Android OS Forum banner
1 - 9 of 9 Posts

· Rooter
216 Posts
I will not be responsible for damage to your device(s) by using this exploit. Antivirus software and Play services will likely detect this as potentially malicious. It is an exploit, deal with it or don't use it. Do not mirror these applications without my permission!

PwnMyMoto is a replacement for my previously released MotoRoot. PwnMyMoto exploits three vulnerabilities, to gain root access, then to gain write to system. This is a traditional root, and doesn't use any 'hackery' to maintain su access unlike MotoRoot.

First we use bug 9695860 (aka second masterkey) to gain system user, then it uses a symlink attack to gain root access. After gaining root we exploit a flaw in the bootloader, allowing us to bypass the write protection applied to system. In the process we remove stock recovery, so OTAs will not be a worry.

Install PwnMyMoto by running:
adb install -r PwnMyMoto-<version and model go here>.apk

Then run PwnMyMoto, depending on the current root status of your phone it will reboot 2 or 3 times, after the last reboot it will uninstall it self and su will be installed on the actual system partition. Please install SuperSu from the market after this step is done.

We have two (ok more but were not going into that) boot modes. First is normal, which boots regular Android, and in this case boots with system write protected. Second is recovery mode, normally it boots recovery without write protection. Our exploit will hijack recovery bootmode and boot Android without write protection.

After running this exploit, if you boot normally /system will be write protected. If you boot to "recovery", Android will boot without write protection. If you wish to edit system, you must boot into "recovery" to do so, any changes made will stick and will work in either bootmode. My suggestion is to make your changes in "recovery" and run the device day to day in normal mode, until we are certain "recovery" mode will be 100% stable for day to day use.

The exploit will uninstall itself after successful exploitation.

To see if write protection is applied, you can run:
adb shell getprop ro.boot.write_protect

If it returns '1' then write protection is applied to /system, if it returns '0' then no write protection has been applied.

In the future we will have a replacement recovery, but at this time it is still in development. Enjoy.


· Android Beginner
85 Posts
Just want to be sure the Verizon one is for the X and the Droid is for the Droids, even though I assume based on MotoRoot it won't matter. Also if I used MotoRoot do I need to do anything before using PwnMyMoto?

· Registered
12 Posts
Girlfriend upgraded to a Motorola Droid Mini today. I'd like to root it for her, freeze bloat, and freeze whatever system app checks for OTA's so she doesn't brick it on accident. Phone came with 4.2.2, system version 12.7.7.obakem_verizon.Verizon.en.US and within an hour of turning it on it's already downloaded an update. I think it's the 12.15.10.obakem_verizon.Verizon.en.US. I've kept postponing the install because I didn't know if it'd patch the exploit used for root here. Searching Google for rooting 12.15.10 droid mini doesn't yield much at all, just keep finding this thread here as well as at xda... I assume I just download the apk above for Droid, follow directions, rooted. But does anyone know if the 12.15.10 update on the Verizon Mini patches the exploits pwnmymoto 1.2 Droid? Just trying to find out if I can update and get the upgrade benefits and still root.

It's a strange world have to mess with a locked phone again... I've been on a Galaxy Nexus for a while, love it. Probably will be buying a developer edition Moto X here soon though!



EDIT: Looks like the xda link has a newer version (1.4.3) of pwnmymoto Droid. Probably will use that, just curious if anyone can vouche for it working on the 12.15.10 update for Verizon Droid Mini.

1 - 9 of 9 Posts
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.