The first step in Android reverse reverse is to open root permissions

The first step in Android reverse reverse is to open root permissions

foreword

I read some related articles recently , and FridaI also want to do a few reverse operations manually_ ^.

I happen to have a Xiaomi Mi 8 Android phone (PS: I heard it is the easiest domestic phone to get Root permission), and I want to spend a few hours doing it. Unexpectedly, after reading a lot of articles, I ended up doing it all afternoon.

There is no article that allows me to operate it completely. The mood of the pit at the moment is extremely complicated, so leave an article to dilute it~!

Finally, let’s talk about root权限the intention of managing permissions on the computer. root权限After the software is obtained, theoretically speaking, any operation can be performed within the scope of the permissions of the software installed on the mobile phone 记住是任何操作. Do not grant app rootpermissions lightly.

environment

Development environment: one Mi 8, win10 laptop, data cable (typeC interface);
PS: You must pay attention to the model of the mobile device, and the flash image files downloaded by different models are different (I downloaded it myself It took 3 flashing packages to find a satisfactory one).

Mi 8 flashing and rooting process

Unlock Bootloader

This step is not the same as most of the articles on the Internet;

Xiaomi officially provides the unlocking function. First go to this website http://www.miui.com/unlock/index.html to apply for unlocking, download the unlocking tool and follow the above steps to unlock (PS: I heard that other manufacturers do not support the function of unlocking BootLoader).

PS: At present, the website cannot download the unlocking tool. Clicking on the result tool downloads no response. After changing two devices, there is no response to clicking.

The result tool I got from other channels, the download link is at the bottom of the article.

Check the device lock status of Xiaomi phones

1. Mobile phone MIUI contact click 3 times to open the developer options;
2. Open the device unlock status in the developer options, and it will display unlocked (PS: You need to bind your Xiaomi account here, click the button below after binding, note that a SIM card is required here, and WIFI network cannot be used);

PS: I haven’t encountered any of the online said that a qualification review is required, hahaha

When unlocking Bootloader, the phone will restore factory settings and all data will be lost, so please make a backup in advance.

If you are ready to start unlocking Bootloader, turn off the phone first, then press and hold the power button and the volume down button at the same time to turn it on. At this time, you will enter the fastboot interface, and a rabbit will appear on the screen of the Xiaomi phone. In this interface, we can directly install the system firmware.

First click on the downloaded software package MiUsbDriver.exeto install the Android-related drivers. Then connect the device with a USB cable, and the relevant driver will be installed automatically.

Then click miflash_unlock.exeto open the unlocking software, log in to the Xiaomi account, click all the way to confirm, reset the system, and unlock successfully Bootloader.

It is possible that after entering the fastboot interface, a little rabbit appears, and the USB data cable is plugged in and the screen goes black and prompts press any key to shutdown.

Solution: Change the computer USB 2.0 port connection to solve the problem. If your computer does not have a USB 2.0 port, you can also use a USB hub to connect.

If not, you can save the following content as a xxx.batbatch , and then run it as an administrator, and then there will be no problem connecting.

@echo off
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\usbflags\18D1D00D0100" /v "osvc" /t REG_BINARY /d "0000" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\usbflags\18D1D00D0100" /v "SkipContainerIdQuery" /t REG_BINARY /d "01000000" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\usbflags\18D1D00D0100" /v "SkipBOSDescriptorQuery" /t REG_BINARY /d "01000000" /f
pause

After running miflash_unlock.exe, it will provide you to log in with your Xiaomi account, just follow the prompts.

Successfully unlocked Bootloader.

MiFlash line brush developer version system

1. Download Xiaomi's online flashing software MiFlash2019-12-06-0.zip
2. Find the online flash package corresponding to the developer version required by the mobile phone and download xiaomirom

The second part needs special attention. Some of them are wire flashing packages obtained from forum posts [big coffee said] MIUI flashing instruction post . This can indeed be brushed successfully, but not after the brush is finished Root权限.

There are also some Qitu Root tools that can be downloaded Root权限for some Xiaomi systems, but there is a fee.

I myself downloaded some developer versions of the system image from xiaomirom (PS: I downloaded it twice, but the first flashing was not completed ).Root权限Root权限

Unzip the downloaded image file, and then run the MiFlash program.

1. Select the decompressed image file path;
2. Connect the data cable to the mobile phone, load the device (first, press and hold the power button and the volume down button at the same time to turn it on, and enter fastbootthe interface), wait for the setting name in the list below to come out, and then proceed to the next step;
3. Click to flash

may appear error: Missmatching image and device erroror error: FAILED (remote: Erase is not allowed in Lock State)error;

The first error needs to be that the model does not match the ROM, and the second error can be solved by the following methods:

1. To unlock the BL device, the Mi line brush needs to complete the BL unlock first
2. If the previous online flashing was unsuccessful, since the default BL lock is on the online flashing, you can try to directly enter the fastboot mode to re-unlock
3. If for some reason the mobile phone has logged out of the Xiaomi account and cannot enter the system, in this case, it can only be sent to Xiaomi after-sales for forced flashing

For other errors, please refer to the Mi line brush error reporting problem and solution

Enable Root permission

Click the steps in turn: Mobile Manager - Application Management - Permissions - ROOT Permissions Management, and finally there will be a process of confirming and downloading files.

• adb command without Root permission

➜ ~ adb shell
dipper:/ $ cd data
dipper:/data $ ls
ls: .: Permission denied

• adb command with root privileges

➜ ~ adb shell
dipper:/ $ su
:/ # cd data
cd data
:/data # ls
ls
adb           bootchart    media    ota            system_de
anr           cache        mediadrm ota_package    tombstones
app           dalvik-cache misc     property       unencrypted
app-asec      data         misc_ce  resource-cache user
app-ephemeral dpm          misc_de  sdcard         user_de
app-lib       drm          miui     ss             vendor
app-private   local        mqsas    system         vendor_ce
backup        lost+found   nfc      system_ce      vendor_de

appendix

MiFlash_v3.14.0.rar:
Link: https://pan.baidu.com/s/1yEO_oKhfxA3FHO8Oev1Fbg Extraction code: 5mw9

miflash_unlock-6.5.406.31.zip
Link: https://pan.baidu.com/s/1AQgXWTai05Cfv-eQabZOvQ Extraction code: mji6

If you want to read more articles by the author, you can check out my personal blog and public account: