PwnMyMoto Root and Write Protection Bypass for the Moto X and Droid Ultra / Maxx / Mini
When the Moto X was released, many were upset to learn that despite Google’s positive influence during development, the device was still not truly open. And let’s be honest, there were never any false pretenses about the state of Motorola’s state of developer friendliness. However, it looks like master hacker and XDA Elite Recognized Developer jcase has done it again.
Not too long ago, jcase created MotoRoot for the Droid lineup. This used the previously covered Android bug 9695860 to gain system user. Then, a symlink attack created by jcase himself was used to obtain root access. Today, however, a better solution has appeared.
Courtesy of jcase once again, PwnMyMoto begins by using bug 9695860 (just like its predecessor) to gain system user. It also uses the symlink attack featured in MotoRoot to gain root access. New to PwnMyMoto, however, is what happens next: After gaining root, a bootloader vulnerability is exploited, allowing for write protection on the /system partition to be bypassed. And in the process, the stock recovery is removed, preventing unwanted future OTAs from interfering with the rooted state.
Naturally, any unauthorized modification carries with it an inherent risk. However, if you wish to root, you must take these risks in order to free your device. To get started, head over to the linked threads below. Congrats to jcase on the great work once again!
[Many thanks to jcase for the tip!]