Unlock Bootloader and Root Pixel 10/Pro/XL/Fold

In this guide, we will show you the steps to unlock the bootloader and root the Pixel 10/Pro/XL/Fold via Magisk/KernelSU/APatch. Google has recently taken the wraps off its latest offerings. The tenth iteration of its devices brings in quite a few intriguing features and a bunch of AI tweaks to the fore.

But for the tech enthusiasts, gaining administrative rights is always at the top of their priority queue. And now that we have a bunch of rooting tools at our disposal in the form of APatch, KernelSU, and Magisk, users are even more inclined towards carrying out these tweaks. If you are also planning to do the same, then this guide is all that you would need. Follow along for the steps.

• Unlock Bootloader and Root Pixel 10/Pro/XL/Fold The Prerequisites Unlock the Bootloader on Pixel 10/Pro/XL/Fold Root Pixel 10/Pro/XL/Fold via Magisk Root Pixel 10/Pro/XL/Fold via APatch Root Pixel 10/Pro/XL/Fold via KernelSU

Unlock Bootloader and Root Pixel 10/Pro/XL/Fold

Before starting, please take a complete device backup. Moreover, after rooting, most, if not all, AI features will no longer, including Pixel Studio, AI Weather Report, Screenshots, and the new Magic Cue. Likewise, you’ll also have to deal with Play Integrity issues [though it can be addressed ].

So if that’s all well and good, then let’s get started. Droidwin and its members wouldn’t be held responsible in case of a thermonuclear war, your alarm doesn’t wake you up, or if anything happens to your device and data by performing the below steps.

The Prerequisites

The steps given here are required for both unlocking as well as rooting your device.

1. Download and extract Android SDK Platform Tools onto your PC.
2. Then, enable USB Debugging and OEM Unlocking on your device.
3. Now open the Command Prompt inside platform-tools and type in adb reboot bootloader
4. Now type in the command below and verify if you’re getting an ID. fastboot devices
5. If you aren’t getting any ID, then please install the Fastboot Drivers .

Unlock the Bootloader on Pixel 10/Pro/XL/Fold

1. From the Fastboot Mode, type the command given below: fastboot flashing unlock
2. You’ll get a prompt on your device. Use the Volume keys to highlight Unlock the Bootloader and press the Power key to confirm.
3. Your device will undergo a reset, and the bootloader will be unlocked. Congrats! Let’s proceed ahead and root your Pixel device.

NOTE: Given below are three different ways through which you can root your Pixel device- Magisk, APatch, and KernelSU. Go through each of them once and then try out the one that is in sync with your requirement.

Root Pixel 10/Pro/XL/Fold via Magisk

1. To begin with, download the stock firmware for your device from below. Pixel 10 | Pixel 10 Pro | Pixel 10 Pro XL | Pixel 10 Pro Fold
2. Download the same version that is installed on your device. You may verify the same from the Build Number.
3. Then extract the firmware and get the init_boot.img file.
4. Next, transfer that file to your device. Then, install Magisk on your device.
5. Now launch Magisk, go to Install, select the init_boot.img, and hit Let’s Go.
6. It will now be patched and placed in the Downloads folder.
7. Transfer it to the platform-tools folder and rename it to patched_init_boot.img.
8. Then open Command Prompt inside platform-tools and type in: adb reboot bootloader
9. Then type in the below command to flash the patched init_boot: fastboot flash init_boot patched_init_boot.img
10. Now type the below command to boot to the OS: fastboot reboot
11. Then launch Magisk, and if it asks for additional setup, tap Install next to Magisk.
12. Then select Direct Install [Recommended] and hit Reboot. Your device will now boot to the rooted OS. That’s it.

Root Pixel 10/Pro/XL/Fold via APatch

You can refer to our guide below to root the Pixel 10/Pro/XL/Fold via APatch. Do note that as opposed to init_boot in Magisk, you have to use the boot.img file in APatch.

Root Android via APatch: Give SU Access Flash Module Install OTA

Root Pixel 10/Pro/XL/Fold via KernelSU

As of now, there’s no custom kernel that will help you root your Pixel 10/Pro/XL/Fold via KernelSU. With that said, XDA Member edcsxz has managed to obtain root via Sukisu Ultra, as could be seen from the screenshot below.

He has compiled the GKI Kernel himself and then flashed it, though he or anyone, for that matter, hasn’t publicly shared it. Once that happens, we will update this section accordingly.

• Detailed Guide to Pass Play Integrity in New Android 13+ Checks
• Guide to Get Fingerprint PIF.JSON File using Play Integrity Fork
• How to Pass Strong Integrity Using Revoked/Banned Keybox File
• Get an Unrevoked Keybox XML File Here & Pass Strong Integrity

• Daniel 2 months ago Reply How could then disable dm verity on Pixel 10? I’ve tried the following command: fastboot flash vbmeta –disable-verity –disable-verification vbmeta.img But it doesn’t boot so I have to do a reset with wipe out all data. Also avbctl doesn’t work with Android 16.

(Cancel Reply)

Δ

How to Get Fingerprint PIF.JSON File using Play Integrity Fork

In this guide, we will show you the steps to get the fingerprint PIF.JSON file using Play Integrity Fork. A week back or so, we got the unfortunate news that the Play Integrity Fix module has been discontinued by the developer chiteroman. We can’t thank him enough for the invaluable work he has done for this community. But going forward, what can be our next course of action?

Well, while this module was up and running, another developer [osm0sis] was also running a fork of this module, which goes by the name Play Integrity Fork. While we wouldn’t say that it was under the shadow of Fix, but it wasn’t being used that much when compared to its counterpart.

However, all that is about to change now, and so there are a few queries that might pop up in your minds. In this regard, one of the most common questions that I have been asked for the past week is how to get the fingerprint PIF.JSON file in the Play Integrity Fork module.

As you might already be aware, the Fix module already has this embedded in its module; you just need to launch it via KSUWebUI, hit the Fetch PIF.JSON option, and you’ll get the file. But that’s not possible via the Fork module via the direct route. Why? Let’s find out, and after that, we will list the plausible steps through which you can get this file using this module. Follow along.

• Why is the PIF JSON Fingerprint File Missing in Play Integrity Fork
• How to Get the Fingerprint PIF.JSON File using Play Integrity Fork
• Direct Download PIF JSON Files

Why is the PIF JSON Fingerprint File Missing in Play Integrity Fork

By default, the module comes with a template of a PIF JSON file that you need to fill in manually. You can get this file from /data/adb/modules/playintegrityfix. Once you fill in the values, simply rename it to custom.pif.json, and your task stands complete. But why hasn’t the dev simply added this file, as was the case with the Fix module? Here’s what he has to say regarding this:

There’s intentionally no pif.json in the module because the goal remains to be futureproof, and including something that may be banned and obsolete within days would be contrary to that goal.

However, finding these files might not be everyone’s cup of tea. Not only are a few of these remains, but finding them is also quite an effort taking task. The developer acknowledges this, and hence, he has added a script to extract the latest Pixel Beta fingerprint along with the module. The script is named autopif2, which generates a random device fingerprint from the latest Pixel Beta. So let’s have a look at the steps to make full use of this file.

How to Get the Fingerprint PIF.JSON File using Play Integrity Fork

Before starting, please take a backup of all the data on your device, just to be on the safe side. Droidwin and its members wouldn’t be held responsible in case of a thermonuclear war, your alarm doesn’t wake you up, or if anything happens to your device, and data by performing the below steps.

NOTE: There are quite a few ways of getting this job done, however, I personally found Termux to be the easiest among all of them. But if you want to try out any other method, then run the generation script from a root manager app that supports the module Action button or from a file explorer app that supports script execution.

1. To begin with, flash the wget2 module via Magisk / KernelSU / APatch .
2. Then, flash the Play Integrity Fork CI module from GitHub Actions .
3. Now, download and install the Termux app from F-Droid.
4. Then launch it and execute the following three commands: su //you’ll get a SU request, hit Grant cd /data/adb/modules/playintegrityfix //to change the directory to the module’s sh autopif2.sh –preview // this will give you the fingerprint file
5. You can also add a few other parameters to the above command, namely: su -c sh /data/adb/modules/playintegrityfix/autopif2.sh -a -m -p -s -a Advanced -m Match -p Preview -s Strong
6. Once done, head over to the below location to access the custom.pif.json /data/adb/modules/playintegrityfix

Direct Download PIF JSON Files

If you don’t want to manually carry out the aforementioned steps, then you may directly get the PIF JSON file from our below guide:

Download PIF JSON File from Here

• How to Pass Strong Integrity Using Revoked/Banned Keybox File!
• How to Pass Play Integrity in New Android 13+ Checks
• Guide to Pass Strong Integrity on Unlocked Bootloader & Root!
• How to Spoof/Fake/Hide Bootloader Unlock Status
• How to Pass Play Integrity Test on any Custom ROM [Video]

• Drw 6 months ago Reply Problem solved. Termux wasn’t prompting me to grant su user access. Found where to enable it in the KSU Next GUI under Superuser.
• Drw 6 months ago Reply I’m getting “su program not found.” Rooted with ksu and susfs. Modules installed are BKI, Play integrity fork, shamiko, susfs for ksu, tricky store, wget2, zygisk lsposed, and zygisk next. Nothing tweaked.
• mario 7 months ago Reply sorry, what do you mean with “Then, flash the Play Integrity Fork CI module from GitHub Actions.” ? i have pif v13 flashed in magisk
• Mohamed 7 months ago Reply Hi, can you please help me with a vaild keybox pleaaase 🙏
• Antonis 7 months ago Reply 1) “Then, flash the Play Integrity Fork CI module from GitHub Actions” https://github.com/osm0sis/PlayIntegrityFork/actions what do i download? 2) and then what do i do with custom.pif.json ?
• Antonis 7 months ago Reply “Then, flash the Play Integrity Fork CI module from GitHub Actions” https://github.com/osm0sis/PlayIntegrityFork/actions what do i download?

(Cancel Reply)

Δ