[Advanced users only] Teracube 2e root

Jake · February 9, 2021, 12:55pm

Using the default boot.img provided on the other thread, I’ve generated a Magisk 21.4 boot.img. I’m not sure if I’m allowed to post the binary here, but here’s some instructions on how I did it. These may not work for you, as these are Linux only.

--LINUX--
This could break your device and I'd like to not be responsible. Please exercise caution when flashing to your device. If you don't know what you are doing please wait :)

Get Magisk Manager on device, put default 2e boot.img on the device, use Magisk to make patched boot.img. Pull back using adb. 

adb pull /sdcard/Download/magisk_patched_q4VX5.img

Split

split -b 16M magisk_patched_q4VX5.img 
rm magisk_patched_q4VX5.img xab
mv xaa magisk_patched_q4VX5.img

Generate signing keys
openssl genrsa -out rsa.pem 2048

Install avbtool and use

./avbtool.py add_hash_footer --image "magisk_patched_q4VX5.img" --partition_size 33554432 --partition_name boot --key rsa.pem --prop com.android.build.boot.os_version:10 --prop com.android.build.boot.security_patch:2019-06-06 --algorithm SHA256_RSA2048

Boot into bootloader
adb reboot bootloader

Flash image
fastboot flash boot magisk_patched_q4VX5.img 

Reboot back into regular
fastboot reboot

Everything should work.


some more info and sources:
https://github.com/topjohnwu/Magisk/issues/2491#issuecomment-773928239
https://android.googlesource.com/platform/external/avb/+/master/README.md
https://wiki.postmarketos.org/wiki/Android_Verified_Boot_(AVB)

TheLinuxBug · February 16, 2021, 2:16am

As Hannibal from the A-Tram used to say, “I love it when a plan comes together!”

Good work! Thanks for contributing this to the community instead of making us all reinvent the wheel over and over again. Now we all have the master plan and can succeed together!

Cheers!

Sharad · February 16, 2021, 11:06pm

Hi @Jake - you can post the binary here. And if possible, Windows instructions as well please .

Jake · February 17, 2021, 12:27am

Sure! I’ll get this done in a little bit!

Jake · February 17, 2021, 3:19am

Going to reclarify, these images worked perfectly for me, but may not for you, I’d keep the original boot image near by in case it doesn’t!

But here is my patched Magisk 21.4 image

Patched Magisk 21.4 image:
Teracube will be releasing the images for everyone’s safety.

As well as some Windows instructions, I just tried out, and they worked for me, but let me know if you have any problems.

Windows instructions:
get platform-tools, python, and cygwin or git bash (or another splitting and openssl! I just used the default Git for Windows which comes with all of this. https://git-scm.com/download/win)

Get Magisk Manager on device, put default 2e boot.img on the device, use Magisk to make patched boot.img. Pull back using adb. 

adb pull /sdcard/Download/magisk_patched_luJK4.img

split -b 16M magisk_patched_luJK4.img 

Remove xab and rename xaa to magisk_patched_luJK4.img 

Generate signing keys
openssl genrsa -out rsa.pem 2048

(To install avbtool with the Git shell or cygwin you can run this: 

curl "https://android.googlesource.com/platform/external/avb/+/refs/heads/master/avbtool.py?format=TEXT" | base64 --decode > avbtool.py

or grab it off this page another way: https://android.googlesource.com/platform/external/avb/+/refs/heads/master/avbtool.py
)

py avbtool.py add_hash_footer --image "magisk_patched_luJK4.img" --partition_size 33554432 --partition_name boot --key rsa.pem --prop com.android.build.boot.os_version:10 --prop com.android.build.boot.security_patch:2019-06-06 --algorithm SHA256_RSA2048 --salt 83865190284299418204

Boot into bootloader
adb reboot bootloader

Flash image
fastboot flash boot magisk_patched_luJK4.img

Reboot back into regular
fastboot reboot

and everything works!

Onto trying out phhusson’s GSI!

Logan_Hunter · February 17, 2021, 4:40am

Reminder for anyone doing this for the first time in a while - before any of these steps, the bootloader must be unlocked. Toggle the “OEM Unlocking” slider under “Settings > System > Developer settings” while still booted in to Android, and then later, after rebooting to the bootloader, but before attempting to flash the bootloader issue the command

fastboot flashing unlock

and follow the on screen prompts to unlock

Grace · February 17, 2021, 9:18am

In case anyone needs a link to avbtool.py, I used this and it worked perfectly: https://mega.nz/#!s7JEGCbA!9H2KJkppDGYbUefQ87QXJBNHXZCSVxen3w7yLOHL9KA

Sharad · February 18, 2021, 3:08am

Super cool. Just to confirm - we have a working root and it’s been tested by multiple folks?

TheLinuxBug · February 18, 2021, 3:15am

@Sharad,

Depends on how you look at it really. When using this method you really can’t verify what Magisk’s is inserting into the image fully, while you get root, the original OP was probably good to give the warning he did and be a little stand-offish about providing a link to the image originally. It isn’t to say something fishy is going to happen, however, you have no way to actually verify what is in that code being used to exploit and provide root.

The best solution would be for you guys to provide an direct rooting solution that doesn’t require the end user to possibly infect their phone with unknown software just to get root. Even if that takes completing extra steps or is for advanced users – just providing an solution outright is the best way to maintain the best security for your image and your customers.

Most people will know going in this is “At their own risk”, though some may just see root and not care and dive right in without even considering any of the above which I have outlined.

I am not saying you should ban this from here or prevent those whom wish to take the risk from taking it, however, coming up with your own solution if possible is really a better approach.

My 2 cents.

Cheers!