Motorola Droid has been Hacked! Unlocks for everyone! :)
It seems like the hackers are at it again, and have rooted the Verizon Motorola Droid. For those who dont know this means soon you should be able to add custom features such as themes, Multitouch browsing, tethering, blue tooth files transfers ect! The possibilities are endless. We all know Verizon likes to lock down their phones, and the Motorola Droid is no exception. Any day now new hacks should start rolling out. Keep checking back for the newest hacks for the Motorola Droid, as they are released.
Heres the info from “Zinx Verituse” over at AllDroid.
Droid rooted
I’ve rooted the Droid;
md5sum of initial exploit zip: 94a0c30ea9104c2776d042e760bfd716
URL: http://rapidshare.com/files/318204448/d … t.zip.html (Down now?)
URL2: http://www.4shared.com/file/168496608/8 … -root.html (thanks, blunden)
URL3: http://www.mediafire.com/?ydaqjmditjh (thanks, blunden)
URL4: http://www.multiupload.com/XYPZLK4K22
Also attached in a thread post.
The exploit provides a /system/bin/su from AOSP (that is, you can only use it from adb shell).
Other payloads can be arranged, but I’m too lazy to make them myself.
Provide a decent payload and I will turn it in to an update.zip that the Droid will apply.
Restrictions: The payload zip must be <63k
I can add files already in the official update to it (update-binary).
UPDATE: 2009-12-09
New exploit zip, including Superuser from CyanogenMod
URL: http://zenthought.org/system/files/asse … eruser.zip
1) get signed -voles-ESD56-from-ESD20.84263456.zip (md5sum
3af35446905040a3123ec09195299596)
2) get droid-superuser.zip (this file, md5sum e517995a7d1fe233c61df17c7f7c2a63)
3) append this file to the end of signed-voles-ESD56-from-ESD20.84263456.zip
* Windows: copy /b signed-voles-ESD56-from-ESD20.84263456.zip+droid-superuser.zip update.zip
* Linux: cat signed-voles-ESD56-from-ESD20.84263456.zip droid-superuser.zip > update.zip
The md5sum of update.zip will be cf653352967253e99d967498ffd9ce69
4) Copy the update.zip to the sdcard on the phone
5) Boot the phone to recovery mode (hold X and power the phone on)
* You’ll get a triangle + exclamation point if done right
6) Apply the update by pressing Volume Up + Camera
There will probably be mirrors for the pre-concatenated version of droid-superuser.zip, so check this thread.
DETAILS:
Eclair has a new signature checking mechanism, which has a hole allowing unsigned updates up to a certain size.
bootable/recovery/verifier.c notes that a zip file could be hidden in the signature, and has measures to prevent this, but due to a copy/paste mishap, does not check for a hidden zip properly.
This was brought to my attention by embeem, a week or two ago. I do not know who mentioned the problem to him.
Patch that closes the hole:
http://review.source.android.com/12807
Tags: hack, Motorola Droid, verizon, Zinx Verituse