the MoFoRoot Developer don’t owe the Android Community anything. If they don’t want to release Android exploits anymore, they don’t have to.

My Thoughts 

I wish that the Android community as a whole was a lot more understanding and friendly to the developers that do Android in their free time. I think that some of the community has scared off many of the developers with all their complaints and demands. If you like what a developer is doing, then support them with a donation. This will really encourage him or her to continue their work on Android. The Android community can be a really great and helpful place. I have met many of you online and love all the fun we have had together over the years. I really wish that we could go back to just donations and bounties to fund and help the developers like Jcase, but that ship has sailed. Loot for root is the new era we have found ourselves in. I, for one, am happy to pay $25.00 for a root or unlocked bootloader; this is much cheaper than buying a developer edition device.  There is just something about paying vs. donations that just gets under my skin and maybe you feel the same way. In my opinion, if we want to get back to the good old days of more free exploits and root methods, then lets start by donating to our favorite developers in the Android community and leave them some great comments of encouragement! A little lovin’ goes a long way 🙂

Please leave your comment and thoughts. I would love to hear from you.

Tom S. / RootJunky

 

 

*MoFoRoot is a Tool that lets you flash edited rooted system images to your Motorola Droid Turbo and Moto X 2014

*Sun Shine App is an amazing tool that lets you unlock your bootloader on many Motorola and HTC devices along with S-off

Towel Root

Share if the site was helpful

Towel Root

Towel Root is a app that exploits your kernel which they allows the app to inject SU file it to your android device file system. This gives you root access but you will still need to install SuperSU App from Google Play Store after using the Towel Root app.  geohot is the developer behind this awesome and easy to use exploit. always remember to support your dev’s 🙂 This Root exploit works great with lots a different devices please try it on yours and comment below if it works for you. I know it works on lots of android 4.4 Kitkat device

 

 Screenshot_2014-09-29-15-59-31

Its simple Just go to Towelroot.com and click on the upside down Y and the app will download to your device. Next you need to enable unknown source so that you can install the Towel Root app. Once install just click the Make it ra1n button shown aboove and you will have root access. Make sure you install Supersu & root checker apps to make sure root is working correctly.

Here is a video of me rooting my Galaxy S5 with the app

 

NOTE If the SU binary isnt updating correctly just reboot the device and check again.

Towel Root Exploit is known to works on these devices

AT&T GS5, Verizon GS5, GS4 Active, Nexus 5
May have some troubles at the door but invited: AT&T/Verizon Note 3
Possibly invited: Every Android phone with a kernel build date < Jun 3

Also many other devices work. i have used it on many Motorola devices as well. Try it on your android device