donstechnology
New Member
- Joined
- Jun 28, 2010
- Messages
- 13
- Reaction score
- 0
Original Source: http://www.androidpolice.com/2012/11/24/exclusive-how-to-unlock-the-droid-dnas-bootloader/ By Justin Case
How to root your Droid DNA (Working as of 11/24/12 - Defeating the VZW locked bootloader)
The following is an instructional on how to root your new DROID DNA. Some items are downloaded from external resources, and are at your own risk!
THIS WILL WIPE YOUR DEVICE!
AS a reminder, I am not responsible if you choose to follow these instructions and brick your device.
Big Thanks to Justin Case who found the most important method to unlock the bootloader!
If this tutorial has helped you in any way shape or form, I highly recommend you Donate to Jcase: Donate Here!
The biggest and most important part of this tutorial was from JCase: Viewable here
What you need:
- Modern ADB that supports backup/restore (ICS and up) can use: http://www.mediafire.com/?hzf1u4bowjewhdq
- 1GB free space on your phone
· backup.ab (mirrors): 1, 2, 3, 4, 5, 6 (300MB)
· DNA_TeamAndIRC.zip (mirrors): 1, 2
With all the requisites taken care of, let's get started.
Disclaimer: We are not responsible for any harm to your device - proceed at your own risk.
Unzip DNA_TeamAndIRC.zip. Put runme.sh, CIDGen.apk, and backup.ab in the directory with adb.
Check the README.txt before continuing!
The Commands to use are in
Code:
[COLOR=#800000]Red[/COLOR]
First Step:
Code:
[COLOR=#800000]adb install CIDGen.apk[/COLOR]
Run the CIDGen app from your phone and follow the directions (please look for the IMEI on your box, the phone cannot see it). Then ensure the /sdcard/CIDBLOCK.img file exists on your phone with the following command:
Code:
[COLOR=#800000]adb shell ls -l /sdcard/CIDBLOCK.img[/COLOR]
If CIDBLOCK.img does not exist after running the app, do NOT proceed. Try re-running CIDGen.apk on your phone again, then re-run the above command to verify CIDBLOCK.img's existence.
If it does exist, continue with these commands:
Code:
[COLOR=#800000]adb push runme.sh /data/local/tmp/
adb shell chmod 755 /data/local/tmp/runme.sh
adb shell /data/local/tmp/runme.sh[/COLOR]
This process will loop forever and give out lots of "No such file" or "link failed" errors, so just leave it running for now.
Open a second command prompt use adb to restore the modified backup. Running this command, the phone will ask for your permission to restore the file, so go ahead and allow it.
Code:
[COLOR=#800000]adb restore backup.ab[/COLOR]
After the restore is finished you will need to stop the runme.sh script in the first terminal (use control+c or just close the window).
From this point forward, you're past the point of no return. Do not continue if you will not be able to follow the instructions 100%, as rebooting or powering down the phone at the wrong time will brick the device. Ensure your phone has at least 50% battery life remaining before continuing.
Code:
adb shell rm /data/data/com.htc.usage/files/exploit/*
adb shell mv /data/DxDrm /data/DxDrm_org
adb shell mkdir /data/DxDrm
adb shell ln -s /dev/block/mmcblk0p5 /data/DxDrm/DxSecureDB
adb reboot
adb wait-for-device
Now repeat the first exploit:
Code:
[COLOR=#800000]adb shell /data/local/tmp/runme.sh[/COLOR]
This process will also loop forever and give out lots of "No such file" or "link failed" errors - again, just leave it running.
In a second terminal/command prompt use adb to restore the modified backup. After running this command the phone will ask for your permission to restore the file - just like before, go ahead and allow it.
Code:
[COLOR=#800000]adb restore backup.ab[/COLOR]
After the restore is done you will need to stop the runme.sh script in the first terminal (use control+c or just close the window).
Code:
[COLOR=#800000]adb shell mv /data/DxDrm /data/DxDrm_trash
adb shell dd if=/sdcard/CIDBLOCK.img of=/dev/block/mmcblk0p5
adb reboot[/COLOR]
You can now unlock using HTCDev.com - simply select "All other supported models" for your phone type.
Visit HTC bootloader unlock page (This Part Wipes the data) and follow HTC’s instructions to unlock the Bootloader
Download TWRP recovery and rename to recovery.img and place in the adb folder
Download SuperSU and busybox package and place on SD card.
Put your phone in bootloader mode and connect via usb. (Bootloader mode - Turn off phone and hold power and vol down until in bootloader menu)
Then run this command:
Code:
[COLOR=#800000]fastboot flash recovery recovery.img[/COLOR]
Finally, reboot your device into recovery (under the bootloader menu), (Make a backup first to be safe) flash the SuperSU and busybox package and reboot your device.
You should now have root access!
THANKS AGAIN TO ALL WHO HELPED MAKE THIS POSSIBLE!!!
Credits:
- Original development: jcase
- Awesome saver of the day: Sean Beaupre
- Crash test dummy: dsb9938 (I bricked his phone making this!)
- Artem and all @AndroidPolice for putting up with my nonsense.
- Special thanks to Fuses for recommending a better target, and the numerous testers that let me play with their new phones.
Original Source: http://www.androidpolice.com/2012/11/24/exclusive-how-to-unlock-the-droid-dnas-bootloader/