The instructions below are current and will work if you are on Linux. If you aren't and you are reading this I assume you can figure out the setup on your platform or ask in the comments.This also assumes you have adb (From the Android SDK) in your path.
- Android vendor source: http://developer.android.com/sdk/index.html
- You can grab both at: http://wiki.cyanogenmod.com/index.php?title=Template:Psneuter_downgrade
- Arm Compiler: http://www.codesourcery.com/sgpp/lite/arm
- I downloaded and used this arm compiler because the binaries that came with psneuter did not work
All commands below will assume you are doing your work in /tmp but it doesn't reallly matter your choice.
Download both psneuter.zip and misc_version_01.zip from the above links and put them in /tmp
Go into your /tmp directory.
Unzip both packages from above
Download the compiler
Untar the package
tar jxfv arm-2010.09-50-arm-none-linux-gnueabi-i686-pc-linux-gnu.tar.bz2
arm-2010.09/bin/arm-none-linux-gnueabi-gcc -o psneuter -static psneuter.c
Push the new psneuter binary as well as the misc_version binary:
adb push psneuter /data/local/tmp
adb push misc_version /data/local/tmp
Start an adb shell and set the permissions for both psneuter and misc_version
chmod 755 psneuter
chmod 755 misc_version
In the adb shell run psneuter and restart your adb shell for root access
This is in the adb shell.
property service neutered.
killing adbd. (should restart in a second or two)
Restart your adb shell connection
That's it you have root. If you reboot now it will disappear and you will need to repeat the steps above. The next step should be to install Superuser/su
Ok I have root now what?
Do not reboot your phone before doing this otherwise you will have to repeat the steps above.
Unzip the file
When you unzip this you will have two files we are interested in
Push both of those to /data/local/tmp
adb push system/app/Superuser.apk /data/local/tmp
adb push system/bin/su
Log in to your root shell and
Change the owner of su to root and set the SETUID bit
# chown root.root /data/local/tmp/su
# chmod 4755 /data/local/tmp/su
Mount /system with rw permissions
# mount -o remount,rw -t yaffs2 /dev/block/mtdblock6 /system
Copy su and Superuser.apk to the appropriate system locations
# cp /data/local/tmp/su /system/bin
# cp /data/local/tmp/Superuser.apk /system/apps
Reboot look on the android market for apps that require root and have fun.
A good place to start is Titanium Backup.
Thanks to everyone on irc://irc.freenode.org/#xda-dev that helped with suggestions.
Exploits I found for android
RageAgainstTheCage "frontend" Super One Click Root: http://forum.xda-developers.com/showthread.php?t=803682