==== Shuame ==== Shuame is a Chinese app for Windows. It could be [[https://rootgeniusdownload.com/|Root Genius]] is the English translation. How can we be sure this is safe, not malware, not stealing IMEA numbers? ==== Videos ==== * [[https://www.youtube.com/watch?v=s66e-kwvKUU|How to Root every MTK China Phone]] takes you through making a recovery using stock ROM. Requires //Preloader mode// and a bunch of Windows apps. Walks you through generating a scatterfile. ==== Apps ==== * [[https://forum.xda-developers.com/t/util-win-mt65xx-mtk-droid-root-tools-mediatek-android-smartphone.2160490/|MTK Droid]] [[https://androidmtk.com/download-mtk-droid-tool|alternate link]] runs in Windows only and reads/writes scatterfiles. Can also root * [[https://forum.hovatek.com/thread-21495.html|Mediatek (MTK) Auto Philz recovery porter]] creates custom recovery ==== Resources ==== * [[https://forum.hovatek.com/|Hovatek]] has forums and how-tos and seems like a good source of information. They offer private consulting at $10/hour * [[https://forum.hovatek.com/thread-21970.html|How to use Wwr MTK + SP Flash tool to backup Mediatek rom]] * [[https://www.thecustomdroid.com/mediatek-preloader-usb-vcom-drivers/|VCOM drivers]] (specifically for Mediatek for communication with preloader) ==== TWRP ==== * [[https://www.xda-developers.com/how-to-install-twrp/#howtoinstalltwrpanyandroid|install TWRP]] * ==== ADB ==== ^ Command ^ Action ^ |adb disable-verity|disable checking of block devices| |adb shell "getprop ro.oem_unlock_supported"|see if unlocking is supported| |adb reboot-bootloader|boot into "fastboot mode"| |adb root|get status of rooting| ==== Fastboot ==== Some commands once in fastboot mode: ^ Command ^ Action ^ |fastboot oem device-info| | |fastboot oem unlock|unlock the bootloader (2014 and lower)| |fastboot flashing unlock_critical|unlock the bootloader (2015 and higher)| |fastboot reboot|leave fastboot mode| ==== Wi-Fi ==== * [[https://technical-tips.com/blog/android/android-wifi-password-view--11933|get Wi-Fi passwords]] * [[https://mashtips.com/see-wifi-password-android/|basically adb pull /data/misc/wifi/wpa_supplicant.conf]] ==== Custom Launcher ==== * [[https://www.androidauthority.com/make-a-custom-android-launcher-837342-837342/|How to build a custom launcher]] ==== App and file permissions ==== * [[https://source.android.com/security/app-sandbox|The app sandbox]] === Giving an app root access === //Apps need to be system apps to have root-type privs// * [[https://stackoverflow.com/questions/17222535/create-system-application|How to make your app a system app on a rooted device]] * [[https://titanwolf.org/Network/Articles/Article?AID=08b12461-41e9-4fa2-9fe9-e40a604cfb53|root run bash-like commands etc.]] * [[https://medium.com/android-news/system-app-in-android-f003d418b4cc|tutorial on Medium on how to make system apps]] For apps to have root access they need to be system apps. For KitKat the app needs to be in ''/system/priv-app'' with 644 permissions. * Example: ''cat /sdcard/SecureSetting.apk > /system/priv-app/SecureSetting.apk'' (cp works too) ==== Emulator ==== To give emulator root: - change to directory where emulator is located, probably something like: ''~/.android/avd'' - start the emulator yourself with an incantation similar to: ''~/Android/Sdk/emulator/emulator -avd Nexus_4_API_19 -writable-system -selinux disabled -qemu -enable-kvm'' - in emulator shell: ''mount -o rw,remount /system'' //not fully tested// ==== Tips and Tricks ==== * [[https://android.googlesource.com/platform/frameworks/base/+/master/cmds/bootanimation/FORMAT.md|change boot animation]] * when compressing the animation to a zip, make sure the zip is uncompressed (use the ''-0'' flag) * for script to run on boot add/create ''/system/etc/install-recovery.sh'' * Mount system RW: ''mount -o rw,remount /system'' * Mount system RO: ''mount -o ro,remount /system''