[GUIDE] Modfying CF-AutoRoot kit to enable ADB debugging on phone with broken screen
After breaking the screen on my phone I spent the following months reading about how to extract data. It all comes down to enabling ADB debugging and having your computer authorised. Usually this can be done from recovery and you're good to go. However, if you have a broken phone that is fully stock, with ADB disabled and with no custom recovery support then your data is as good as bricked. Such was the case with me when I broke my rare Samsung G360G. However, my phone was supported by CF-AutoRoot by Chainfire, and this gave just the opening I needed to go full wide.
Your phone needs to be supported by CF-AutoRoot. Check on there and the new site linked for support of your phone. If it's not there then you will need to download a stock ROM and use the CF-AutoRoot site tool to generate a root package for you. But that is outside the scope of this tutorial. This procedure has only been tested on Samsung. Your phone should have a minimal working charge.
This tutorial is also based on Linux. It should be translatable to Windows and Cygwin. But for simplicity I'll just use the method I used on Linux. However, if using Odin like I do, you'll need Windows to finish it off.
Aside from this it assumes files in are named in a particular format with a certain file format.
1. First you need to download a CF-AutoRoot package for your phone. Won't get far without it.
2. Open up a terminal in Linux. We need to download some depends so enter this command:
3. We need to extract the archive contents out. Create a suitable folder inside your home folder to build the patch in and cd to it. This uses an example file named CF-AutoRoot-example.tar.md5. Substitute with your actual archive name. Like so.
4. There should be a recovery.img and a cache.img.ext4 extracted out. We just need to modify the cache.img.ext4. But first we need to convert it to a workable format. From a sparse to a raw image.
5. We need to mount the cache image
6. The big one. Doing the mod. So now we need to modify the cfar cleanup script. We need to insert commands on the end to enable ADB and add the key to authorise the computer. The following will do just that in this fashion.
You will need to load in the cfar-cleanup.sh file inside the cfroot folder from the cache point mounted. Locate the end and paste the following lines before the reboot and exit commands on the end. Don't save yet.
echo -n 'mtp,adb' > /data/property/persist.sys.usb.config mount -o remount,rw /system echo '' >> /system/build.prop echo 'persist.service.adb.enable=1' >> /system/build.prop echo 'persist.service.debuggable=1' >> /system/build.prop echo 'persist.sys.usb.config=mtp,adb' >> /system/build.prop chmod 644 /system/build.prop mount -o remount,ro /system
mkdir -p /data/misc/adb/ echo '' >/data/misc/adb/adb_keys chmod 640 /data/misc/adb/adb_keys
Load up the ~/.android/adbkey.pub file in a text editor and copy the entire contents in the clipboard. Now back at the script locate that last echo command you pasted into it and set the cursor just after the first single quotation mark. Now paste the clipboard in! This will add your key in. Make sure it's only between the single quotes with no extra characters or line feeds. The lines will naturally split if they don't fit on screen. Otherwise it should be good to go.
Okay now save the file. The above will enable ADB and authorise your computer on the main Android system after the rooting script has done it's work. Before it reboots normally.
7. We need to unmount the cache so it's ready for use.
8. We need to convert the raw image back into a sparse image.
9. Okay were almost done. Now we repack the files into a new Odin archive. Choose a suitable new filename. Like I have done here with my example file.
10. The final step! So now the new package is ready for use. We just to use Odin and flash it to the phone. Save the package to a USB stick if needed.
Reboot into Windows. Or you can run it virtualised from Linux. But I prefer to use the real things when dealing with things of a delicate manner and working blindly. Unplug your phone from the computer if connected. Now load up Odin in admin mode.
Just to make sure pull the battery from your phone. Give it a few seconds then put the battery back in and click the back cover on. Now hold down volume down, then home key, and finally hold down power. Wait for the vibration. Then release power after a few moments. Finally release the other keys. At this point press volume up briefly. You should have just put your phone blindly into download mode. I've done this numerous times.
Plug your phone into your computer. After a moment you should see Odin respond with a device added. Usually the phone can vibrate also when it connects giving more positive signs. If nothing happens disconnect the phone from the computer and retry the last step again to put it into download mode. Took me a few tries before I could do it blindly. It helps if you have a working Samsung to test it out on so you can see what happens before you can only feel it.
Now in Odin press the PDA (or AP) button. Select the cfar-adb.tar.md5 package you made up. If the package is fine it will pass the md5 test. Now press the Start button and watch it go! If all goes well it will upload recovery, cache, give you a pass and then the phone will reset. At this point it will be in the process of being rooted, enable ADB, then reboot. If something goes wrong then you may need to go back and check all the patched files. Then rebuild the package again. But be careful, if the ADB has been enabled in the build.prop file one time, you don't want to add it in again and create duplicates, no matter how keen. Once I had it added the only other major problem I encountered was using the correct adb key.
Hopefully now your phone is rooted, has ADB enabled and is booting up normally. Give it a few minutes. You can even see signs of life in Odin with adds and removes on USB activity. Your phone should also vibrate at times. And making noises is also a good sign.
1.1. So I just cranked it up to eleven. Open a Linux terminal again and give it a test. With your phone plugged in.
If all goes well then adb will find your phone as well as list your device as authorised. You can now open shell to the inside. USB debugging is now enabled.
Well I hope this helps those who have their app data stuck under a broken screen. As long as it was to type in this tutorial It still took me less time to write this tutorial than to learn all that was needed and apply it to my phone. This ends here but for you it may be only the beginning. A next step would be a screen mirroring app which I think is a must have for visual feedback. And USB debugging opens up these possibilities. One thing to be careful of, in a related issue, is that just because you can use adb and the phone is also rooted doesn't mean it will all work at once. If you are tempted to "su" it in an adb shell and get right in there then SuperSU will ask for permission on a blank screen. As will also happen if you try to do an adb backup, it will ask for confirmation on screen. So just expect to work with USB debugging blindly unless you already have a screen mirroring app installed. If you don't have one installed that is your next step.
And on that note. Good luck! :P