[Exclusive] Here's How To Root The LG Intuition And LG Spectrum On ICS

Android Police

By Cameron Summerson

Published Sep 29, 2012

LG Intuition

If you jumped on the phablet bandwagon as soon as the Intuition hit Big Red's shelves, you've probably been waiting for a root exploit to hit so you can take full control of the system. Good news! Thanks to our boy jcase, you can now have what your heart so desperately desires. Let's get started.

First off, you'll need a couple of things:

A fully working ADB setup. If you don't have this, there are plenty or resources on the net - this one happens to be my person favorite because it's so easy and provides exactly what's needed to use ADB and Fastboot.
SU
lgroot.sh (right click > Save As)

Once you have those, you're only a few simple commands away.

adb push su /data/local/tmp/su

adb push lgroot.sh /data/local/tmp/lgroot.sh

adb shell

$ chmod 777 /data/local/tmp/lgroot.sh

$ rm /data/vpnch/vpnc_starter_lock

$ ln -s /data/local.prop /data/vpnch/vpnc_starter_lock

$ exit

adb reboot

At this point, you may need to unplug/replug the phone to get the computer to detect it again.

adb wait-for-device shell

$ echo 'ro.kernel.qemu=1' > /data/local.prop

$ exit

Here is the important part, you will have to execute the next to commands one after the other. We want the second command to be fired off as soon as adbD comes up, before it drops root privileges. This may take some a few minutes, and after the second command is complete you may have to unplug/replug you phone to get your computer to see it again.

adb reboot

adb wait-for-device /data/local/tmp/lgroot.sh

You may have to reconnect the phone here.

adb wait-for-device shell

$ su

# rm /data/local.prop

# rm /data/vpnch/vpnc_starter_lock

# reboot

And that's it! Once the device reboots, head to the Store and install SuperUser. Congrats!

LG Spectrum (with ICS)

This is a little more straightforward than the Intuition root, as it doesn't require such precise timing to get the execution just right. However, this is just for the leaked ICS builds, so it's likely to get patched in the final version. If you're running one of those builds right now, however, this one's for you.

Again, you need working ADB (see above), as well as the SU file.

adb shell

$ rm /data/vpnch/vpnc_starter_lock

$ ln -s /data/local.prop /data/vpnch/vpnc_starter_lock

$ exit

adb reboot

adb wait-for-device shell

$ echo 'ro.kernel.qemu=1' > /data/local.prop

$ exit

adb reboot

adb wait-for-device remount

adb push su /system/xbin/su

adb shell

# chown 0.0 /system/xbin/su

# chmod 06755 /system/xbin/su

# rm /data/local.prop

# rm /data/vpnch/vpnc_starter_lock

# reboot

Once the device reboot, grab SuperUser from the Store and enjoy your newfound freedom.