CF-Auto-Root for the new SGS4 I9505 firmares (GG, H8, ...)
Posted on 2013-09-04, 162 comments, 274 +1's, imported from Google+/Chainfire

NOTICE: This content was originally posted to Google+, then imported here. Some formatting may be lost, links may be dead, and images may be missing.

The new firmwares that came out today have SELinux enabled and set to restrictive. This generally made SuperSU sad.

Other nasty side effects of these ROMs include a new bootloader, a new warranty status inside said bootloader, the apparent impossibility to downgrade after having flashed the wretched bootloader, and a bad taste about Samsung in general.

I guess this all KNOX related or whatever, seeing as it was much hyped in today's unveilings and the ROMs were also released today.

It took all day but it seems like I have SuperSU (now v1.60) running properly(?) again, and I've made a new CF-Auto-Root package for it. Undoubtedly, after I get back all your reports about how it doesn't work at all or even a little, I will update the other CF-Auto-Root's, the flashable ZIP, and the Play Store sometime tomorrow. But not tonight - tonight I am le tired.

While this version should now be compatible with all sorts of Enforcing SELinux shams and other false-sense-of-security-inducing hypeware, it doesn't actually disable any system components. As such, every time you use root, you'll get a nice popup about how your system has been compromised by the nastiest of all attackers (namely, you). To get rid of this annoyance, adb shell or Terminal Emulator this command (after running su , of course):

pm disable com.sec.knox.seandroid

That's about it. Oh yeah - don't run Triangle Away or Mobile ODIN on these firmwares until I've updated them, or your phone will explode. Enjoy!

CF-Root Download

Chainfire commented on 2013-09-04 at 22:06:

Oh, and by the way - I only tested this on two GG firmwares, let me know if it also works right on the H8, as I have no time to flash it myself right now.

Brad Baker commented on 2013-09-04 at 22:12:

The thought of being able to flash the Google Edition rom on a "regular" i9505 is now even more appealing. Of all people, +Chainfire you're the one mostly likely to be able to help with this. It seems the issue has to do with the different partition layouts (PIT file??) on the i9505 and the i9505G.

Anyway.. all a little beyond my skill set. Thanks for your hard work saving us from Samsung.

Federico Mori commented on 2013-09-04 at 22:15:

Please make mobile odin for i9500 and triangle away

René Bour commented on 2013-09-04 at 22:46:

Chainfire is the best! Please spent him some million dollars! (I don't have the money)

Jan Kopanski commented on 2013-09-04 at 22:50:

So it will be possible to root and keep warranty after you've updated the apps, right?

Gerald Scholz commented on 2013-09-04 at 23:06:

+Alexander Becker you're right.

Reza Hartaman commented on 2013-09-04 at 23:19:

Chainfire, first of all thanks man. I can easily root my samsung s4 because of you. I am a gamer, and to be honest I like to hack it sometimes using gamekiller or cih. But I cannot use gamekiller or cih on my rooted 4.2.2 samsung s4. Gamekiller apps shows message that I need root access, but I am all ready rooted. So can you shed some light on the matter. Thanks.

Alan Epton commented on 2013-09-04 at 23:20:

Can anyone confirm whether this works on MH8 in the UK yet?

Jan Kopanski commented on 2013-09-04 at 23:30:

So if I update there will still be away to get warranty "back" like there was so far? We will just lose the ability to downgrade through odin?

Joseph Tembo commented on 2013-09-04 at 23:50:

Thanks Chainfire. I can confirm that it works on my i9505. The irritating security bla bla bla is gone, phone is rooted. I now need to figure out how to flash cwm recovery.

Jan Kopanski commented on 2013-09-04 at 23:52:

+Joseph Tembo Are you effectively losing the ability to get warranty back after updated to this and rooted? Or will things will still be the same? Just triangle and you got it back? Very hesitant on updating

Ashraf Miah commented on 2013-09-05 at 00:07:

MH8 lost me access to the SD card. The default security policy has given me an irritating message about keepassdroid and also wants me to update the security policy online to block other unauthorised access. 

Brad Baker commented on 2013-09-05 at 00:14:

+Ashraf Miah did +Chainfire solution work for you? The updated cf-root?

paul boverhuis commented on 2013-09-05 at 03:48:

From the Netherlands : I thank you VERY MUCH !!! for all the work you are doing!!! I personaly hope to hear from you about my mail before this one....about my GT-I9505 and my 4.3....problem ok.

Hanspeter Holzer commented on 2013-09-05 at 05:46:

Thanks again, +Chainfire . I really don't like companies telling that "because of security reasons" they have to lock the owners out of their own device. 

Ib Vang commented on 2013-09-05 at 05:49:

You really do a h... of a good job. Thanks a lot ...

Ahmed Fawzi commented on 2013-09-05 at 06:38:

many thanks man :)

Ashraf Miah commented on 2013-09-05 at 07:04:

+Brad Baker haven't tried it, going to backup my phone first.

Lorenzo Bellinazzo commented on 2013-09-05 at 07:07:

+Chainfire on MH8 works fine!!


Upgrade Mobile Odin and Triangle away pls


Thomas Rössner commented on 2013-09-05 at 07:42:

Hello Chainfire, works wonderful on MH8! Now only waiting on Update for TriangleAway to get rid of this f***ing Custom Status and setting Knox Warranty Counter back to 0x0... Thx for your superb support till now!!

Stefan Hoerzer commented on 2013-09-05 at 08:25:

Thanks for root!!! Strangely enough most of my apps are dead after the upgrade? Reinstalling the app fixes things but I can't restore the settings....even non root stuff!?!

Lorenzo Bellinazzo commented on 2013-09-05 at 08:26:

I have same error

Thomas Rössner commented on 2013-09-05 at 08:30:

Just the same problem with my device - I think it's a problem when updating the firmware to a complete new revision through OTA. It's much cleaner to make a fresh install through Odin and play back all apps with TB without data in this case!

paul boverhuis commented on 2013-09-05 at 08:37:

Where can i download this file?

Thomas Rössner commented on 2013-09-05 at 08:38:

Click on the Link under the message of Chainfire

Stanescu Dan commented on 2013-09-05 at 09:34:

Is ok on MH5 

Ivaylo Stoyanov commented on 2013-09-05 at 09:53:

Samsung is turning into Apple.

Ahmed Fawzi commented on 2013-09-05 at 10:02:

Still can't restore with titanium. All apps forced not working :-(

Paul Grundy commented on 2013-09-05 at 10:10:

Thank you working on DMH8 UK Keep up the good work.

Chainfire commented on 2013-09-05 at 10:18:

Re: Titanium Backup, Xposed, etc apps not working - I have not tested these or looked into the problem specifics, but I would assume it has to do with SELinux security labels and restrictions. They probably need an update to handle this correctly.

Ahmed Fawzi commented on 2013-09-05 at 10:19:

Many thanks to you ?

Lorenzo Bellinazzo commented on 2013-09-05 at 10:45:

Titanium backup on my mh8 works normaly

Ahmed Fawzi commented on 2013-09-05 at 10:47:

Works as backup . But when restore apps forced to stop.

Lorenzo Bellinazzo commented on 2013-09-05 at 10:49:

I restored a lot of apps after format... And works fine

Lorenzo Bellinazzo commented on 2013-09-05 at 10:58:

Have u got mh8?

Paul Grundy commented on 2013-09-05 at 11:01:

Yes UK mh8 works like a charm 

Aitor González commented on 2013-09-05 at 11:15:

Thank you so much for your work Chainfire 

Stefan Hoerzer commented on 2013-09-05 at 11:59:

I'm on MH8. I can restore the App with TB no problem but App+Data crashes the App

Ahmed Fawzi commented on 2013-09-05 at 12:15:

Good news. But we need full access

Ahmed Fawzi commented on 2013-09-05 at 12:33:

Adaway also not working. I know that you will do all fixes

Lorenzo Bellinazzo commented on 2013-09-05 at 12:42:

"GL TO SD" doesn't work

Stefan Hoerzer commented on 2013-09-05 at 12:55:

Adaway does work for me BUT I had to uninstall and reinstall or it comes up with some access denied message.

Lorenzo Bellinazzo commented on 2013-09-05 at 15:43:

+Stefan Hoerzer yes, unfortunatly I'have got your same error!

"I can restore the App with TB no problem but App+Data crashes the App"

Chad Estes commented on 2013-09-05 at 21:11:

This is why I think I am going to stick with the Nexus line.  You never know when you all of the sudden void your warranty or update your phone and BAM, can't do any more tinkering to it.

Bo Radojcic commented on 2013-09-05 at 22:45:

I don't get what the big deal is. The bootloader isn't locked, so you can still install custom ROMs. And custom ROMs can be rooted with ease. So... what's the problem?

Ahmed Fawzi commented on 2013-09-05 at 22:54:

Odin not working ever with this damm upgrade. Shit samsung.

Big Fau 00 commented on 2013-09-05 at 23:45:

Will the be any love for the AT&T Galaxy Mega SGH-I527?

Andrew Benner commented on 2013-09-06 at 00:39:

Everyone vote with your wallets, don't buy the Note 3. 

Abraham Fern commented on 2013-09-06 at 01:06:

No idea what the Samsung crowd would do without your eternal diligence. Great work.

Matt Wedgwood commented on 2013-09-06 at 01:15:

I feel no sorrow for people who use Samsung products. They have never been good to the Android end user yet people keep buying their junk. They bend over and spread their cheeks to the carriers and totally fucking suck at updating their devices. Fuck Samsung. 

David Van Cleef commented on 2013-09-06 at 02:04:

Did you ever work out what the difference was between the i9505 and SC-04E that was causing CF-autoroot not to work? Related to this at all?

Louis Minson commented on 2013-09-06 at 06:25:

This is why I have ditched Samsung for HTC...Their One phone is owning Samsungs crappy flimsy plastic gimicky efforts.

Emilio Mejia commented on 2013-09-06 at 07:06:

It wouldn't be so bad if the default OS was the Google Play Edition instead of carrier bloatware.

Pri Mož commented on 2013-09-06 at 09:55:

i've been meaning to return mine because it has some dead pixels ... does this mean if i get a new one, it will have this locked bootloader and i will not be able to install any custom ROMs ? thanks.

Andras Zoltan commented on 2013-09-06 at 10:58:

I should add I'm not blaming cf-auto-root for the WiFi issues here - I think it's entirely possible that it's the update itself that's killed it; although I would be surprised, however crap TouchWiz and the whole Samsung Android is, that they released a firmware update that breaks the phone so royally.

Pasquale Iannone commented on 2013-09-06 at 15:52:

I was able to get back by flashing TWRP and than Wanam 1.5

Andras Zoltan commented on 2013-09-06 at 16:55:

Ah yes - but want the stock ROM!

I can confirm that following the unroot guide does work (a factory reset did not) - the longest part of the process is getting hold of the stock rom from the goddamn hotfiles servers.

I have not tried to re-root (and have therefore lost some app data, but a kies backup saved some stuff), and now I have OTA capability back & Kies update capability (which had unfortunately also been broken by the root on the new firmware).

What can I say, other than it appears this firmware is more tenacious than a rabid jack russell.

Dimitar Chaushev commented on 2013-09-06 at 18:21:

I wont to go back :(

Rigo Torres commented on 2013-09-06 at 18:45:

Thanks man! :)

Drew Fuss commented on 2013-09-06 at 19:17:

Thanks for your hard work. You are one of the most badass developers there is. You do a damn good job of rooting anything you can get your hands on. Thanks for taking time form your life to better our S4's .

dream 21 commented on 2013-09-07 at 05:52:


Thnx mate for your hard work.All works perfectly Samsung S4 Rom MH5 :)

Olaf Karsten commented on 2013-09-07 at 14:19:

Many Thanks. But i must reinstall all apps. Restore data from TB works, but the apps crashed with the "old" data. 

André Guedes commented on 2013-09-07 at 18:15:

Hi CF! I installed ROM H8 but I've got success to install another custom ROM. All that I needed to do was install philz_touch_5.11.2-i9505.tar and through this recovery mode, I was able to install google edition ROM for S4 (for example). ;)

Ahmed Fawzi commented on 2013-09-08 at 14:34:


Ahmed Fawzi commented on 2013-09-08 at 17:33:

Same my question

Stelios Theodoridis commented on 2013-09-09 at 09:34:

+Lorenzo Bellinazzo

Same happens to me:

"I can restore the App with TB no problem but App+Data crashes the App"

Alexandre Marocco commented on 2013-09-09 at 10:55:

Man, Samsung screwed up BIG TIME with this update

Gali Janach commented on 2013-09-09 at 11:58:

So from what i can understand from your previous post is that the reason XPOSED framework, Titanium Backup, Helium and other root dependent apps don't work properly is not because of your latest root but to do with the actual apps which need updating.

I have disabled the annoying "Prevention detected" messages and that seemed to have cleared all those messages but the root apps are still not behaving correctly or crashing all together.

Is there anyway to completely disable this KNOX thing??? i am using system tuner pro and been able to identify all those KNOX services and freeze them but nothing has really changed.

Ahmed Fawzi commented on 2013-09-09 at 12:03:

We are really need +Chainfire help as soon as possible.

Gali Janach commented on 2013-09-09 at 12:06:

Also, selinux is set to enforcing. Should it not be set to permissive? Is this part of the update?

Jesper Knudsen commented on 2013-09-09 at 21:05:

Well I have just killed my I9505, because of the new bootloader?? Are there any chance to revive it agin?? I'm gonna quote myself, from XDA:

Here is what I have tried:

Hi all

My I9505, has turned quite weird today... I tried flashing it with latest NEE firmware, but it failed:

<ID:0/005> NAND Write Start!! 

<ID:0/005> sbl3.mbn

<ID:0/005> rpm.mbn

<ID:0/005> aboot.mbn

<ID:0/005> FAIL! (Auth)

<OSM> All threads completed. (succeed 0 / failed 1)

And on the handset I get in red writing:

STAT: [224, 1440]

SW REV. CHECK FAIL : fused : 2 , Binary : 1

I can only flash it with:


When entering recovery I sometimes get:

"No command" instead of the windows where it sets CSC, sometimes it sets CSC normally

When I try to reset flash counter I get

could not find triangle and counter data

I have also tried flashing with PIT, but that didn't help either...

Any help??

Kind regards

Alexandre Marocco commented on 2013-09-09 at 21:13:

+Jesper Knudsen I had the same problem not being able to flash any other ROM, the only one working is the DMH8, I was able to flash other ROMS but had problems like wifi and sound not working, so I have to stick with DMH8 for now I think as it is the only one that flashes with no errors.

Igor Gorjanc commented on 2013-09-10 at 08:17:

Tested on Samsung Galaxy S4 (model GT-I9505)

Root works.

However, ADB insecure doesn't work. Any idea what to do?

Jesper Knudsen commented on 2013-09-10 at 11:08:

I got it up and running again using MH8... Thx Ant Martins

David Vlk commented on 2013-09-10 at 16:16:

Hi, is there any way how to get rid of Knox prevention information error on a full stock? Thx.

john h commented on 2013-09-11 at 05:10:

Please root help i527 att root

Mark Rogers commented on 2013-09-11 at 08:11:

Samsung locked everything down as stock ya can't even change the font. It's definitely making me think about next years next big thing or life companion.

Michael Lux commented on 2013-09-11 at 12:07:

Works for me with I9505XXUDMH5.

Very good job Chainfire, you're the best!

john h commented on 2013-09-11 at 16:22:

Any one root i527 att yet

Robin Lange commented on 2013-09-11 at 17:48:

Thx Chainfire.

Worked fine on my girlfriends S4 with MH5.

Just had to manually install Super SU from Play Store.

mark yeadon commented on 2013-09-11 at 20:19:

why do they insist on blocking us installing what WE WANT on OUR OWN devices I for one wont be buying another sammy phone if this security s**t doesnt get sorted iv always used a sammy phone s2,s3 & s4 but im not going to get another sammy phone I think is meant to be open( (uncle sammy!!)) ..... thanks chainfire for all your time and hard work and thanks for sharing your work with the dev comunity im sure I speak for thousands when I say thanks mate keep up the good work mate.......

David Vlk commented on 2013-09-12 at 03:03:

Can anyone reply to my question whether it is possible to get rid of Knox prevention error on stock? Thank you.

Michael Lux commented on 2013-09-12 at 07:34:

+David Vlk If you mean the "knox prevented blah blah blah" message appearing, read the last part of Chainfire's post more carefully. You will have to issue a command in root mode via console emulator or adb (?)

Lourdes Gessa commented on 2013-09-12 at 07:38:

I tried disabling the message with that command and I got this:

"android failed to connect to dumpstate service


so I couldn't get rid of it

Can you help?


David Vlk commented on 2013-09-12 at 07:46:

+Michael Lux Hi. I need a solution for unrooted device. Sorry, I did not mention it the second time I have asked that question. Unfortunately, I must not root it.

Michael Lux commented on 2013-09-12 at 07:59:

+David Vlk As far as I understood it, such low-level commands cannot be done without root. I think that's really straight forward, because it wouldn't be a good security feature if you could disable it as normal user... sorry :(

Lourdes Gessa commented on 2013-09-12 at 08:05:

You're absolutely right Michael, I forgot to use "su" command beforehand. I tried again as root and it worked like charm. Thank you Chainfire!

john h commented on 2013-09-12 at 11:43:

Any root on i527 root yet ? Anyone

Alexandru Zamfir commented on 2013-09-13 at 15:40:

Guys it works fine for me on MH8. Just one question. Root Checker is reporting this: Standard Location

Check Command: ls -l /system/xbin/su:

Result: -rwxr-xr-x root root 100452 2013-09-11 18:52 su

Analysis: Setuid attribute is NOT present BUT root user ownership is present. Root access is NOT correctly configured for this file!

Is something wrong maybe? Any ideas?

Jan Holeček commented on 2013-09-13 at 18:30:

After flashing CF root on my SGS3 gti9300 xez latest stock ROM Touchviz Ui crashes when I try remove a page. :-(

Antonio Valladares commented on 2013-09-13 at 21:22:

It worked on H5 firmware :)

KTDC commented on 2013-09-15 at 14:48:

CF AUTO  worked with H8 on S4.....but still got bloody KNOX popups.......after using the code to disable KNOX ....guess what.....still get pop ups! Any one got ideas????

KTDC commented on 2013-09-15 at 15:00:

Why cant we have a 'KNOX-OPT OUT' PATCH??

It's utter B@ll@cks!!!

Duds teste commented on 2013-09-16 at 02:00:

Can I use them on any rom released after MH8?

Alberto Valladão commented on 2013-09-16 at 17:53:

Fix the issues on CM10.2 rooms?

carmine borelli commented on 2013-09-16 at 21:12:

On my S4 with firmware version I9505XXUDMH5 AutoRoot work to get root, but when i try to open app restored with Titanium Backup, appear the messagge that i have to upgrade security criteria... There is a way to make Titanium Backup full working? I have tried with shell terminal, but i have the following message: failed to connect to dumpstate service... Any solution?

Csergő Balázs commented on 2013-09-17 at 11:26:

does this root file and method work with i9505xxudmha firmware?  I really wish I had root again, but am a bit scared to mess around with knox again (I tried flashing a non secure bootloader stock version, that gave me Knox warranty void 0x01 and screwd my phone, wifi not turning on, calls not working, no system sounds, had to bring it to the service)

Yinette Hodge commented on 2013-09-17 at 13:56:

Why does Samsung have such a major fear of their end users having full control over their products that ACTUALLY become property of the end user? I can understand voiding warranty when rooting, but actively doing things to prevent it and generally be a pain to people who know what they're doing with root access on a *NIX system is just plain wrong. It feels like they do not trust us with our own property... With a system based on Linux, It should really be REQUIRED in the license to be able to freely run as root if you wanted to.

Anyways, Thanks +Chainfire for the hard work you put in!

Gerrit Cap commented on 2013-09-17 at 14:32:

+Chainfire I do seem to have a problem with my GS4 running MH5. When I use the odin soft put the auto roor tar in the PDA and try to flash it after going into download mode I get these errors in odin (a big red FAIL):

<ID:0/005> Added!!

<ID:0/005> Removed!!

<ID:0/004> Added!!

<OSM> Enter CS for MD5..

<OSM> Check MD5.. Do not unplug the cable..

<OSM> Please wait..

<OSM> CF-Auto-Root-jflte-jfltexx-gti9505.tar.md5 is valid.

<OSM> Checking MD5 finished Sucessfully..

<OSM> Leave CS..

<ID:0/004> Odin v.3 engine (ID:4)..

<ID:0/004> File analysis..

<ID:0/004> SetupConnection..

<ID:0/004> Initialzation..

<ID:0/004> Get PIT for mapping..

<ID:0/004> Firmware update start..

<ID:0/004> recovery.img

<ID:0/004> NAND Write Start!!

<ID:0/004> cache.img.ext4

<ID:0/004> Complete(Write) operation failed.

<OSM> All threads completed. (succeed 0 / failed 1)

<ID:0/004> Removed!!

<ID:0/004> Added!!

The cf autoroot I use is indeed with a timestamp of 05 september.

My phone gives these messages

One line in red:


Then a few white lines:

Product name: GT-I9505

Current binary: Samsung official

System status: official

KNOX Kernel lock: 0x0

KNOX Warranty void: 0x0

CSB-Config-LSB: 0x30

Then a line in grey:

Write protection: enable

then 2 final lines in red:

start: [224,1440]

bar: [240,1440]

On the rest of the screen is still mentiones Downloading, do not turn off target!!

Any ideas ?

Felipe Cornejo commented on 2013-09-18 at 21:17:

Did you manage to fix this problem?

Today I had upgraded to XXUDMH5, then I started getting problems with some apps so I decided to flash back the XXUBMGA version using Odin 3.07 and had the very same problem... Then the phone stop responding so i turn it off, and it almost got bricked... I had to use KIES function Firmware Upgrade and Initialization to restore it... it flashed the hole phone and now the version XXUDMH5 is installed, and I'm afraid it will fail to root it...

Benjámin Baranyi commented on 2013-09-19 at 06:35:

Hey! Just FYI...

On this new firmware StickMount isn't working either... root works fine but StickMount won't mount NTFS (neither Paragon NTFS) they can't write in /mnt/ even tho they have a SU clerance/permission...

And I also had some problems rooting... at first it wouln't work. After rooting i had to do a factory system restore, cache wipe in order to make SuperSU work.

Even rooting after a clean firmware flash it did not work... only after a factory system restore...

Abdülkerim Ak commented on 2013-09-19 at 19:43:

if you installed firmware h8  then you cant downgrade and also you dont have wi-fi and sound in any other "custom"rom. only possible solution at this moment, you have to install untouched firmware atleast h8 or newer via odin. later you can install cf-auto-root via odin.      i also have 9505. i bored all the roms, wanted to try stock rom with root,   i applied ota update from samsung (40mb or somethin like that)   and boom! i fucked up ! i cant back my pre-rooted stock firmware cause odin refuse to install.   and even i installed custom recovery and custom rom, i dont have sound nor wi-fi........     if you read this  stay away from h8 !!!!  of you gonna be burned like me.    other than i hated this firmware its using too much resourse not fast as google stock 4.3..... and its simply sucks....

carmine borelli commented on 2013-09-20 at 14:26:

Flash with prerooted MH8 firmware... It's solution that have worked for me...

Geger Yakinits commented on 2013-09-20 at 17:16:

Problem still persist if you restore via Titanium backup with App+Data.

carmine borelli commented on 2013-09-20 at 17:49:

With pre-rooted MH8 flashed via CWM i have solved the problem with App+Data from TB...

Abdülkerim Ak commented on 2013-09-20 at 17:52:

did you tried  any other custom rom ? like google stock edition or cyaogen etc ?

Geger Yakinits commented on 2013-09-20 at 17:52:

I also flashed mine using pre-rooted. Gl to sd doesn't work anymore.

carmine borelli commented on 2013-09-20 at 17:54:

GI what is?

Geger Yakinits commented on 2013-09-20 at 17:59:

Gl to sd is pretty helpful when i put my HD games data in sdcard. And the app file in phone. I saved a lot in phone storage.

Geger Yakinits commented on 2013-09-22 at 14:07:

I found a solution for TB restoring the data. And that is to install a custom kernel.

Of course after flashing with MH8, you need to install CWM via odin. And flash a kernel afterwards. I'm using Adam kernel btw and my SELinux status went back to permissive.

You can try some other kernel that is compatible with TW 4.2 like Ausdim, KT, etc.

Roman Hecht commented on 2013-09-23 at 09:29:

@Jérôme did you install a new Kernel? Which app is not working correctly and what error messages do you get?

Roman Hecht commented on 2013-09-23 at 09:59:

+Jérôme Schmitt thanks for the info.

Anyone got  a clue why I can't change the state of SELinux?

"getenforce" always returns "enforcing" no matter how often I try to change it via "sentenforce 0".

Abdülkerim Ak commented on 2013-09-23 at 11:48:

you should try golden-eye rom   its h8 based.  i flashed philz restore via odin after that i flashed golde-eye last version, wiped cache, and vaila ! pre rooted knox-free rom ;)

Roman Hecht commented on 2013-09-23 at 11:55:

+Abdülkerim Ak Great idea, if I had a US or canadian phone.

I'll go for the custom kernel first so I don't have to backup (I doubt it would fully work) and restore (if this works) all data. Should the custom kernel bring no cure for this itch, I'll simply hang on and wait :-).

Geger Yakinits commented on 2013-09-23 at 12:53:

Yes you can.

Hazel Lyn Mallare commented on 2013-09-24 at 14:57:

+Hanspeter Holzer Same. I hate companies who do this. And here I keep thinking how XDA members used to champion the Galaxy S2 for easy rooting and customising... Samsung even reached out to them.

Now I am disgusted because Samsung is done with them, have become big enough to suck up to other companies, and are throwing them away. Just disgusted.

Samsung shouldn't do this. It's not right. At least HTC's devices can achieve S-OFF with some software tricks or an XTC Clip... This? This is like a foolproof lock. 

Hazel Lyn Mallare commented on 2013-09-24 at 22:47:

+David Vlk Nope. If the people doing root can't do it, then people who can't root their phones have no chance. Basically, from what I know, you can get rid of Knox by rooting but your phone will be able to tell you did remove KNOX or even basically messed with your phone software and you lose warranty rights, it seems. I also read that once the KNOX container was removed that you cannot create another KNOX container in the phone, meaning that possibly, once you decide to root and get rid of KNOX, you can't flash stock firmware and make your tinkering undetected. It will show. I am not entirely sure about this, but I've been reading the XDA thread on it and that's what I understand.

A lot of people think an eFuse is involved.

Mark Anthony Braganza commented on 2013-10-07 at 03:50:

so, whats the disadvantage of 0x1 to your device? only warranty and the fact that you can't use KNOX software?

Emmanuel Oduja commented on 2013-10-12 at 15:40:

In the end did you fix it?, I currently have the same problem and it sucks 

Emmanuel Oduja commented on 2013-10-12 at 15:47:
Maurice Munoz commented on 2013-10-14 at 00:01:

question? Can I flash cyanogenmod if I have knox? can I root ,my phone?

I can't believe Samsung is doing this... :-(

Shawn Anshutz commented on 2013-10-15 at 10:02:

So Am I correct in assuming that Rooting a L720VPUAMDL is impossible?  I havent seen a single post about rooting a sprint Galaxy S4 on any site since July.  Does that mean everyone has even given up in trying?

Alexandru Zeveleanu commented on 2013-10-18 at 13:44:

same here, any news for rooting the official 4.3 firmware?

Andrew Lee commented on 2013-10-18 at 19:52:

Hi +Chainfire .. I'm running MH6 and ended up in brick as well. Couldn't flash even a stock firmware after that.

Flashed a PIT file and stock OS was able to load. But now I'm unable to do a factory reset.

The red android will appear at boot and attempt to run stock recovery. It will later stop halfway and resumes booting the OS. :/

Andrew Lee commented on 2013-10-19 at 02:55:

Error to root are as follows:

<ID:0/005> Firmware update start..

<ID:0/005> recovery.img

<ID:0/005> NAND Write Start!! 

<ID:0/005> Complete(Write) operation failed.

<ID:0/005> Added!!

<OSM> All threads completed. (succeed 0 / failed 1)

<ID:0/005> Removed!!

<ID:0/005> Added!!

Andrew Lee commented on 2013-10-19 at 16:14:

+passaris konstantinos hi .. Thanks for the advice. My device is okay now. Was playing with the PIT file and flashing stock ROM earlier. It worked. But somehow, I managed to unroot my device as well. :O

Not sure if the Knox counter was reset as well though..I think highly unlikely.

Andrew Lee commented on 2013-10-19 at 16:16:

Meaning to live OTA updates work too.

Romeo Rogers commented on 2013-10-20 at 02:07:

JTAG the phone using RIFF box will let you downgrade :-)

Andrew Lee commented on 2013-10-20 at 02:09:

Hi..root for MH6 has worked flawlessly now. The issue came because I was not running the latest Odin v3.07. Just wanna give a heads up to anyone else who wanna flash this.

Daniel Valle commented on 2013-10-22 at 17:20:

Hi guys, this root process dont work in S4 - I9505 - Kernel 3.4.0 1021200?


jean estrella commented on 2013-10-25 at 17:24:

Hola amigos, soy de Ecuador, necesito ayuda urgente. No puedo actualizar mi i9505 porque previamente le degrade la versión para poder desbloquearlo, y ahora no funciona el wifi y no hay sonidos! Necesito solucionar este problema. 

Alan Epton commented on 2013-10-25 at 19:31:

Thanks +Jamie Jordan

Gary Terry commented on 2013-11-02 at 12:37:

I tried installing the latest CF-Auto root and doing the "pm disable com.sec.knox.seandroid " on a Galaxy S3 running the 4.3 leak with Knox & SELinux enforcing. 

Still can't attain root.

Any suggestions?

Gary Terry commented on 2013-11-02 at 23:54:

No, haven't. Thinking the boot loader needs to be changed

Тото Антонио commented on 2013-11-11 at 03:46:

Any solution at hand? Knox been giving us headaches. This will be the last time i'll buy samsung.

Gary Terry commented on 2013-11-11 at 03:52:

I used Odin back to the 4.1.2 stock ROM, wipe cache, factory reset. Worked like a charm.

I'm currently running a rooted/Knox free version of the leaked ROM.

Andrew Lee commented on 2013-11-11 at 03:57:

This worked for me:

Uninstall Kies & drivers.

Reinstall Kies & drivers.

Download latest Odin.

Run data wipe, cache wipe, dalvik cache wipe via Recovery.

Run factory reset on phone (to format internal SD)

Go into Download mode.

Plug phone into a different USB port (if possible).

Root again.

It should work now :)

My main problems were mainly with the odin version / conflicting Kies drivers.

Andrew Lee commented on 2013-11-11 at 11:47:

+Jerome Schmitt shouldn't be a problem if all e drivers and software are updated. :) mine is a MJ5.

Thomas Wiringa commented on 2013-11-12 at 12:06:

Yeah, now I can finally get rid of the stupid shutter sound and the ridiculous amount of bloatware! :D (Android 4.3 MJ7)

Ad van Rooij commented on 2013-11-12 at 18:20:

+Thomas Wiringa

But How do you get rid of the shutter sound, I have the same rooted/knox free MJ7 version? :-)

David Woodhouse commented on 2013-11-12 at 23:44:

+Chainfire This seems to be broken with disk encryption (required for my corporate ActiveSync account). If I apply CF-Auto-Root after the internal storage is encrypted, it just crashes (black screen) after I enter my PIN at boot. If I attempt to encrypt the storage after it's rooted, it crashes when it does its reboot to do the encryption, and eventually comes back still unencrypted.

David Woodhouse commented on 2013-11-13 at 00:11:

FWIW upgrading from 4.2 to 4.3 with Mobile Odin did work and encryption was fine. It's just that every app then started crashing, hence a complete reinstall and attempt to restore from backup... and now I can't get encryption to work.

Thomas Wiringa commented on 2013-11-14 at 10:42:

+Ad van Rooij I renamed the shutter.ogg file in the folder /system/media/audio/ui to shutter.ogg.bak with Root Explorer :)

Ahmad Danial Aidil commented on 2013-11-14 at 23:07:

+Chainfire is this fully working? and knox not blocking supersu permission.

Or this is just for updating to custom rom to make it fully working :-)

Mikael Jakobsson commented on 2013-11-17 at 02:48:

is this for Android 4.3?

Ad van Rooij commented on 2013-11-17 at 15:58:

+Thomas Wiringa

Thanks. It could change  the file but still the shutter sound. Strange...

Avant Sharp commented on 2013-11-24 at 19:19:

When I try flash this to my i9505 (Jfltexx) using Odin, it always fails and gives me the message, "Complete(Write) operation failed.". How do I solve this problem?

I'm using i9505xxUEMJ7, TWRP Recovery and nothing seems to work for me right now. I've tried using Heimdall, but I always get the message "Access is Denied" when trying to install recovery.img. My Odin always fails also, I'm not entirely sure what to do - My battery is swollen also.

Koert Bakker commented on 2013-11-26 at 15:17:

I'm trying to install on MK8 for the 5th time now. Still not working :-(

Koert Bakker commented on 2013-11-26 at 15:27:

Now it's working! Just kept trying and trying.... :-P

Fahd CHRAIBI commented on 2013-11-27 at 23:41:

What about sound issue while calling? How can I fix it?

Arioch commented on 2013-11-28 at 10:26:

I have a S4 m919 T-Mobile and it works just fine. My only question would be, once you update the bootloader, would I be able to downgrade back to 4.2.2 Jelly Bean? I have an application with my data backed up but 4.3 won't recognize the file to restore it (I did a full wipe before updating it and deleted the file off my phone but have the folder on my computer) Thank You, HAPPY THANKSGIVING and all your hard work.

István Arany commented on 2013-11-28 at 20:41:

So will the 05.09.2013  CF-Auto-Root-jflte-jfltexx-gti9505.tar.md5  be working with this new MK8?

Koert Bakker commented on 2013-11-29 at 09:08:

Yeah, it works +István Arany (I had to retry/do it a few times)

István Arany commented on 2013-11-29 at 12:38:

I found the fresh one a few minutes later, tha 20.11.2013 version. Thanks by the way, and keep up the good work! 

Just a question, you might know the answer to, since the last update and root, my device can't use Viber through mobile internet, only through Wifi. I didn't change any settings with it. What can be the problem there?

Luis Castro commented on 2014-01-23 at 19:36:

worked for me. good job

jubs English commented on 2014-01-26 at 19:21:

will this work for the i9502

Justin Gilbert commented on 2014-02-19 at 03:55:

How can you tell what bootloader you're running?

Andrew Battistella commented on 2014-04-14 at 08:47:

Hey +Chainfire ...any help appreciated...

Just tried to root a friends looked like it was on old forware...but after running cf-root and it saying successful...there is no recovery...just the standard 3e recovery.

His phone does have Knox and it seems to be possibly the previous owner updated the software...not sure.

Warranty is not an he just wants to root it and possibly load some custom roms....

H E L P 

shadab Khan commented on 2014-05-01 at 08:51:

can i use cf auto root using mobile odin??

phil lighbothe commented on 2017-11-21 at 11:43:

Hi! Visit my article about root!

dojin lama commented on 2018-01-22 at 04:37:

I got it and I m fully serishdy from this


Aboubacar soumahoro commented on 2018-01-29 at 01:25:


This post is over a month old, commenting has been disabled.