limkopi ☕️

security | dev | finance | life

github instagram
How to Root Samsung S8?
May 20, 2019
5 minutes read

Making a note here so I can refer again if I ever need to root an Android phone.

I don’t usually root my phone. Once you root or jailbreak your phone, you are lowering the security level of your phone. Unless you know what you are dealing with, it is always better to leave it as it is.

Anyway, I needed a root phone to run some Linux binaries on my Android OS. I tried to do it without rooting but it failed…

Please note that the warranty will be broken when you root your phone. You have to reset the phone to factory defaults if you need to bring your phone for servicing.

The process to root the phone is very easy as compared to the past. The most difficult part of all is to find the right software for your phone.

Pre-Requisite

Under Settings > About Phone > Software Information, you need to tap Build Number for at least 7 times to toggle the Developer Options. The Developer Options will appear under Settings if it is toggled successfully.

Under Settings > Developer Options, you need to unlock your phone’s bootloader to overwrite it with custom bootloaders. The option, OEM unlocking, can be found under the developer’s option. You will need to enable USB Debugging on the same settings page for the later step.

Apparently, that OEM unlocking option will only appear 7 days after you have signed in with your Google Account. I modified my date & time to a month later and disable automatic software updates. It didn’t work. For some reasons, the option appeared right after I updated my phone to the latest software. I have no idea if that update made any differences. but if you can’t find the option even after changing the date & time, you might want to do the same.

Root Software

I think two of the most popular ones are KingoRoot and OneClickRoot. Honestly, I think it will be better to go through the entire rooting process instead of using the apps. These apps require privilege permission to run on your phone and you can imagine what they can do on your phone.

After doing my own research on XDA developer forums, I decided to use Odin, TWRP and Magisk.

Samsung Odin

The Odin tool is supposed to be an “official” ROM flashing tool used internally by Samsung. Not too sure why but it seems like the older version of the software is leaked on the Internet. The community on XDA Developers has patched the original version (3.13.1) to cover the newer phones and new Samsung OS.

TWRP

Team Win Recovery Project (TWRP) is a custom recovery image for Android phones. The custom recovery image is needed in order to backup and flash third-party firmware on your phone. It’s an open-source project and well supported by the community.

You will need to use Samsung Odin to flash TWRP.

no-verity-opt-encrypt

There is a security mechanism used by some manufacturers to prevent rootkits from installing on your Android phone. This image helps to make sure you will be able to reboot into TWRP without any issues.

Magisk

Magisk is a tool to create the altered image of your current phone in another partition. When you root your phone, the modification will be done on this partition instead of the original system partition. Since it does not change your original system image, you will be able to run APKs that use Safety Net to detect rooted phones.

You will need Magisk to install SuperSU later.

Now… can we start rooting?

Please make sure you backup all your data before you start to root your phone.

  • Shut down your phone.
  • Press Vol Down + Bixy + Power simultaneously to enter the download mode. You will see a bunch of texts with blue background.
  • Start the Odin software and plug your phone into the computer
  • The software will tell you if you have connected your phone successfully
  • Uncheck the “Auto-reboot” button in the options tab.
  • Click on the AP option and load the TWRP .tar that you have downloaded for your phone.
  • Click start
  • When the Odin software shows “PASS”, press Vol Up + Bixy + Power to make your phone boots into TWRP recovery image.
  • When you boot into TWRP, it will ask if you allow modification to your system file. Swipe to allow modification
  • Click WIPE and choose FORMAT DATA (Here, you will wipe your data)
  • Reboot into recovery again after this
  • Flash no-verity-opt-encrypt.zip using TWRP
  • Reboot
  • Install Magisk through TWRP

Once you have installed Magisk successfully, Magisk Manager will appear as an app on your phone.

What’s next?

Financial APKs

Chances are you will not be able to access most of the banking apps after you have rooted your phone. If this is your day-to-day phone, it’s going to be very inconvenient as you will not be able to even use the Samsung Pay or Google Pay.

This is when Magisk can do the wonder.

In Magisk Manager, go to Downloads in the menu. Look for MagiskHide Props Config to download a module to bypass SafeyNet’s CTS profile check.

DRM-Protected APKs

If you use apps that need to protect DRM content, you will also need to install liboemcrypto disabler to disable liboemcrypto.so on your rooted devices. Otherwise, you will not be able to load those contents. The other way is to remove or delete liboemcrypto.so directly on your system partition but I really wouldn’t recommend that method.

References

  1. XDA-Develoeprs - How to Install TWRP and root Samsung S8
  2. XDA-Develoeprs - How to disable liboemcrypto.so
  3. Wikipedia - Samsung ODIN
  4. XDA-Developers - MagiskHide Props Config
  5. XDA-Developers - MagiskHide

category: security

Back to posts