New root method for stock 2.3.4 (621/622) found (Droid2, R2D2)

This is for original Droid2 and Droid R2D2. If you have issues booting after root, check the end of this post.

I've been working on root for a few days after having to flash stock 621. I've tested this with my R2D2 running 621.

7/25/2012 - Thanks to beh for putting together an EzSBF cd for this! Just burn, boot from CD and follow the directions. It can flash to the stock 621 update for those that want the stock Gingerbread image, then gives you the option to root if you like. You can also create a bootable USB stick with the iso using http://unetbootin.sourceforge.net/

Droid 2 621 EzSBF with root option
[background=rgb(245, 245, 245)]The MD5 is[/background]
[background=rgb(245, 245, 245)]e50bc7914c4852ca32e9f08f7744c056[/background]

The instructions below work, but beh's EzSBF is far superior.

If you want to use CyanogenMod 7.2 after root with this method check this post.

Windows (Easy way)
Install Motorola drivers and RDS Lite if you don't already have them installed.
Get RootDroid2update.7z (md5 sum FCB9D5BC5225894CA66A9729E3FFD1C5), extract folder, run RootDroid2.bat and follow the instructions.
You'll have to flash the phone as part of the process.

Linux (Easy way)
You'll need adb and sbf_flash.
1) Download the RootDroid2update file (md5 sum FCB9D5BC5225894CA66A9729E3FFD1C5), extract it wherever you like.
2) Using adb enter "adb shell ln -s /data/local.prop /data/preinstall_md5/magic.md5"
3) Flash using sbf file in download, wait for full boot.
4) Reboot again.
5) "adb shell" should be root, you can now install the root utils from the zip

Linux (Long way)
What you need: Stock SBF (thanks to droid-developers.org), custom preinstall.img (md5 sum 02A7EB41DF2622974912E8D143295E9F), adb (from android sdk), and sbf_flash

1) Enable USB debugging on your phone and send this adb command:

adb shell ln -s /data/local.prop /data/preinstall_md5/magic.md5

2) Unpack the custom preinstall file, then reboot your phone into flash mode by holding the up arrow on the keypad. Then send the custom SBF file with sbf_flash:
sbf_flash -r --preinstall preinstall.img <stock sbf filename>

(For example, I used 1FF-p2a_droid2_cdma_droid2-user-2.3.4-4.5.1_57_DR4-51-120117-release-keys-signed-Verizon-US.sbf so the command is "sbf_flash -r --preinstall preinstall.img 1FF-p2a_droid2_cdma_droid2-user-2.3.4-4.5.1_57_DR4-51-120117-release-keys-signed-Verizon-US.sbf")

3) Wait for phone to boot after flashing, then reboot again one final time.
4) "adb shell" should give you a root prompt (# instead of $)

5)Send superuser utils from http://androidsu.com/superuser/

adb shell mount -o remount,rw /dev/block/system /system
adb push su /system/bin/su
adb shell chmod 4755 /system/bin/su

adb push Superuser.apk /system/app/Superuser.apk
adb shell chmod 644 /system/app/Superuser.apk
adb shell mount -o remount,ro /dev/block/system /system

Thanks to Dan Rosenberg (djrbliss) and those that helped him research http://vulnfactory.o...ng-the-droid-3/ for ideas

Important
If you are having issues booting, you may need to remove the exploit files and clear the cache, as reported by Morlok8k.

Morlok8k said:

Literary almost every other reboot was failing...

so i went into terminal emulator (this could also be done in adb shell, i guess)

i did the following:

su
rm /data/preinstall_md5/magic.md5
rm /system/preinstall/md5/magic.md5
rm /system/preinstall/app/magic

then i went into clockworkmod recovery and cleared the cache. (not data and cache, just cache)

I have rebooted many times since doing the above (i did each one with some reboots in between, just to see which step fixed it), but clearing the cache after removing the hack has seemed to fix my issue.

I don't know how other devices are handling your hack but my Droid 2 Global needed the hack cleaned up to restore stability. It works though! very clever.

Click to expand...