Please port qu1ckr00t to armv7l

[Skorpion96]

As title I'm asking you if you can port qu1ckr00t to armv7l. I have a zte phone (ZTE blade a5 2019) which is vulnerable since the exploit runs but since the exploit is for arm64 I can't run it. I tried a 32 bit version on xda and it runs but with errors. Probably addresses are wrong, I'll leave here my kernel sources if you want to port it:https://www.mediafire.com/file/bhzmyeqepf4ve6j/P963F30_ZTE_Blade_A5_2019_Pie_kernel%25284.4.147%2529.tar.gz/file

[Skorpion96]

您好，我最近正在休假中，无法亲自回复您的邮件。我将在假期结束后，尽快给您回复。

i don't understand chinese, i'll use google translate

Edit: thank you so much

[Skorpion96]

Well I hope you will help me since I don't have other options, unisoc is not answering and zte I guess sent an email to unisoc asking the unlock code but they don't answer at all. Now summer is finished so I hope you can help me get this exploit to armv7l for my kernel

[Skorpion96]

您好，我最近正在休假中，无法亲自回复您的邮件。我将在假期结束后，尽快给您回复。

Thank you, I hope you enjoy your holidays

[Skorpion96]

i found on xda a 32 bit version of the exploit, so we could work with this, changing kernel addresses and kernel magic with the ones of my kernel, i'll leave a link to the post:https://forum.xda-developers.com/t/root-with-cve-2019-2215.3979341/post-80830899 anyway another potential exploit could be CVE-2020-0041, someone already used it to root some devices:https://forum.xda-developers.com/t/xperia-1-5-temp-root-exploit-via-cve-2020-0041-including-magisk-setup.4146103/

[Skorpion96]

Yes I know, I only made the post to update you on what I found, hope you will enjoy your holiday

[Yu-324]

Yes I know, I only made the post to update you on what I found, hope you will enjoy your holiday

Sorry for that, I never have a holiday. Maybe it just the bug from my email provider. I already dropped this old account.

[Skorpion96]

I have extracted kallsyms:https://www.mediafire.com/download/pbm0nvptr3w8eab (invalid link, look on next comment) About porting idk, I know that we have to take from the kallsyms file values and replace into the exploit but I don't know if I will be able to do it alone

[Skorpion96]

other kallsyms i extracted and other stuff:https://www.mediafire.com/folder/uvde49kcna40o/ZTE_A5_2019_Stuff

[Skorpion96]

Any news? I'm really sad, Google ruined rooting and zte is taking advantage of protections like bootloader to stop everyone from rooting, also exploits are kernel specific making them really difficult to work with. I wonder if I will ever be able to root this crap phone

[Skorpion96]

So how's going? Are you still working on this @saga0324? If you are I want you to know that I'm really grateful for that. I hope for you the best.

[saga0324]

So how's going? Are you still working on this @saga0324? If you are I want you to know that I'm really grateful for that. I hope for you the best.

In my opinion, if you want to root your ZTE. You can try to find the boot image or buy from some property firmware site. Seems like this way is much easier than modify the exploit.

[Skorpion96]

@saga0324 As I was saying I talked to someone and he told me that exploit would need to be rewritten to my kernel version. This guy wanted to help as well, maybe you would get in contact with him? I'll leave a link to the group where we are:https://discord.gg/pRwc4RhY He is bluefenix btw

[Skorpion96]

About the boot image i have it, let me upload it when I get home

[Skorpion96]

here is boot https://www.mediafire.com/file/vumckkh8l79j1zy/boot_zte_blade_a5_2019_claro_1.0_fw.img/file @saga0324

[Skorpion96]

@saga0324 found an eng firmware, here is the link:https://androidhost.ru/Y56?pt=UXpoUE5HZG1lWEZ6ZWtwbk5HRXhaM2hZVkdwMFp6MDlPaU82M2RiM2JvdTc0UmdXUXhyUExXcz0%3D i have a root shell now, i was able to get developer options to show but them are disabled. Anyway i can still flash from the shell, because there is no fastboot and i have a root shell so it's time to root this thing. Bootloader is still locked but I was able to edit the stock system and boot it, I'll try to add root to it, I'll leave a link to the stock img here as well if you want to try:https://terabox.com/s/1f8NKRTyul1wD01SMd4-owQ Edit2: root achieved by booting a gsi prerooted:https://youtu.be/GON2GXowoRQ

[Skorpion96]

@saga0324 I would like to unlock bootloader if possible, if it isn't possible then I would like to use the qu1ckr00t app to install magisk on system, could you please help me on doing it? Btw about bootloader unlock there is a new exploit to try:https://github.com/TomKing062/CVE-2022-38694_unlock_bootloader/wiki/AddSupportToModel#part-2-modify-fdl1 although I don't know if will work on my unisoc SC9863A. There is also a verified boot bypass exploit:cve-2020-10648 we can try if you still like to help me

[Skorpion96]

Just to let you know I and TomKing062 are trying unlock bootloader:https://github.com/TomKing062/CVE-2022-38694_unlock_bootloader/issues/4#issuecomment-1795214974 Unlocked, i'll put the issue as completed also, we did more:https://xdaforums.com/t/zte-blade-a5-2019-2020-etc-root-guide-locked-bootloader-valid-for-all-unisoc-zte-models-with-an-engineering-firmware.4612391/