View Full Version : Newbie Guide to Rooting the Fascinate

01-18-2011, 10:55 PM
WARNING: DO NOT delete files from /system unless you know what you're doing and you know how to recover your Fascinate.

Confirmed Working on DL09

All the mediafire links were uploaded by me and are in my personal mediafire account

Ok, I've done a lot of testing and this method should work fine with both DI01 and DL09. One thing I've noticed though is that after you run rageagainstthecage in all my testing it seems to take between 5 seconds and 30 minutes. If you aren't kicked out of the $ prompt after 30 minutes, unplug your phone and reboot the phone. Plug back into the phone and retry execution of rageagainstthecage.

I really wanted to put together a better guide in video format but A) I don't have the time and B) I realized I don't know how...

This guide is a work in progress.... if you just need to know how to setup ADB I threw together a quick video to get you started in the 2nd post.

Okay... so this guide is going to go through the same steps that are already out there but I'm going to put everything you need into a single guide so you don't have to hunt everywhere for them.... this is a Windows guide.

What you're going to need:

1. Setup ADB (http://www.android.net/forum/samsung-fascinate/58441-newbie-guide-rooting-fascinate.html#post68323)
2. Install drivers (http://www.android.net/forum/samsung-fascinate/58441-newbie-guide-rooting-fascinate.html#post68325)
3. Setup your Fascinate (http://www.android.net/forum/samsung-fascinate/58441-newbie-guide-rooting-fascinate.html#post68329)
4. Root your Fascinate (http://www.android.net/forum/samsung-fascinate/58441-newbie-guide-rooting-fascinate.html#post68329)

These links are just the next 3 posts...

As always, perform these steps at your own risk. Neither myself, FascinateForums.com or DroidForums.com can any responsibility for what may happen to your phone by following this guide.

Credit goes to Dirrk at xda for posting the guide I based this off of.
Additional credit in his original thread.

01-18-2011, 10:55 PM
Setup ADB

First download the sdk zip file from here: Android SDK | Android Developers
(http://www.mediafire.com/?8mled1h4vh6wz82) The file you want to download will be named something like 'android-sdk_r07-windows.zip'.

Extract the zip file to your C:\ drive.
You should end up with a folder named 'android-sdk-windows'.
Open that folder and open the 'tools' folder inside of 'android-sdk-windows'. You should now be in:
This is where the adb executable is located.

At this point ADB is installed and ready to go but won't be easy to use. To make it easy to use copy; we'll copy the path into the environment variables.

Find your My Computer or Computer icon and right-click and go to Properties.
In Windows 7 you want to click the 'Advanced system settings' on the left under 'Control Panel Home'.
In Windows XP you want to click on the 'Advanced' tab in the 'System Properties' window.

Click the 'Environment Variables' button.
In the bottom section named 'System Variables' scroll down until you find the Variable named 'Path'. Highlight Path and click 'Edit...'.

The Variable value: field should be highlighted. Click in the box to un-highlight the text and go to the end of that line.
Paste the following text at the end of the line. Make sure there are no spaces.

If you followed the steps above you can copy the text below:

I added a semi-colon at the beginning of the line and a backslash at the end of the line. These are needed for the environment variables.

The entire Variable value: will look something like this. No spaces!

c:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%Sy stemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\ System32\WindowsPowerShell\v1.0\;C:\android-sdk-windows\tools\
Click Ok on all the open windows.

Now go to Start > Run (XP) or Start > Search (W7) and type cmd.exe and hit enter.

Type adb

You should get a bunch of command options. If your screen looks like the following then you are good to go.

Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

Android Debug Bridge version 1.0.26

-d - directs command to the only connected USB devic
returns an error if more than one USB device is
-e - directs command to the only running emulator.
returns an error if more than one emulator is r
-s <serial number> - directs command to the USB device or emulator w
the given serial number. Overrides ANDROID_SERI
environment variable.
-p <product name or path> - simple product name like 'sooner', or
a relative/absolute path to a product
out directory like 'out/target/product/sooner'.

If -p is not specified, the ANDROID_PRODUCT_OUT

environment variable is used, which must
be an absolute path.
devices - list all connected devices
connect <host>[:<port>] - connect to a device via TCP/IP
Port 5555 is used by default if no port number
is specified.
disconnect [<host>[:<port>]] - disconnect from a TCP/IP device.
Port 5555 is used by default if no port number
is specified.
Using this ocmmand with no additional arguments

will disconnect from all connected TCP/IP devic

device commands:
adb push <local> <remote> - copy file/dir to device
adb pull <remote> [<local>] - copy file/dir from device
adb sync [ <directory> ] - copy host->device only if changed
(-l means list but don't copy)
(see 'adb help all')
adb shell - run remote shell interactively
adb shell <command> - run remote shell command
adb emu <command> - run emulator console command
adb logcat [ <filter-spec> ] - View device log
adb forward <local> <remote> - forward socket connections
forward specs are one of:
localabstract:<unix domain socket name>
localreserved:<unix domain socket name>
localfilesystem:<unix domain socket name>
dev:<character device name>
jdwp:<process pid> (remote only)
adb jdwp - list PIDs of processes hosting a JDWP transport

adb install [-l] [-r] [-s] <file> - push this package file to the device and i
nstall it
('-l' means forward-lock the app)
('-r' means reinstall the app, keeping its data
('-s' means install on SD card instead of inter
nal storage)
adb uninstall [-k] <package> - remove this app package from the device
('-k' means keep the data and cache directories
adb bugreport - return all information from the device
that should be included in a bug report.

adb help - show this help message
adb version - show version num

(no option) - don't touch the data partition
-w - wipe the data partition
-d - flash the data partition

adb wait-for-device - block until device is online
adb start-server - ensure that there is a server running
adb kill-server - kill the server if it is running
adb get-state - prints: offline | bootloader | device
adb get-serialno - prints: <serial-number>
adb status-window - continuously print device status for a specifie
d device
adb remount - remounts the /system partition on the device re
adb reboot [bootloader|recovery] - reboots the device, optionally into the boo
tloader or recovery program
adb reboot-bootloader - reboots the device into the bootloader
adb root - restarts the adbd daemon with root permissions
adb usb - restarts the adbd daemon listening on USB
adb tcpip <port> - restarts the adbd daemon listening on TCP on th
e specified port
adb ppp <tty> [parameters] - Run PPP over USB.
Note: you should not automatically start a PPP connection.
<tty> refers to the tty for PPP stream. Eg. dev:/dev/omap_csmi_tty1
[parameters] - Eg. defaultroute debug dump local notty usepeerdns

adb sync notes: adb sync [ <directory> ]
<localdir> can be interpreted in several ways:

- If <directory> is not specified, both /system and /data partitions will be u

- If it is "system" or "data", only the corresponding partition
is updated.

environmental variables:
ADB_TRACE - Print debug information. A comma separated list
of the following values
1 or all, adb, sockets, packets, rwx, usb, sync
, sysdeps, transport, jdwp
ANDROID_SERIAL - The serial number to connect to. -s takes prior
ity over this if given.
ANDROID_LOG_TAGS - When used with the logcat option, only these de
bug tags are printed.

Additionally here is a video I threw together going through these same steps.


01-18-2011, 10:56 PM
Install Drivers

Download the appropriate driver:

Windows x64 (http://www.mediafire.com/?v97xtd9sw9hanig)

Windows x86 (http://www.mediafire.com/?f866o86oxxx84a9)

For the x64 version double-click the setup.exe in usb_drivers_GalaxyS_x64\USB Drivers

For the x86 version just double-click the file downloaded.

Just click next throught the install (change the install path if you want).

When the install is finished plug your Fascinate into an available USB port.

It's always best to plug your phone into a port directly connected to your computer's motherboard. To make sure you have done this you can use one of the ports on the back panel of your computer.

After you plug in your phone you should get a message saying the drivers were successfully installed.

I had an issue with the drivers on x86 and you may run into this as well.
If you get a message saying that there was a problem installing the device or the drivers don't worry, ignore the error for now we will fix it in the next section.

01-18-2011, 10:56 PM
Setup Your Fascinate and Root Your Fascinate

In order to use ADB commands and properly setup the drivers and utilize all the built in links we need to change/validate 3 settings on the Fascinate.

Go to the Home screen and hit the menu button.
Go to Settings
Go to Applications
Make sure 'Unkown sources' is checked.
Go to Development
Make sure 'USB debugging' is checked.
Make sure 'Allow mock locations' is checked.

You can exit back to the home screen once you've verified those 3 settings are checked.

-Driver issue
If you ran into an issue installing the drivers in the previous step, after you've checked the above 3 settings open a command window.

Go to Start > Run (XP) or Start > Search (W7) and type cmd.exe and hit enter.

At the prompt type:

adb devices
If you get

List of devices attached
I500.... device
Then you're good to go.
If nothing is listed under "List of devices attached" you should be able to just unplug the Fascinate, wait about 10 seconds and then plug it back in. You should now get a message saying several drivers/features were installed successfully.

Re-run the "adb devices" and your device should now show up.


Now the fun part....
Ok. First lets gather our files and get organized.

On your Fascinate go to the Android Market and search for Terminal
Install the App named Android Terminal Emulator by Jack Palevich

Back on your PC
Download------> root.zip (http://www.mediafire.com/?cvg8ynbotnk35b5) <------ Download
Create a new folder on your C:\ drive named rootfiles
Extract the contents of the root.zip file into C:\rootfiles
Make sure there is no folder inside C:\rootfiles
Inside C:\rootfiles you should see:


Section 1.
Reboot your phone and give it a couple minutes to load everything up.
Now open a command prompt.
Start > Run (XP) Start > Search (W7) and type cmd.exe
Validate your phone is still connected by typing

adb devices
You should see your device

C:\Users\Matt>adb devices
List of devices attached
I500x0xx000x device
Change your current directory to C:\rootfiles

cd C:\rootfiles
If you are not currently on your C:\ drive then type

cd C:\rootfiles
Type the following commands exactly. If you want to copy and paste then copy each line one at a time and paste each in the command window by right-clicking and clicking paste. Ctrl-V will not work.

Section 2.

adb push rageagainstthecage-arm5.bin /data/local/tmp/rageagainstthecage-arm5.bin
You should get a response that looks like the following

146 KB/s (5392 bytes in 0.036s)
Next type

adb shell
You should now be at a prompt with a $
Now type

cd /data/local/tmp
chmod 0755 rageagainstthecage-arm5.bin
Section 3.
This step is important. After you type the next command there will be a pause and you will have to wait until you are kicked out of adb shell. It is important you do not touch your phone or type anything in the command window. If you do don't worry, nothing bad will happen you will most likely have to pull your battery and try to run the command again. If your phone doesn't lock up you can probably unplug it and plug it back in and start back at "adb shell"

After you execute that command you should see something like this:

$ ./rageagainstthecage-arm5.bin
CVE-2010-EASY Android local root exploit (C) 2010 by 743C
checking NPROC limit ...
[+] RLIMIT_NPROC={3712, 3712}
Searching for adb ...
[+] Found adb as PID 2198
Spawning children. Dont type anything and wait for reset!

If you like what we are doing you can send us PayPal money to
7-4-3-C@web.de so we can compensate time, effort and HW costs.
If you are a company and feel like you profit from our work,
we also accept donations > 1000 USD!

adb connection will be reset. restart adb server on desktop and re-login.
After several seconds the $ prompt will come back

After another 20 seconds or so you will be kicked back to the C:\rootfiles prompt.


adb shell
You should now be at a # prompt
This mean you have obtained temporary root on the device.

Section 4.

You should now be at the C:\rootfiles prompt
Type the following commands:

adb push su /sdcard/su
adb push busybox /sdcard/busybox
adb shell
mount -t rfs -o remount,rw /dev/block/stl9 /system
cd /system/xbin
cat /sdcard/su > ./su
cat /sdcard/busybox > ./busybox
chmod 4755 su
chmod 4755 busybox
You should be back at the C:\rootfiles prompt

Section 5.

adb install Superuser.apk
Reboot the device and you should now have permanent root.

I should add, on the last step to install Superuser.apk it seems to hang after the install

C:\rootfiles>adb install Superuser.apk
1305 KB/s (196521 bytes in 0.147s)
pkg: /data/local/tmp/Superuser.apk
After you see Success you do a Ctrl-C
and then reboot the device.

01-19-2011, 05:37 PM
Nice write up Matt. Gonna stockier this for ya