# RCA Voyager rct6873w42 rooting help



## insanemhelo (Oct 22, 2016)

I was wondering does anyone know of a working way to apply root to this device. I have tried kingo root, king root, iroot, one click root, and impactor. Everyone of them fails when trying to apply the root. i thought maybe i could attempt to unlock the bootloader on the deivce cause that might be what is causing them to fail. I booted into recovery and then clicked reboot into bootloader and the device just boots normal so i am unable to get into the bootloader to even attempt to unlock it. I'm at a roadblock with this device. If anyone can help me get root on this device i would be grateful.


----------



## buddhaja (Nov 4, 2016)

Well I believe that you have enable bootloader unlock in developer tools before you can unlock the bootloader


----------



## [email protected] (Nov 26, 2016)

i enabled oem unlock in developer options what now

---------- Post added at 11:15 PM ---------- Previous post was at 11:14 PM ----------

i tried adb reboot fastboot get a blank screen

---------- Post added at 11:16 PM ---------- Previous post was at 11:15 PM ----------

i tried adb reboot bootloader and just does a normal reboot

---------- Post added at 11:16 PM ---------- Previous post was at 11:16 PM ----------

im using minimal adb and fastboot program for windows


----------



## [email protected] (Dec 1, 2016)

I tried framaroot no go kingoroot app gets to 70 % then gives me a download error idk what else to try only one site has the rct6873w42 firmware and its paid adb shell reboot fastboot also fails with blank screen 

sent from my nexus 4 using Tapatalk I also own a voyager tablet and I also own an I phone 4s


----------



## fsebentley (Dec 12, 2016)

[email protected] said:


> I tried framaroot no go kingoroot app gets to 70 % then gives me a download error idk what else to try only one site has the rct6873w42 firmware and its paid adb shell reboot fastboot also fails with blank screen
> 
> sent from my nexus 4 using Tapatalk I also own a voyager tablet and I also own an I phone 4s

Click to collapse



When you reboot into fastboot mode a blank screen is correct... you can use the fastboot commands from the connected PC
at this point.

I have got this far however I have had no luck thus far in unlocking the bootloader, this is not an indication that it cant be done
just that I do not know the proper command in fastboot, most of my work on Tablets has been on the Allwinner SOC's and I
almost never had to use Fastboot in modding those since the bootloader is not locked on those SOC's for the most part. 

RCA has very little useful info on their site nor even a Firmware download available... I would love to get ahold of a firmware for this Tablet in order to make modding it easier, failing that if I can manage to root it I should be able to pull the partitions and create a useable firmware mod... If you have any more luck with this please share whatever info you get and I will do the same.

Thanks


----------



## [email protected] (Dec 12, 2016)

Fastboot oem unlock is the normal command to unlock the bootloader for Fastboot devices i saw another reason tablet on xda developers I believe it was called rca viking or something similar there is a bootloader unlock and root thread for that device maybe worth looking at 
Here is the paid site I have 2g so I can't check the website to see if it legitimate 
http://www.sitelinks.info/notepad.p...ggYMAU&usg=AFQjCNE5BXp8BnP_V6-WI_RI7-1grLywDQ


Sent from my iPhone using Tapatalk

---------- Post added at 09:02 AM ---------- Previous post was at 08:38 AM ----------

This website claims to http://www.srsroot.com/ have rooted the tablet but they are known for false root proclamations worth a check 


Sent from my iPhone using Tapatalk


----------



## fsebentley (Dec 12, 2016)

[email protected] said:


> Fastboot oem unlock is the normal command to unlock the bootloader for Fastboot devices i saw another reason tablet on xda developers I believe it was called rca viking or something similar there is a bootloader unlock and root thread for that device maybe worth looking at
> Here is the paid site I have 2g so I can't check the website to see if it legitimate
> http://www.sitelinks.info/notepad.p...ggYMAU&usg=AFQjCNE5BXp8BnP_V6-WI_RI7-1grLywDQ
> 
> ...

Click to collapse




I tried the oem unlock command and it does not work, returns command fail...

The Viking uses the MT8127 SOC which would tend to have a different Firmware.. since that is a chinese SOC I expect the unlock to be
a bit easier typically i have found that on Tablets they often do not even lock the bootloader... the Sofia 3gr or Atom X3 is in the tab we have I have been looking into similar devices... so far I have not got much reading done on these... I will have a look at any info I can locate on here regarding the Viking .. but I have already read about some of the other Model # / versions of the Voyager on here and ours is not the same. The ones I have read up on so far do not seem to have a major problem rooting. This one is a bit of a pain as I cant use adb in root mode which when possible makes rooting much easier...

The link to the Paid site you posted seems to be dead... 

I have tried SRSRoot which also does not work... actually i have attempted using Kingoroot, iroot, rootgenius, framaroot, towelroot, tunesgo
and OneClickRoot none have any success at all... they do indicate varying degrees of progress but in the end the most that any has accomplished is to push their app to the tab.

I will keep trying and looking... perhaps I will locate a firmware for these out there so i can examine the partitions and their contents more
closely...

Thanks


----------



## just a bird xo (Dec 20, 2016)

fsebentley said:


> I tried the oem unlock command and it does not work, returns command fail...
> 
> The Viking uses the MT8127 SOC which would tend to have a different Firmware.. since that is a chinese SOC I expect the unlock to be
> a bit easier typically i have found that on Tablets they often do not even lock the bootloader... the Sofia 3gr or Atom X3 is in the tab we have I have been looking into similar devices... so far I have not got much reading done on these... I will have a look at any info I can locate on here regarding the Viking .. but I have already read about some of the other Model # / versions of the Voyager on here and ours is not the same. The ones I have read up on so far do not seem to have a major problem rooting. This one is a bit of a pain as I cant use adb in root mode which when possible makes rooting much easier...
> ...

Click to collapse



Were you ever able to gain root?


----------



## [email protected] (Dec 20, 2016)

I haven't yet


Sent from my iPhone using Tapatalk


----------



## fsebentley (Dec 21, 2016)

just a bird xo said:


> Were you ever able to gain root?

Click to collapse



No I have still not got root access, I have unlocked the tablet and am exploring ways to load a recovery image from fastboot without flashing it. I have also inquired with RCA about getting a copy of the Firmware and I continue to search google etc. for the firmware. Once I have the firmware I am confident that I can root the Tablet fairly quickly.


----------



## [email protected] (Dec 21, 2016)

How did you get bootloader unlock?


Sent from my iPhone using Tapatalk


----------



## fsebentley (Dec 21, 2016)

[email protected] said:


> How did you get bootloader unlock?
> 
> 
> Sent from my iPhone using Tapatalk

Click to collapse



fastboot flashing unlock while pressing vol + button on tab... if you simply enter the command while watching the screen you can see the display flash a message calling for input... if you press no buttons it auto enters a no answer... it goes by really fast so the only way I have been able to catch it is by pressing the + vol button then enter the fastboot flashing unlock

that does the trick.


----------



## [email protected] (Dec 21, 2016)

Thanks 


Sent from my iPhone using Tapatalk


----------



## just a bird xo (Dec 22, 2016)

fsebentley said:


> fastboot flashing unlock while pressing vol + button on tab... if you simply enter the command while watching the screen you can see the display flash a message calling for input... if you press no buttons it auto enters a no answer... it goes by really fast so the only way I have been able to catch it is by pressing the + vol button then enter the fastboot flashing unlock
> 
> that does the trick.

Click to collapse



Which mode do I have to be booted in for this to work? 

I've tried entering adb reboot bootloader as well as adb reboot fastboot & I can't seem to get it to unlock.


----------



## fsebentley (Dec 22, 2016)

just a bird xo said:


> Which mode do I have to be booted in for this to work?
> 
> I've tried entering adb reboot bootloader as well as adb reboot fastboot & I can't seem to get it to unlock.

Click to collapse



I usually just go into adb shell, then do reboot fastboot.

The Tab will reboot with an apparent blank screen, if you look closely you will note that there is a faint backlight. Once in this mode your PC will have a new device in device manager, if it is unrecognized device you can manually assign a device driver. I have the intel drivers installed as well as the google drivers. Woth the intel drivers you can do an Update driver select Browse my computer for driver software, then Let me pick from a List of device drivers on my computer, then scroll down to the Intel Android Device in the list and select either the Intel Android Bootloader device or the Android Bootloader Device, Both seem to work fine.... If you do not install the intel drivers then you should be able to select the USB devices option then select theADB Device. This also seems to work fine...

When in fastboot mode you will havea blank screen however when you enter certain fastboot commands there will be a very brief flash of information/input needed on the screen, it seems the ui in this mode is inhibited in some way.

Also worth noting on this model almost all the commands previously done using oem [command] are now done with flashing [command].


----------



## fsebentley (Dec 23, 2016)

I have now located a firmware for this device and am downloading it. The file is on baidu so is going to take some time to get but once I have it I should be able to do something with the bootloader to allow rooting by most of the conventional apps... as well as make my own rooted version of the firmware and likely get started modding it...

Well the first one I found is a bust... the files contained in the .zip are not in a format that is directly usable or they are corrupted. It appears to contain files from an MTK scatter and has MTK info in the text based config files.. so either someone pulled these using the MTK tool incorrectly or they labeled the file incorrectly as rct6873w42 firmwares... or this could be something I am not aware of...
either way these are taking some time... baidu is slow...


----------



## fsebentley (Dec 24, 2016)

Well it seems that all the ones I have found and downloaded so far have turned out to be mislabeled firmwares for other models of the RCA devices. I will keep pulling them in hopes of finding one that works but meanwhile I will look into some other avenues as well.


----------



## JordanMoore1371 (Dec 27, 2016)

So far I'm with you guys up to unlocking the bootloader. Have we made any progress with locating rootable firmware? I've rooted a phone before but never a tablet let alone such a pain in the neck tablet. 

I have run
fastboot flashing unlock
and got all that squared away, is there anything else to do at this point? Is it safe to continue to use it in it's current state? You guys are awesome by the way I couldn't find anything anywhere else online for this model. Y'all are making history!


----------



## [email protected] (Dec 27, 2016)

We need to port a custom recovery to this tablet a lots harder than it sounds 


Sent from my iPhone using Tapatalk


----------



## JordanMoore1371 (Dec 27, 2016)

[email protected] said:


> We need to port a custom recovery to this tablet a lots harder than it sounds
> 
> 
> Sent from my iPhone using Tapatalk

Click to collapse



Anything we can do to help? Can't be too crazy can it?


----------



## insanemhelo (Oct 22, 2016)

I was wondering does anyone know of a working way to apply root to this device. I have tried kingo root, king root, iroot, one click root, and impactor. Everyone of them fails when trying to apply the root. i thought maybe i could attempt to unlock the bootloader on the deivce cause that might be what is causing them to fail. I booted into recovery and then clicked reboot into bootloader and the device just boots normal so i am unable to get into the bootloader to even attempt to unlock it. I'm at a roadblock with this device. If anyone can help me get root on this device i would be grateful.


----------



## mrmazak (Jan 2, 2017)

Just unlocked bootloader. And things did not go so smooth. On first boot I expected recovery to do wipe. Based on other devices, anyway. But on first boot I was greeted with a screen that says "device has been unlocked and cannot be trusted. Device will boot in 30 second's" but only powered off. Then this repeated for many power cycles. I tried to hold reset button and different button combos on boot.  I was about to try and return device when on the next reboot I had the android on its back(what I expected in the beginning) then one more device not trusted screen, this time it did boot and setting up now. 

I do not know what happened but perhaps a note should be added to op or guide when one is made stating the possible error screen and stating that it can be passed.


----------



## JordanMoore1371 (Jan 3, 2017)

mrmazak said:


> Just unlocked bootloader. And things did not go so smooth. On first boot I expected recovery to do wipe. Based on other devices, anyway. But on first boot I was greeted with a screen that says "device has been unlocked and cannot be trusted. Device will boot in 30 second's" but only powered off. Then this repeated for many power cycles. I tried to hold reset button and different button combos on boot.  I was about to try and return device when on the next reboot I had the android on its back(what I expected in the beginning) then one more device not trusted screen, this time it did boot and setting up now.
> 
> I do not know what happened but perhaps a note should be added to op or guide when one is made stating the possible error screen and stating that it can be passed.

Click to collapse



I seem to remember having this happen to me too. I guess it may be normal? Regardless mine works fine now and it is still unlocked. I am excited to see if anyone is able to find/create a firmware so I can through linux on this bad boy haha.


----------



## Jerryvail924 (Jan 3, 2017)

JordanMoore1371 said:


> I seem to remember having this happen to me too. I guess it may be normal? Regardless mine works fine now and it is still unlocked. I am excited to see if anyone is able to find/create a firmware so I can through linux on this bad boy haha.

Click to collapse



Has anyone tried flashfire and flashing supersu zip?


----------



## [email protected] (Jan 3, 2017)

Flash fire requires you to already be rooted 


Sent from my iPhone using Tapatalk


----------



## mrmazak (Jan 5, 2017)

Well I have experience with dirty-cow and using it to achieve a root shell. but all attempts to use the exploit on this device fail.

logcat while trying to exploit has this warning line.

 3135 W dirtycow: type=1400 audit(0.0:20): avc: denied { module_request } for kmod="personality-8" scontext=u:r:shell:s0 tcontext=u:r:kernel:s0 tclass=system permissive=0

my other devices running same build of dirtycow do not get this message.

the test I am starting  with is simply 

$ echo some text here > foo
$ echo some other text > foo2
$ chmod 0404 foo
$ ./dirtycow foo foo2

on all other test devices the contents of "foo" get over written with the contents of "foo2" when I try this test. On our el-cheapo rca tablet nothing changes, so this method as starting point for getting root is not gonna work.

I have started looking for other devices with same board/ chipset to find other options of root, no luck yet.

rockchip/sofia3gr is the board.


----------



## fsebentley (Jan 5, 2017)

mrmazak said:


> Well I have experience with dirty-cow and using it to achieve a root shell. but all attempts to use the exploit on this device fail.
> 
> logcat while trying to exploit has this warning line.
> 
> ...

Click to collapse



Have you made any attempts to boot from fastboot using an external recovery ? 
ex. fastboot boot recovery.img 

or fastboot boot zImage initrd.img second.img

My attempts with this so far have yielded with the first method "too many links" errors

and with the second it seems to attempt boot but hangs at initial screen. The hangs with this method could be simply an incompatibility with the Kernels that I have been trying but I am unsure at present... I have tried the zenpad 7 kernels and the Teclast X70 ones. with same results on all using both methods. If a bootable recovery capable of installing root ie unsecured then we can root and pull the full Firmware off and begin some work on a suitable custom recovery to flash to the device.

You might try those devices as well in your attempts, i am continuing to search for others as well as an firmware that might be out there for this device... I have requested a copy of it from RCA but so far they have just sent multiple acknowledgements that I made a request.


----------



## mrmazak (Jan 5, 2017)

fsebentley said:


> Have you made any attempts to boot from fastboot using an external recovery ?
> ex. fastboot boot recovery.img
> 
> or fastboot boot zImage initrd.img second.img
> ...

Click to collapse



I have tried two different device recoveries. With fastboot boot, both flashed the screen white but then returned to fastboot, so obviously not compatible versions. That's mainly what I'm searching for other devices with the board chip setup, maybe if we find a similar device it may have recovery

i found this one that says it works on intel chip androids. but still not booting, but it tried. I got the reboot warning about unlocked boot loader and then a multicolor static followed by the rca dog. but tablet was "stuck" in broken fastboot mode. 

Broken because commands did not work (fastboot reboot) but fastboot devices showed conneted, sortta (sn  was reported as ???????????)

https://forum.xda-developers.com/dell-venue/general/dell-venue-8-cwm-unsecure-boot-recovery-t2866925

its closer than other ones i tried, and it showed that fastboot boot is a function that should work.


I am in process of trying this method out. Old I know but, its a start

https://forum.xda-developers.com/android/development/intel-android-devices-root-temp-cwm-t2975096

Update:
Apparently I was on dead end trial there. In the thread from the op, it says will not work beyond android 5.1


----------



## Plasmastar (Jan 6, 2017)

Support finally got back to me, unfortunately I also asked about the tablet's battery life, and that's the only question they answered. Replying back asking about stock rom again.


P.S. I'm getting a life of about 1.5 - 2 hours in use. Is this normal?


----------



## [email protected] (Jan 6, 2017)

Battery life is really bad on this tablet from my experience 


Sent from my iPhone using Tapatalk


----------



## Plasmastar (Jan 6, 2017)

> Stephanie (RCA Support)
> 
> Jan 6, 2:15 PM EST
> 
> ...

Click to collapse



Just got this.


----------



## [email protected] (Jan 6, 2017)

Hmm android is open source so they have to provide some parts at least Samsung has open source files you can download there lying to you 


Sent from my iPhone using Tapatalk


----------



## DGHQuadguy (Jan 8, 2017)

O.K., so I came across this thread looking for help on this tablet and a root program for it.  I see no one has gotten anywhere with it.  I am trying to root it so I can use the tablet for a First Person View screen for my quad copter.  I have a wireless video receiver for Android devices that connects to the tablet's USB plug and should allow it to display video from the camera on the quad. I got it to work on my Hisense Sero Pro but it got stolen a while back.  Basically I need the devices OTG firmware/software to recognize the wireless input. Is rooting the only way to do that? I'm barely able to understand all this stuff but always willing to learn and not worried about a $40 tablet.


----------



## mrmazak (Jan 9, 2017)

DGHQuadguy said:


> O.K., so I came across this thread looking for help on this tablet and a root program for it.  I see no one has gotten anywhere with it.  I am trying to root it so I can use the tablet for a First Person View screen for my quad copter.  I have a wireless video receiver for Android devices that connects to the tablet's USB plug and should allow it to display video from the camera on the quad. I got it to work on my Hisense Sero Pro but it got stolen a while back.  Basically I need the devices OTG firmware/software to recognize the wireless input. Is rooting the only way to do that? I'm barely able to understand all this stuff but always willing to learn and not worried about a $40 tablet.

Click to collapse



More than likely your gonna need more than root to be able to add otg. Otg is a device profile created by the kernel. So if it does not now. You will need custom kernel , I think to use it.


----------



## mrmazak (Jan 10, 2017)

@vampirefo Everytime I search for custom recovery for this device (RCA voyager) your name comes up. Are you still working this device sir.

Current model is different from the ones from few years ago. (They used to be mtk chips) now the are Sofia (Intel atom form factor) rk30sdk board. 

So far trying to "fastboot boot recovery.img". Your recovery comes closest to booting. Using yours it actually reboots to the boot image but then remains in fastboot mode. Using varies other recovery images (not ones for Intel chips) do nothing, and device stays in fastboot.

Any help or confirmation of your interest or involvement would be appreciated .


----------



## vampirefo (Jan 10, 2017)

mrmazak said:


> @vampirefo Everytime I search for custom recovery for this device (RCA voyager) your name comes up. Are you still working this device sir.
> 
> Current model is different from the ones from few years ago. (They used to be mtk chips) now the are Sofia (Intel atom form factor) rk30sdk board.
> 
> ...

Click to collapse



no I am not working on this device.


----------



## hannuuh (Jan 15, 2017)

I am also trying to root the same model tablet. I got it as a gift and all I would like to do is delete the unnecessary apps on the device and then I would most likely unroot it. Does anyone know of any other way I could delete these apps off the tablet without rooting? OR has anyone found a way to root the tablet yet?


----------



## fsebentley (Jan 16, 2017)

Im still working on rooting it... I will eventually find a Boot or recovery image that will work.   I will share whatever is found. So far RCA has not been co-operative in giving access to the Firmware. I am presently working on contacting Alco the Manufacturer but I am not too optimistic they are a Chinese maker and typically those can be difficult to obtain information from also considering they are a supplier for other companies the liklihood of co-operation is not high.


----------



## mrmazak (Jan 18, 2017)

fsebentley said:


> Im still working on rooting it... I will eventually find a Boot or recovery image that will work.   I will share whatever is found. So far RCA has not been co-operative in giving access to the Firmware. I am presently working on contacting Alco the Manufacturer but I am not too optimistic they are a Chinese maker and typically those can be difficult to obtain information from also considering they are a supplier for other companies the liklihood of co-operation is not high.

Click to collapse



I am lead to beleive that this git hub source, may be similar enough to this device to make recovery. but I do not know for sure.

link was found in forrum about sailfish os and this version of rca voyager was mentioned.
https://talk.maemo.org/archive/index.php/t-96708.html


link to source on github
https://github.com/bq/edison-3-mini


do you know how to compile recovery from kernel source?

also found that maybe the UBISLATE-3G7 might be similar. I am downloading there stock rom to try and boot the stock recovery to determine if it can be used as base to port twrp.

will update soon if it works.
http://firmwarefile.com/datawind-ubislate-3g7
this firmware is one complete img. no seperate recovery img. Unless it can be unpacked.

So far I have not found a way to unpack the main IMG. All the unpack methods I have tried error out with unknown compression


----------



## fsebentley (Jan 19, 2017)

mrmazak said:


> I am lead to beleive that this git hub source, may be similar enough to this device to make recovery. but I do not know for sure.
> 
> link was found in forrum about sailfish os and this version of rca voyager was mentioned.
> https://talk.maemo.org/archive/index.php/t-96708.html
> ...

Click to collapse



The rct6873w42 is based on the Atom X3 soc, the sources you have are on the Atom Baytrail... slightly differenty SOC so not applicable. The Other link appears be to an MTK based tablet.

I have compiled from source code for other SOC's and I have the source that is provided for the Atom X3 yocto project I think... I have not had a chance to go through it yet to ensure it is what is needed. I also have the firmwares for the Asus zenpad tablets using the Atom x3 as well as the Teclast X70 with Atom X3 SOC. These firmware present a new to me at least twist in that they are in an unfamiliar format... ie .fls which is different in that I cannot extract them using the Standard android abootimg tool for android boot images. I am searching for a tool to convert them or extract and re-build these but so far i am not having success. I am continuing to search for other devices that use the Atom X3 to obtain images as well.


----------



## mrmazak (Jan 19, 2017)

fsebentley said:


> The rct6873w42 is based on the Atom X3 soc, the sources you have are on the Atom Baytrail... slightly differenty SOC so not applicable. The Other link appears be to an MTK based tablet.
> 
> I have compiled from source code for other SOC's and I have the source that is provided for the Atom X3 yocto project I think... I have not had a chance to go through it yet to ensure it is what is needed. I also have the firmwares for the Asus zenpad tablets using the Atom x3 as well as the Teclast X70 with Atom X3 SOC. These firmware present a new to me at least twist in that they are in an unfamiliar format... ie .fls which is different in that I cannot extract them using the Standard android abootimg tool for android boot images. I am searching for a tool to convert them or extract and re-build these but so far i am not having success. I am continuing to search for other devices that use the Atom X3 to obtain images as well.

Click to collapse




The other link is a tablet that was released with three versions having mtk processor and one having  Intel


----------



## insanemhelo (Oct 22, 2016)

I was wondering does anyone know of a working way to apply root to this device. I have tried kingo root, king root, iroot, one click root, and impactor. Everyone of them fails when trying to apply the root. i thought maybe i could attempt to unlock the bootloader on the deivce cause that might be what is causing them to fail. I booted into recovery and then clicked reboot into bootloader and the device just boots normal so i am unable to get into the bootloader to even attempt to unlock it. I'm at a roadblock with this device. If anyone can help me get root on this device i would be grateful.


----------



## mrmazak (Jan 20, 2017)

Removed


----------



## fsebentley (Jan 20, 2017)

I will have another look...

Second look the Files on the Firmware page are Type 1 - This is an Allwinner A13 image file.
Type 2 - This is an MTK Device as well as the final 2 images in the list. If you want to extract the First ones single .img file you can use Dragonface for allwinner, but a dead giveaway that this is an Allwinner device is that it comes with Livesuite which is the Allwinner Flash tool.

I will continue to search for other Atom X3 based tablet firmwares, all help is appreciated and any find is worth checking out .


----------



## mrmazak (Jan 21, 2017)

@vampirefo , as an extension of our conversation else where are you saying if the community here donated enough ($~35-40) you would buy this tablet , and you are fairly confident you could root it?

Sorry I don't mean to put you on the spot here. But I think I did. Sorry to be pushy if that is how it looks.


----------



## vampirefo (Jan 21, 2017)

mrmazak said:


> @vampirefo , as an extension of our conversation else where are you saying if the community here donated enough ($~35-40) you would buy this tablet , and you are fairly confident you could root it?
> 
> Sorry I don't mean to put you on the spot here. But I think I did. Sorry to be pushy if that is how it looks.

Click to collapse



I own this Intel, see if it close to yours.

http://www.bestbuy.com/site/insignia-8-tablet-16gb/5157800.p?skuId=5157800

http://specdevice.com/showspec.php?id=09d0-a9b4-0033-c5870033c587


Sent from my BLU R1 HD using Tapatalk


----------



## mrmazak (Jan 21, 2017)

vampirefo said:


> I own this Intel, see if it close to yours.
> 
> http://www.bestbuy.com/site/insignia-8-tablet-16gb/5157800.p?skuId=5157800
> 
> ...

Click to collapse



There is lots to compair. Chips looks same.
http://www.specdevice.com/showspec.php?id=18cb-6411-0033-c5870033c587

Main board is different though


----------



## vampirefo (Jan 21, 2017)

mrmazak said:


> There is lots to compair. Chips looks same.
> http://www.specdevice.com/showspec.php?id=18cb-6411-0033-c5870033c587
> 
> Main board is different though

Click to collapse



Main things are kernel, processor, OS.

All seem to match, most likely I can root it with my kernel.

Sent from my BLU R1 HD using Tapatalk


----------



## mrmazak (Jan 21, 2017)

vampirefo said:


> Main things are kernel, processor, OS.
> 
> All seem to match, most likely I can root it with my kernel.
> 
> Sent from my BLU R1 HD using Tapatalk

Click to collapse




Can we try it. ?


----------



## vampirefo (Jan 21, 2017)

mrmazak said:


> Can we try it. ?

Click to collapse



No, rooting Intel takes work, you can't just flash SuperSU, you will brick your device.

On 5.1 and earlier, just flashing SuperSU was enough, SuperSU can't unpack Intel Android 6 and up boot.img.

Sent from my BLU R1 HD using Tapatalk


----------



## mrmazak (Jan 21, 2017)

vampirefo said:


> No, rooting Intel takes work, you can't just flash SuperSU, you will brick your device.
> 
> On 5.1 and earlier, just flashing SuperSU was enough, SuperSU can't unpack Intel Android 6 and up boot.img.
> 
> Sent from my BLU R1 HD using Tapatalk

Click to collapse



We need some responses from others here on thread. Some commitments to donate, . 
We have a recognized dev offering to root , but does not have the device yet.


----------



## vampirefo (Jan 21, 2017)

mrmazak said:


> We need some responses from others here on thread. Some commitments to donate, .
> We have a recognized dev offering to root , but does not have the device yet.

Click to collapse



I will upload a recovery for you to see if you can boot it, under no circumstances should you flash anything, don't flash root, it will brick your tablet.

The recovery is only to test if it's possible to root, and if so backup system, boot.img recovery.img.

These new Intels hate TWRP, they allow cwm.

Anyway your bootloader must be unlocked.

fastboot boot recovery.img

This way nothing is damaged, either the recovery will boot or it won't.

Sent from my BLU R1 HD using Tapatalk

---------- Post added at 12:20 PM ---------- Previous post was at 12:10 PM ----------




vampirefo said:


> I will upload a recovery for you to see if you can boot it, under no circumstances should you flash anything, don't flash root, it will brick your tablet.
> 
> The recovery is only to test if it's possible to root, and if so backup system, boot.img recovery.img.
> 
> ...

Click to collapse



Here you go, do not flash recovery, do not use recovery to flash anything, only attempt to boot recovery nothing else.

fastboot boot Intel_cwm51_recovery.img

https://www.androidfilehost.com/?fid=673368273298925451


----------



## mrmazak (Jan 21, 2017)

vampirefo said:


> I will upload a recovery for you to see if you can boot it, under no circumstances should you flash anything, don't flash root, it will brick your tablet.
> 
> The recovery is only to test if it's possible to root, and if so backup system, boot.img recovery.img.
> 
> ...

Click to collapse



Thanks. I have it downloaded to phone now. Away from tablet and laptop until tonight. I will try to just boot it. 

Is adb active in recovery?  If so is it safe to dd or cp dev/block, to have backup's


----------



## mrmazak (Jan 21, 2017)

vampirefo said:


> I will upload a recovery for you to see if you can boot it, under no circumstances should you flash anything, don't flash root, it will brick your tablet.
> 
> The recovery is only to test if it's possible to root, and if so backup system, boot.img recovery.img.
> 
> ...

Click to collapse



OMG it is almost good

fastboot boot made it goto the RCA boot logo image, then screen went black.

but I am able to see device as adb device and adb shell returns with a # promt

rebooting to system then will go again to pull boot.img if possible


----------



## vampirefo (Jan 21, 2017)

mrmazak said:


> OMG it is almost good
> 
> fastboot boot made it goto the RCA boot logo image, then screen went black.
> 
> ...

Click to collapse



Means your mount points are different than mine, get recovery.img also.

Sent from my NS-P08A7100 using Tapatalk


----------



## mrmazak (Jan 21, 2017)

vampirefo said:


> Means your mount points are different than mine, get recovery.img also.
> 
> Sent from my NS-P08A7100 using Tapatalk

Click to collapse



still searching for the right one.

the names are not as expected


----------



## vampirefo (Jan 21, 2017)

mrmazak said:


> still searching for the right one.
> 
> the names are not as expected

Click to collapse



They are correct, pull both boot and recovery.

boot
 dd if=/dev/block/platform/soc0/e0000000.noc/by-name/ImcPartID071 of=/sdcard/boot.img

recovery
dd if=/dev/block/platform/soc0/e0000000.noc/by-name/ImcPartID121 of=/sdcard/recovery.img


----------



## mrmazak (Jan 21, 2017)

vampirefo said:


> They are correct, pull both boot and recovery.
> 
> boot
> dd if=/dev/block/platform/soc0/e0000000.noc/by-name/ImcPartID071 of=/sdcard/boot.img
> ...

Click to collapse





here they are

Pulled stock recovery and boot images and the unpacked image and stock system.img


https://drive.google.com/open?id=0ByJNKJ8bGC50ZVFfa2lmTkExQjA


----------



## vampirefo (Jan 21, 2017)

mrmazak said:


> here they are
> 
> Pulled stock recovery and boot images and the unpacked image and stock system.img
> 
> ...

Click to collapse



That's as far as I can go without the tablet.





Sent from my BLU R1 HD using Tapatalk


----------



## mrmazak (Jan 21, 2017)

vampirefo said:


> That's as far as I can go without the tablet.
> 
> 
> 
> ...

Click to collapse



well your cwm recovery was a big head start. Thanks. 
I am gonna start merging the stock ram disk your recovery and test boot it.


When in cwm and pulled the images, they actually went into /data/media and when i rebooted and looked for them they were gone. I think this is either dm-verity or force ro on /system. Any suggestions?


----------



## vampirefo (Jan 22, 2017)

mrmazak said:


> well your cwm recovery was a big head start. Thanks.
> I am gonna start merging the stock ram disk your recovery and test boot it.
> 
> 
> When in cwm and pulled the images, they actually went into /data/media and when i rebooted and looked for them they were gone. I think this is either dm-verity or force ro on /system. Any suggestions?

Click to collapse



No, I won't suggest anything, be careful, Intel doesn't forgive. If you get it right you will have root, you get it wrong, you have a brick.

Sent from my BLU R1 HD using Tapatalk


----------



## mrmazak (Jan 22, 2017)

vampirefo said:


> No, I won't suggest anything, be careful, Intel doesn't forgive. If you get it right you will have root, you get it wrong, you have a brick.
> 
> Sent from my BLU R1 HD using Tapatalk

Click to collapse



I understand your position. And appreciate the headstart   and I Donated to your efforts. Thanks


To anyone else working on this. This recovery changes your usb vendor id as it is, so the next time you connect , at least to fastboot mode you will need to update drivers.

from the ramdisk of this recovery in init.recovery.sofia3g.rc

on fs
    write /sys/class/android_usb/android0/idVendor 0B05
    write /sys/class/android_usb/android0/idProduct 7770

and 
from stock ramdisk  of stock recovery init.recovery.sofiaboard.rc

on fs
    write /sys/class/android_usb/android0/idVendor 8087
    write /sys/class/android_usb/android0/idProduct 08F4

should be simple edit, but not high on the list right now.
I just had to reload drivers after playing with this recovery and needed to search for why. Hoping this is only reason.

---------- Post added at 03:02 AM ---------- Previous post was at 02:58 AM ----------




fsebentley said:


> I will have another look...
> 
> Second look the Files on the Firmware page are Type 1 - This is an Allwinner A13 image file.
> Type 2 - This is an MTK Device as well as the final 2 images in the list. If you want to extract the First ones single .img file you can use Dragonface for allwinner, but a dead giveaway that this is an Allwinner device is that it comes with Livesuite which is the Allwinner Flash tool.
> ...

Click to collapse



I have the stock system and boot and recovery images pulled and posted a link back a few posts'  
link here
https://forum.xda-developers.com/ge...rct6873w42-rooting-help-t3485625/post70663610

we also have a cwm image to base off of. 

It is by far not ready for flashing and not ready for wide public use at this point. But is good head start for development.


----------



## insanemhelo (Oct 22, 2016)

I was wondering does anyone know of a working way to apply root to this device. I have tried kingo root, king root, iroot, one click root, and impactor. Everyone of them fails when trying to apply the root. i thought maybe i could attempt to unlock the bootloader on the deivce cause that might be what is causing them to fail. I booted into recovery and then clicked reboot into bootloader and the device just boots normal so i am unable to get into the bootloader to even attempt to unlock it. I'm at a roadblock with this device. If anyone can help me get root on this device i would be grateful.


----------



## mrmazak (Jan 22, 2017)

Update:

not much progress yet. Still trying to get display to function in the ported recovery. Recovery originally came from an Asus Zenpad P01V:5.0.2.  According to the default prop.  And was most recently used for the Insignia 8 NS-08A7100. 

thanks to @vampirefo for making it available and for making it in the first place


Recovery gives root prompt, but there is no way to know what the rom will do if changes are made. Take this as warning and reminder , that this is not a root for tablet but for developement

I am taking it slow. Step by step, do not want to make bricks this early on. 

so far I have swaped in all stock init.rc files, all fstab files(including the ones in /ramdisk/etc), all ueventd files , most of lines in default.prop that relate to device info, the recovery.img-kernel, Still get an adb shell with # but now the display keeps switching from back light very low to on. 

next step will be to make boot.img insecure and test if it boots.


update:2
  I have three lines in default.prop
  ro.adb.secure=0
  ro.secure=0
  ro.debuggable=1

I use "fastboot boot moddified-boot.img"

tablet starts and runs normal
when i use "adb root" the response is "restarting adbd as root" 
but "adb remount" still says not running as root and to issue "adb root"

.....progress........



 any help from this community is welcome


----------



## vampirefo (Jan 22, 2017)

mrmazak said:


> Update:
> 
> not much progress yet. Still trying to get display to function in the ported recovery. Recovery originally came from an Asus Zenpad P01V:5.0.2.  According to the default prop.  And was most recently used for the Insignia 8 NS-08A7100.
> 
> ...

Click to collapse



Not that it matters but this recovery I originally built for  Dell Venue 8 3830
https://forum.xda-developers.com/dell-venue/general/dell-venue-8-cwm-unsecure-boot-recovery-t2866925

and was last used to root a Zenpad.

My CWM recovery has been used to root many different intels over the years, it's included in about every intel root package out there.

without having your device, I can't say or see what's happening to prevent the recovery from showing, perhaps pull the recovery logs will help, adb pull /tmp/revovery.log


----------



## mrmazak (Jan 22, 2017)

vampirefo said:


> Not that it matters but this recovery I originally built for  Dell Venue 8 3830
> https://forum.xda-developers.com/dell-venue/general/dell-venue-8-cwm-unsecure-boot-recovery-t2866925
> 
> and was last used to root a Zenpad.
> ...

Click to collapse



I told you, your name kept coming up. Every thread I found about root or recovery pointed at some point back to you.
Thank you for all have done.

first log showed could not connect to /etc/recovery.fstab
The stock /etc/recovery.fstab_emmc     and      _nand  appearently did not link

I renamed the file to /etc/recovery.fstab and now getting cannot connect to vold   invalid argument., But now the screen does not flash.  And remains black screen dim backlight, (just like fastboot screen)

google found this same issue in this thread.
https://forum.xda-developers.com/showthread.php?t=2619602

I checked for and added the "service vold " section and now the log is not showing error, but still not giving screen.


I have as far as I can for now. Still no screen and log has  "can't open /dev/tty0: No such file or directory" as only error that I can tell. I have not found reference to it in either the stock or cmw recoveries.


----------



## vampirefo (Jan 22, 2017)

mrmazak said:


> I told you, your name kept coming up. Every thread I found about root or recovery pointed at some point back to you.
> Thank you for all have done.
> 
> first log showed could not connect to /etc/recovery.fstab
> ...

Click to collapse



These logs don't help, cause they aren't from my recovery, they are from a modified version of my recovery.

Sent from my BLU R1 HD using Tapatalk


----------



## mrmazak (Jan 22, 2017)

vampirefo said:


> These logs don't help, cause they aren't from my recovery, they are from a modified version of my recovery.
> 
> Sent from my BLU R1 HD using Tapatalk

Click to collapse



You are right, this is the first log. Before changes. But to me, i don't see helpfull difference.


----------



## vampirefo (Jan 22, 2017)

mrmazak said:


> You are right, this is the first log. Before changes. But to me, i don't see helpfull difference.

Click to collapse



The recovery finds everything, so while in recovery type.

adb shell

/sbin/recovery

Sent from my BLU R1 HD using Tapatalk


----------



## mrmazak (Jan 22, 2017)

vampirefo said:


> The recovery finds everything, so while in recovery type.
> 
> adb shell
> 
> ...

Click to collapse



prompt hangs at blank line waiting for device. nothing happened for about 5 minutes. hit "ctrl c" to exit and pull new log.

Don't know if this makes sense to you or not. From adb shell I cd /system. Then do "ls" only thing shown is lib folder, nothing else

I dont seem to be able to access anything from on the phone. And only access to a temp system. Meaning anything written while in recovery is removed on reboot.


----------



## vampirefo (Jan 22, 2017)

mrmazak said:


> prompt hangs at blank line waiting for device. nothing happened for about 5 minutes. hit "ctrl c" to exit and pull new log.

Click to collapse



I don't understand the output, adb shell should give you #

/sbin/recovery should out something.


Try one line 

adb shell /sbin/recovery

Sent from my BLU R1 HD using Tapatalk


----------



## mrmazak (Jan 22, 2017)

vampirefo said:


> I don't understand the output, adb shell should give you #
> 
> /sbin/recovery should out something.
> 
> ...

Click to collapse



I feel maybe device encryption might be making trouble. IDK
seems that recovery log shows mount points as expected but not mounted.

timing of screen shot is off. There is a blinking cursor below the the last line


----------



## vampirefo (Jan 22, 2017)

What does busybox df -h output?

Sent from my BLU R1 HD using Tapatalk


----------



## mrmazak (Jan 22, 2017)

vampirefo said:


> What does busybox df -h output?
> 
> Sent from my BLU R1 HD using Tapatalk

Click to collapse



shows only cache is mounted

Filesystem                                                                                                       Size      Used     Available    Use%          Mounted on
/dev/block/platform/soc0/e0000000.noc/by-name/ImcPartID070    411.7M    984.0K    402.2M       0%           /cache


----------



## vampirefo (Jan 22, 2017)

mrmazak said:


> shows only cache is mounted
> 
> Filesystem                                                                                                       Size      Used     Available    Use%          Mounted on
> /dev/block/platform/soc0/e0000000.noc/by-name/ImcPartID070    411.7M    984.0K    402.2M       0%           /cache

Click to collapse



That's all that should be mounted.

Sent from my BLU R1 HD using Tapatalk


----------



## rpk3 (Jan 22, 2017)

I am new, obvious.!

Been followimg this thread with great interest. Shout out to them those that were able to retreive an oem recovery for This beast of a hard to CRACK device.

Thx mrmazak, vampirefo 

I am trying to throw an old debian setup on this tablet for something related to hud for my drone flights....


----------



## FrostEnticer (Jan 23, 2017)

*Lucky Patcher?*

So I made a tiny but of progress in bypassing the security, it seems that disabling Googles framework processes via lucky patcher seems to help interfere with verification, possibly might help with gaining access to what you guys need, hope it helps 

I am using the actual tablet aswell 

It also appears that disabling most of the access privileges to Googles routine services helps with direct access


----------



## mrmazak (Jan 23, 2017)

minor update.

the system img i had posted earlier was not complete. i did not notice that i ran out of space on my card when i was "dd" the image.
i have re-uploaded complete image.

still have not made recovery that has working display.

https://forum.xda-developers.com/showpost.php?p=70663610&postcount=56


----------



## mrmazak (Jan 24, 2017)

I am still finding trouble using this recovery. I know it needs work, and I am trying. But it is mostly new territory here.

Problems I think I fixed :
1:  There are several references in ramdisk files that call variable "${ro.hardware}" and from the named files in the ramdisk the expected result of the variable should be "sofia3g" but as the log shows that variable on this device is "sofiaboard". So replacing file names that have "sofia3g" with "sofiaboard" , made mounts availabe.
 without the changes "/system" and "/external_sd" were not available.

2. Each time I try bot boot this recovery image then back to the rom or stock recovery I lost connection to my pc Drivers. 
so I made these modifications:
from cwm both "init.rc" and "init.recovery.$.rc" 
   on these lines make the id numbers same as on stock versions of init.rc & init.recovery.$.rc

```
on fs
    write /sys/class/android_usb/android0/idVendor ****
    write /sys/class/android_usb/android0/idProduct ****
```

Now for the  problem I think I have, 
I cannot mount Data. I get invalid argument error. 
I think maybe it is because the force encryption that android 6.0.1 has. And that is supported by the following line in fstab

```
from stock recovery ramdisk/etc/recovery.fstab

  /dev/block/platform/soc0/e0000000.noc/by-name/ImcPartID069  	/data                ext4    nosuid,nodev,nodiratime,noatime,noauto_da_alloc,discard,journal_async_commit,data=ordered wait,check,encryptable=footer

form stock recovery ramdisk/fstab.sofiaboard_emmc

   /dev/block/platform/soc0/e0000000.noc/by-name/ImcPartID069  /data                ext4    nosuid,nodev,nodiratime,noatime,noauto_da_alloc,discard,journal_async_commit,data=ordered wait,check,forceencrypt=footer

   
from intelCMW51 recovery ramdisk/etc/recovery.fstab

     /dev/block/platform/soc0/e0000000.noc/by-name/ImcPartID069    	/data    	ext4  	nosuid,nodev,noatime,barrier=1,journal_async_commit,data=ordered,noauto_da_alloc,discard	length=-16384

from intelCMW51 recovery ramdisk/fstab.sofia3g

    /dev/block/platform/soc0/e0000000.noc/by-name/ImcPartID069  /data                ext4    nosuid,nodev,noatime,discard,barrier=1,data=ordered,noauto_da_alloc wait,check,encryptable=/factory/userdata_footer,length=-16384
```

I don't understand fully the flags used in this fstab, so I did not try to just switch the lines.


Is anybody else working on this?

If so, let me know if you get past this point, or if you know that I am heading in the wrong direction.


----------



## vampirefo (Jan 24, 2017)

mrmazak said:


> I am still finding trouble using this recovery. I know it needs work, and I am trying. But it is mostly new territory here.
> 
> Problems I think I fixed :
> 1:  There are several references in ramdisk files that call variable "${ro.hardware}" and from the named files in the ramdisk the expected result of the variable should be "sofia3g" but as the log shows that variable on this device is "sofiaboard". So replacing file names that have "sofia3g" with "sofiaboard" , made mounts availabe.
> ...

Click to collapse



You can't mount data, as it's encrypted, if you force mount data, tablet will soft brick.


----------



## fsebentley (Jan 24, 2017)

vampirefo said:


> You can't mount data, as it's encrypted, if you force mount data, tablet will soft brick.

Click to collapse



I have been playing with the cwm posted by vampirefo.
I have used it with no mods with same results as mrmazak.
With mods I can get all mounts ( change init.rc's and default.prop as well as fstabs matched to this tabs )
In niether case can I get any video other than the backlight.
Using the recovery image pulled from the Tab ( boot from fastboot boot recovery.img ) I get flashing backlight no video and no adb connect.
I Plan to work with the Stock Recovery in order to determine what the issue is with the display as it should work properly with this, any insight as to what may be preventing video is appreciated.


----------



## mrmazak (Jan 24, 2017)

fsebentley said:


> I have been playing with the cwm posted by vampirefo.
> I have used it with no mods with same results as mrmazak.
> With mods I can get all mounts ( change init.rc's and default.prop as well as fstabs matched to this tabs )
> In niether case can I get any video other than the backlight.
> ...

Click to collapse



When I boot the pulled stock recovery, I do get the video, but the android laying on its back keeps flashing. And there is text in the bottom of screen. 
"API level 3.  "
Something like that, same as when loading recovery that is installed on tablet. But I get error cannot mount cache

When I get home later I will take picture and post it

getting adb wasnt too hard, but seems pointless. There are almost no commands built in, no mount, ls, cat, shell all return same message as in the photo.

to get adb in stk recovery
1.  six lines in default.prop need changed

```
line  9:  ro.adb.secure=0
line  14: ro.secure=0
line  16: ro.debuggable=1
line  32: persist.sys.usb.config=mtp,adb
line  95: sys.rkadb.root=1
line 169: ro.adb.secure=0

additional
persist.service.adb.enable=1                                                    
persist.service.debuggable=1
```

this will get response from adb devices
  response will be 
"****sn****"         unathorized

to get past that add your "ady_keys" to
    ramdisk/data/misc/adb/

your keys will only be good for the pc that made them. You can get them either from your pc in /data/.android/adbkey.pub on linux  or
C:/users/<user name>/.android on windows
or other android that has connected to adb on your pc in "/data/misc/adb/"


----------



## fsebentley (Jan 25, 2017)

mrmazak said:


> When I boot the pulled stock recovery, I do get the video, but the android laying on its back keeps flashing. And there is text in the bottom of screen.
> "API level 3.  "
> Something like that, same as when loading recovery that is installed on tablet. But I get error cannot mount cache
> 
> ...

Click to collapse



Update

I have now had a semi-successful load of the CWM Modded with my fstab initrc and default.prop files.

Essentially I just pulled the sbin and resource folder contents from the CWM and inserted it into my recovery initrd image, I also made a couple of other modifications such as changing the secure adb settings in the default.prop this yielded boot up and adb, in adb I typed recovery at the command line and got the CWM screen. I was able to navigate, mount and unmount the system and cache but not much else. Now to fiddle with the mounts and try and fgure out what is killing the autostart o the recovery.

I also have to think that perhaps my own tab differs from yours at least slightly since the recovery I was originally attempting to boot was the one you posted, this one as I said before would not give anything but flashing backlight. I then Pulled my own recovery and was able to load it fully functional. It was using this that I was able to make the CWM work for me.  It is possible that the download was damaged and I will attempt to re-download it and try yours again at some point to ensure compatibilty.


----------



## insanemhelo (Oct 22, 2016)

I was wondering does anyone know of a working way to apply root to this device. I have tried kingo root, king root, iroot, one click root, and impactor. Everyone of them fails when trying to apply the root. i thought maybe i could attempt to unlock the bootloader on the deivce cause that might be what is causing them to fail. I booted into recovery and then clicked reboot into bootloader and the device just boots normal so i am unable to get into the bootloader to even attempt to unlock it. I'm at a roadblock with this device. If anyone can help me get root on this device i would be grateful.


----------



## mrmazak (Jan 25, 2017)

fsebentley said:


> Update
> 
> I have now had a semi-successful load of the CWM Modded with my fstab initrc and default.prop files.
> 
> ...

Click to collapse



That might make things even more difficult, if there are different versions of rct6873w42.

Since your pulled recovery is fully functioning, I verified my image by pulling it again, Same result.  I get the error reading cache and screen cycles on off every 4 seconds.

On mine, the bootloader is in ORANGE state. I have a 30 second timeout screen on every boot saying bootloader is unlocked and device is not trusted. Does yours do that?


----------



## fsebentley (Jan 25, 2017)

mrmazak said:


> That might make things even more difficult, if there are different versions of rct6873w42.
> 
> Since your pulled recovery is fully functioning, I verified my image by pulling it again, Same result.  I get the error reading cache and screen cycles on off every 4 seconds.
> 
> On mine, the bootloader is in ORANGE state. I have a 30 second timeout screen on every boot saying bootloader is unlocked and device is not trusted. Does yours do that?

Click to collapse



I have the 30 second timeout on the bootloader as well. I have been looking for a method of disabling this but it appears to be embedded in the bootloader so until we can get one without this I think we are stuck with it. There is a possibility that there is a hidden command to do this in fastboot and I am also looking into that.


----------



## mrmazak (Jan 25, 2017)

fsebentley said:


> Update
> 
> I have now had a semi-successful load of the CWM Modded with my fstab initrc and default.prop files.
> 
> ...

Click to collapse



just got a full auto matic load of cmw.
still checking on mounts,

I used the whole ramdisk from the cwm (with the mods to vender ID , and changes file names from *sofia3g* TO *sofiaboard*), and the kernel from stock recovery.

recovery loads on boot and system reboots on command. (no more needing to adb commands) Adb is #, but data still will not mount for me.

On exit cwm asks to fix root, I did not do this. @vampirefo has warned intel device not same as others, and this may lead to brick. I do not recomend try it, unless you are willing to risk loosing your device.

new img is in the google drive folder i linked before.
to make it easy i put it here 
mount points still need adjusting, or as @vampirefo has said data can not be (force)mounted here because of encryption.


RECOVERY ATTACHMENT REMOVED, IT WAS NOT TOTALLY SAFE!!!! Test restore made soft-brick. I recovered but recovery needs work


----------



## mrmazak (Jan 25, 2017)

Today's update.

Data mount problem was defiantly caused from being encrypted.
I was able to modify the fstab in boot.img and then "fastboot format userdata" and "fastboot format cache", followed by "fastboot boot ./modified-boot.img"

the results were that my data partition was no longer encrypted. So I fastboot boot again the cwm . This Time data could mount.

You can see in photo all partitions listed can be mounted.


update:
I sucsessfullly flashed the modified boot.img so it is not "forceencrypt"

Then tried to flash the recovery and it does not boot from inside. I got very nervious. But was able to flash back the stock recovery 

well not totally stock, I changed fstab of recovery also to remove the "forceencrypt" part and replaced with only "encryptable"

still "encryptable" because , just in case I missed something and it gets encrypted the vold will still take over and decrypt it.

Also made stock recovery have adb access because at this point there is no cwm inside the device it is only working with fastboot boot, and no way to get into fastboot with button combo. So with adb in stock recovery you should be able to "adb reboot fastboot" from recovery if needed, then get to  cwm for restore feature

Steps to get to this point 




adb and bootloader drivers are beyond the scope of this tut( it is assumed if you are here trying this you know how to find drivers)
1: enable developer options
2: enable oem unlocking
3: enable usb debugging
4: connect phone, open terminal, command "adb reboot fastboot"
5: command "fastboot flashing unlock" confirm by pushing volume button
6: command "fastboot format userdata" optional, as on reboot, recovery will do the format .
7: reboot phone , go through setup to get back to developer options
8: in terminal or command window "adb reboot fastboot"
9: "fastboot flash boot no-force-encrypt-boot.img"
10: "fastboot flash recovery no-force-encrypt-recovery.img"
11: "fastboot format userdata"
12: "fastboot format cache"
13: for root commands "adb reboot fastboot", then "fastboot boot rca-cwm-recovery.img"
14: either add my adb-keys to your .android folder on pc or unpack the recovery image and replace the keys with your own
    


adb-key used in recovery.img to get authorized access




```
QAAAAPUCaAKj5ubJYfY6HmaFYmvxnv1QzjWQeUKjDsEuHjjERFSJBTq3w0pGSU6eLjRpLZMs83UPgYwQQpZ0JaEpZ2Tdg6aB6g4a8hPR0X4JVBJWE9f5+n4oijbNx8JHvpYH91YgGRZTYEzmF2sSAIUlYs8ANcoM7AbKylCZ1ZKkH+Zo5RdhCB+PKy1uI/HkDo9uVq2ROBq0wkd8278JqLcmwWUoDAPBWELVcfLAm9fVa8YAdpxPd08hBGcACeu4OZLUxuhz0HLeSLmXLGGd8ds6X8vj4ZnGeyyTRMdI0VVpidbJjasvr67K2aiFdgqCdCl8Uxqjs8HOnmg0gwp7bsY2Vwgm6TnjE8jYSzMCaWGZ8/STnQ1TBwz7X4ba6cxN+f0J4F8bXdmp9OtjVvYB3NxGX08Wsl+ZtQVfzYKiOwAEOMO5jpOsxvS71m2p8/dFi+w3Npad3q7+cDDaiKW/vQyCgeGW1nz/3Ofdqa9+/EUgj2zfI8fJ6RQ8dc9CNkwhvNlkTvr9wkuuyXPXbLdyI71t8sZTNpWalqCQrVLe82HdPqKrkgOW8Maoja2/q5C4zTgpgmikbDxxhrhOMG6InHweXddgM31r6Aq6H0/NdkFxB1iSa8iNvepmsd2Kj9e7YK4ZI+EK99HucnA4Yg47A5gsNLUX8Eer0GLBtVKsmtoDY2YbgHdFbwEAAQA= [email protected]
```


----------



## mrmazak (Jan 26, 2017)

Now that there is a way to get to(custom) recovery if soft brick, I can continue to working on a  root process.


----------



## mrmazak (Jan 27, 2017)

Do not use MY POSTED recovery to restore.

I just lost system and have not been able to reflash

The details:

After a successful backup with cwm, I tried to do restore. Big mistake. Recovery was not permitted to write to /system but it had just gotten permission to format it. 
I exited cwm and at reboot was greeted with blank screen, only back light. Rebooted into stock recovery and it was also not allowed to mount /system.
Adb was working and I did reboot to fastboot. And tried to fastboot flash system. It returned with message about maximum download size and that image I was using was too large and wrong sparse type. 

Rebooted again to stock recovery and tried to factory reset. That was last bad decision I could make. Now my adb-keys I had added to recovery got wiped somehow and I no longer have adb access, so no more access to fastboot, unless there is a hidden method to get in.


  
. I was able to get back into adb after trying adb sideload

After adb got reauthorized. I was able to boot into fastboot then cwm. But still could not mount /system, and restore failed again, then I desperately tried to format /system with cwm. It worked. Now restore completed.


----------



## darkwingduhk (Jan 27, 2017)

*thanks to everyone working on this*

I also have this tablet and i'm desperate to root it!  Whoever figures this out, I will gladly pay you!:good::laugh:
Also a big ol' thank you to everyone trying!


----------



## mrmazak (Jan 27, 2017)

After panicing over my "mini brick", and then finally restoring it.

I did try to use the automatic cwm recovery script to root.(the one , you get prompted to do when you exit cwm)
It did not work. Then i tried both SuperSU systemless V76 (did not recognize root.img and failed)
And SuperSU system V76 (did not work)

su binary did get added to both /system/bin and xbin. But installing SuperSU app did not see it or work.


And tried CWM-SuperSU-v0.96, this script failed with error 25. Then I tried to push the su and apk just like the script was supposed to. On reboot the app was there and opened, said it needed to update binary, then failed to install.
.......
........
So permissive boot may need to be next .

Side note. 
 I do like to automate repetitive things, so I put together a bootloader unlock/ no encrypt batch file and a reboot to cwm batch. Both are in my GitHub, so changes can be easily tracked.


project on GITHUB
https://github.com/mrmazakblu/RCA_RCT6873W42_bootloader-unlock_CWM_recovery_tethered-root


----------



## mrmazak (Jan 28, 2017)

Permissive boot.img is giving me a bit of trouble. Without kernel source I can't build a new one  (not that I have even done that before). And the kernel command line of stock kernel already has "androidboot.selinux=permissive"

I tried to add an .sh file with "setenforce =0" , and I added an import command in the init.rc , but it either did not run or did not work.

I think the ROM supports unit.d so I will try to add command there next.

           added dir "/etc/init.d" and made file "08setperm"(name irrelevant i think), inside file 

```
#!/system/sh
setenforce 0
```

did not seem to change anything.

and after rebooted the folder I added is gone.
Next I added the /etc/init.d folder and the setperm file directly to boot.img  No progress


----------



## fsebentley (Jan 28, 2017)

mrmazak said:


> Permissive boot.img is giving me a bit of trouble. Without kernel source I can't build a new one  (not that I have even done that before). And the kernel command line of stock kernel already has "androidboot.selinux=permissive"
> 
> I tried to add an .sh file with "setenforce =0" , and I added an import command in the init.rc , but it either did not run or did not work.
> 
> ...

Click to collapse



In the boot.img the bootimg.cfg controls the parameters of the boot.img this config file has the "cmdline =" parameter which is the kernel command line to be used on boot. Edit this (unedited it has the   "androidboot.selinux=permissive" in there) If you change it there that should accomplish what you seem to be trying.

Currently i am at a standstill, during one of my tests of the recovery I made a mistake in reboot by unintentionally selecting the option to root.. (I was not reading closely enough and didnt notice the option until i had clicked it) in any case I am at softbrick and am looking for a means to unbrick..


----------



## vampirefo (Jan 28, 2017)

fsebentley said:


> In the boot.img the bootimg.cfg controls the parameters of the boot.img this config file has the "cmdline =" parameter which is the kernel command line to be used on boot. Edit this (unedited it has the   "androidboot.selinux=permissive" in there) If you change it there that should accomplish what you seem to be trying.
> 
> Currently i am at a standstill, during one of my tests of the recovery I made a mistake in reboot by unintentionally selecting the option to root.. (I was not reading closely enough and didnt notice the option until i had clicked it) in any case I am at softbrick and am looking for a means to unbrick..

Click to collapse



If you can't adb the device, there is no recovering it.

Sent from my Life Max using Tapatalk

---------- Post added at 05:25 PM ---------- Previous post was at 05:22 PM ----------




mrmazak said:


> Permissive boot.img is giving me a bit of trouble. Without kernel source I can't build a new one  (not that I have even done that before). And the kernel command line of stock kernel already has "androidboot.selinux=permissive"
> 
> I tried to add an .sh file with "setenforce =0" , and I added an import command in the init.rc , but it either did not run or did not work.
> 
> ...

Click to collapse



You have to rebuild sepolicy, to get permissive boot, then use recovery to flash system root. Don't try systemless root on this device.



Sent from my Life Max using Tapatalk


----------



## mrmazak (Jan 28, 2017)

fsebentley said:


> In the boot.img the bootimg.cfg controls the parameters of the boot.img this config file has the "cmdline =" parameter which is the kernel command line to be used on boot. Edit this (unedited it has the   "androidboot.selinux=permissive" in there) If you change it there that should accomplish what you seem to be trying.
> 
> Currently i am at a standstill, during one of my tests of the recovery I made a mistake in reboot by unintentionally selecting the option to root.. (I was not reading closely enough and didnt notice the option until i had clicked it) in any case I am at softbrick and am looking for a means to unbrick..

Click to collapse



Is the cfg file you refer to the same as "boot.img-cmdline" I get when I unpack the boot.img with "carlivimagekitchen" I am using on Windows?

About your brick, how bad is it?
Do you have recovery available?
Was the recovery that asked "root" installed or just booted?

---------- Post added at 11:35 PM ---------- Previous post was at 11:26 PM ----------




vampirefo said:


> If you can't adb the device, there is no recovering it.
> 
> Sent from my Life Max using Tapatalk
> 
> ...

Click to collapse




Well policy is not even close to familiar to me.

I did try comparing the one in your cwm to the one from RCA boot.img. I used winhex hex editor, the beginning is identical, then there is many unreadable sections, followed be the RCA one going into lots of permissions involving decrypting, .that's probably as far as I'm comfortable pushing things for now.

By the way congrats on the "Max". I had one in my cart since pre-order announment. But just didn't follow through with it.


----------



## fsebentley (Jan 28, 2017)

mrmazak said:


> Is the cfg file you refer to the same as "boot.img-cmdline" I get when I unpack the boot.img with "carlivimagekitchen" I am using on Windows?
> 
> About your brick, how bad is it?
> Do you have recovery available?
> ...

Click to collapse



@ vampirefo
Not entirely sure what you mean here.. but here is the bootimg.cfg internal content that is generated with the linux abootimg -x command (standard android boot.img extraction) :
bootsize = 0x2000000
pagesize = 0x1000
kerneladdr = 0x2600000
ramdiskaddr = 0x500000
secondaddr = 0x2400010
tagsaddr = 0x100
name = 
cmdline = idle=halt notsc androidboot.hardware=sofiaboard apic=sofia nolapic_pm firmware_class.path=/system/vendor/firmware androidboot.selinux=permissive nolapic_timer x86_intel_xgold_timer=soctimer_only vmalloc=512m slub_max_order=0 console=ttyFIQ0,115200n8

Ths is the info contained within my original recovery.img extracted from the tablet note the portion of the cmdline parameter which mrmazak was referencing "androidboot.selinux=permissive" .... this would tend to indicate that it is already permissive my assumption based on his enquiry was that he wanted to remove this ?
@mrmazak
I extract images using the standard android tools from the sdk , ie ones you can compile with an android build using the android sources. The boot.img or recovery.img files generated by android can be extracted using abootimg in linux. the package is in the repo's. This is what I use to build and extract images which I edit.

Recovery is available.

It is the unchanged one.. I had loaded the one I was working on through fastboot boot recovery.img


----------



## mrmazak (Jan 28, 2017)

fsebentley said:


> @ vampirefo
> Not entirely sure what you mean here.. but here is the bootimg.cfg internal content that is generated with the linux abootimg -x command (standard android boot.img extraction) :
> bootsize = 0x2000000
> pagesize = 0x1000
> ...

Click to collapse



Thank you . Yes that information is same as I have, I just have it in separate files because the tools I use. (Windows).
And I don't want to remove the "permissive" , i want the permissive to actually be permissive. 
If I issue "getenforce" the response is all ways "enforcing" 
So something else (sepolicy) is over-riding this setting. 

I guess that in recovery , if you select mount /system, you get a fail message.

That is what happened to me. But, I had flashed a modified-stock recovery that had adb.

If yours is the stock -stock one, I think only hope is an official signature key leak or official update package.


----------



## fsebentley (Jan 28, 2017)

I expect I am now going to either have to get the original Firmware image, or build one if I can figure out the proper format and reflash the device in order to recover it... any idea what format the firmware files for these devices use ? I have the firmware flash utility from intel but have not got any actual firmware formatted files to test it with (Not flash but just to see the form the firmware files take) it appears the will be in a zipped form to use with it but the internals of that zipped form would be helpful... given a full partition extraction from one of our devices I should be able to rebuild one using the partitions provided I have an example of a firmware and tools to convert files to the proper form.... 

I have done this with other SOC devices, my prior Dev work has been done primarily on Allwinner based devices.

These Intel devices do have a Flash mode in addition to normal boot mode and fastboot and I have access to the flash mode on my device at least while the 30 second warning is given and if I can get the key combo I should be able to put it into flash mode. I am additionally hoping to be able to find a key combo that will place it into Fastboot mode, but so far no dice... occasionally this requires some odd interactions somtimes I have had to remove the covers on devices in order to push the proper buttons to activate some modes ( ie both volume buttons in sequence can be a bit difficult unless you seperate the toggle bar)


----------



## mrmazak (Jan 30, 2017)

fsebentley said:


> I expect I am now going to either have to get the original Firmware image, or build one if I can figure out the proper format and reflash the device in order to recover it... any idea what format the firmware files for these devices use ? I have the firmware flash utility from intel but have not got any actual firmware formatted files to test it with (Not flash but just to see the form the firmware files take) it appears the will be in a zipped form to use with it but the internals of that zipped form would be helpful... given a full partition extraction from one of our devices I should be able to rebuild one using the partitions provided I have an example of a firmware and tools to convert files to the proper form....
> 
> I have done this with other SOC devices, my prior Dev work has been done primarily on Allwinner based devices.
> 
> These Intel devices do have a Flash mode in addition to normal boot mode and fastboot and I have access to the flash mode on my device at least while the 30 second warning is given and if I can get the key combo I should be able to put it into flash mode. I am additionally hoping to be able to find a key combo that will place it into Fastboot mode, but so far no dice... occasionally this requires some odd interactions somtimes I have had to remove the covers on devices in order to push the proper buttons to activate some modes ( ie both volume buttons in sequence can be a bit difficult unless you seperate the toggle bar)

Click to collapse




I do not know if this is correct but, this set of instructions say there is no need for manually enter "flash mode". It does the flashing with device in off state.

https://androidmtk.com/flash-stock-rom-using-intel-phone-flash-tool

edit 1:
I think it is working. I get connected confirmation, with tablet off.

the flow of connecting.
1. powered off 
2. open  Intel Platform Flash Tool Lite 5.52.0 (available for multiple platforms)
3> connect usb cable Flash tool shows connected, Device turns on and you see 30 second countdown, at end tablet disconnects from flash tool. Then about 15 seconds later silently reconnects. And device manage shows DnX usb device connected the whole time. (reason why it is silent, windows did not disconnect, only the flash tool did)

rom looks like it should be xml format.
I do have the /system so once the method of converting .img to xml is known ...........  shoiuld be good to go.

I downloaded the xolo x500 rom (the rom used in the example for using intel flash tool) and the flash.xml file shows that the intel software puts phone into fastboot mode.


```
<?xml version="1.0" encoding="utf-8"?>
<flashfile>
    <id>system</id>
    <comments>COMMENTS</comments>
    <platform>mfld_pr2</platform>
    <code_groups>
        <code_group name="FIRMWARE">
            <file TYPE="IFWI">
                <name>IFWI_GI_DV1.0_v0E.BB_CAAB_PPD.bin</name>
                <version>IFWI</version>
                <checksum></checksum>
            </file>
            <file TYPE="FW_DNX">
                <name>CAAB-Signed_PNW_D1_FWR_DnX.FD.07.bin</name>
                <version>FW_DNX</version>
                <checksum></checksum>
            </file>
            <file TYPE="OS_DNX">
                <name>CAAB-Signed_PNW_D1_OSR_DnX.0D.08.bin</name>
                <version>OS_DNX</version>
                <checksum></checksum>
            </file>
        </code_group>
        <code_group name="RECOVERY">
            <file TYPE="RECOVERY">
                <name>LEXUG-recovery_ota.img</name>
                <version></version>
                <offset></offset>
                <fixed_size></fixed_size>
                <checksum></checksum>
            </file>
        </code_group>
        <code_group name="BOOTLOADER">
            <file TYPE="KBOOT">
                <name>LEXUG-droidboot_ota-CAAK-POS.bin</name>
                <version></version>
                <offset></offset>
                <fixed_size></fixed_size>
                <checksum></checksum>
            </file>
        </code_group>
        <code_group name="OTA">
            <file TYPE="OTA">
                <name>update.zip</name>
                <version>system</version>
                <offset></offset>
                <fixed_size></fixed_size>
                <checksum></checksum>
            </file>
        </code_group>
	
    </code_groups>
    <commands>
        <command>
            <string>fastboot erase factory</string>
            <timeout>30000</timeout>
            <retry>60</retry>
            <description>Erasing factory</description>
        </command>
        <command>
            <string>fastboot erase system</string>
            <timeout>60000</timeout>
            <retry>6</retry>
            <description>Erasing system</description>
        </command>
        <command>
            <string>fastboot erase cache</string>
            <timeout>30000</timeout>
            <retry>6</retry>
            <description>Erasing cache</description>
        </command>
        <command>
            <string>fastboot erase data</string>
            <timeout>45000</timeout>
            <retry>2</retry>
            <description>Erasing data</description>
        </command>
	
        <command>
            <string>fastboot flash recovery $recovery_file</string>
            <timeout>60000</timeout>
            <retry>6</retry>
            <description>Flash Recovery</description>
        </command>
        <command>
            <string>fastboot flash update $ota_file</string>
            <timeout>3000000</timeout>
            <retry>6</retry>
            <description>Flashing OTA</description>
        </command>
    </commands>
    <gpflag>   
          <value>0x80000005</value> 
    </gpflag> 
</flashfile>
```


I have the rom downloaded from need-a-rom its around 300MB. I put it in my shared google folder if you want to look at the format.

It looks like a standard recovery type rom .zip next to the flash.xml file. If you can put this together that would be great.


----------



## mrmazak (Jan 31, 2017)

@fsebentley
this is kind of what I was thinking of when I found the format inside the flash.xml

```
<?xml version="1.0" encoding="utf-8"?>
<flashfile>
    <id>system</id>
    <comments>COMMENTS</comments>
    <code_groups>
        
        <code_group name="RECOVERY">
            <file TYPE="RECOVERY">
                <name>rca-recovery-cwm-ramdisk.img</name>
                <version></version>
                <offset></offset>
                <fixed_size></fixed_size>
                <checksum></checksum>
            </file>
        </code_group>
        
	
    </code_groups>
    <commands>
        <command>
            <string>fastboot boot $recovery_file</string>
            <timeout>60000</timeout>
            <retry>6</retry>
            <description>Boot to Recovery</description>
        </command>
        
    </commands> 
</flashfile>
```

But I try loading it into the intel flash program and I get errors. So I try and load the xolo flash.xml and it also has same error. 
I hope you can use this information to get this working, I am also hoping that I am not going in the wrong direction here.


----------



## mrmazak (Feb 1, 2017)

As far as progress on rebuilding sepoliy. I have not been able to. What I have tried was swap the sepolicy from the cwm and also some random "lax sepolicys" found on the web.  THe results are all the same. Try to boot from fastboot rather than flashing it. and the boot hangs on the RCA logo screen for longer than normal , then tablet reboots into recovery mode. So that tells me the kernel needs to be redone not the policy. 

I tried to stick the kernel part of the cwm recovery in but that just made tablet boot into recovery straight away without the hang on logo screen. 

For now I am still at a stand still with just the tethered root shell.


----------



## mrmazak (Feb 2, 2017)

I found a similar issue to whT is holding me back. Issue of tablet booting to recovery when I try to set it to permissive mode. (Safe boot mode if you will)

https://forum.xda-developers.com/ne...ve-mode-android-n-npc56w-build-t3343573/page2

There method of bypass is basically to stop "logd" so kernel does not know it is permissive. I think  I will spend some time and try this approach.

It does not seem like a final solution as logs do help so , ...... Any way it is an idea.


----------



## mrmazak (Feb 5, 2017)

Please everyone, contact rca support to ask for kernel sources.

http://rcaav.com/support/webform/


----------



## insanemhelo (Oct 22, 2016)

I was wondering does anyone know of a working way to apply root to this device. I have tried kingo root, king root, iroot, one click root, and impactor. Everyone of them fails when trying to apply the root. i thought maybe i could attempt to unlock the bootloader on the deivce cause that might be what is causing them to fail. I booted into recovery and then clicked reboot into bootloader and the device just boots normal so i am unable to get into the bootloader to even attempt to unlock it. I'm at a roadblock with this device. If anyone can help me get root on this device i would be grateful.


----------



## [email protected] (Feb 5, 2017)

I sent in a form


----------



## rpk3 (Feb 5, 2017)

Done. Thks for all the hard work in this.


==update

As usuall. The strongarm corporate stall tactic...


==begin paste /.

Paul Kaszap


----------



## mrmazak (Feb 8, 2017)

*Almost have TWRP*

I have been messing around with a twrp port, and I have it booting, but don't know how to fix a touch screen issue. 
The touches do not match the display. 
If I post the w.i.p. (work in progress), does anyone know how to adjust it?

this twrp has the touch screen overlay turned 90deg to the display.

I have been adjusting X and Y numbers in the ui.xml from in the ramdisk, but it seems to be moving both the displayed button and the touch area for that button at same time, so still don't know how to separate them to make alignment changes.

I have made a backup with this and will soon test the restore and install functions. Display should be fixed before using this though.


----------



## fsebentley (Feb 10, 2017)

mrmazak said:


> I have been messing around with a twrp port, and I have it booting, but don't know how to fix a touch screen issue.
> The touches do not match the display.
> If I post the w.i.p. (work in progress), does anyone know how to adjust it?
> 
> ...

Click to collapse



Likely you have a ui.xml and icons for something other than 1024x600 .. if you do some searching on github and  google you can located these designed for the proper screen resolution... I have had to do this for several TWRP variants that I ported for the Allwinner SOC's A13, A20, A23,A31 and A33 .. I used essentially the same TWRP for all simply changing the Kernels a few drivers and the changes to the res folder for the ui.xml and images for the associated screen resolution.


----------



## mrmazak (Feb 10, 2017)

fsebentley said:


> Likely you have a ui.xml and icons for something other than 1024x600 .. if you do some searching on github and  google you can located these designed for the proper screen resolution... I have had to do this for several TWRP variants that I ported for the Allwinner SOC's A13, A20, A23,A31 and A33 .. I used essentially the same TWRP for all simply changing the Kernels a few drivers and the changes to the res folder for the ui.xml and images for the associated screen resolution.

Click to collapse



This one is not 1024x600 But has built-in scaling so didn't think it mattered. The appearance is normal. And log shows x scaling 0.55555 and Y scaling 0.55555. 

If you can picture this situation. The display is in portrait and the touch screen is in landscape. So the bottom left of display is home button and bottom right is back button, but to go home you touch bottom right and to go back you touch top right.

I attached photo showing the back button being registered and you can see where my finger it really touching.


I tried a few builds that are supposed to be portrait and a few that are supposed to be in landscape. They all display in portrait orientation. 

Maybe has something to do with the display driver in kernel part of recovery IMG


Found a possible solution, but it requires building the recovery, and we dont have any tree to use as reference.
**keep getting closer


----------



## mrmazak (Feb 11, 2017)

I sent an email to RCA through the same link I posted last week. I did not expect much from it and, all I got so far is an automatic response stating that my message has been received and it may take 1-2 business days for a reply. To date it has been 8 business days and no further response.

---------- Post added at 11:03 AM ---------- Previous post was at 10:11 AM ----------

 @vampirefo , can you lend another hand here.

I sort-of got twrp to load on this intel based tablet, but the recovery files I used are missing a boardconfig flag.

this one I believe,is what it needs "RECOVERY_TOUCHSCREEN_SWAP_XY := true"

I do not have a device tree. So adding it and recompiling is not an option.
I think I am using files you might have made at some point.

The history of getting twrp to boot.
1> your supplicated  Intel_cwm51_recovery
2> this device recovery kernel img
3> this device fstab
4> the files from "IntelAndroid-FBRL-07-24-2015.zip /FB-RecoveryLauncher / twrp_hdpi_portrait.zip "  added to ramdisk

The issue is touchscreen is rotated to display. I situation discussed on Dees_Troy guide https://forum.xda-developers.com/showthread.php?t=1943625 , and simple solution is to add build flag in boardconfig.mk

thanks in addvance.


----------



## vampirefo (Feb 11, 2017)

mrmazak said:


> I sent an email to RCA through the same link I posted last week. I did not expect much from it and, all I got so far is an automatic response stating that my message has been received and it may take 1-2 business days for a reply. To date it has been 8 business days and no further response.
> 
> ---------- Post added at 11:03 AM ---------- Previous post was at 10:11 AM ----------
> 
> ...

Click to collapse



Have you tried the I-700 version? probably closes to the size of this tablet.

twrp_i700_recovery.zip

https://forum.xda-developers.com/dell-venue/general/linux-tethered-cwm-recovery-version-t2963104

Sent from my Life Max using Tapatalk


----------



## mrmazak (Feb 11, 2017)

vampirefo said:


> Have you tried the I-700 version? probably closes to the size of this tablet.
> 
> twrp_i700_recovery.zip
> 
> ...

Click to collapse



I will try, thanks, but the auto scaling of twrp seems to take care of the size. Because the display looks correct. And porportiantly the touch is correct,just rotated 90deg.

Edit.

Did not work. Tablet went to "safe-mode" and kernel panic made it reboot to installed recovery


----------



## vampirefo (Feb 11, 2017)

mrmazak said:


> I will try, thanks, but the auto scaling of twrp seems to take care of the size. Because the display looks correct. And porportiantly the touch is correct,just rotated 90deg.

Click to collapse



The i700 is rotated.

Have you tried a USB mouse on your device? 

With my max, I had to build carliv new recovery as touch is disabled in recovery mode, mouse worked just fine though.

Carliv new recovery is pretty cool so far, both touch and manual mode.

Sent from my Life Max using Tapatalk


----------



## fsebentley (Feb 11, 2017)

mrmazak said:


> I sent an email to RCA through the same link I posted last week. I did not expect much from it and, all I got so far is an automatic response stating that my message has been received and it may take 1-2 business days for a reply. To date it has been 8 business days and no further response.
> 
> ---------- Post added at 11:03 AM ---------- Previous post was at 10:11 AM ----------
> 
> ...

Click to collapse



I submitted a similar request to RCA in Late Nov/Early Dec and get regular replies... identical to first reply saying they will respond in 1 to 2 buisiness days... no actual information is in these responses. I have a feeling they are either just automated replies to "Place Hold"  requests that they either do not have a solution to or do not intend to respond to.


----------



## mrmazak (Feb 11, 2017)

vampirefo said:


> The i700 is rotated.
> 
> Have you tried a USB mouse on your device?
> 
> ...

Click to collapse



When I use the whole folder from "i700" just like I did with the "twrp_hdpi_portrait" it just  hung at the rca logo then rebooted. But when I use only the "recovery" binary from /sbin folder it boots and has same touchscreen/ display mismatch problem. And searching the binary with hex editor the flag "RECOVERY_TOUCHSCREEN_SWAP_XY := true" is not found. 
when I also use the ui.xml, landscape.xml there are no working touch points and only display is the header (but it is still in portrait)


I am hoping that you have the source used to compile that i700 recovery and I can use it or you can make a build with it adding "RECOVERY_TOUCHSCREEN_SWAP_XY := true" to the boardconfig.mk.

No I did not try USB mouse yet, I don't have one with me.

There is currently no USB connection to pc at this time with the tablet either, that was next in my list.


----------



## vampirefo (Feb 11, 2017)

mrmazak said:


> When I use the whole folder from "i700" just like I did with the "twrp_hdpi_portrait" it just  hung at the rca logo then rebooted. But when I use only the "recovery" binary from /sbin folder it boots and has same touchscreen/ display mismatch problem. And searching the binary with hex editor the flag "RECOVERY_TOUCHSCREEN_SWAP_XY := true" is not found.
> when I also use the ui.xml, landscape.xml there are no working touch points and only display is the header (but it is still in portrait)
> 
> 
> I am hoping that you have the source used to compile that i700 recovery and I can use it or you can make a build with it adding "RECOVERY_TOUCHSCREEN_SWAP_XY := true" to the boardconfig.mk.

Click to collapse



These are very old recoveries, I will check when I get home, l doubt I kept the source files, but will look when I can.

Sent from my Life Max using Tapatalk

---------- Post added at 12:20 PM ---------- Previous post was at 12:09 PM ----------




vampirefo said:


> These are very old recoveries, I will check when I get home, l doubt I kept the source files, but will look when I can.
> 
> Sent from my Life Max using Tapatalk

Click to collapse



Upload stock recovery and boot images, I will attempt to make you a permissive boot.img no way for me to test, I suggest only fastboot boot boot.img not install boot.img.

As well as this rotated twrp recovery.


Sent from my Life Max using Tapatalk


----------



## mrmazak (Feb 11, 2017)

vampirefo said:


> These are very old recoveries, I will check when I get home, l doubt I kept the source files, but will look when I can.
> 
> Sent from my Life Max using Tapatalk
> 
> ...

Click to collapse



the image files are all here in my github repo.
https://github.com/mrmazakblu/RCA_RCT6873W42_bootloader-unlock_CWM_recovery_tethered-root

no-force-encrypt-boot.img is flashed onto device and 99.99% stock, just has change in fstab from "forceencrypt" to "encrypable"

no-force-encrypt-recovery.img is same fstab change made to stock recovery. Plus default prop change to allow adb, along with my add-key in /data/misc/adb

and this twrp is there called "rca-recovery-twrp-wrong-touch.img"


----------



## vampirefo (Feb 11, 2017)

mrmazak said:


> the image files are all here in my github repo.
> https://github.com/mrmazakblu/RCA_RCT6873W42_bootloader-unlock_CWM_recovery_tethered-root

Click to collapse



OK, when I get home I will see what I can do, you are using no forced? No one should attempt to even boot the one I make on forced encryption.

Sent from my Life Max using Tapatalk


----------



## mrmazak (Feb 11, 2017)

vampirefo said:


> OK, when I get home I will see what I can do, you are using no forced? No one should attempt to even boot the one I make on forced encryption.
> 
> Sent from my Life Max using Tapatalk

Click to collapse



right. I already made change to mine to be not forced


----------



## Plasmastar (Feb 11, 2017)

fsebentley said:


> I submitted a similar request to RCA in Late Nov/Early Dec and get regular replies... identical to first reply saying they will respond in 1 to 2 buisiness days... no actual information is in these responses. I have a feeling they are either just automated replies to "Place Hold"  requests that they either do not have a solution to or do not intend to respond to.

Click to collapse



I used a diversionary tactic and asked them about something else, like battery life, as well as if a stock rom was supplied. Honestly wanted to know about battery life, because it sucks, and certainly isn't the 6 hours mentioned on the box. They pretty much said they weren't providing a stock rom though.


----------



## mrmazak (Feb 12, 2017)

vampirefo said:


> OK, when I get home I will see what I can do, you are using no forced? No one should attempt to even boot the one I make on forced encryption.
> 
> Sent from my Life Max using Tapatalk

Click to collapse



Update on touch points.

I went and got a mouse like you asked. The mouse works correctly.


----------



## vampirefo (Feb 12, 2017)

mrmazak said:


> Update on touch points.
> 
> I went and got a mouse like you asked. The mouse works correctly.

Click to collapse



Will look at this tomorrow, I had some problems with needrom it appears fixed now.

Sent from my LIFE X8 using Tapatalk


----------



## vampirefo (Feb 12, 2017)

mrmazak said:


> I sent an email to RCA through the same link I posted last week. I did not expect much from it and, all I got so far is an automatic response stating that my message has been received and it may take 1-2 business days for a reply. To date it has been 8 business days and no further response.
> 
> ---------- Post added at 11:03 AM ---------- Previous post was at 10:11 AM ----------
> 
> ...

Click to collapse



The old recoveries were build from cm11 source which I have since deleted, I still have cm13 source so going to try on it.

Ok I started twrp build with. RECOVERY_TOUCHSCREEN_SWAP_XY := true

# Recovery
TW_THEME := portrait_hdpi
RECOVERY_TOUCHSCREEN_SWAP_XY := true
RECOVERY_GRAPHICS_USE_LINELENGTH := true
TARGET_RECOVERY_PIXEL_FORMAT := "BGRA_8888"
COMMON_GLOBAL_CFLAGS += -DNO_SECURE_DISCARD
#TW_MAX_BRIGHTNESS := 100
#TW_INPUT_BLACKLIST := lis3dh_acc
TARGET_RECOVERY_FSTAB := device/dell/yellowtail/etc/twrp.fstab
BOARD_UMS_LUNFILE := "/sys/class/android_usb/f_mass_storage/lun/file"
TW_CUSTOM_BATTERY_PATH := "/sys/class/power_supply/dollar_cove_battery"
TARGET_RECOVERY_INITRC := device/dell/yellowtail/etc/init.rc
TW_USE_MODEL_HARDWARE_ID_FOR_DEVICE_ID := true
RECOVERY_GRAPHICS_USE_LINELENGTH := true
BOARD_HAS_NO_REAL_SDCARD := true
RECOVERY_SDCARD_ON_DATA := true
RECOVERY_GRAPHICS_USE_LINELENGTH := true
TW_CUSTOM_POWER_BUTTON := 107
#TW_NO_SCREEN_BLANK := true
TW_NO_SCREEN_TIMEOUT := true
TW_EXCLUDE_SUPERSU := true
TW_FLASH_FROM_STORAGE := true
TW_HAS_MTP := true
#TW_OEM_BUILD := true
#TW_INCLUDE_CRYPTO := true
TW_NO_EXFAT_FUSE := true
TW_NO_EXFAT := true
TW_MAX_BRIGHTNESS := 255
#TW_DISABLE_DOUBLE_BUFFERING_CHECK := true
#TW_NO_REBOOT_BOOTLOADER := true
TW_INTERNAL_STORAGE_PATH := "/data/media/0"
TW_INTERNAL_STORAGE_MOUNT_POINT := "data"
TW_EXTERNAL_STORAGE_PATH := "/external_sd"
TW_EXTERNAL_STORAGE_MOUNT_POINT := "external_sd"
TW_FLASH_FROM_STORAGE := true
BOARD_HAS_LARGE_FILESYSTEM := true
TARGET_USERIMAGES_USE_EXT4 := true
#TW_HAVE_X86_ACCELERATED_PIXELFLINGER := true

I have added the twrp files.


----------



## mrmazak (Feb 12, 2017)

vampirefo said:


> The old recoveries were build from cm11 source which I have since deleted, I still have cm13 source so going to try on it.
> 
> Ok I started twrp build with. RECOVERY_TOUCHSCREEN_SWAP_XY := true
> 
> ...

Click to collapse



Thank You , but did not boot.
I used all the folders and the repack time was 5 times longer. ?? mystery
and when booted =, it just went to blank screen, did not even show the device logo.


then i used just the recovery binary from /sbin.
this repacked normaly but hangs at the device logo screen.


----------



## insanemhelo (Oct 22, 2016)

I was wondering does anyone know of a working way to apply root to this device. I have tried kingo root, king root, iroot, one click root, and impactor. Everyone of them fails when trying to apply the root. i thought maybe i could attempt to unlock the bootloader on the deivce cause that might be what is causing them to fail. I booted into recovery and then clicked reboot into bootloader and the device just boots normal so i am unable to get into the bootloader to even attempt to unlock it. I'm at a roadblock with this device. If anyone can help me get root on this device i would be grateful.


----------



## vampirefo (Feb 12, 2017)

mrmazak said:


> Thank You , but did not boot.
> I used all the folders and the repack time was 5 times longer. ?? mystery
> and when booted =, it just went to blank screen, did not even show the device logo.
> 
> ...

Click to collapse




replace only recovery binary, boot while it's hung you should have adb.

adb push sbin /sbin/

adb shell

/sbin/recovery


----------



## mrmazak (Feb 12, 2017)

vampirefo said:


> replace only recovery binary, boot while it's hung you should have adb.
> 
> adb push sbin /sbin/
> 
> ...

Click to collapse




Unfortunatly, no, there is no adb connection. No usb device seen on pc at all


----------



## vampirefo (Feb 12, 2017)

mrmazak said:


> Unfortunatly, no, there is no adb connection. No usb device seen on pc at all

Click to collapse



Did you have adb before? Is so use that adbd binary file, and delete the one in the sbin file I gave you, or simply replace with one you had before.

Sent from my Life Max using Tapatalk


----------



## Jerryvail924 (Feb 12, 2017)

mrmazak said:


> Unfortunatly, no, there is no adb connection. No usb device seen on pc at all

Click to collapse


https://forum.xda-developers.com/an...e-rca-viking-pro-rct6303w87dk-t3325158/page22


----------



## vampirefo (Feb 12, 2017)

mrmazak said:


> Unfortunatly, no, there is no adb connection. No usb device seen on pc at all

Click to collapse



Or just boot the working twrp and then once in twrp.


adb push sbin /sbin/

adb shell

/sbin/recovery

Sent from my Life Max using Tapatalk


----------



## mrmazak (Feb 12, 2017)

vampirefo said:


> Or just boot the working twrp and then once in twrp.
> 
> 
> adb push sbin /sbin/
> ...

Click to collapse



went back a few steps to fix adb in what I was starting with. Now I have adb and trying to push new /sbin


after push new /sbin now I get permission denied 13 on shell commands

repacked again with the new recovery binary and working adb. 
adb shell produces "missing DT_HASH" message
but comes to # prompt.
then /sbin/recovery has same "missing DT_HASH" message


----------



## vampirefo (Feb 12, 2017)

mrmazak said:


> went back a few steps to fix adb in what I was starting with. Now I have adb and trying to push new /sbin
> 
> 
> after push new /sbin now I get permission denied 13 on shell commands

Click to collapse



No ideal, it must not like the compiler, I don't have old compiler anymore.

Would have to start from scratch install Linux don't update kernel and so on.

Sent from my Life Max using Tapatalk

---------- Post added at 12:25 PM ---------- Previous post was at 12:17 PM ----------

Well, I just bricked my Intel, needed to see if their software would restore a completely bricked  tablet, apparently it does.

Sent from my Life Max using Tapatalk


----------



## mrmazak (Feb 12, 2017)

vampirefo said:


> No ideal, it must not like the compiler, I don't have old compiler anymore.
> 
> Would have to start from scratch install Linux don't update kernel and so on.
> 
> ...

Click to collapse




so you used what software to restore.?


----------



## vampirefo (Feb 12, 2017)

mrmazak said:


> so you used what software to restore.?

Click to collapse



I used the software Insignia sent me.

To restore my insignia tablet.

Sent from my Life Max using Tapatalk


----------



## mrmazak (Feb 12, 2017)

vampirefo said:


> I used the software Insignia sent me.
> 
> To restore my insignia tablet.
> 
> Sent from my Life Max using Tapatalk

Click to collapse



And you bricked it just to restore it to test the restore. or the restore failed and now its bricked?

NVM

i reread it and it makes sense. 
the restore does work for you.


----------



## vampirefo (Feb 12, 2017)

mrmazak said:


> And you bricked it just to restore it to test the restore. or the restore failed and now its bricked?
> 
> NVM
> 
> ...

Click to collapse



Yes, I paid $50 for tablet a while back, Today I decided to put their factory firmware to a test.

http://imgur.com/a/M2Ned

Not for sure what else can be done on your tablet, I tested the recovery on my intel exactly as I described to you works as should, touch not working cause I rotated screen for you, unrotated screen work just fine.

My tablet cant't boot any touch screen recoveries, but I can push them and get them running, that's why I am sticking to CWM on my devices.


----------



## mrmazak (Feb 12, 2017)

vampirefo said:


> Yes, I paid $50 for tablet a while back, Today I decided to put their factory firmware to a test.
> 
> http://imgur.com/a/M2Ned
> 
> ...

Click to collapse



well I do appreciate the effort. and I still ended up further anyway.
I overlooked the missing adb and the ability to use a mouse. So now a few more adjustments to fstab and will try to install a zip, The CWM would install some but fail with error on others. I think that was also fstab related, too many factory flags to deal with maybe, not all compatible with the recovery. ??


----------



## fsebentley (Feb 12, 2017)

vampirefo said:


> Yes, I paid $50 for tablet a while back, Today I decided to put their factory firmware to a test.
> 
> http://imgur.com/a/M2Ned
> 
> ...

Click to collapse



Where is this firmware tool available ? 
Also the Firmware you used would be helpful in my own testing if you dont mind sharing the source for download ? If you already have elsewhere I have not been able to locate it. I am currently trying to unbrick my own tab using the tool from Intel but so far no luck due the security in Android 6 stock recovery. Cannot get into Fastboot mode which the Intel flash tool seems to rely on.


----------



## vampirefo (Feb 12, 2017)

fsebentley said:


> Where is this firmware tool available ?
> Also the Firmware you used would be helpful in my own testing if you dont mind sharing the source for download ? If you already have elsewhere I have not been able to locate it. I am currently trying to unbrick my own tab using the tool from Intel but so far no luck due the security in Android 6 stock recovery. Cannot get into Fastboot mode which the Intel flash tool seems to rely on.

Click to collapse



You would need to get it from insignia, they will require a lot of information and require you not to share their firmware, they will send you two flash drives that when combined are around 26GB.

In that you will have the complete source code, it includes everything for your particular insignia device.

Sent from my Life Max using Tapatalk


----------



## mrmazak (Feb 17, 2017)

I still have not made progress on official whole system root. But my biggest reason for wanting to root is always so I can ad "adaway" . So I ended up just adding the "adaway" hosts file to the system, Now no more ads. At least significantly less, same as using the app.

I added the the hosts file to my github and also updated the reboot to recovery script to make adding/ updating the hosts easy. If you want to use it it is available.

https://github.com/mrmazakblu/RCA_RCT6873W42_bootloader-unlock_CWM_recovery_tethered-root


to use it , easiest thing to do is "clone or download" the repo, unzip the downloaded file your local pc, and run the reboot to cwm batch file.
As with all downloaded batch files you should proof read it for your self before running it.


----------



## rpk3 (Feb 19, 2017)

Fully test3d.?


----------



## mrmazak (Feb 19, 2017)

rpk3 said:


> Fully test3d.?

Click to collapse



everything is w.i.p.

but i use the reboot to cwm recovery daily , in fact 10-12 times in the past hour , working on testing a different permisive script approach,.

as for the host file ,  I have not seen any negative effects. 

I think You really should make install the modded recovery as a fall back , and you need to flash the modded boot in order to remove the encryption before you can even use the cwm recovery.

there is a scriprt and a new "tool" as well. Tool is available here
https://www.androidfilehost.com/?fid=817550096634747825


----------



## cozzie37 (Feb 21, 2017)

Sorry, I'm a newb, especially with Rockchip/Intel SoCs and companies that don't provide source code. I bought this to use with an EasyCap, but it doesn't have uvc support built in. Easycap Viewer supposedly uses a usermode driver, but that crashes and burns as well, and the response I got to a crash report was "get a tablet with a different SoC". What are the odds of being able to build a custom kernel with UVC support without the sources from Alco?

BTW thanks for all your work on rooting this tablet :good: My brother and I both just bought them at WalMart for $25 on clearance, we were hoping to use them for FPV flying/recording.


----------



## supermaxkato (Feb 23, 2017)

cozzie37, I just bought one of these and my easycap worked right out of the box.  Here is the Google play app I use: https://play.google.com/store/apps/details?id=com.shenyaocn.android.easycaprecorder
Will you reply back to confirm if this works for you?

Back to the main thread; I am also interested in root  .  But I have very little knowledge and so I can only hope those involved will make it happen.  Thanks for your efforts!


----------



## cozzie37 (Feb 24, 2017)

supermaxkato said:


> cozzie37, I just bought one of these and my easycap worked right out of the box.  Here is the Google play app I use: https://play.google.com/store/apps/details?id=com.shenyaocn.android.easycaprecorder
> Will you reply back to confirm if this works for you?

Click to collapse



Sorry to be going off topic here. No, this app didn't work for me. I connected my FPV camera to the easycap and first verified it's working with a different app on my phone, then connected it to the tablet and opened Easycap Recorder, which is the only FPV app currently installed on it. The tablet/app notify me that they've found the usbtv007 device, but the screen remains black, no video. I tried various options in the developer options, enabling usb debugging and cycling the USB mode through all the available options, nothing worked.

Stupid question, is it possible this is the kernel source for this device, or closely enough related to it to build a replacement kernel? 

https://github.com/crewrktablets/rk3x_kernel_3.10 EDIT: Nope, we're looking for 3.14 kernels, and probably different from normal rockchip, since this is x86 and most of their stuff is arm


----------



## insanemhelo (Oct 22, 2016)

I was wondering does anyone know of a working way to apply root to this device. I have tried kingo root, king root, iroot, one click root, and impactor. Everyone of them fails when trying to apply the root. i thought maybe i could attempt to unlock the bootloader on the deivce cause that might be what is causing them to fail. I booted into recovery and then clicked reboot into bootloader and the device just boots normal so i am unable to get into the bootloader to even attempt to unlock it. I'm at a roadblock with this device. If anyone can help me get root on this device i would be grateful.


----------



## cozzie37 (Feb 24, 2017)

Just for kicks, I just opened mine up, I'm trying to determine if I could do a linux image with Yocto. The chips onboard are

Intel PMB8016.P20 - SoFIA 3GRW (main SoC)
Intel PMB9102.P11 (looks like WiFi chip)
Rockchip RK818-2 (power mgmt)
2xMicron D9SHD (512MB DDR3L)
Biwin BWCTGSC11G16G (16GB NAND)
Silead GSL1680 (touchscreen controller)

There are also serial port TX/RX pads on the mainboard, not sure if they're of any use.

EDIT: Forgot to mention, the battery is only 2000mah, and there's plenty of room for a longer/wider/thicker battery.


----------



## cozzie37 (Feb 24, 2017)

@mrmazak, I tried your unlock tool and I seem to have ended up with a brick after step 1. I had already done "fastboot flashing unlock" manually, but decided to use the unlock option in your tool, since it formats userdata/cache as well. Now the tablet still has the orange bootloader, but it's hanging at the "Voyager" bootsplash. So far it's been hanging for over 20 minutes, adb and fastboot don't see it, the Intel flash tool does, but I don't have anything flashable. I've also tried the reset button on the back, it was no help, and no pressing and holding of keys has helped either. I think my next step is to tag wires onto those uart pads and see if there's a serial console running.

I have found that the Yocto BSP includes patches for a 3.14.55 kernel, maybe (fingers crossed) this is the source Alco built from. I'm working on applying those patches and setting up a cross-compile toolchain now. Any chance that /proc/config.gz is available?


----------



## mrmazak (Feb 24, 2017)

cozzie37 said:


> @mrmazak, I tried your unlock tool and I seem to have ended up with a brick after step 1. I had already done "fastboot flashing unlock" manually, but decided to use the unlock option in your tool, since it formats userdata/cache as well. Now the tablet still has the orange bootloader, but it's hanging at the "Voyager" bootsplash. So far it's been hanging for over 20 minutes, adb and fastboot don't see it, the Intel flash tool does, but I don't have anything flashable. I've also tried the reset button on the back, it was no help, and no pressing and holding of keys has helped either. I think my next step is to tag wires onto those uart pads and see if there's a serial console running.
> 
> I have found that the Yocto BSP includes patches for a 3.14.55 kernel, maybe (fingers crossed) this is the source Alco built from. I'm working on applying those patches and setting up a cross-compile toolchain now. Any chance that /proc/config.gz is available?

Click to collapse



I will have to flag to tool for now till I can find the reason

It runs same codes I used when I unlocked. I don't know why it did that.

- maybe unlocking a second  time when already unlocked - 

- maybe


----------



## cozzie37 (Feb 24, 2017)

W00t! I'm in recovery!!!

What I did:

Hold volume up while plugging in USB cable
Release volume up while orange 30s bootloader warning goes by (it says volume down to reset, but it's really up)
As soon as it's gone, hold volume up again

I wiped cache and userdata in recovery, and we're up and running again! I'm wondering if your tool ran the 'fastboot reboot' before it was done wiping userdata/cache.


----------



## mrmazak (Feb 24, 2017)

cozzie37 said:


> W00t! I'm in recovery!!!
> 
> What I did:
> 
> ...

Click to collapse



maybe
but I was thinking that the format comands are the problem
either way I  am releived it is not bricked

maybe fastboot reboot recovery may be better closing command (only some devices accept that command though)


sh*t

looking at the batch i see some typos. ex "fastboot rebot" instead of "reboot"  well this error was not from the tool but the original batch file


----------



## cozzie37 (Feb 24, 2017)

I was thinking when I did 'fastboot flashing unlock' it automatically wiped at least the user data partition and rebooted.

Anyways, I've flashed your noforceencrypt boot.img/recovery.img, and booted your twrp long enough to find out that there's no /proc/config.gz or handy kernel .configs laying around. After reboot adb is whining that I'm not authorized, I've got no option in the dev options to clear/revoke authorizations, and I'm not getting prompted to accept. I may need your adbkeys to get debug access back.

EDIT: yeah, I'm going to need your keys, the public key alone doesn't seem to be enough. I'm getting the same error on another computer that I just installed adb/fastboot on.


----------



## mrmazak (Feb 24, 2017)

cozzie37 said:


> I was thinking when I did 'fastboot flashing unlock' it automatically wiped at least the user data partition and rebooted.
> 
> Anyways, I've flashed your noforceencrypt boot.img/recovery.img, and booted your twrp long enough to find out that there's no /proc/config.gz or handy kernel .configs laying around. After reboot adb is whining that I'm not authorized, I've got no option in the dev options to clear/revoke authorizations, and I'm not getting prompted to accept. I may need your adbkeys to get debug access back.
> 
> EDIT: yeah, I'm going to need your keys, the public key alone doesn't seem to be enough. I'm getting the same error on another computer that I just installed adb/fastboot on.

Click to collapse




the keys I only added to stock recovery.img

and the cwm recovery dosent use keys. It has eng flag on the build. 
Does the android system complain about abd? or stock recovery?

the keys are already in the github. 
well here is the link
https://github.com/mrmazakblu/RCA_R...r/rca-recovery/ramdisk/data/misc/adb/adb_keys


----------



## cozzie37 (Feb 24, 2017)

mrmazak said:


> the keys I only added to stock recovery.img
> 
> and the cwm recovery dosent use keys. It has eng flag on the build.
> Does the android system complain about abd? or stock recovery?

Click to collapse



It's on the PC side. My laptop running Ubuntu gives


```
[email protected]:~$ adb shell
error: device unauthorized. Please check the confirmation dialog on your device.
```

And my windows desktop is something similar. There is no confirm dialog on the device. I can't get in through the OS or the modified stock recovery, and I can't boot cwm without adb access.



> the keys are already in the github.
> well here is the link
> https://github.com/mrmazakblu/RCA_R...r/rca-recovery/ramdisk/data/misc/adb/adb_keys

Click to collapse



That looks like it's only the public key, am I missing something? 

I'm currently working at this kinda from the other direction. I don't know much about Android, but I'm pretty good with hardware and Linux  I've soldered wires onto the serial port pads and am trying to get a logic level converter working now. My initial probing says that *something* is being transmitted over those pins. My home server is building one of the default Yocto images, I'm going to work on getting a linux kernel and/or OS booting, and the serial port should help with debugging. After that's working hopefully we can make it work in Android with root permissions, or failing that keep working on a complete linux image.


----------



## mrmazak (Feb 25, 2017)

cozzie37 said:


> It's on the PC side. My laptop running Ubuntu gives
> 
> 
> ```
> ...

Click to collapse



so turning usb debugging on / off in dev options did not trigger a prompt?

not normal.

that key is same one that is loaded in the device's recovery.img at "/data/misc/adb"  

on your pc in your home folder should be a  " .android "  folder copy that "adb_keys" there and rename it "adbkey"

that should get you adb from recovery.

you might have to trick into working by trying to start an adb sideload first.


----------



## cozzie37 (Feb 25, 2017)

mrmazak said:


> so turning usb debugging on / off in dev options did not trigger a prompt?

Click to collapse



nope. I think hard coding your key into the recovery locked out the possibility of other keys working. I've tried all the tricks google had to offer - unplugging it and plugging back in, deleting both keys, killing and restarting the adb server, restarting usb debugging, restarting developer options, 2 different PCs running different OSs...no prompt.



> not normal.
> 
> that key is same one that is loaded in the device's recovery.img at "/data/misc/adb"
> 
> ...

Click to collapse



Didn't work. You should have 2 keys in your .android folder, one called adbkey and the other called adbkey.pub, they're a public-private key pair. The one you've posted is the public key, adbkey.pub, which is the correct key for clients (phones/tablets), but the (adb) server needs the private key to authenticate it. The private key is much longer and starts with a "BEGIN PRIVATE KEY" header. If you want to read up more on how it works, https://en.wikipedia.org/wiki/Public-key_cryptography explains it a lot better than I ever could. And if you're concerned about security, feel free to pm it to me.

I now have a working serial connection to the tablet  Unfortunately there's no console running on it at the moment, root or otherwise, but it does spew out the kernel log as it's running, which is as good as I ever expected to get. If anyone else ever wants to do this, the line level is 1.8V, and you need to generate it externally if you're using a cheapo logic shifter, there's nowhere easy on the board to get that 1.8V from. I haven't found a datasheet on the SoFIA-3GR, so I have no idea how high of logic level it can deal with, so I stuck with 1.8V. Probably a 1.5V battery would be enough for the purpose. Also, the RX/TX pins are labelled how they would hook up to a PC, so RX goes to RX, TX to TX.


----------



## mrmazak (Feb 25, 2017)

cozzie37 said:


> nope. I think hard coding your key into the recovery locked out the possibility of other keys working. I've tried all the tricks google had to offer - unplugging it and plugging back in, deleting both keys, killing and restarting the adb server, restarting usb debugging, restarting developer options, 2 different PCs running different OSs...no prompt.
> 
> 
> 
> ...

Click to collapse




well if that is the case, that means nobody else has tried to use the images or recovery. Well at least not the recovery. 
And to use it I need to make the pair available.

file name needs to be "adbkey"




```
-----BEGIN PRIVATE KEY-----
<<<<<<<<<<<<<REMOVED >>>>>>
-----END PRIVATE KEY-----
```


----------



## vampirefo (Feb 25, 2017)

Sounds to me, like your  Linux isn't setup correctly, reboot Linux then, sudo adb shell


Sent from my LIFE X8 using Tapatalk

---------- Post added at 12:04 AM ---------- Previous post was at 12:00 AM ----------




mrmazak said:


> well if that is the case, that means nobody else has tried to use the images or recovery. Well at least not the recovery.
> And to use it I need to make the pair available.
> 
> file name needs to be "adbkey"
> ...

Click to collapse



Your key shouldn't work on any computer but your own, I have never heard of or seen a key from one computer work on another computer.

Sent from my LIFE X8 using Tapatalk


----------



## mrmazak (Feb 25, 2017)

Hello

I want to ask, who has tried either the batch file or "tool" to flash new boot and recovery images. 
@cozzie37 is the only one who has commented on trying it, and the directions were ot quite as written, and now there is some trouble for him, with adb.

has enyone else used and had problem , or used and had no problem, please some feed back. I need to know if i need to pull the tool or not.


----------



## cozzie37 (Feb 25, 2017)

vampirefo said:


> Sounds to me, like your  Linux isn't setup correctly, reboot Linux then, sudo adb shell

Click to collapse



Yeah something weird's going on, I don't think its either PC though. With either the Linux or the windows PC I can access adb in recovery now, but still not in the OS. I just noticed a small cut in the USB cable I've been using, so maybe that's causing issues. I'll mess with it more tomorrow.



> Your key shouldn't work on any computer but your own, I have never heard of or seen a key from one computer work on another computer.
> 
> Sent from my LIFE X8 using Tapatalk

Click to collapse



Unless you're using a hardware (like TPM) dependent algorithm, which most aren't, keys can usually be exchanged between machines, and I'm sure it happens all the time when servers are replaced. That's part of why its so important to keep your important private keys, like openvpn and ssh keys, well protected.


----------



## rpk3 (Feb 25, 2017)

Ive donated some hashes to get the source from RCA.. Hopefully.

I can get the flashtool to work without bricking.
@cozzie37 ...your expertise is welcome ) @mrmazak ..Well work on this @vampirefo .. Thanks for ALL you do for the scene!


----------



## cozzie37 (Feb 25, 2017)

It's not the USB cable, and I'm an idiot. I deleted the adbkey from recovery.img hoping that would make it accept any adb session. It does not, it makes it so it won't accept any adb session. The thing I keep coming back to is that in the Developer options, the "Revoke USB debugging authoriations" button disappeared after I flashed the recovery and boot.img.

Also, I was hoping Yocto would produce images that I could test through adb/fastboot, it does not, they would need to be flashed using the Intel flash tool. So that's no longer an easy "test until something works" option, now I need to make something work, or at least not brick, first try. It's a lot of work, it would mean I don't have to worry about my adb issues.

I have attached a bootlog from the serial port. I'm not sure what the garbage is at the very beginning, it's not valid data at any of the usual baud rates, so it may just be garbage.


----------



## rpk3 (Feb 25, 2017)

*Bootlog....*



cozzie37 said:


> It's not the USB cable, and I'm an idiot. I deleted the adbkey from recovery.img hoping that would make it accept any adb session. It does not, it makes it so it won't accept any adb session. The thing I keep coming back to is that in the Developer options, the "Revoke USB debugging authoriations" button disappeared after I flashed the recovery and boot.img.
> 
> Also, I was hoping Yocto would produce images that I could test through adb/fastboot, it does not, they would need to be flashed using the Intel flash tool. So that's no longer an easy "test until something works" option, now I need to make something work, or at least not brick, first try. It's a lot of work, it would mean I don't have to worry about my adb issues.
> 
> I have attached a bootlog from the serial port. I'm not sure what the garbage is at the very beginning, it's not valid data at any of the usual baud rates, so it may just be garbage.

Click to collapse





Im a huge fan of boot logs. It's what helps me keep my ps3 spoofed at 3.55 fw... (different topic).

Do you have a pic you can post of your serial setup? This info is priceless.
thx


----------



## cozzie37 (Feb 25, 2017)

rpk3 said:


> Im a huge fan of boot logs. It's what helps me keep my ps3 spoofed at 3.55 fw... (different topic).
> 
> Do you have a pic you can post of your serial setup? This info is priceless.
> thx

Click to collapse



I'm using a standard USB->serial adapter, this one happens to be cp2102-based, and a generic logic level converter. As I said earlier, it's not feasible to get 1.8V off the board, so I've got an adjustable voltage regulator setup (not pictured) that can provide that, it connects to the dark green (+) and blue (-) wires. You only need the 1.8V for communication from the USB adapter to the tablet, you can listen to the tablet fine without it - and with android, there's no console running, so all you can do is listen. There are metal covers over both the SoC/memory and the wifi chip. The one on the wifi chip is epoxied, and doesn't really need to come off, unless you're super curious like me. The big one is not epoxied, and can easily be removed with a plastic putty knife, guitar pick, etc. There is a thermal pad between the SoC and the cover, mine came off cleanly with the cover, YMMV. So far I the SoC hasn't gotten that warm without the "heatsink", but I haven't been doing anything that intensive with it. Finally, there's no real point in removing the board, all that's on the back side are the connections to the external ports/buttons and ground pads.


----------



## mrmazak (Feb 25, 2017)

cozzie37 said:


> It's not the USB cable, and I'm an idiot. I deleted the adbkey from recovery.img hoping that would make it accept any adb session. It does not, it makes it so it won't accept any adb session. The thing I keep coming back to is that in the Developer options, the "Revoke USB debugging authoriations" button disappeared after I flashed the recovery and boot.img.
> 
> Also, I was hoping Yocto would produce images that I could test through adb/fastboot, it does not, they would need to be flashed using the Intel flash tool. So that's no longer an easy "test until something works" option, now I need to make something work, or at least not brick, first try. It's a lot of work, it would mean I don't have to worry about my adb issues.
> 
> I have attached a bootlog from the serial port. I'm not sure what the garbage is at the very beginning, it's not valid data at any of the usual baud rates, so it may just be garbage.

Click to collapse



did you try to do another factory reset? maybe that will help reset the developer options


----------



## cozzie37 (Feb 25, 2017)

mrmazak said:


> did you try to do another factory reset? maybe that will help reset the developer options

Click to collapse



I did, no dice. Do you have that option in your developer options?


----------



## insanemhelo (Oct 22, 2016)

I was wondering does anyone know of a working way to apply root to this device. I have tried kingo root, king root, iroot, one click root, and impactor. Everyone of them fails when trying to apply the root. i thought maybe i could attempt to unlock the bootloader on the deivce cause that might be what is causing them to fail. I booted into recovery and then clicked reboot into bootloader and the device just boots normal so i am unable to get into the bootloader to even attempt to unlock it. I'm at a roadblock with this device. If anyone can help me get root on this device i would be grateful.


----------



## mrmazak (Feb 25, 2017)

cozzie37 said:


> I did, no dice. Do you have that option in your developer options?

Click to collapse



yes


----------



## vampirefo (Feb 25, 2017)

cozzie37 said:


> It's not the USB cable, and I'm an idiot. I deleted the adbkey from recovery.img hoping that would make it accept any adb session. It does not, it makes it so it won't accept any adb session. The thing I keep coming back to is that in the Developer options, the "Revoke USB debugging authoriations" button disappeared after I flashed the recovery and boot.img.
> 
> Also, I was hoping Yocto would produce images that I could test through adb/fastboot, it does not, they would need to be flashed using the Intel flash tool. So that's no longer an easy "test until something works" option, now I need to make something work, or at least not brick, first try. It's a lot of work, it would mean I don't have to worry about my adb issues.
> 
> I have attached a bootlog from the serial port. I'm not sure what the garbage is at the very beginning, it's not valid data at any of the usual baud rates, so it may just be garbage.

Click to collapse



Add adb to boot.img, you should see mtp listed add a comma and then adb.

This forces adb, add in default.prop

Example 

persist.sys.usb.config=mtp,adb

Sent from my Life Max using Tapatalk


----------



## cozzie37 (Feb 25, 2017)

How do I flash it? I can't adb to fastboot any more, can I zip it and flash thru recovery?


----------



## vampirefo (Feb 25, 2017)

TWRP can flash boot.img or yes you can zip file and flash through cwm

For zip, you have to write update script.

TWRP can flash, recovery.img, boot.img, system.img directly.
Sent from my Life Max using Tapatalk


----------



## cozzie37 (Feb 26, 2017)

I have the modified stock recovery flashed, I didn't think mrmazak's cwm recovery was safe to flash yet. Does update.zip need to be signed with stock recovery? Do you know of a guide for building/signing it with 6.0?

In default.prop, it was

 persist.sys.usb.config=adb,mtp

Is that OK? And should there be a /adb_keys folder in boot.img? I see one of the first init.rc commands is "restorecon /adb_keys"


----------



## vampirefo (Feb 26, 2017)

cozzie37 said:


> I have the modified stock recovery flashed, I didn't think mrmazak's cwm recovery was safe to flash yet. Does update.zip need to be signed with stock recovery? Do you know of a guide for building/signing it with 6.0?
> 
> In default.prop, it was
> 
> ...

Click to collapse



You can't flash through stock recovery, I thought you were using custom recovery.

Stock recovery doesn't have adb, it doesn't have anything that you can use, if you had adb in recovery you could dd boot.img.

Your boot.img doesn't appear to be stock, adb shouldn't have been there, can you upload your default.prop 
I want to see if anything else has been changed.

Sent from my Life Max using Tapatalk


----------



## mrmazak (Feb 26, 2017)

cozzie37 said:


> I have the modified stock recovery flashed, I didn't think mrmazak's cwm recovery was safe to flash yet. Does update.zip need to be signed with stock recovery? Do you know of a guide for building/signing it with 6.0?
> 
> In default.prop, it was
> 
> ...

Click to collapse




not normally needed to have the keys in boot.img as they should be created when the pop up asks for permission. but have not figured why yours are not coming to pop up.


yes the stock recovery fails to flash unsigned zips. and i have been trying to fake a signed zip, but without rca's private key the signature fails


----------



## vampirefo (Feb 26, 2017)

vampirefo said:


> You can't flash through stock recovery, I thought you were using custom recovery.
> 
> Stock recovery doesn't have adb, it doesn't have anything that you can use, if you had adb in recovery you could dd boot.img.
> 
> ...

Click to collapse



Please tell me you didn't change below.


ro.adb.secure=1

To

ro.adb.secure=0

The removes the ability to generate an adb key.

Sent from my Life Max using Tapatalk


----------



## cozzie37 (Feb 26, 2017)

mrmazak said:


> not normally needed to have the keys in boot.img as they should be created when the pop up asks for permission. but have not figured why yours are not coming to pop up.

Click to collapse



Right, but should the (empty) folder exist in boot.img? I wonder if adbd isn't able to create the folder to put the key in, which is causing all my issues.

Yocto builds images in a .fls format to be flashed with the Intel Flash tool. Is that a possible route?

---------- Post added at 07:45 PM ---------- Previous post was at 07:42 PM ----------




vampirefo said:


> Please tell me you didn't change below.
> 
> 
> ro.adb.secure=1
> ...

Click to collapse



I didn't change it, I'm running mrmazak's no-force-encrypt-boot.img.


```
#
# ADDITIONAL_DEFAULT_PROPERTIES
#
persist.tel.hot_swap.support=false
persist.ril-daemon.disable=1
persist.radio.multisim.config=false
persist.modem.disable=true
ro.radio.noril=true
ro.adb.secure=0
libc.cpumask=0x3
ro.power_alarm.feature=false
persist.sys.power_on=false
ro.schedule.onoff=false
ro.secure=0
ro.allow.mock.location=0
ro.debuggable=1
ro.enable_boot_charger_mode=0
ro.dalvik.vm.native.bridge=libhoudini.so
ro.zygote=zygote32
dalvik.vm.image-dex2oat-Xms=64m
dalvik.vm.image-dex2oat-Xmx=64m
dalvik.vm.dex2oat-Xms=64m
dalvik.vm.dex2oat-Xmx=512m
debug.atrace.tags.enableflags=0
#
# BOOTIMAGE_BUILD_PROPERTIES
#
ro.bootimage.build.date=2016年 08月 31日 星期三 00:37:31 CST
ro.bootimage.build.date.utc=1472575051
ro.bootimage.build.fingerprint=RCA/RCT6873W42/RCT6873W42:6.0.1/MMB29M/hong07261054:user/release-keys
persist.sys.usb.config=adb,mtp
```


----------



## vampirefo (Feb 26, 2017)

cozzie37 said:


> Right, but should the (empty) folder exist in boot.img? I wonder if adbd isn't able to create the folder to put the key in, which is causing all my issues.
> 
> Yocto builds images in a .fls format to be flashed with the Intel Flash tool. Is that a possible route?

Click to collapse



All these devices are .fls but each are signed by manufacturer, unless RCA and Yocto uses same key you are out of luck, worth trying though.

Sent from my Life Max using Tapatalk

---------- Post added at 07:49 PM ---------- Previous post was at 07:46 PM ----------




vampirefo said:


> All these devices are .fls but each are signed by manufacturer, unless RCA and Yocto uses same key you are out of luck, worth trying though.
> 
> Sent from my Life Max using Tapatalk

Click to collapse



That's why you don't have adb, I didn't know you was running a modified boot.img.

The below needs to be changed asap before others loose their adb.


ro.adb.secure=0

To

ro.adb.secure=1

Sent from my Life Max using Tapatalk


----------



## mrmazak (Feb 26, 2017)

vampirefo said:


> Please tell me you didn't change below.
> 
> 
> ro.adb.secure=1
> ...

Click to collapse



yes I did that.  should still be fix able because the stock recovery has adb access though. 

problem is compounded by his image was modified again to remove my keys.

I am fixing that mistake and putting up new images tonight.

I see my file downloaded almost 20 times but no body else has posted when I asked, If this problem is wide spread.

Hopefully they are following and update to the new , new images.

please let me know  about ro.secure too


----------



## cozzie37 (Feb 26, 2017)

Crap.



mrmazak said:


> I see my file downloaded almost 20 times but no body else has posted when I asked, If this problem is wide spread.

Click to collapse



Either that, or they knew to change it.


----------



## vampirefo (Feb 26, 2017)

mrmazak said:


> yes I did that.  should still be fix able because the stock recovery has adb access though.
> 
> problem is compounded by his image was modified again to remove my keys.
> 
> ...

Click to collapse



OK if you have adb in stock recovery, dd the modified boot.img.

ro.secure=0 is fine, and recommended step towards adb root.

Sent from my Life Max using Tapatalk


----------



## mrmazak (Feb 26, 2017)

removed the original file from host and replaced with one that has adb.secure=1 as it supposed to

unlock tool with fixed img file

https://www.androidfilehost.com/?fid=673368273298934276

*IF ANYBODY HAS FLASHED THE BOOT IMAGE FROM THE TOOL LIKE I HAVE PREVIOUSLY SUGGESTED PLEASE REDOWNLOAD THE V2 TOOL AND FLASH BOOT.IMG AGAIN*


This boot image has only the change from force encrypt to encryptable.

I did test boot all the previous images before posting them, BUT BECAUSE I DID NOT DO factory reset with them flashed i did not notice the lack of adb key.   So if you did flash the other one you may need to use adb in recovery in order to get into fastboot to fix it.


----------



## cozzie37 (Feb 26, 2017)

@vampirefo have you ever tried a USB jig with these SoFIA tablets?


----------



## mrmazak (Feb 26, 2017)

vampirefo said:


> OK if you have adb in stock recovery, dd the modified boot.img.
> 
> ro.secure=0 is fine, and recommended step towards adb root.
> 
> Sent from my Life Max using Tapatalk

Click to collapse



what about 

ro.adb.secure= 

for the recovery.img?


----------



## vampirefo (Feb 26, 2017)

mrmazak said:


> what about
> 
> ro.adb.secure=
> 
> for the recovery.img?

Click to collapse



Recovery doesn't matter, I usually leave as 1.

Sent from my Life Max using Tapatalk


----------



## mrmazak (Feb 26, 2017)

vampirefo said:


> Recovery doesn't matter, I usually leave as 1.
> 
> Sent from my Life Max using Tapatalk

Click to collapse



it is zero now but if do not matter will leave it i suppose. Especially that the .img has adb key already hard coded into it. Maybe with it as =1 it would not need to have the key in it. Well "if it aint broke I will leave it"


----------



## vampirefo (Feb 26, 2017)

cozzie37 said:


> @vampirefo have you ever tried a USB jig with these SoFIA tablets?

Click to collapse



No, I haven't.

Sent from my Life Max using Tapatalk


----------



## mrmazak (Feb 26, 2017)

mrmazak said:


> it is zero now but if do not matter will leave it i suppose. Especially that the .img has adb key already hard coded into it. Maybe with it as =1 it would not need to have the key in it. Well "if it aint broke I will leave it"

Click to collapse





Well I got curious. And changed ro.adb.secure=1 and removed the adb_keys from the modified stock recovery to see if it allow adb connection. And well it did not. It just kept giving "unauthorized", so because there is no running system to make the pop-up there is no way to accept authorization. 
so like vampirefo told me, in recovery it does not matter the setting of this string.

 And only way I know of to get access will be to make an insecure move and share both halves of key pair.( Replacing the adbd in the stock recovery with an insecure one, like the one in the cwm recovery, makes the stock recovery fail to have adb access)


----------



## insanemhelo (Oct 22, 2016)

I was wondering does anyone know of a working way to apply root to this device. I have tried kingo root, king root, iroot, one click root, and impactor. Everyone of them fails when trying to apply the root. i thought maybe i could attempt to unlock the bootloader on the deivce cause that might be what is causing them to fail. I booted into recovery and then clicked reboot into bootloader and the device just boots normal so i am unable to get into the bootloader to even attempt to unlock it. I'm at a roadblock with this device. If anyone can help me get root on this device i would be grateful.


----------



## rpk3 (Feb 26, 2017)

mrmazak said:


> Well I got curious. And changed ro.adb.secure=1 and removed the adb_keys from the modified stock recovery to see if it allow adb connection. And well it did not. It just kept giving "unauthorized", so because there is no running system to make the pop-up there is no way to accept authorization.
> so like vampirefo told me, in recovery it does not matter the setting of this string.
> 
> And only way I know of to get access will be to make an insecure move and share both halves of key pair.( Replacing the adbd in the stock recovery with an insecure one, like the one in the cwm recovery, makes the stock recovery fail to have adb access)

Click to collapse



Are you bricked-?


----------



## mrmazak (Feb 26, 2017)

rpk3 said:


> Are you bricked-?

Click to collapse



no.

i just "fastboot boot recovery" to test, not flash. i try not to flash before i do some  test


----------



## rpk3 (Feb 28, 2017)

mrmazak said:


> no.
> 
> i just "fastboot boot recovery" to test, not flash. i try not to flash before i do some test

Click to collapse



What are you doing about recent apps taking all memory...i think square gets you to the recent stuff.
Bloatware removal?


----------



## mrmazak (Feb 28, 2017)

rpk3 said:


> What are you doing about recent apps taking all memory...i think square gets you to the recent stuff.
> Bloatware removal?

Click to collapse



I haven't really done anything else.

I've been playing around with other things lately.


----------



## rpk3 (Mar 1, 2017)

I just cant seem to add the new string to the default usb drivers on my win7 machine.

Im just trying to modify the .inf files for adb drivers to detect this device. I need to have it so a noob can install at his workstation. Any thoughts....
=========
my personal string to allow windows to see the device. 

;RCA 6873w42


\VID_8087&PID_0928&MI_01
%SingleAdbInterface%
USB_Install, USB        =
USB\VID_8087&PID_0928&REV_????&MI_02
%SingleAdbInterface%
USB_Install, USB	    =
USB\VID_8087&PID_0928&MI_02
%SingleAdbInterface%
USB_Install, USB	    =
USB\VID_8087&PID_0928&REV_????&MI_04
%SingleAdbInterface%
USB_Install, USB	    =
USB\VID_8087&PID_0928&MI_04
%SingleAdbInterface%
USB_Install, USB	    =
USB\VID_8087&PID_0928&REV_????&MI_06
%SingleAdbInterface%
USB_Install, USB	    =
USB\VID_8087&PID_0928&MI_06


----------



## mrmazak (Mar 2, 2017)

rpk3 said:


> I just cant seem to add the new string to the default usb drivers on my win7 machine.
> 
> Im just trying to modify the .inf files for adb drivers to detect this device. I need to have it so a noob can install at his workstation. Any thoughts....
> =========
> ...

Click to collapse





I dont know about that but I just installed the android intell drivers and the tablet is just recognized.

IntelAndroidDrvSetup1.10.0.zip
System Driver
8.9MB

from here


----------



## The Blind Squirrel (Mar 5, 2017)

Hey Everyone 

I am new to the forum and new to rooting. I have been following this thread for a while not and i wanted to thank everyone for their hard work. If it would be ok, i was wondering if i can ask for the Noob help. I am trying to just gain root access to my RCA Voyager rct6873w42, but i can not seem to get that or get to bootloader mode. If it was previously posted I apologize in advance if i missed it but any help would be more than appreciated.


----------



## mrmazak (Mar 5, 2017)

The Blind Squirrel said:


> Hey Everyone
> 
> I am new to the forum and new to rooting. I have been following this thread for a while not and i wanted to thank everyone for their hard work. If it would be ok, i was wondering if i can ask for the Noob help. I am trying to just gain root access to my RCA Voyager rct6873w42, but i can not seem to get that or get to bootloader mode. If it was previously posted I apologize in advance if i missed it but any help would be more than appreciated.

Click to collapse



we still do not have a real "full root"

only a root shell from adb while in clockwork recovery. I have made backups and restored with this recovery. But needed to format system before restore , or it would fail and lock up, forcing a need to format in fastboot before restore would work.

fastboot mode is accessed by typing "adb reboot fastboot" from command terminal. 


The recovery olny has access to /data when phone is not encrypted. Can only have in not encrypted by  using a modified boot.img

The "force-encrypt" flag is set in the fstab of stock boot.img.
It is also set to "force-encrypt" in stock recovery, so that needs to be changed as well.
I put up a "tool" that can be used to get you to this point, if you are interested.


Update for thread on my lack of progress:

All my attempts to get further have failed. 
Tablet always boots into "enforcing" even with kernel command line set to permissive.
I have added "write /sys/fs/selinux/enforce 0" to the init.rc . This made no noticeable change.

When I added same line "write /sys/fs/selinux/enforce 0 to few more places in the init.rc, the tablet refused to boot, and only stayed on the boot anmation screen.

And when I try to load with "audit=0" in kernel command line , the same thing tablet refuses to boot.( I was thinking with out audit running kernel would not know when set to permissive and allow it to boot, but instead with out audit, kernel cannot get messages from "vold" so partitions do not get mounted.)

I think kernel is written with flag that prevents permissive mode from running
(EXTRA_CFLAGS += -DCONFIG_ALWAYS_ENFORCE=true), so it appears that only way forward is with custom kernel.


----------



## jakfish (Mar 6, 2017)

I too have the same device and have been following this thread with great interest. Thank you for both your hard, hard work and for your most recent post summarizing all your efforts.

Jake


----------



## The Blind Squirrel (Mar 7, 2017)

jakfish said:


> I too have the same device and have been following this thread with great interest. Thank you for both your hard, hard work and for your most recent post summarizing all your efforts.
> 
> Jake

Click to collapse



I could not agree more!


----------



## cozzie37 (Mar 16, 2017)

mrmazak said:


> Update for thread on my lack of progress:
> 
> All my attempts to get further have failed.
> Tablet always boots into "enforcing" even with kernel command line set to permissive.
> ...

Click to collapse



My custom kernel attempts have come to a complete standstill, partly because I now have no way to test/use them. It may be possible to use the Yocto BSP to generate a working kernel, but the documentation makes it sound like it's not intended for it. Possibly stripping the kernel for hardware support patches would work, but I don't have that kind of time, or a tablet to test on. Another option is to use the Android BSPs from AMI (https://marketplace.windriver.com/index.php?bsp) or Wind River (https://marketplace.windriver.com/index.php?bsp), but I don't know if they'll just hand them out to anyone, I haven't tried requesting them. There would also be more work needed aside from just getting the SoFIA 3GR kernel, the Yocto BSP is configured for a totally different board, and I imagine the AMI and Wind River ones are as well.

A third option, if you have tried to request source code for this or any other RCA or ALCO tablet, is to email [email protected] and let them know what model you have and what your experience was. They will work to enforce GPL compliance with RCA/ALCO.


----------



## vampirefo (Mar 16, 2017)

mrmazak said:


> we still do not have a real "full root"
> 
> only a root shell from adb while in clockwork recovery. I have made backups and restored with this recovery. But needed to format system before restore , or it would fail and lock up, forcing a need to format in fastboot before restore would work.
> 
> ...

Click to collapse



I think I have you something to test, only test not install.

adb reboot fastboot

fastboot boot rca-boot_permissive.img

after boot up

adb remount


https://www.androidfilehost.com/?fid=673368273298938977


----------



## mrmazak (Mar 16, 2017)

vampirefo said:


> I think I have you something to test, only test not install.
> 
> adb reboot fastboot
> 
> ...

Click to collapse




It booted, but will connect to adb.


----------



## vampirefo (Mar 16, 2017)

mrmazak said:


> It booted, but will connect to adb.

Click to collapse



Switch out adbd file for one that works, which everyone you use in recovery to get working adb.

Sent from my LIFE X8 using Tapatalk


----------



## mrmazak (Mar 16, 2017)

vampirefo said:


> Switch out adbd file for one that works, which everyone you use in recovery to get working adb.
> 
> Sent from my LIFE X8 using Tapatalk

Click to collapse



will try that, again, but last time it made it to fail boot(when tried to use the insecure adbd from cwm). update in few minutes
gonna use the stock adbd

booted with stock adbd,  adb remount returns "not running as root"., "try adb root"

adb root returns "restarting as root"  , but does not appear as root just restarts as user seems to be)

getenforce returns "enforcing"

will now try with adbd from "cwm"

***ding-ding-ding***  we have a winner

adb remount success

adb shell whoami ="root"

adb shell setenforce 0  return success
then adb shell getenforce = permissive


this is the image i used

.only booted with fastboot boot 
not flashed
.


----------



## vampirefo (Mar 16, 2017)

mrmazak said:


> will try that, again, but last time it made it to fail boot(when tried to use the insecure adbd from cwm). update in few minutes
> gonna use the stock adbd
> 
> booted with stock adbd,  adb remount returns "not running as root"., "try adb root"
> ...

Click to collapse



Yes, this is what was suppose to happen, upload the adbd file that you are using, I need to look at it.

Never mind you have uploaded it, I didn't see the link first time.

Sent from my LIFE X8 using Tapatalk


----------



## mrmazak (Mar 16, 2017)

vampirefo said:


> Yes, this is what was suppose to happen, upload the adbd file that you are using, I need to look at it.
> 
> Never mind you have uploaded it, I didn't see the link first time.
> 
> Sent from my LIFE X8 using Tapatalk

Click to collapse



Is the only difference in this boot.img the sepolicy?


----------



## vampirefo (Mar 16, 2017)

mrmazak said:


> Is the only difference in this boot.img the sepolicy?

Click to collapse



Yes, I modified it to be permissive, and I changed all the data mount points, as well as default.prop, right now my electric is off so can't do anything til it comes back on.

Sent from my LIFE X8 using Tapatalk

---------- Post added at 11:17 AM ---------- Previous post was at 11:04 AM ----------

This is how I root my Intel, patch sepolicy to be permissive, then once boot.img  is ready flash to phone, then download system only SuperSU and install it, then all is well.

Normal SuperSU would try to patch boot.img this would brick the tablet.

Installing system SuperSU without patching sepoliçy would brick tablet. 

Still need some more work, but I have no electric, tree fell on power line so I can't finish your boot.img.

System mode SuperSU is here.

https://forum.xda-developers.com/apps/supersu/v2-64-2-66-supersu-mode-t3286120

Sent from my LIFE X8 using Tapatalk


----------



## mrmazak (Mar 16, 2017)

vampirefo said:


> Yes, I modified it to be permissive, and I changed all the data mount points, as well as default.prop, right now my electric is off so can't do anything til it comes back on.
> 
> Sent from my LIFE X8 using Tapatalk
> 
> ...

Click to collapse



I will have to try this out tonight. I'm on The road today

My plan is to add a service to init.rc that calls a shell file with permissive 1.
That way it will boot permissive, now that sepolicy allows it.


----------



## vampirefo (Mar 16, 2017)

mrmazak said:


> I will have to try this out tonight. I'm on The road today
> 
> My plan is to add a service to init.rc that calls a shell file with permissive 1.
> That way it will boot permissive, now that sepolicy allows it.

Click to collapse



No that won't work, I am working on next stage right now, which does automate permissive on boot.

it's a two part system, one part goes is /sbin other in /data.


----------



## insanemhelo (Oct 22, 2016)

I was wondering does anyone know of a working way to apply root to this device. I have tried kingo root, king root, iroot, one click root, and impactor. Everyone of them fails when trying to apply the root. i thought maybe i could attempt to unlock the bootloader on the deivce cause that might be what is causing them to fail. I booted into recovery and then clicked reboot into bootloader and the device just boots normal so i am unable to get into the bootloader to even attempt to unlock it. I'm at a roadblock with this device. If anyone can help me get root on this device i would be grateful.


----------



## mrmazak (Mar 16, 2017)

vampirefo said:


> No that won't work, I am working on next stage right now, which does automate permissive on boot.
> 
> it's a two part system, one part goes is /sbin other in /data.

Click to collapse



i did make a one line change to init.rc and got a permissive boot

I added :

```
# root use permissive 
	write /sys/fs/selinux/enforce 0
```
to the init.rc and booted it. I got permissive on boot. Is this method ok?
here is first few lines on logcat showing ok .


```
--------- beginning of main

03-16 17:07:56.890   167   167 W auditd  : type=2000 audit(0.0:1): initialized

03-16 17:08:01.700   167   167 I auditd  : type=1403 audit(0.0:2): policy loaded auid=4294967295 ses=4294967295

03-16 17:08:01.700   167   167 W auditd  : type=1404 audit(0.0:3): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295

03-16 17:08:02.670   167   167 W auditd  : type=1404 audit(0.0:4): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295

03-16 17:08:03.219   175   175 I /system/bin/tzdatacheck: tzdata file /data/misc/zoneinfo/current/tzdata does not exist. No action required.

---------
```


----------



## vampirefo (Mar 16, 2017)

@mrmazak

Below is how I rooted my tablet keep in mind I don't have your tablet, My info is based off of the files you provided and your feed back.
This should work, but it could brick your device, I just need you or anyone else testing this to realize, I have no backup files to fix your device if it gets bricked. 

I have a root package ready for you to test the upload site isn't on line right now so I will post the readme so we can discuss it, so you know what to do.


```
adb shell

setenforce 0

adb remount 

adb push su.img /data/su.img

adb reboot fastboot

fastboot boot rca-boot_permissive_on_boot.img

adb shell

getenforce

Your result should be Permissive

adb reboot fastboot 

fastboot flash boot rca-boot_permissive_on_boot.img

fastboot boot recovery.img

install UPDATE-SuperSU-v2.79-SYSTEMMODE.zip

reboot system

select NO
```


----------



## mrmazak (Mar 16, 2017)

vampirefo said:


> @mrmazak
> 
> Below is how I rooted my tablet keep in mind I don't have your tablet, My info is based off of the files you provided and your feed back.
> This should work, but it could brick your device, I just need you or anyone else testing this to realize, I have no backup files to fix your device if it gets bricked.
> ...

Click to collapse



Thank you I think I understand the flow of this method. But I was able to get permissive on boot another way. 

I am not experienced enough to know if it is a bad way to do it or not though.

I added a line to init.rc that writes to the selinux "enforce" file

"write /sys/fs/selinux/enforce 0"

in the init.rc made it boot into permissive


----------



## vampirefo (Mar 16, 2017)

mrmazak said:


> Thank you I think I understand the flow of this method. But I was able to get permissive on boot another way.
> 
> I am not experienced enough to know if it is a bad way to do it or not though.
> 
> ...

Click to collapse



You can try it your way, up to you.


----------



## mrmazak (Mar 16, 2017)

vampirefo said:


> You can try it your way, up to you.

Click to collapse



Because I know there are right ways to do things and then ways to do it but have side effects. Not sure where my ways fits into that analogy.


----------



## vampirefo (Mar 16, 2017)

mrmazak said:


> Because I know there are right ways to do things and then ways to do it but have side effects. Not sure where my ways fits into that analogy.

Click to collapse



I don't know either, I am posting how I root intels, I can't tell you what will happen if you do it your way as I never did it that way. I will provide you with what I have then you decide, best I can do.


Server still offline.

SYSTEM NOTICE: Devs: We are working on the upload server and syncing of files. Uploading of new files is disabled at this time. Some new files may show only one mirror until maintenance is finished.

if you wish to continue your method simply flash the boot.img you have then boot into cwm recovery,  install UPDATE-SuperSU-v2.79-SYSTEMMODE.zip, reboot system, select NO.

either it will work or won't no guarantee my longer method will work either.

they are both the same, mine has more steps as I like to use caution, and I repeat stuff that works for me.


----------



## mrmazak (Mar 17, 2017)

vampirefo said:


> I don't know either, I am posting how I root intels, I can't tell you what will happen if you do it your way as I never did it that way. I will provide you with what I have then you decide, best I can do.
> 
> 
> Server still offline.
> ...

Click to collapse




Alright Update 1

I was able to flash my boot.img. It survived and boots ok. It gives me permissive at boot time.

I downloaded 	SR3-SuperSU-v2.79-SYSTEMMODE.zip and tried to flash it.
It gave complete without any failed mssage, but superSu app was not installed. I installed from playstore , but it said no binary found. So i removed it.

I went back to cwm recovery and manually mounted data, then flashed the superSU update.

it worked. but now I am reminded how slow this tablet is.


summery;

with @vampirefo's sepolicy and the adbd from the twrp we have from vampirefo also I have been able to get a reeot shell from adb while inside android. 
And then with that sepolicy inside the boot.img flashed to tablet I was able to flash twrp "system mode" .


Possible problems I have seen already. 
1. first boot after flashing superSU I could not get any wifi signal, this makes no sense to me, yet.
second reboot wifi came back
2. I had turned off the "click" from keyboard, after superSU it is back on again ...? dont know why,


----------



## vampirefo (Mar 17, 2017)

mrmazak said:


> Alright Update 1
> 
> I was able to flash my boot.img. It survived and boots ok. It gives me permissive at boot time.
> 
> ...

Click to collapse



Yes, I would think the tablet is slow, the specs are similar to mine, anything less than 2GB ram is going to be slow.

Sent from my Life_Max using Tapatalk

---------- Post added at 10:03 PM ---------- Previous post was at 09:52 PM ----------

I recommend not using SR3, use update as it is stable, your problems might be due to using SR3.

I would get my root package uploaded soon, seeing you know yours now work, you could unroot your try my version and see if you have the same problems.

Or if someone else wants to try it,.

Sent from my Life_Max using Tapatalk


----------



## mrmazak (Mar 17, 2017)

vampirefo said:


> Yes, I would think the tablet is slow, the specs are similar to mine, anything less than 2GB ram is going to be slow.
> 
> Sent from my Life_Max using Tapatalk
> 
> ...

Click to collapse



oops, I just went straight to the bottom link as most recent. (Impatient). I usually choose stable versions over beta's. will try switching to stable now

---------- Post added at 10:48 PM ---------- Previous post was at 10:15 PM ----------

Here is the boot img that will give our tablet permissive at boot up. 
Once tablet is able to boot in permissive mode, superSU can be flashed in CWM.
I can put these files into a V3 of the unlock tool. If requested.
===>LINK to permissive at boot.img


----------



## vampirefo (Mar 17, 2017)

Here is my root package.

Everything is included is this zip file, you need to extract it somewhere before you begin.

https://www.androidfilehost.com/?fid=673368273298939423



```
adb shell

setenforce 0

adb remount 

adb push su.img /data/su.img

adb reboot fastboot

fastboot boot rca-boot_permissive_on_boot.img

adb shell

getenforce

Your result should be Permissive

adb reboot fastboot 

fastboot flash boot rca-boot_permissive_on_boot.img

fastboot boot recovery.img

install UPDATE-SuperSU-v2.79-SYSTEMMODE.zip

reboot system

select NO
```


----------



## mrmazak (Mar 17, 2017)

vampirefo said:


> Here is my root package.
> 
> Everything is included is this zip file, you need to extract it somewhere before you begin.
> 
> ...

Click to collapse





was there supposed to have been a file at "/sbin/launch_daemonsu.sh"  ?

the daemonsu is in the su.img, but the script that calls it isn't found.


----------



## vampirefo (Mar 17, 2017)

mrmazak said:


> was there supposed to have been a file at "/sbin/launch_daemonsu.sh"  ?
> 
> the daemonsu is in the su.img, but the script that calls it isn't found.

Click to collapse



Correct,  will upload again. the uploader seems to down again.

https://www.androidfilehost.com/?fid=673368273298939423


----------



## rpk3 (Mar 18, 2017)

Gonna try this later. On road 4 work....


----------



## vampirefo (Mar 18, 2017)

well finally got around to changing compilers, TWRP 3.1 now builds and works on my intel, I just didn't want to change compilers as it takes a while, but all done now.

---------- Post added at 09:52 PM ---------- Previous post was at 09:40 PM ----------




vampirefo said:


> well finally got around to changing compilers, TWRP 3.1 now builds and works on my intel, I just didn't want to change compilers as it takes a while, but all done now.

Click to collapse


@mrmazak
Here is one for you, you may need to unpack repack and so forth with your own files it boots as is, on my intel, touch is turned as you requested.

https://www.androidfilehost.com/?fid=457095661767145562


----------



## mrmazak (Mar 18, 2017)

vampirefo said:


> well finally got around to changing compilers, TWRP 3.1 now builds and works on my intel, I just didn't want to change compilers as it takes a while, but all done now.
> 
> ---------- Post added at 09:52 PM ---------- Previous post was at 09:40 PM ----------
> 
> ...

Click to collapse



thanks. Now I know what I'm gonna do next.

****FSTAB HAS FORCEENCRYPT****** on data


----------



## vampirefo (Mar 18, 2017)

mrmazak said:


> thanks. Now I know what I'm gonna do next.
> 
> ****FSTAB HAS FORCEENCRYPT****** on data

Click to collapse



No, it doesn't. # means it's ignored. 

It says encryptable=footer but even that line is ignored. via #


```
/boot   	emmc   	/dev/block/platform/soc0/e0000000.noc/by-name/ImcPartID071   	None;length=0 flags=display="boot";backup=1
/recovery 	emmc  	/dev/block/platform/soc0/e0000000.noc/by-name/ImcPartID121 	    none;length=0 flags=display="recovery";backup=1
#/misc    	emmc  	/dev/block/platform/soc0/e0000000.noc/by-name/ImcPartID074    	None;length=0
#/cache   	ext4  	/dev/block/platform/soc0/e0000000.noc/by-name/ImcPartID070   	nosuid,nodev,noatime,barrier=1,journal_async_commit,data=ordered;length=0
/system  	ext4  	/dev/block/platform/soc0/e0000000.noc/by-name/ImcPartID068  	ro,noatime;length=0
/data    	ext4  	/dev/block/platform/soc0/e0000000.noc/by-name/ImcPartID069    	nosuid,nodev,noatime,barrier=1,journal_async_commit,data=ordered,noauto_da_alloc,discard;length=-16384
 #/data      ext4    /dev/block/platform/soc0/e0000000.noc/by-name/ImcPartID069  	nosuid,nodev,nodiratime,noatime,noauto_da_alloc,discard,journal_async_commit,data=ordered wait,check,encryptable=footer
#/sdcard datamedia /dev/null defaults;defaults
/external_sd auto /dev/block/mmcblk1p1 defaults;defaults
```


----------



## mrmazak (Mar 18, 2017)

vampirefo said:


> No, it doesn't. # means it's ignored.
> 
> 
> ```
> ...

Click to collapse




not the ramdisk/etc/recovery.fstab

the ramdisk/fstab.sofiaboard_emmc    and ramdisk/fstab.sofiaboard_nand


fstab.sofiaboard_nand

```
#
# Copyright (C) 2013 Intel Mobile Communications GmbH
#
#      Sec Class: Intel Confidential (IC)
#
# Android fstab file.
#<src>                         <mnt_point>  <type>  <mnt_flags and options>               <fs_mgr_flags>
# The filesystem that contains the filesystem checker binary (typically /system) cannot
# specify MF_CHECK, and must come before any filesystems that do specify MF_CHECK
#

/dev/block/platform/soc0/e0000000.noc/by-name/ImcPartID068  /system              ext4    ro                                                                                        wait
/dev/block/platform/soc0/e0000000.noc/by-name/ImcPartID069  /data                ext4    nosuid,nodev,nodiratime,noatime,noauto_da_alloc,discard,journal_async_commit,data=ordered wait,check,forceencrypt=footer
/dev/block/platform/soc0/e0000000.noc/by-name/ImcPartID070  /cache               ext4    nosuid,nodev                                                                              wait,check

/devices/soc0/e0000000.noc/ef010000.l2_noc/e1000000.ahb_per/e1400000.sd/mmc_host/mmc*    auto       auto      defaults      voldmanaged=sdcard1:auto,encryptable=userdata
/devices/soc0/e0000000.noc/ef010000.l2_noc/e2000000.ahb_per/e2100000.usb/usb*            auto       auto      defaults      voldmanaged=usbdisk:auto
```


----------



## vampirefo (Mar 18, 2017)

mrmazak said:


> not the ramdisk/etc/recovery.fstab
> 
> the ramdisk/fstab.sofiaboard_emmc    and ramdisk/fstab.sofiaboard_nand
> 
> ...

Click to collapse



Those mean nothing to TWRP.
TWRP can only read /etc/recovery.fstab


----------



## mrmazak (Mar 18, 2017)

vampirefo said:


> Those mean nothing to TWRP.
> TWRP can only read /etc/recovery.fstab

Click to collapse



oh, ok then


----------



## vampirefo (Mar 18, 2017)

mrmazak said:


> oh, ok then

Click to collapse



You can remove them without any problems they mean nothing to TWRP.


----------



## insanemhelo (Oct 22, 2016)

I was wondering does anyone know of a working way to apply root to this device. I have tried kingo root, king root, iroot, one click root, and impactor. Everyone of them fails when trying to apply the root. i thought maybe i could attempt to unlock the bootloader on the deivce cause that might be what is causing them to fail. I booted into recovery and then clicked reboot into bootloader and the device just boots normal so i am unable to get into the bootloader to even attempt to unlock it. I'm at a roadblock with this device. If anyone can help me get root on this device i would be grateful.


----------



## mrmazak (Mar 18, 2017)

vampirefo said:


> You can remove them without any problems they mean nothing to TWRP.

Click to collapse



First way I tried to use this was just like last time. Opened the img and used just the 
ramdisk/sbin
And
ramdisk/twres

The result was diagonal lines on screen.  

Maybe I'll take a step back and try it as is.
..      well as is it hangs on the RCA splash screen but allows adb as root from there.
I think that means I need my tablets kernel for display, and the that the swap may have caused the lines. I dont know.

... i need to keep going....


----------



## vampirefo (Mar 18, 2017)

mrmazak said:


> First way I tried to use this was just like last time. Opened the img and used just the
> ramdisk/sbin
> And
> ramdisk/twres
> ...

Click to collapse



I just switched your kernel and it still boots just fine for me on my device.


----------



## mrmazak (Mar 18, 2017)

vampirefo said:


> I just switched your kernel and it still boots just fine for me on my device.

Click to collapse



.
.
I can get the screen to show one time.

when recovery boots I get the diagonal lines like I posted screenshot of. Then I command "adb shell /sbin/recovery" I get a stable screen . When I touch the screen , before I can tell if it was the expected touch point, the screen gets scrambled again. Now if I repeat the /sbin/recovery command it no longer recovers the display.
I don't know what else to do.


----------



## vampirefo (Mar 18, 2017)

mrmazak said:


> .
> .
> I can get the screen to show one time.
> 
> ...

Click to collapse



upload the recovery you have let me see if I get figure it out.

---------- Post added at 02:07 AM ---------- Previous post was at 01:54 AM ----------




vampirefo said:


> upload the recovery you have let me see if I get figure it out.

Click to collapse



it sounds like to me you aren't replacing the second kernel it's called "recovery.img-second", this is the kernel that must be replaced, the first kernel isn't important "recovery.img-kernel" it's the same as mine.


----------



## mrmazak (Mar 18, 2017)

vampirefo said:


> upload the recovery you have let me see if I get figure it out.
> 
> ---------- Post added at 02:07 AM ---------- Previous post was at 01:54 AM ----------
> 
> ...

Click to collapse



This is latest combination of files. Still same situation. 
but I can sometimes toggle between normal screen and scrambled.
by tapping around the screen
I do see that the X Y swap sort of worked. It now shows that Y is also flipped. So now the side to side position of the touches is correct , But if I need to tap a button that 2 inches from the top I need to tap 2 inches from the bottom , to activate that button.


1. the second kernel from the rca tablet
2. /etc/recovery.fstab
3. fstab.zram from rca


----------



## vampirefo (Mar 18, 2017)

mrmazak said:


> This is latest combination of files. Still same situation.
> but I can sometimes toggle between normal screen and scrambled.
> by tapping around the screen
> I do see that the X Y swap sort of worked. It now shows that Y is also flipped. So now the side to side position of the touches is correct , But if I need to tap a button that 2 inches from the top I need to tap 2 inches from the bottom , to activate that button.
> ...

Click to collapse



Ok, I flashed this recovery just got blank screen after intel splash screen, replaced only recovery.img-second and now it works as it should, touch is off of course.

I can't see a problem on my end, the only difference is recovery.img-second, which is the second kernel, it boots the recovery gui, using your recovery.img-second screen is blank using my own recovery.img-second gui is fine.


----------



## mrmazak (Mar 18, 2017)

vampirefo said:


> Ok, I flashed this recovery just got blank screen after intel splash screen, replaced only recovery.img-second and now it works as it should, touch is off of course.
> 
> I can't see a problem on my end, the only difference is recovery.img-second, which is the second kernel, it boots the recovery gui, using your recovery.img-second screen is blank using my own recovery.img-second gui is fine.

Click to collapse



Thanks.

I am using the second.img from recovery. Can I or should I use the one from android?  i mean from "boot.img-second"

Ok using the boot.img-second did not help and didn't seem to hurt-- But using the boot.img-second did make twrp show the initial screen asking to swipe to allow modification to system. Using the original recovery.img-second did not give this screen.


----------



## vampirefo (Mar 18, 2017)

mrmazak said:


> Thanks.
> 
> I am using the second.img from recovery. Can I or should I use the one from android?  i mean from "boot.img-second"
> 
> Ok using the boot.img-second did not help and didn't seem to hurt-- But using the boot.img-second did make twrp show the initial screen asking to swipe to allow modification to system. Using the original recovery.img-second did not give this screen.

Click to collapse



They should be the same, Mine are, I can't think of any reason they would be different.

Sent from my NS-P08A7100 using Tapatalk


----------



## mrmazak (Mar 18, 2017)

vampirefo said:


> They should be the same, Mine are, I can't think of any reason they would be different.
> 
> Sent from my NS-P08A7100 using Tapatalk

Click to collapse



the ones from this rca are different.
The one from boot.img is almost double in size

If it is not too much to ask. Can you add both these build flags and build one more time. I think you did the one, already but still think it needs the second one added.


RECOVERY_TOUCHSCREEN_SWAP_XY := true
RECOVERY_TOUCHSCREEN_FLIP_Y := true


----------



## vampirefo (Mar 19, 2017)

mrmazak said:


> the ones from this rca are different.
> The one from boot.img is almost double in size
> 
> If it is not too much to ask. Can you add both these build flags and build one more time. I think you did the one, already but still think it needs the second one added.
> ...

Click to collapse



hopefully it works as is.

https://www.androidfilehost.com/?fid=529152257862711743


----------



## mrmazak (Mar 19, 2017)

vampirefo said:


> hopefully it works as is.
> 
> https://www.androidfilehost.com/?fid=529152257862711743

Click to collapse



I think the touches are correct.

Based on:: I remember the info button was bottom right and if i touch bottom right i can tell the screen changes. But some reason adb would not connect.
and counld not relaunch with  "adb shell /sbin/recovery" to get it into readable screen

ok I hacked it together with the the x y swap version and got adb back. At the least I noticed this newest one was missing the service to set permissive in the init.rc. the script was in the /sbin but not being imported

Being able to reload the recovery process I can confirm that touches are now matched up. I started a backup and the screen started out stable, then a few minutes in, it started "flickering" again. 
Can it be a CPU limit issue or similar, running out of ram (unreasonable cap set by mfg to restrict custom recovery) or is that too much of a paranoid idea.?


----------



## vampirefo (Mar 19, 2017)

mrmazak said:


> I think the touches are correct.
> 
> Based on:: I remember the info button was bottom right and if i touch bottom right i can tell the screen changes. But some reason adb would not connect.
> and counld not relaunch with  "adb shell /sbin/recovery" to get it into readable screen
> ...

Click to collapse



No ideal, my tablet has no problem backing up or restoring.

Your tablet has some limitation, does it do the same in CWM?

Sent from my NS-P08A7100 using Tapatalk


----------



## mrmazak (Mar 19, 2017)

vampirefo said:


> No ideal, my tablet has no problem backing up or restoring.
> 
> Your tablet has some limitation, does it do the same in CWM?
> 
> Sent from my NS-P08A7100 using Tapatalk

Click to collapse





I don't know if there is some limit I was just trying to "fill the whole" of not knowing why the screen does not render twrp now. 

You know if I had to describe the way the screen is acting, it is reminding me of the way a TV will display diagonal "scamble" when it is set to "pal" instead of "ntsc"


----------



## vampirefo (Mar 19, 2017)

mrmazak said:


> I don't know if there is some limit I was just trying to "fill the whole" of not knowing why the screen does not render twrp now.
> 
> You know if I had to describe the way the screen is acting, it is reminding me of the way a TV will display diagonal "scamble" when it is set to "pal" instead of "ntsc"

Click to collapse



I don't know, the goal was to root the tablet, the tablet is rooted. 

Anyway time to get back to my Max.

Sent from my NS-P08A7100 using Tapatalk


----------



## mrmazak (Mar 19, 2017)

vampirefo said:


> I don't know, the goal was to root the tablet, the tablet is rooted.
> 
> Anyway time to get back to my Max.
> 
> Sent from my NS-P08A7100 using Tapatalk

Click to collapse



thank you very much for that. Yes root was the goal.

Is there any work done on the max?
I was gonna order one.


----------



## vampirefo (Mar 19, 2017)

mrmazak said:


> thank you very much for that. Yes root was the goal.
> 
> Is there any work done on the max?
> I was gonna order one.

Click to collapse


http://www.needrom.com/author/vampirefo/

Sent from my NS-P08A7100 using Tapatalk

I just got done uploading another rom for Max.
Life Max GPLUS F51 Port


----------



## icaruspony (Mar 19, 2017)

*Wiki*

Thanks to everyone who created root for this device.

This thread was kind of all over the place.

Could somebody please write a wiki with the steps/files to root this for those of us starting fresh from scratch?


----------



## mrmazak (Mar 19, 2017)

I did file compare between the X Y swap and Y flip versions of twrp that @vampirefo has built for this RCA. I found the file that is responsible for controlling the alignment (orientation) of the touchscreen.  
I changed just that one file and made the X Y swap version have same touch points as the Y flip version.

/ramdisk/sbin/libminuitwrp.so

I did the obvious simple test, of placing that file into the older recovery that has normal working (rotated) screen. And it stopped the recovery from booting. But maybe with some more digging I can uncover why the current build makes screen scramble or merge the change in orientation into the older recovery.
     .....  edit:  
    ,,,     No luck with merging into older TWRP "libminuitwrp.so"completely different


----------



## Plasmastar (Mar 19, 2017)

icaruspony said:


> Thanks to everyone who created root for this device.
> 
> This thread was kind of all over the place.
> 
> Could somebody please write a wiki with the steps/files to root this for those of us starting fresh from scratch?

Click to collapse



Yes please. I have been following the thread from the very start, but it isn't very easy to distinguish what steps were used to produce what results. A tutorial or guide would be very much appreciated, if the goal of rooting the tablet has been achieved.


----------



## mrmazak (Mar 19, 2017)

Plasmastar said:


> Yes please. I have been following the thread from the very start, but it isn't very easy to distinguish what steps were used to produce what results. A tutorial or guide would be very much appreciated, if the goal of rooting the tablet has been achieved.

Click to collapse



I have put out a "tool" that will do the following

1: unlock bootloader
2: flash a modified stock style recovery needed in case problems (I have near bricked few times testing and this step was very necessary)
3: flash a modified boot.img that does not force encrypt the device (needed as the partly working recovery did not properly decrypt device when encrypted)
4: boot into a working version of CWM where you can (should) make a backup. (restoring is not straight forward process but works. I will need to make a write up for that too)

==>>LINK TO original TOOL

I will modify the tool to now flash the boot.img that is permissive. Once the permissive boot.img gets installed, you can boot into the CWM and install superSU.

just give me some time, I will get it modified soon.

you can also just download the original tool and replace the no-force-encrypt-recoveryboot.img in the /img folder with ==>>LINK permissive.boot . Rename the new image same as old one, or modify the script. Install boot.img with the "tool". 
Then install the system mode superSU while in CWM
This is basicly the way I did it. 

You can also use original tool as is . then follow Vampirefo's  post and directions.
https://forum.xda-developers.com/showpost.php?p=71460649&postcount=202   link to directions
https://forum.xda-developers.com/showpost.php?p=71474679&postcount=212   link to corrected download




be aware unlocking bootloader needs to format the device. After unlocking bootloader device has a 30 second time out before booting, every time. Flashing from stock boot.img to modified non encrypted needs to format data also. 
There is no button combination to boot into fastboot mode, so if problems occur need to boot into recovery to get access to adb and reboot to fastboot.


----------



## insanemhelo (Oct 22, 2016)

I was wondering does anyone know of a working way to apply root to this device. I have tried kingo root, king root, iroot, one click root, and impactor. Everyone of them fails when trying to apply the root. i thought maybe i could attempt to unlock the bootloader on the deivce cause that might be what is causing them to fail. I booted into recovery and then clicked reboot into bootloader and the device just boots normal so i am unable to get into the bootloader to even attempt to unlock it. I'm at a roadblock with this device. If anyone can help me get root on this device i would be grateful.


----------



## jakfish (Mar 19, 2017)

What incredible work and thank you for the latest post of clear instructions. Since there are so many sub-devices of the RCA Voyager Pro, I'd like to make certain that my device specs fit your software. I have the RCA Voyager Pro with accompanying keyboard:

1) Model number: RCT6873W42M
2) Android 6.0/Kernel ver. 3.18.22
3) Android security patch level: June 1, 2016
4) Build number: RCT6873W42KC-ANDROID6.0-V26-V1.13.30

Are these specs close enough to yours?

Many thanks,
Jake


----------



## mrmazak (Mar 19, 2017)

jakfish said:


> What incredible work and thank you for the latest post of clear instructions. Since there are so many sub-devices of the RCA Voyager Pro, I'd like to make certain that my device specs fit your software. I have the RCA Voyager Pro with accompanying keyboard:
> 
> 1) Model number: RCT6873W42M
> 2) Android 6.0/Kernel ver. 3.18.22
> ...

Click to collapse



I do not know. I think the biggest issue is the processor. RCA released same model number with an MTK processor and with an INTEL one.

this thread and these directions are for the INTEL version.

I think the M at the end of yours is the MTK version

I posted in another thread for that model and they have an easier method of root, I am looking for link now

here is one, but I recalled a longer thread , i'll keep looking

https://forum.xda-developers.com/android/help/help-rooting-rca-voyager-tablet-model-t3515612


lol....thats so funny
I found the other thread i was looking for , and guess what. Your post was the one I was looking for.
https://forum.xda-developers.com/general/help/help-rooting-rca-voyager-pro-t3275962/page3


----------



## jakfish (Mar 19, 2017)

Ah, I see.  When I use DevCheck Pro, my Hardware reads: MediaTek MT8127. That would tie into what you're suggesting.

While it would appear the MTK version may be easier to root, I don't believe it has your neat trick of making a "modified stock style recovery."

Would it be safe to assume there is no clear way to make a stock ROM backup in case of a MTK post-root failure?

Jake


----------



## vampirefo (Mar 19, 2017)

jakfish said:


> What incredible work and thank you for the latest post of clear instructions. Since there are so many sub-devices of the RCA Voyager Pro, I'd like to make certain that my device specs fit your software. I have the RCA Voyager Pro with accompanying keyboard:
> 
> 1) Model number: RCT6873W42M
> 2) Android 6.0/Kernel ver. 3.18.22
> ...

Click to collapse



You should install CPU-Z from playstore it will tell you what Soc you have, Intel or MediaTek

Sent from my Life_Max using Tapatalk


----------



## mrmazak (Mar 19, 2017)

jakfish said:


> Ah, I see.  When I use DevCheck Pro, my Hardware reads: MediaTek MT8127. That would tie into what you're suggesting.
> 
> While it would appear the MTK version may be easier to root, I don't believe it has your neat trick of making a "modified stock style recovery."
> 
> ...

Click to collapse



i think mtk version might work with sp flash tool.  It is a good tool that can image the device both ways, backup and flash


----------



## jakfish (Mar 19, 2017)

I didn't know that it was possible to backup a stock image. With my other Android devices--phones, etc--I was lucky to find an already-waiting way to root and a custom rom after that.

I'll explore sp flash tool right away.

Thanks,
Jake


----------



## Plasmastar (Mar 19, 2017)

I turned on "OEM Unlocking" and "USB Debugging", accepted authorization, ran mrmazak's Unlock tool, and it reboots it via ADB, but it is not finding anything with fastboot. What am I doing wrong?

Edit: Also, the OS (Windows 10) keeps flipping out and notifying me with sounds that mean "Device plugged in" "Device unplugged"

Edit: Apparently Windows isn't even recognizing the device in fastboot mode. Keeps flashing "Unknown Device" in device manager.


----------



## mrmazak (Mar 19, 2017)

jakfish said:


> I didn't know that it was possible to backup a stock image. With my other Android devices--phones, etc--I was lucky to find an already-waiting way to root and a custom rom after that.
> 
> I'll explore sp flash tool right away.
> 
> ...

Click to collapse



The files on this site might not be correct but the directions on using sp flash are ok.
And it is a thread for an RCA tablet with (I think) same chip

https://forum.xda-developers.com/android/general/firmware-rca-viking-pro-rct6303w87dk-t3325158


----------



## mrmazak (Mar 20, 2017)

Plasmastar said:


> I turned on "OEM Unlocking" and "USB Debugging", accepted authorization, ran mrmazak's Unlock tool, and it reboots it via ADB, but it is not finding anything with fastboot. What am I doing wrong?
> 
> Edit: Also, the OS (Windows 10) keeps flipping out and notifying me with sounds that mean "Device plugged in" "Device unplugged"
> 
> Edit: Apparently Windows isn't even recognizing the device in fastboot mode. Keeps flashing "Unknown Device" in device manager.

Click to collapse



Yes that is what I get until you set the driver.


----------



## Plasmastar (Mar 20, 2017)

mrmazak said:


> Yes that is what I get until you set the driver.

Click to collapse



What driver? Where? Note: ADB DOES recognize this device, but FASTBOOT won't. I'm so confused.


----------



## mrmazak (Mar 20, 2017)

Plasmastar said:


> What driver? Where? Note: ADB DOES recognize this device, but FASTBOOT won't. I'm so confused.

Click to collapse



I thought it was discussed more in the beginning of this thread, but a search only showed really this one post

https://forum.xda-developers.com/ge...rct6873w42-rooting-help-t3485625/post70208535


----------



## Plasmastar (Mar 20, 2017)

mrmazak said:


> I thought it was discussed more in the beginning of this thread, but a search only showed really this one post
> 
> https://forum.xda-developers.com/ge...rct6873w42-rooting-help-t3485625/post70208535

Click to collapse



Thank you very much! I have Google's and Intel's USB Drivers installed, so I was confused about why it wasn't just, working out of the box. Had to slow myself down and read what's going on.


----------



## Plasmastar (Mar 20, 2017)

Currently not able to successfully root. Instructions need to be recompiled to be easier for less knowledgeable people to understand. I've unlocked the flasher, flashed the images mrmazak provided, then moved on to Vampirefo's directions. Problems start to arise at "setenforce 0" with some failure messages and not having permissions to push su.img to /data

Vamp's instructions also reference "recovery.img" and I had to guess that it was one of mrmazak's images. Also, using CWM to install the SuperSU zip did not seem to do anything at all.

As always. Help much appreciated.

---------- Post added at 01:18 AM ---------- Previous post was at 12:42 AM ----------

Looks like I've bricked it. It will only boot up to a black screen now.

"Recovery mode" A.K.A. Holding Volume Up + Power results in adb devices showing "unauthorized", meaning no booting into fastboot now.


----------



## [email protected] (Mar 20, 2017)

What are the pros and cons root vs no root.I see some wanting no root.It seems to me but I don't really understand that if you're rooted you can't get your number released as easy? Because I was at the dollar store yesterday and they had smartphones​ for 20.00 and the most was like 39 but you had to get a plan like NET10 or TMobile in carrier so if it's rooted wouldn't a person have a heck of a time using this for a month and having a 600 phone to move?

Sent from my 9020A using Tapatalk


----------



## mrmazak (Mar 20, 2017)

Plasmastar said:


> Currently not able to successfully root. Instructions need to be recompiled to be easier for less knowledgeable people to understand. I've unlocked the flasher, flashed the images mrmazak provided, then moved on to Vampirefo's directions. Problems start to arise at "setenforce 0" with some failure messages and not having permissions to push su.img to /data
> 
> Vamp's instructions also reference "recovery.img" and I had to guess that it was one of mrmazak's images. Also, using CWM to install the SuperSU zip did not seem to do anything at all.
> 
> ...

Click to collapse




**
Alright. Details are important here.
Did you have tablet booted up into Android in-between all the steps?
 Because each step except the recovery step needed to do formats.

If you did not boot in-between you might be able to do wipe from recovery , to revive.

And as long as recovery is booting the trick to get adb authorized is to select adb side load in recovery, then it tells you to send a file from "adb sideload *file-location*name*"
Choose a small file so it is quick, it will fail with message on tablet it failed and screen returns to normal recovery. And you will have adb access. 
This is how it works for me. You may need to install my key , not sure, try that first.

---------- Post added at 07:09 AM ---------- Previous post was at 06:25 AM ----------

here are @vampirefo 's directions again , but I added numbers and notes. 

!!!!Please!!!!  If following a set of directions and first, second ...... steps fail , please, do not continue, there is something probably wrong and continuing may give undesired result.

must start with directions in this thread first to use this method
https://forum.xda-developers.com/showpost.php?p=71452921&postcount=192for directions but img needed modified
https://forum.xda-developers.com/showpost.php?p=71453760&postcount=195 has the modified image

once booted like above thread directions can continue below
files for method below are on this post https://forum.xda-developers.com/showpost.php?p=71474679&postcount=212


```
****required before first step is to have booted fist permissive-boot.img****



1:adb shell

2:setenforce 0                

3:adb remount 

4:adb push su.img /data/su.img

5:adb reboot fastboot

6:fastboot boot rca-boot_permissive_on_boot.img

7:adb shell

8:getenforce

9:Your result should be Permissive        *****If not this result do not continue******   if above adb push does not work,this step will not work

10:adb reboot fastboot 

11:fastboot flash boot rca-boot_permissive_on_boot.img

12:fastboot boot recovery.img                 cwm recovery from mrmazak tool folder "img\rca-recovery-cwm-ramdisk.img"

13:install UPDATE-SuperSU-v2.79-SYSTEMMODE.zip

14:reboot system

15:select NO
```


I have V3 ready. It will flash a permissive boot.img. When I did this I followed the install of my version of permissive boot with directly installing superSU in CWM.


Or you can go through the steps listed above.  Your choose

==>>Unlock-TOOL_V3


----------



## vampirefo (Mar 20, 2017)

[email protected] said:


> What are the pros and cons root vs no root.I see some wanting no root.It seems to me but I don't really understand that if you're rooted you can't get your number released as easy? Because I was at the dollar store yesterday and they had smartphones​ for 20.00 and the most was like 39 but you had to get a plan like NET10 or TMobile in carrier so if it's rooted wouldn't a person have a heck of a time using this for a month and having a 600 phone to move?
> 
> Sent from my 9020A using Tapatalk

Click to collapse



You aren't going to make phones calls on a rca tablet, anyway your question has been asked a million times.

Google pros and cons of rooting android, you will be able to read for months the responses.

To root or not to root is simply a personal choice.

Sent from my Life_Max-FL using Tapatalk


----------



## icaruspony (Mar 20, 2017)

Can someone make a comprehensive step-by-step, from A to Z.  It looks like the best we have is "do these threads first, then do this".  Can me make a list that includes info from all threads compiled into one complete how-to?

Include how to first detect which processor you have, which drivers to install first, then go into what commands, reboots, etc?

It should be complete enough for someone to root the phone while having not read any other posts.


----------



## Plasmastar (Mar 20, 2017)

mrmazak said:


> And as long as recovery is booting the trick to get adb authorized is to select adb side load in recovery, then it tells you to send a file from "adb sideload *file-location*name*"
> Choose a small file so it is quick, it will fail with message on tablet it failed and screen returns to normal recovery. And you will have adb access.
> This is how it works for me. You may need to install my key , not sure, try that first.

Click to collapse




Your recovery images kept making the tablet boot up into black screens and one of them complained about bad font locales or something. Pressing Volume Up + Power literally does nothing now except bring up a black screen with an unauthorized ADB session.


----------



## mrmazak (Mar 20, 2017)

icaruspony said:


> Can someone make a comprehensive step-by-step, from A to Z.  It looks like the best we have is "do these threads first, then do this".  Can me make a list that includes info from all threads compiled into one complete how-to?
> 
> Include how to first detect which processor you have, which drivers to install first, then go into what commands, reboots, etc?
> 
> It should be complete enough for someone to root the phone while having not read any other posts.

Click to collapse



No, sorry but if you can't read 3 or 4 posts with the directions, what makes me think you will read one when I spend my time to cut and paste them together.

I know everybody is a noob at one point t bit if you need that level of hand holding to get it done, you will definitely break your device if it had root privileges.

---------- Post added at 01:11 PM ---------- Previous post was at 12:52 PM ----------




Plasmastar said:


> Your recovery images kept making the tablet boot up into black screens and one of them complained about bad font locales or something. Pressing Volume Up + Power literally does nothing now except bring up a black screen with an unauthorized ADB session.

Click to collapse



I am definitely confused over your situation

You already posted you finished the steps in the tool then started the next steps.
Which need adb access to start, so you must have had Android booted then, so my images did not cause your problem, there is some middle step you may be leaving out. 

Besides the recovery image has nothing to do with device booting the boot image does. 

Please try to be specific on what went where and what happened.


----------



## rpk3 (Mar 20, 2017)

Newbies. I understand your frustration. Please don't be to direct to REQUEST  mrmazak or vampirefo to set up a complete scripted apk OR TAR.Z package to help you root. If you have not been able to get the USB drivers to install its probably cause of the ESTO virus.

EQUIPMENT SMARTER THAN OPERATOR. 

My pos winblows machine gave me issues for two weeks while trying to get my tablet to even see windows. Finally had to make my own .inf files to manually install the friggin driver. .... anyway.  Yes. I bricked my ****. Like 2 times. Although was able to use the flash tool from Intel to load an OEM IMG file I accessed before I started to root the tablet with mrmazak's files.

Personally. I'm a Slackware man. Winxp and win7 for swap

I just wanted to use this tablet for a POV UAV purposes...although I think it needs another 1gb onboard ram. There are limits to what you can do with this tablet. Truthfully, been playing around with this tablet as interface for an old Garmin etrex for GPS viable access on a larger screen. Anything but google maps BS.


And yes... You can make calls from this tablet... as google hangouts has a micro PBX installed for this to happen. Although don't expect to receive calls. There is no way to tie into emei for access to make this happen.


----------



## insanemhelo (Oct 22, 2016)

I was wondering does anyone know of a working way to apply root to this device. I have tried kingo root, king root, iroot, one click root, and impactor. Everyone of them fails when trying to apply the root. i thought maybe i could attempt to unlock the bootloader on the deivce cause that might be what is causing them to fail. I booted into recovery and then clicked reboot into bootloader and the device just boots normal so i am unable to get into the bootloader to even attempt to unlock it. I'm at a roadblock with this device. If anyone can help me get root on this device i would be grateful.


----------



## vampirefo (Mar 20, 2017)

rpk3 said:


> Newbies. I understand your frustration. Please don't be to direct to REQUEST  mrmazak or vampirefo to set up a complete scripted apk OR TAR.Z package to help you root. If you have not been able to get the USB drivers to install its probably cause of the ESTO virus.
> 
> EQUIPMENT SMARTER THAN OPERATOR.
> 
> ...

Click to collapse



Yes, 2GB ram is really needed on any android, but 1GB, keeps people buying the next version. If it came with 2GB people would compile their own ROMs and use custom ROMs rather than buy the next upgraded RCA tablet.

These are cheap devices, same as the tablet I am typing on, good for web surfing, communication, few games, entertainment value.



Sent from my NS-P08A7100 using Tapatalk


----------



## mrmazak (Mar 21, 2017)

I admit, the directions are not complete, and hard to follow. I can see needing to document things better. 
But to say you don't want to read any related posts and have an all in one click option is too much.

Besides that is the reason for the V3 unlock tool. It does 95% of the job for you.
But until I hear back from @Plasmastar on what happened to his tablet I don't want to release any updates to the tool until I can try prevent what ever happened there.

I have V4 almost ready.

It has a model check before opening, so if wrong model it should just close.
And I am including the SuperSU inside.
Just hung up on this line

```
adb shell recovery --update_package=/sdcard/0/Download/UPDATE-SuperSU-v2.79-SYSTEMMODE.zip
```

File gets pushed before hand and is present in the Download folder.

It starts the flash but stops with a message from recovery that it fails signature check. Then gives yes no option to continue anyway. When select yes it appears to continue but just hangs.

Can Anybody help?


----------



## Plasmastar (Mar 21, 2017)

I think I boned it when I got frustrated and tried to restore backups done with CWM. Restore seemed ok, but maybe it's because I forgot to wipe the partitions.

As for recovery, I followed this advice.



mrmazak said:


> I will modify the tool to now flash the boot.img that is permissive. Once the permissive boot.img gets installed, you can boot into the CWM and install superSU.
> 
> just give me some time, I will get it modified soon.
> 
> you can also just download the original tool and replace the no-force-encrypt-recovery.img in the /img folder with ==>>LINK permissive.boot . Rename the new image same as old one, or modify the script. Install boot.img with the "tool".

Click to collapse



Using Volume Up+Power (which should be recovery mode) kept giving me black screens afterwards. I also don't know why CWM didn't restore the previous image.

I'm stuck with a device that boots with a 30 second timeout, black screen on normal boot (no adb), and black screen on recovery mode boot (adb, but no authorization)


----------



## mrmazak (Mar 21, 2017)

Plasmastar said:


> I think I boned it when I got frustrated and tried to restore backups done with CWM. Restore seemed ok, but maybe it's because I forgot to wipe the partitions.
> 
> As for recovery, I followed this advice.
> 
> ...

Click to collapse




Yeah, that is a REAL big problem there.

I definitely made a typo. 

You should never replace a recovery image with a boot image.

Sorry I have no advice for you. I need to find out from @rpk3 , what flash tool he has. Because he said he restored his **** with it,

https://forum.xda-developers.com/showpost.php?p=71513804&postcount=260

from above link

```
My pos winblows machine gave me issues for two weeks while trying to get my tablet to even see windows. 
Finally had to make my own .inf files to manually install the friggin driver. .... anyway.
 Yes. I bricked my ****. Like 2 times. Although was able to use the flash tool from Intel to load an 
OEM IMG file I accessed before I started to root the tablet with mrmazak's files.
```


The restore process is not normal. In fact I bricked mi e there times trying to do restore. I found a long way around that does a restore.
Remember I posted in same post you quoted that restore process was not "straight forward"

1. I needed to format system in fastboot
2. Flash system in fastboot (it fails probably because I have a raw system did copy and it needs to be spares)
3. After the failed system flash , fastboot mode is broken
4. Force reboot to recovery, then adb reboot fastboot again
5. Now boot CWM
6. Format system
7. Then restore worked for me

That is process I had to do, because just doing a restore messes the system partition
. Second test I tried starting at #6, it worked that way 2 times when testing. I did it again the other day for more testing before I put out the permissive files. And needed to do the whole process 1-7.


----------



## Plasmastar (Mar 21, 2017)

mrmazak said:


> Sorry I have no advice for you. I need to find out from @rpk3 , what flash tool he has. Because he said he restored his **** with it,
> 
> https://forum.xda-developers.com/showpost.php?p=71513804&postcount=260
> 
> from above link

Click to collapse



Cool. I would love to get this tool. RCA Support is not being too supportive. They suggested wiping from recovery mode, then suggested sending the device to them for a factory reset after I mentioned the recovery mode being gone.


----------



## rpk3 (Mar 21, 2017)

mrmazak said:


> here they are
> 
> Pulled stock recovery and boot images and the unpacked image and stock system.img
> 
> ...

Click to collapse



..my apologies. OEM terminology was confusing.  No matter what device I trade or test for I always pull boot and system images first. Even  saw this post and was reassured that others do the same for there own piece of mind. Kinda like a cheap xcopy command or IMG file from any manufacture.. Basically everything I did was within the limits of mr mazaks tools. If he warned of brick. I tried to replicate with inconclusive results or a black screen after fastboot. Rather than contact him I made several repeated attempt to access and replicate what he had done. I did not touch adb secure settings because I have bricked many a device with this option ....



Now. Between you and me. I made contact with a rep from rca.......that's all I'll say here.

Again. My purpose of joining this group was info on root. now we have it ? thx so much to this thread and especially vampirefo and mrmazak.


----------



## Plasmastar (Mar 21, 2017)

Now if I could get a tool to flash it to the device, or get the device to go into fastboot, I'd be set to fix this brick wouldn't I?


----------



## rpk3 (Mar 21, 2017)

Plasmastar said:


> Now if I could get a tool to flash it to the device, or get the device to go into fastboot, I'd be set to fix this brick wouldn't I?

Click to collapse



There is the Intel flash tool that vampirefo uploaded for mrmazak. Don't know the post.....look back and see.


----------



## mrmazak (Mar 22, 2017)

Plasmastar said:


> Now if I could get a tool to flash it to the device, or get the device to go into fastboot, I'd be set to fix this brick wouldn't I?

Click to collapse



I think @rpk3 is mentioning this post.

https://forum.xda-developers.com/showpost.php?p=70799567&postcount=96

But I wasn't able to confirm if it works.


----------



## mrmazak (Mar 22, 2017)

Tool V4 is ready. The install of superSU is still only halfway automatic. The zip file gets pushed to tablet and tablet will boot into recovery , but the I have not solved the "update" command from hanging, so will need to just select the file and install manually.

I coded ECHO notes in the tool to tell you where it is.

I think this is as user friendly as I can get it.

The first step in the tool checks for device product type. If not a "sofia3gr" tool will not work.
The checking method could fail because of not having abd drivers set, so the instruction page loads with directions on installing drivers. And you will have to read other posts on how to do that. And to download them.


this is the current instructions page

```
**To use the tool Device must be connected with adb debugging enabled

**After bootloader unlock device MUST be formated. 
  DO NOT try to bypass this step

**After flashing no-encrypt images device MUST be formated also

**Both FACTORY boot.img and recovery.img have "forceencrypt" flag set
  this is why they need to be changed. 
  BOTH boot and recovery need to be changed together. Cannot do only one.
  After replaceing boot.img data partition need to be formated.

First thing you must have adb and fastboot installed.
  Easiest method to install adb + fastboot on windows is with "15 second adb + fastboot install TOOL"
   https://forum.xda-developers.com/showthread.php?t=2588979
  (Right click select mark to highlight and copy above link)  
   
Second you need drivers for Intel android usb

   https://software.intel.com/en-us/protected-download/385047/494732
	

Adb driver for me has always installed automaticly. But Fastboot driver has needed to updated manually.
I usually just go into command promt "adb reboot fastboot" .
The Tab will reboot with an apparent blank screen, if you look closely you will note that there is a faint backlight. 
Once in this mode your PC will have a new device in device manager, and you may have a repeated connect / disconnect sound.
You can do an Update driver select Browse my computer for driver software, 
then Let me pick from a List of device drivers on my computer, 
then scroll down to the Intel Android Device in the list and select 
either the Intel Android Bootloader device or the Android Bootloader Device, Both seem to work fine.





Follow steps in order. 1-3, 
steps 4 is to boot into recovery mode.
step 5 is obsolete now that superSU can be installed
step 6 brings you back here to these instructions
step 7 Pushes the superSU.zip install .zip to Download folder, then boots into CWM recovery and tells you steps to install it
       there is a command to automate this but there is a bug ritght now, so it must be manually done.
```


==>>TOOL-V4


----------



## Plasmastar (Mar 23, 2017)

mrmazak said:


> I think @rpk3 is mentioning this post.
> 
> https://forum.xda-developers.com/showpost.php?p=70799567&postcount=96
> 
> But I wasn't able to confirm if it works.

Click to collapse



I got the tool to detect the device, as previously mentioned. But can't get the device to stay off once connected, so it'll (seemingly) drop its connection after the 30 second time out.

Also, I don't know what to flash to it. xD


----------



## mrmazak (Mar 23, 2017)

Plasmastar said:


> I got the tool to detect the device, as previously mentioned. But can't get the device to stay off once connected, so it'll (seemingly) drop its connection after the 30 second time out.
> 
> Also, I don't know what to flash to it. xD

Click to collapse



I'm trying to get this to work for our device.
https://forum.xda-developers.com/dell-venue/general/venue-8-7840-developer-files-posted-t3144232

I plan to use the flash.xml, from the first download link at top of post. Inside the ".... blank phone...user debug.zip." I assume it may get you into fastboot mode.
When I select the flash.xml and click start flash. The flash tool reboots the tablet, then seems to hang. 

1: I start with tablet off
2: connect usb  get the 30 second timer and flash tool shows connected DNX_FW
3: volume down to turn off
4: flash tool shows disconnected
5: 30 second timer starts again- this time let in continue
6: when timer done flash tool shows disconnected
7: about 20 seconds later it shows connected again as COS mode ?
8: click start flash, tablet boots up and tool shows "flashing". Doesn't seem to be doing anything. (hopefully can get it modified to boot fastboot)


I haven't found details yet . But I remember  vaguely reading somewhere that the bin files needed to make a device specific xml are on the device and just need to be pulled.
SO as starting point I am dd'ing all partitions from device.


----------



## icaruspony (Mar 23, 2017)

mrmazak said:


> I admit, the directions are not complete, and hard to follow. I can see needing to document things better.
> But to say you don't want to read any related posts and have an all in one click option is too much.
> 
> Besides that is the reason for the V3 unlock tool. It does 95% of the job for you.
> ...

Click to collapse




First off, I am not a newbie.  I am a Nexus user and regularly flash firmwares to it through fastboot.  I install custom recoveries and modify the file system, install root, TWRP, Xposed, etc.

The reason I suggested compiling a list is to add it to the growing list of rooted devices.  Other devices have well laid out methods.  Now that we have dug up this gem, I was thinking we should polish it and put it on display next to all the others.

If this was a recipe for baking a cake, I'd say, whatever.  But rooting is like brain surgery. You wouldn't want your brain surgeon to stop in the middle of surgery to run into the next room to google which brain lobe he is supposed to cut into.  Because of the high risk, you want all your ducks lined up in a row in front of you in order to prevent mistakes.

Sure, every time a new rooting method is revealed, there will be fallout.  Fallout being posts from people saying they bricked their devices.  The difference is the percentage of people.  If 1 out of a 100 bricks their devices, that's good.  If 50% of those that attempt it brick it because someone omitted one detail from the instructions, that's bad.  If it was your goal to minimize this fallout, what would you do?

---------- Post added at 09:07 AM ---------- Previous post was at 08:55 AM ----------

Also, not suggesting a batch file or script.  I never like using those, I do them one command at a time, which is safer.


----------



## mrmazak (Mar 23, 2017)

icaruspony said:


> First off, I am not a newbie.  I am a Nexus user and regularly flash firmwares to it through fastboot.  I install custom recoveries and modify the file system, install root, TWRP, Xposed, etc.
> 
> The reason I suggested compiling a list is to add it to the growing list of rooted devices.  Other devices have well laid out methods.  Now that we have dug up this gem, I was thinking we should polish it and put it on display next to all the others.
> 
> ...

Click to collapse



ok, That why I retracted and admitted the directions where by no means easy to follow. But what it was , was a long "drip by drip" process , small steps that finally got those who took each step along the way a rooted device.

I can understand your not liking batch scripts to do the process, but it goes both ways.
Making a typo as you go one step at a time is still dangerous, and once all the steps are in one script, the typo problem is gone.


Any one who is interested can break out all the steps and make a single do this. do that next guide if they want. 
basic flow is same as other devices,
1. enable developer options
2. enable oem unlock
3. install adb + fastboot
4.  install drivers
5.  unlock bootloader
6. flash a custom permissive boot.img
6b. flash a modified "stock" recovery need for safety as there is no button combo to load fastboot
7. "boot" custom recovery from fastboot mode and install superSU (system mode)

 there is basic flow each step may have its own process that involves more steps.


----------



## vampirefo (Mar 23, 2017)

Hard to follow process? it's one of the easiest out there to root.
It took us time cause we had to work things out, as for people who want to root their tablet it basically three steps once the bootloader is unlocked.
people that thinks it's hard to root or follow three steps are over thinking.

the process for every root starts the same 
the bootloader must be unlocked.

once the bootloader is unlocked

flash a boot.img
boot into custom recovery
flash supersu

done


----------



## mrmazak (Mar 26, 2017)

Plasmastar said:


> I got the tool to detect the device, as previously mentioned. But can't get the device to stay off once connected, so it'll (seemingly) drop its connection after the 30 second time out.
> 
> Also, I don't know what to flash to it. xD

Click to collapse



I think I just made big disscovery for you.


using intel platformflash tool lite 5.8.3.0
==>>flash tool

Open flash tool.
connect device to pc with usb cable, get the 30 timeout message , push volume down(side next to usb port), it turns off then back on again. this second time let it count down. Should turn off and briefly give you charging battery icon.
Also tried from running android and select to power off. Tablet turns off and time out messages comes right back on, let it time out, the tablet then turns off again and stays off.
Flash tool shows disconnected. About 30-40 seconds later it shows as connected as "cos".
At this point you do (should) have adb access. But only with the adb from the Intel flash tool. 
You can specify to use that adb.exe . For example, in my install i used

```
C:\Users\Mr>"C:\Program Files (x86)\Intel\Platform Flash Tool Lite\adb.exe" shell

[email protected]:/ # reboot fastboot 

C:\Users\Mr>fastboot devices
20D16071390C    fastboot
```

I plan to restore my tablet to before it was rooted and see if this still gets a root prompt.

And then if still no other replies I may make a brick with the restore and try this to get back into fastboot.


if this works out let me know I will detail (if needed) how to restore your backup

---------- Post added at 10:24 PM ---------- Previous post was at 10:20 PM ----------




cozzie37 said:


> My custom kernel attempts have come to a complete standstill, partly because I now have no way to test/use them. ..........
> .........
> A third option, if you have tried to request source code for this or any other RCA or ALCO tablet, is to email [email protected] and let them know what model you have and what your experience was. They will work to enforce GPL compliance with RCA/ALCO.

Click to collapse



The above method may also work for you as the adb session is seemingly not inhibited by user access (adb keys not needed)


----------



## Plasmastar (Mar 26, 2017)

mrmazak said:


> I think I just made big disscovery for you.

Click to collapse



Hats off to you. I successfully got into fastboot mode using your discovery and flashed recovery and boot images. Recovery mode is restored, but I'm not getting it to boot to the boot image, even after formatting userdata and cache. What else am I missing? Thank you.


----------



## mrmazak (Mar 26, 2017)

Plasmastar said:


> Hats off to you. I successfully got into fastboot mode using your discovery and flashed recovery and boot images. Recovery mode is restored, but I'm not getting it to boot to the boot image, even after formatting userdata and cache. What else am I missing? Thank you.

Click to collapse



the attempt at making a restore from twrp has messed up the system image

The steps I have had to take to restore are as follows.

1. From fastboot do "fastboot format system"
2. "fastboot flash system system.img" 
==>>link to original pulled system image.   coming as soon as upload finishes
3. flash fails and fastboot kind of crashes. hold power button to shut off, then follow same steps to get back into fastboot.
4. fastboot boot cwm.img
5. select mounts and storage, format system
6. restore your backup.


I am going through the restore again now to try and simplify the steps, but this is 5th time , and so far this is the only way i have succeeded.


----------



## Plasmastar (Mar 26, 2017)

I'm getting this


```
C:\Program Files (x86)\Intel\Platform Flash Tool Lite>adb shell
error: device unauthorized.
This adb server's $ADB_VENDOR_KEYS is not set
Try 'adb kill-server' if that seems wrong.
Otherwise check for a confirmation dialog on your device.
```

When I try to go back to the Intel adb session.


----------



## mrmazak (Mar 26, 2017)

Plasmastar said:


> I'm getting this
> 
> 
> ```
> ...

Click to collapse



uhg. ok.

maybe, did you close intel flash tool, and maybe try to power cycle the tablet again.

wait , your quoted text is a little off.
needs to be calling the adb.exe from that folder not just adb from there. Adb from the folder location still uses system installed adb.

```
C:\Program Files (x86)\Intel\Platform Flash Tool Lite>adb.exe shell
```


----------



## insanemhelo (Oct 22, 2016)

I was wondering does anyone know of a working way to apply root to this device. I have tried kingo root, king root, iroot, one click root, and impactor. Everyone of them fails when trying to apply the root. i thought maybe i could attempt to unlock the bootloader on the deivce cause that might be what is causing them to fail. I booted into recovery and then clicked reboot into bootloader and the device just boots normal so i am unable to get into the bootloader to even attempt to unlock it. I'm at a roadblock with this device. If anyone can help me get root on this device i would be grateful.


----------



## Plasmastar (Mar 26, 2017)

mrmazak said:


> uhg. ok.
> 
> maybe, did you close intel flash tool, and maybe try to power cycle the tablet again.
> 
> ...

Click to collapse



Just did, and no dice.

---------- Post added at 01:29 PM ---------- Previous post was at 01:26 PM ----------

I blanked out PATH


```
C:\Program Files (x86)\Intel\Platform Flash Tool Lite>adb version
Android Debug Bridge version 1.0.35
Revision 68de85bda98d-android
```


----------



## mrmazak (Mar 26, 2017)

Plasmastar said:


> Just did, and no dice.
> 
> ---------- Post added at 01:29 PM ---------- Previous post was at 01:26 PM ----------
> 
> ...

Click to collapse



Is that from booted recovery or from off?
I assume from off. That is the way we were talking about before.
,       i dont know why this worked in first place defiantly dont know why it does that now
try to get adb from recovery mode.
I expext the unauthorized from recovery mode. And the fix I have used there is to try and start an adb sideload.
I made an update.zip that is fake. And after the flash fails because of bad signature, then the adb key becomes accected as good.


----------



## Plasmastar (Mar 26, 2017)

mrmazak said:


> Is that from booted recovery or from off?
> I assume from off. That is the way we were talking about before.
> ,       i dont know why this worked in first place defiantly dont know why it does that now
> try to get adb from recovery mode.
> ...

Click to collapse



Yes, I'm getting it from having the device off. If it helps, I'm pretty sure it just goes into an idle state with the screen off after seeing the battery icon. Should I be waiting longer for this method?

As for recovery, adb still unauthorized. I can however get into the sideload mode, but uploading an empty update.zip doesn't change authorization. Unless you mean update.zip needs to be 0 bytes or something.


----------



## mrmazak (Mar 26, 2017)

Plasmastar said:


> Yes, I'm getting it from having the device off. If it helps, I'm pretty sure it just goes into an idle state with the screen off after seeing the battery icon. Should I be waiting longer for this method?
> 
> As for recovery, adb still unauthorized. I can however get into the sideload mode, but uploading an empty update.zip doesn't change authorization. Unless you mean update.zip needs to be 0 bytes or something.

Click to collapse



ok you must need to also add this key to your .android folder located usually at 

C:\Users\(your user name)\.android


```
-----BEGIN PRIVATE KEY-----
MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDjOekmCFc2xm57
CoM0aJ7OwbOjGlN8KXSCCnaFqNnKrq8vq43J1olpVdFIx0STLHvGmeHjy1862/Gd
YSyXuUjectBz6MbUkjm46wkAZwQhT3dPnHYAxmvV15vA8nHVQljBAwwoZcEmt6gJ
v9t8R8K0GjiRrVZujw7k8SNuLSuPHwhhF+Vo5h+kktWZUMrKBuwMyjUAz2IlhQAS
axfmTGBTFhkgVvcHlr5HwsfNNooofvr51xNWElQJftHRE/IaDuqBpoPdZGcpoSV0
lkIQjIEPdfMsky1pNC6eTklGSsO3OgWJVETEOB4uwQ6jQnmQNc5Q/Z7xa2KFZh46
9mHJ5uajAgMBAAECggEBAIftCI97xdA6e7SW4U3kl7tPHEqhYPeRROTVpXjnPQGF
5b46faMT9zdP4tYKffccUR7IxtwhuGHZWHuwuaA5cmG/hPsRcH+QyX7Y+pWHCm1y
wAibq+tixvcw9zdA0N+lxLoRPKCd3iFvE9JhNsbtlodueBCNBHs2kM5bgbpSww/l
e8MSVQwLTTZBK+srtiv0M7b258jWiv+OiHXEPSmLG5RHIoIJuhfoXmaNXO9rMj8E
VppvH7SAuXKrJdzkYeS2YOYmz3spE4XLyvxjjUOr8UZi0K36Xq0nB7rWTZ6/2/GC
RfhMFZaiI1CkvQ0RsgIRg5ULbcFLTOqpYncxTWyWxWECgYEA+Usio0mC60XZr8iu
6s/5r0dqI6ZTfsi3ecWdsQuSsacO++P3kURpnZnjZ1z7YDUQ9Qt47rGkHRl+pCyL
omsulnJsKXzAeNEzCqbe+Nbnn0IugXGrheJ+0X8a+1aSlfzHssNnRTVUd7At41PT
+jwPgJsW2F5sPQk8VwMPLwzrS0UCgYEA6VbMvuhMci90/KyQNYwfyNtZ3AS+XTKV
UJHVFoZAjrtDluTlXXIVmtKFKY496/RGXN2jymag2R6EIci4Rm33gx+2H8B4XzC0
1Pv1IHu+0BPT+Yw8LHqhRZoUqbbmNdEGlSchVHthK1j8+Cfrq15C13nHuiLvlzlO
waatuwuGFMcCgYEAynAEMbsJUErJqmB6An5e0MJaY5a2aNdPfthF5LZ0KkVx+oS1
zkZSycNkkdRE4WxWV9c4HgUtMuA4IdN2lK8bBtrmEI6YscOYAkdd+45wSrhwkXcg
BTnXKAJig8VahefetsDNBLt42zS7HsY89hB9uj62v391v97XHAWE9/0yuU0CgYEA
vZebcRrK0pSg15VW70tVoBwqnUz1aEBrdjWoEE8xMUgTGQ4PF6hUyaF4NVWwFoI6
kcY9CX3t/7x92/19TSyYyeAAWThIFgA7TjsS5zvkxKj3uXIqinFxjF4vn95Omzel
w5cxy7UcNN5vXSsCoBFM+kum7yTny9XymgJWcv5gCY0CgYEAioR9xvWNvO4zoKnD
WTIrTpFzprSp6gM/jbSaSq3+RAxRmmYUZzf3MNPiudzialr4iHd3KU28lqxptqhV
dMd3eli5le1qOCk3IwEx9AmZeo6cAAdMcDVWs+Pj7HCmPHxSZkxBpxfXfJ/CT3Y8
FRu+jS2RKrWGQw/m7tCgBWPTw9w=
-----END PRIVATE KEY-----
```

copy the above text to a new text file in the .android folder name it "adbkey" with no extention.
You probably have a file there already you can save that by renaming it to "adbkey.org" or something and go back and forth . Or leave new key for all connections


I'm continuing to try things with this and just found that I have an adb connection with powered off tablet even with intel tool not running and with the system wide adb I have installed. Next I need to reboot pc to see if this connection will persisit. because i remember it did not work without intel flash tool before, but now it works either way.

but my system image is still only 30% uploaded

I wish I knew how to make the system image a sparse fastboot flash-able one, it would make restoring to stock starting point easier.


----------



## Plasmastar (Mar 26, 2017)

I don't understand what's going on. That key doesn't work, and I keep getting error messages. Keeping Intel's flash tool open makes it hard/impossible to switch between adb versions to compare between the two.







---------- Post added at 02:23 PM ---------- Previous post was at 02:05 PM ----------

Update: Killed Intel's Flash boot to AVOID using the adb version bundled with it. sideloaded empty "update.zip" and triggered adb recovery mode which allowed me to reboot into fastboot.


----------



## mrmazak (Mar 26, 2017)

Plasmastar said:


> I don't understand what's going on. That key doesn't work, and I keep getting error messages. Keeping Intel's flash tool open makes it hard/impossible to switch between adb versions to compare between the two.
> 
> 
> 
> ...

Click to collapse



using that key should get you adb from inside recovery, might need to do that sideload trick


----------



## Plasmastar (Mar 26, 2017)

I think I'm boned without a system partition. I downloaded the one included in your "stock files" from previously in the thread, but it shouted at me


```
fastboot flash system rca-system.img

(bootloader)  system partition type: ext4
target reported max download size of 1001390080 bytes
Invalid sparse file format at header magi
```


----------



## mrmazak (Mar 26, 2017)

Plasmastar said:


> I think I'm boned without a system partition. I downloaded the one included in your "stock files" from previously in the thread, but it shouted at me
> 
> 
> ```
> ...

Click to collapse



thats ok.
Thats what I get too. That is just first step. Now force power off loop back to fastboot again and boot to CWM recovery.
From recovery I needed to select format /system

then restore

You did say you had made a backup fro cwm recovery , right?


----------



## Plasmastar (Mar 26, 2017)

mrmazak said:


> You did say you had made a backup fro cwm recovery , right?

Click to collapse



Yes. But the .tar file is 0 bytes for some reason


----------



## mrmazak (Mar 26, 2017)

Plasmastar said:


> Yes. But the .tar file is 0 bytes for some reason

Click to collapse



oh , your recovery backup is bad too?
maybe I can upload my backup.


----------



## cozzie37 (Mar 26, 2017)

mrmazak said:


> I think I just made big disscovery for you.
> 
> 
> using intel platformflash tool lite 5.8.3.0
> ...

Click to collapse



Thanks for this! I'll try it later and report back. I'm currently trying to fix my LG G3, I just got back from a week out of state and assumed that's why I had no service...apparently it wasn't.


----------



## Plasmastar (Mar 26, 2017)

mrmazak said:


> oh , your recovery backup is bad too?
> maybe I can upload my backup.

Click to collapse



I'm not sure. the .tar is 0 bytes, but there is 3 other files with .a and .b and .c and I assumed it was a multi-part archive

---------- Post added at 03:04 PM ---------- Previous post was at 02:54 PM ----------

Restored backups. Seems to be booting now. Should be at stock. Now I'll be wanting to root this thing now that I can restore it on failure.


----------



## vampirefo (Mar 26, 2017)

Plasmastar said:


> I'm not sure. the .tar is 0 bytes, but there is 3 other files with .a and .b and .c and I assumed it was a multi-part archive
> 
> ---------- Post added at 03:04 PM ---------- Previous post was at 02:54 PM ----------
> 
> Restored backups. Seems to be booting now. Should be at stock. Now I'll be wanting to root this thing now that I can restore it on failure.

Click to collapse



Yes, it's multi-part, all recoveries are multi-part.

Sent from my NX16A8116K using Tapatalk


----------



## mrmazak (Mar 26, 2017)

just did a check again. seems intel flash tool has nothing to do with it. I rebooted my pc and have tablet powered off. Connected usb, press volume down to power off and waited one minute(30 seconds for on screen times out plus 30 seconds for ???? what ever it is that tablet is doing). And open cmd type "adb devices", get connected device and it has root #. I had also tried to remove the "adbkey" from .android folder , it still connects. 


cant explain why second attempt to connect for @Plasmastar gave unauthorized. 

maybe it is connected to /data partition while powered off, that would explain why after he flashed boot.img and recovery.img followed by format he lost connection.

If that is the case I am afraid this still not going to help @cozzie37


----------



## Plasmastar (Mar 26, 2017)

mrmazak said:


> just did a check again. seems intel flash tool has nothing to do with it. I rebooted my pc and have tablet powered off. Connected usb, press volume down to power off and waited one minute(30 seconds for on screen times out plus 30 seconds for ???? what ever it is that tablet is doing). And open cmd type "adb devices", get connected device and it has root #. I had also tried to remove the "adbkey" from .android folder , it still connects.
> 
> 
> cant explain why second attempt to connect for @Plasmastar gave unauthorized.[/MENTION]

Click to collapse



Yeah. It may have been some sort of fail safe for a bad recovery image, which I had. I dunno? I'm just glad to be past that part. Pretty scary.


----------



## vampirefo (Mar 26, 2017)

mrmazak said:


> just did a check again. seems intel flash tool has nothing to do with it. I rebooted my pc and have tablet powered off. Connected usb, press volume down to power off and waited one minute(30 seconds for on screen times out plus 30 seconds for ???? what ever it is that tablet is doing). And open cmd type "adb devices", get connected device and it has root #. I had also tried to remove the "adbkey" from .android folder , it still connects.
> 
> 
> cant explain why second attempt to connect for @Plasmastar gave unauthorized.
> ...

Click to collapse



That sounds more likely, a flashing tool couldn't enable adb, you had me curios as well.

Several devices have adb access while powered off, if insecured boot.img one has # if not one has $.

Anyway you all have means to fix bricked tablets.

Sent from my NX16A8116K using Tapatalk


----------



## Plasmastar (Mar 26, 2017)

@mrmazak I'm using v4 of your tool now and the script didn't properly push the SuperSU file

Edit: I'm going to install it off external sd because I'm impatient, but I thought I'd note there was an error.

Although now that I checked, it probably can't PUSH while in fastboot mode. xD


----------



## mrmazak (Mar 26, 2017)

Plasmastar said:


> @mrmazak I'm using v4 of your tool now and the script didn't properly push the SuperSU file
> 
> Edit: I'm going to install it off external sd because I'm impatient, but I thought I'd note there was an error.
> 
> Although now that I checked, it probably can't PUSH while in fastboot mode. xD

Click to collapse



I double checked it. I have it pushing before the reboot to fastboot.  So don't know what happened.


----------



## Plasmastar (Mar 26, 2017)

mrmazak said:


> I double checked it. I have it pushing before the reboot to fastboot.  So don't know what happened.

Click to collapse



Do I NEED to boot after flashing boot/recovery images (and formatting userdata/cache) before I install SuperSU?

---------- Post added at 04:28 PM ---------- Previous post was at 04:09 PM ----------

It doesn't matter. I have "Installed" the SuperSU package from ClockWorkMod before any initial boot, AND after. No failure messages, but it seems to simply not do anything. The instructions mention that ClockWorkMod would mention wanting to "fix root", but I didn't get that either.

To clarify. I have no root.


----------



## mrmazak (Mar 26, 2017)

Plasmastar said:


> Do I NEED to boot after flashing boot/recovery images (and having them formatted) before I install SuperSU?
> 
> ---------- Post added at 04:28 PM ---------- Previous post was at 04:09 PM ----------
> 
> ...

Click to collapse



I can't say for sure. But the way I did it I had rebooted to android system between all steps, for few reasons, mainly to verify each step worked, and that way I knew if a failure it had to be the last step done. So I suggest going into the tool and doing the boot step again. then (i see i left out the reboot command from the tool) reboot tablet, by opening a new cmd window type "fastboot reboot" 

I added the reboot comand to the tool and will upload a V5 and you can also just get the updated  .bat file from my github .


----------



## insanemhelo (Oct 22, 2016)

I was wondering does anyone know of a working way to apply root to this device. I have tried kingo root, king root, iroot, one click root, and impactor. Everyone of them fails when trying to apply the root. i thought maybe i could attempt to unlock the bootloader on the deivce cause that might be what is causing them to fail. I booted into recovery and then clicked reboot into bootloader and the device just boots normal so i am unable to get into the bootloader to even attempt to unlock it. I'm at a roadblock with this device. If anyone can help me get root on this device i would be grateful.


----------



## Plasmastar (Mar 26, 2017)

mrmazak said:


> I can't say for sure. But the way I did it I had rebooted to android system between all steps, for few reasons, mainly to verify each step worked, and that way I knew if a failure it had to be the last step done. So I suggest going into the tool and doing the boot step again. then (i see i left out the reboot command from the tool) reboot tablet, by opening a new cmd window type "fastboot reboot"
> 
> I added the reboot comand to the tool and will upload a V5 and you can also just get the updated  .bat file from my github .

Click to collapse



I'm actually getting tired of long boot times. SuperSU simply isn't installing. At least I don't see any SuperSU app installed when I boot, and root checker isn't giving me any positive results.

I'm flashing the permissive boot, and the no enforce recovery, booting to Android, PUSHing SuperSU, booting into CWM and installing the SuperSU zip, but still not getting any results.


----------



## mrmazak (Mar 26, 2017)

Plasmastar said:


> I'm actually getting tired of long boot times. SuperSU simply isn't installing. At least I don't see any SuperSU app installed when I boot, and root checker isn't giving me any positive results.
> 
> I'm flashing the permissive boot, and the no enforce recovery, booting to Android, PUSHing SuperSU, booting into CWM and installing the SuperSU zip, but still not getting any results.

Click to collapse



well I just flashed the permissive at  boot again with the unlock tool. It wiped and restarted like expected. I then went through initial setup wizzard. Enabled adb again. And ran tool step 7  "install superSU" it had no problem. 

but I had it installed already, so maybe it did not.  Because this time It did not ask for permission to let cwm "fix root"
I will un root and try again from beginning.'

alright. something odd happened here. I did un-root from the app settings and re-installed the superSU.zip. now the app did not re-install, and i still have permissive at boot and a root shell from inside system, but no superSU app

.
so one of my other attempts to make root must have had effect on it working for me the first time.


----------



## vampirefo (Mar 27, 2017)

mrmazak said:


> well I just flashed the permissive at  boot again with the unlock tool. It wiped and restarted like expected. I then went through initial setup wizzard. Enabled adb again. And ran tool step 7  "install superSU" it had no problem.
> 
> but I had it installed already, so maybe it did not.  Because this time It did not ask for permission to let cwm "fix root"
> I will un root and try again from beginning.'
> ...

Click to collapse



I don't have the tablet, but some how you are confusing cwm, in cwm Mount system then install SuperSU.

Your system isn't getting mounted, during SuperSU install, something wrong with your fstab in /etc.
Sent from my Life_Max-FL using Tapatalk


----------



## mrmazak (Mar 27, 2017)

vampirefo said:


> I don't have the tablet, but some how you are confusing cwm, in cwm Mount system then install SuperSU.
> 
> Your system isn't getting mounted, during SuperSU install, something wrong with your fstab in /etc.
> Sent from my Life_Max-FL using Tapatalk

Click to collapse



thats what is was. The first time i installed I had adb pushed the zip. But was getting some problem with the file pushing, so I did "adb remount" and it worked. I had forgotten that step this time because I pushed the file while in android to avoid the push problem. Not realizing that was also apparently needed for the install. 

so i added "adb remount" to the script and should work.


==>>Tool V5

V4 was missing the needed mount command that I used while testing. Now V5 does install the superSU and appearently need to do more work with the cwm image to make mounts more stable.

probably same problem with fstab is why I need to do such strange fastboot format system, followed by cwm format system, before I can do a CWM restore.


----------



## Plasmastar (Mar 27, 2017)

Yup. I finally got it down after that 'adb reboot'.

Just wondering why it was necessary if CWM already had /system marked down as "mounted" though.

Also, thanks for all the help.


----------



## mrmazak (Mar 27, 2017)

Plasmastar said:


> Yup. I finally got it down after that 'adb reboot'. Just wondering why it was necessary if CWM already /system marked down as "mounted"

Click to collapse



its mounted but not correctly. 
I just looked at the fstab and it is labeled as "ro"

I went through my notes and don't know how this version of the CWM got chosen to be the one in the tool. It was not the most functioning version I had.

I changed the fstab and I am running a restore now to see it that works correctly.
will update in about 10 to 15 minutes when its done

Update:  restore worked the normal way. No need to format in fastboot first or to format in cwm recovery before doing the restore.

but still needed to have the adb remount before the install of superSU.

It seems as there should now be another version released. 

so here is ==>>V6 Tool 
V6 has  CWM recovery with different fstab that mounts /system better (it allows the  restore function to work) but still needed "adb remount"  before flashing superSU zip, so while not completely right yet it is better/ closer.


We could really use a sub forum now that we have root , It would make versioning releases easier too.


----------



## icaruspony (Mar 27, 2017)

mrmazak said:


> its mounted but not correctly.
> We could really use a sub forum now that we have root , It would make versioning releases easier too.

Click to collapse



Yes, exactly.  This is now rooted and needs its own prominent place.


----------



## [email protected] (Mar 27, 2017)

I agree +1 to a subforum


----------



## Systech (Mar 27, 2017)

Well I picked up one cheap and thought I'd give this a try.  I got everything setup, and started working through it.  I started with step 1, and got as far as "Must remove USB cable and let countdown time on screen continue"...  At which point my device was complaining about the device having been unlocked.  WHich I assume is the countdown in question.  I let it go through that and I get to the "Voyager" logo splash screen which continues it's fading in and out, but it never seems to get past this point...   It's been sitting there at that screen for 10-15 minutes now with no change.   Did I manage to brick it right out of the gate?


----------



## mrmazak (Mar 27, 2017)

Systech said:


> Well I picked up one cheap and thought I'd give this a try.  I got everything setup, and started working through it.  I started with step 1, and got as far as "Must remove USB cable and let countdown time on screen continue"...  At which point my device was complaining about the device having been unlocked.  WHich I assume is the countdown in question.  I let it go through that and I get to the "Voyager" logo splash screen which continues it's fading in and out, but it never seems to get past this point...   It's been sitting there at that screen for 10-15 minutes now with no change.   Did I manage to brick it right out of the gate?

Click to collapse



No I think it's OK

This happened before. Need to boot to recovery and do factory wipe

So long press power button, it should shut off. Press and hold power and volume up(side far from USB).
For 10 seconds and let go. Countdown should finish and load to recovery.

Select wipe and then reboot. That should do it


----------



## Systech (Mar 28, 2017)

mrmazak said:


> No I think it's OK
> 
> This happened before. Need to boot to recovery and do factory wipe
> 
> ...

Click to collapse



Can't seem to get it to load recovery... I powered it down and held power and volume up like you suggested and it just goes right back to the screen with Voyager after the countdown.  I even tried holding the power and volume up all the way through the countdown.   Any other suggestions?


----------



## mrmazak (Mar 28, 2017)

Systech said:


> Can't seem to get it to load recovery... I powered it down and held power and volume up like you suggested and it just goes right back to the screen with Voyager after the countdown.  I even tried holding the power and volume up all the way through the countdown.   Any other suggestions?

Click to collapse



the timing of the volume button is sometimes difficult.

hold volume and press power till turns on then let go of power and hold volume for 10 seconds. then let go. and if that does not work, do same thing but during last 10 seconds of countdown repeatedly tap the volume button.


----------



## vampirefo (Mar 28, 2017)

Systech said:


> Can't seem to get it to load recovery... I powered it down and held power and volume up like you suggested and it just goes right back to the screen with Voyager after the countdown.  I even tried holding the power and volume up all the way through the countdown.   Any other suggestions?

Click to collapse



This tablet has been reported to have adb during power off, so power off your tablet.

adb reboot recovery

Sent from my LIFE X8 using Tapatalk


----------



## mrmazak (Mar 28, 2017)

vampirefo said:


> This tablet has been reported to have adb during power off, so power off your tablet.
> 
> adb reboot recovery
> 
> Sent from my LIFE X8 using Tapatalk

Click to collapse



I did some tests with that and found if you don't have adb enabled inside android and also already authorized it too, then the adb from powered off gets unauthorized. And right after unlock /data is formatted so not authorized


would like to change that somehow


----------



## vampirefo (Mar 28, 2017)

mrmazak said:


> I did some tests with that and found if you don't have adb enabled inside android and also already authorized it too, then the adb from powered off gets unauthorized. And right after unlock /data is formatted so not authorized
> 
> 
> would like to change that somehow

Click to collapse



adb reboot recovery shouldn't need authorization.

adb shell would.

If you tested adb reboot recovery, and it asked for authorization, then I guess it does, don't know why though.

Authorization is usually given to access device, adb reboot recovery isn't accessing tablet just​ telling the tablet to reboot and where to boot.

Sent from my Life_Max using Tapatalk


----------



## mrmazak (Mar 28, 2017)

vampirefo said:


> adb reboot recovery shouldn't need authorization.
> 
> adb shell would.
> 
> Sent from my Life_Max using Tapatalk

Click to collapse



let me try . will post results

Need to wipe data first (at least turn off adb toggle in dev options)


----------



## Systech (Mar 28, 2017)

I was finally able to get into recovery mode... I just kept trying different combinations.  What finally seemed to work oddly enough was Holding power and the *other* volume button(closest to the usb), and releasing both just as soon as it actually powered on (so that the countdown didn't register the volume button as the option to power it off).  

Once I got that done the rest of it seemed to go pretty well.  The one oddity that I had is that each time the batch file Displayed the message:
[*] MUST REMOVE USB CABLE AND LET COUNTDOWN TIMER ON SCREEN COTINUE
[*] IF DEVICE POWERS OFF JUST HOLD POWER BUTTON TO TURN BACK ON
[*] skip steps in setup then re-enable developer options and abd debugging

The device wouldn't actually reboot... It was still on as evidenced by the backlight still being on, so after waiting a bit, I finally just power cycled it myself, and then followed through with the next steps.  All seemed to work well once I got past that initial issue of it being stuck booting.  I now have SuperSU installed .
Not that I am worried about it or want to right now, but have you worked out a method for reversing this, or at least getting things back to where you don't have that 30 second countdown each boot, just thinking about down the road if I happened to want to sell the tablet to someone else.    Some of the previous comments make it sound as if you were able to, but didn't really go into detail on what was required.


----------



## mrmazak (Mar 28, 2017)

Systech said:


> I was finally able to get into recovery mode... I just kept trying different combinations.  What finally seemed to work oddly enough was Holding power and the *other* volume button(closest to the usb), and releasing both just as soon as it actually powered on (so that the countdown didn't register the volume button as the option to power it off).
> 
> Once I got that done the rest of it seemed to go pretty well.  The one oddity that I had is that each time the batch file Displayed the message:
> [*] MUST REMOVE USB CABLE AND LET COUNTDOWN TIMER ON SCREEN COTINUE
> ...

Click to collapse



 i didnt try as , I recall with some other devices when you revese the bootloader unlock it could brick.

it would be at your own risk to try "fastboot flashing lock" to remove the countdown, but you might need to put original boot.img in first

---------- Post added at 10:29 AM ---------- Previous post was at 10:25 AM ----------




mrmazak said:


> let me try . will post results
> 
> Need to wipe data first (at least turn off adb toggle in dev options)

Click to collapse



cannot get adb to connect while powered off when adb toggle is set to off. (the way it would be after a factory reset)

but keep getting a new mtp device in device manager this way, but it rejects any driver I have tried to load for it.

intel mtp
generic mtp
google mtp
mtp usb device

mtp device also showed up when tablet turned on but could not accept driver. When adb was turned back on so was this mtp device
and adb again showed up while off. So adb with tablet off depends on it working with tablet on. only partly useful.


----------



## Plasmastar (Mar 28, 2017)

Systech said:


> I was finally able to get into recovery mode... I just kept trying different combinations.  What finally seemed to work oddly enough was Holding power and the *other* volume button(closest to the usb), and releasing both just as soon as it actually powered on (so that the countdown didn't register the volume button as the option to power it off).

Click to collapse



Yeah, mrmazak got confused there. Volume Up is actually the one closest to the USB. It's also easier to hold Volume Up before pressing/(holding, not sure if holding is necessary, but I always do) Power. When you see the timeout message, let them both go, or it's going to shut off due to Volume Up being held.


----------



## mrmazak (Mar 29, 2017)

this is my take on the steps to go from OOB (out of box) to rooted.

please if I missed something or made typo let me know.



Manuel Root Instructions
.
.


----------



## insanemhelo (Oct 22, 2016)

I was wondering does anyone know of a working way to apply root to this device. I have tried kingo root, king root, iroot, one click root, and impactor. Everyone of them fails when trying to apply the root. i thought maybe i could attempt to unlock the bootloader on the deivce cause that might be what is causing them to fail. I booted into recovery and then clicked reboot into bootloader and the device just boots normal so i am unable to get into the bootloader to even attempt to unlock it. I'm at a roadblock with this device. If anyone can help me get root on this device i would be grateful.


----------



## Plasmastar (Mar 30, 2017)

mrmazak said:


> this is my take on the steps to go from OOB (out of box) to rooted.
> 
> please if I missed something or made typo let me know.

Click to collapse



Looks good, except I think this may be a typo.


```
3: type "fastboot format userdata"
4: type "fastboot format userdata"
```


----------



## mrmazak (Mar 31, 2017)

Plasmastar said:


> Looks good, except I think this may be a typo.
> 
> 
> ```
> ...

Click to collapse



The second one is supposed to be "cache".

Ifixed it.
and made the file a direct link to github file, so IF changes are needed or made they will reflect back to original post. Now if there was just some way to make a permalink to the post . Oh wait we are in a general Q and A thread not a device forrum .




mrmazak said:


> this is my take on the steps to go from OOB (out of box) to rooted.
> 
> please if I missed something or made typo let me know.
> 
> ...

Click to collapse





mrmazak said:


> .........
> .. It seems as there should now be another version released.
> 
> so here is ==>>V6 Tool   released 3-26-2017
> ...

Click to collapse




wink wink , forum moderator. Can we get a dedicated forum now. Or is the limited availability of this device make that not possible.


----------



## icaruspony (Mar 31, 2017)

I sent a request to have them add a sub forum.


----------



## mrmazak (Mar 31, 2017)

icaruspony said:


> I sent a request to have them add a sub forum.

Click to collapse



Me too. I didn't see yours in the request for new  thread , thread.

https://forum.xda-developers.com/showpost.php?p=71663859&postcount=21849


----------



## mrmazak (Apr 1, 2017)

mrmazak said:


> Me too. I didn't see yours in the request for new  thread , thread.
> 
> https://forum.xda-developers.com/showpost.php?p=71663859&postcount=21849

Click to collapse



The idea of a forum sounds cool but reality is there will not be any more development beyond gaining root, so we realy don't need any forum but a sticky on the the first post would be good . Or even links on first post directing any new. Comer to the relevant information.

So seeing how I have not seen the op post anything except the initial post we need to find him and ask for him to edit his post.


----------



## vampirefo (Apr 1, 2017)

mrmazak said:


> The idea of a forum sounds cool but reality is there will not be any more development beyond gaining root, so we realy don't need any forum but a sticky on the the first post would be good . Or even links on first post directing any new. Comer to the relevant information.
> 
> So seeing how I have not seen the op post anything except the initial post we need to find him and ask for him to edit his post.

Click to collapse



Just start a new thread.

Post a link to new thread in this thread, as root is achieved, this thread is no longer needed, 1st post in new thread should explain how to root the tablet.

All new posts or questions should be in the new thread, this thread isn't needed any longer.

The op didn't contribute in anyway on rooting the tablet.


----------



## mrmazak (Apr 2, 2017)

vampirefo said:


> Just start a new thread.
> 
> Post a link to new thread in this thread, as root is achieved, this thread is no longer needed, 1st post in new thread should explain how to root the tablet.
> 
> ...

Click to collapse





good idea

https://forum.xda-developers.com/general/general/guide-rca-voyager-rct6873w42-unlock-t3582973


----------



## mrmazak (Apr 5, 2017)

I want to make a list of build numbers this root method works on. If you have rooted successfully please post your build number so I can add it to the list of confirmed working devices  in the new thread I started.


And if you have not tried yet please verify your build number first. There has been an issue with the same model number device but different build number and it ended up with a bricked device.

Thank you .

New thread 
https://forum.xda-developers.com/general/general/guide-rca-voyager-rct6873w42-unlock-t3582973


----------



## Kaiwaters (Oct 11, 2017)

was anyone able to root this tablet?


----------



## Plasmastar (Oct 11, 2017)

Kaiwaters said:


> was anyone able to root this tablet?

Click to collapse



Yes.


----------



## Kaiwaters (Oct 11, 2017)

Plasmastar said:


> Yes.

Click to collapse



rofl omg i was thinking do i really have to scroll thru 30 pages of comments when the answer was right above me


----------



## LoverhyMe (Feb 20, 2018)

*Rca rct6873w42*

... here it is 2018 and no one hasn't found an answer to this tablet, I'm still researching, nothing's come up yet!


----------



## mrmazak (Mar 4, 2018)

LoverhyMe said:


> ... here it is 2018 and no one hasn't found an answer to this tablet, I'm still researching, nothing's come up yet!

Click to collapse



really.

...here it is 2018, this device got rooted early 2017.

just the 4 posts above this one, all tell the short answer, yes root is done. It is in the new thread and there is a link too.


----------



## Isrgish (Nov 12, 2018)

@mrmazak

I was wondering if you can maybe give me some more information on how you were able to change the boot.img to permissive. I'm trying to get a TWRP recovery on a different device (Pipo N7 Android 7). I think that SELinux not being permissive is what is giving me problems.

Thank You,


----------



## mrmazak (Nov 12, 2018)

Isrgish said:


> @mrmazak
> 
> I was wondering if you can maybe give me some more information on how you were able to change the boot.img to permissive. I'm trying to get a TWRP recovery on a different device (Pipo N7 Android 7). I think that SELinux not being permissive is what is giving me problems.
> 
> Thank You,

Click to collapse



The stock boot.IMG I was working with on the rca voyager had  an sepolicy that did not allow permissive. @vampirefo gave me the sepolicy from his device , and I added that permissive policy to my boot.Img
But I do not think that is the reason you are having trouble with recovery. The policy should only involve the system while booted inside android. 

Hope that clears it up a little.


----------



## Chibisuke1219 (Nov 28, 2018)

Hi so i have an issue where i try and follow the rooting guide here on xda developer's for the rct6873w42 with the intel cpu and everytime i try and unlock the bootloader using fastboot commands my computer doesnt recognize the device and says the drivers for it arent available can someone please help me with this issue thanks


----------



## mrmazak (Dec 27, 2018)

Chibisuke1219 said:


> Hi so i have an issue where i try and follow the rooting guide here on xda developer's for the rct6873w42 with the intel cpu and everytime i try and unlock the bootloader using fastboot commands my computer doesnt recognize the device and says the drivers for it arent available can someone please help me with this issue thanks

Click to collapse



Your question has been lost. I do not follow this thread anymore, and I was not "tagged" . So the response has taken long time.  Here is an explain two. On getting drivers to install.

https://forum.xda-developers.com/ge...rct6873w42-rooting-help-t3485625/post71539364


----------

