Discussion in 'Coby Generation 3' started by ken3317, Jun 15, 2012.
Not sure where this fits, is it Gen 3 and why doesn't z4root or anything root this device
Most likely you would use the same exploit the rest of us use on Coby tablets.
How do I run this exploit? I'm a newbie with tablets, I've dabelled with android phone hacking, but just got a tablet and this stupid one has only a "GetJar: Market that's totally a joke. I'd like to get google apps running like Play store. thanks
It fits with gen3 (ICS tablet) as far as z4root (etc) I don't think they've been fully updated to deal with ICS
...and its linux kernel is 2.7.x or above, you should be able to use the mempodroid exploit. The only stumbling block I can see you having is figuring out what the in-out memory addresses are. IE: using adb, you push the mempodroid binary to your tablet, then you chmod the binary so as to be able to execute it. THEN, you have to specify in the command line for th exploit two memory addresses. In the case of the Kyros 4042, it looks like (shamelessly taken from vamps' post):
/data/local/tmp/mempodroid 0xd7cc 0xad27 sh /data/local/tmp/root.sh
<-- from here to here exploit command --> <-- mount\copyfile\etc script -->
I've done a little reading on the exploit, and have examined the mempodroid binary a bit, however I can see I need to do a bit more research into it regarding how you determine what the needed memory addresses should be.
Ok, a user from XDA has authored a tool that gives you the offsets you need for mempodroid to work. Go have a read at [HOWTO] Get offsets for ICS exploit - xda-developers ... A quick summary would be:
1) Download the zip file from the post (n95-offsets.zip ...)
2) adb push the file to your tablet then chmod them.. ie:
adb push n95-offsets /data/local/tmp/
adb push mempodroid /data/local/tmp/
adb shell "chmod 0777 /data/local/tmp/mempodroid"
adb shell "chmod 0777 /data/local/tmp/n95-offsets"
3) Now execute n95-offsets.. ie: adb shell "/data/local/tmp/n95-offsets"
4) If successful, it will output the command you need for mempodroid, which you can cut\paste - etc.
I know theres' another way to get these offsets, however this is what I've turned up so far. Hope this helps.
Ok, I tested the above method and it most definitely works. Output from the app was:
C:\Program Files (x86)\Android\android-sdk\platform-tools>adb shell "/data/local
n95-offsets by Nesquick95
Gets requiered offsets for mempodroid exploit
./mempodroid 0xd7cc 0xad27 sh
..So heads up.
Can someone explain? This is just slightly too vague for me to take a guess on what to do.
Separate names with a comma.