Hi, I’m new to Android. After rooting, I would like to password-protect access to root on as low a level as possible. No /etc/passwd mechanism is available on Android. Does anyone know if this (or similar) can be installed, preferably without unlocking the bootloader? Can I rebuild the kernel to include this? (although not ideal) SuperUser Elite and SuperSU Pro claim to be able to PIN-protect root. Does anyone know how robust (secure) this is?
There seems to be a lack of extensive, well-written documentation on anything related to Android hacking so I would be grateful if anyone could provide a clear, detailed and technical answer to this.
Many thanks in advance
Related
Hello XDA-Forum users,
I ask you a question: How does Android Root works ?
I mean, for example, How does it works in Nexus One ?
This would be an understanding question to know more about how I get root from my Phone (Nexus One, for example) from scratch, from sources.
upupupupupup
Rooting basics:
http://lifehacker.com/5342237/five-great-reasons-to-root-your-android-phone
For details on how to do it on your device, Google or use the forum search. Lots of rooting information that is device dependent out there.
It basically gives your phone permission to do almost anything. It is similar to giving a user in Windows Administrator rights. It is called super user. You can do many things such as removing unwanted apps and overclocking.
This is not what I mean, I asks for an explaining in which the question is "How the root is possible? What active the root ?" Probably a kernel exploit, or stuff like that, to understand the underground passage to take it, from an hack view.
So, How works a root utility (such SuperOneClick) to set gid to 0 ?
Valid question, I am also interested in learning this.
In other words, if I were to perform the rooting manually, where can I find such info?
And some of the question is why su must be in some diredctories, and can't be run from /data/local/tmp for example?
Someone can enlighten us?
diego.stamigni said:
Someone can enlighten us?
Click to expand...
Click to collapse
The general approach is taking advantage of bugs in the android OS
The process works something like this
User crafts some special data that contains a "payload" (the script/executable that we want to run)
User runs a system process that has root privileges and gets it to open the special data
The bug causes the system process to get confused by the data, and ends up running the embedded script
The embedded script runs with the same privileges as the system process, and thus can stuff that normal users aren't allowed to do (e.g. installs the SU app)
Commonly, things such as buffer overflows are used
So after gaining root access, which apps can run as root?
Or the user becomes root(as in desktop), and can run all types of apps?
Can root app(run as root) access everything?? Or app permission still applies?
Is it that system exploit is always used to run root apps?
can someone explain in technical details? not how to root.
are rooting programs open source??
What is the root procedure
Bayint Naung said:
So after gaining root access, which apps can run as root?
Or the user becomes root(as in desktop), and can run all types of apps?
Can root app(run as root) access everything?? Or app permission still applies?
Is it that system exploit is always used to run root apps?
can someone explain in technical details? not how to root.
are rooting programs open source??
Click to expand...
Click to collapse
Hi guys!
I have the same question and after searching and asking find this!
it is good!!
hope it works!
http://stackoverflow.com/questions/...hat-are-the-pre-requisites-for-it-to-work-wha
also look at the suggestedpages at the right of this page!
Hi, I would like to have root access to my phone, but not necessarily with a custom ROM. I would also prefer to not change my bootloader.
What exactly is rooting? Is it replacing the whole system image with an image that gives the user root access? Or is it just like enabling sudo for the user? Or is a smaller part replaced? (I am somewhat familiar with electronics, computers and Linux, but I find the Android hacking a bit confusing )
Also, is it possible to run stock Android, only with root access? Will the access be lost when upgrading?
c3c0l0n said:
Hi, I would like to have root access to my phone, but not necessarily with a custom ROM.
DEV section rooting post /
What exactly is rooting?
root is the user account in Linux with all privileges. The root user can edit anything on the system. For safety reasons, users do not have all those privileges. When you root your phone, you will gain write access to areas of the phone you couldn't previously access and are allowed to run more commands in the terminal. Because applications do not get a lot of privileges, some of them require you to root the device in order for them to function properly (or fully).
Also, is it possible to run stock Android, only with root access?
Yes and Yes lost root on upgrade usually .
jje
Click to expand...
Click to collapse
Thank you. How is the rooting performed? Is only an ACL modified, or is a more fundamental part of the system changed (like the kernel, bootloader etc)?
I know that a custom ROM might be unstable/experimental, but does the same apply for rooting, or is the modification so small that one could expect the exact same stability as in the stock ROM?
c3c0l0n said:
Thank you. How is the rooting performed? Is only an ACL modified, or is a more fundamental part of the system changed (like the kernel, bootloader etc)?
I know that a custom ROM might be unstable/experimental, but does the same apply for rooting, or is the modification so small that one could expect the exact same stability as in the stock ROM?
Click to expand...
Click to collapse
All your questions are explained in detail in the Development section
Sorry, I did not find it. However, I read this without getting smarter. This video suggests that rooting is a process that does something with your phone without replacing everything. An exact list of what the rooting tools do would be perfect
Not all tools do the same thing. To get a specific answer, you will have to ask the person that came up with whatever rooting tool you are referring to. Some phones take more to root than others.
Hello everybody.
This is my first post, and while I am noob at XDA-Developers, I have spent more than 10 years writing and reading in forums, and I know what has to be done before writing on them. And I did. I have a couple of questions that I think they are not easy to answer. Indeed, I spent 8 hours yesterday searching through the interwebs and this forum to try to figure out the most thorough answer. And I think I figured out mine, but I don't know any people that can reinforce my toughts and tell me "Hey Gabriel: you are right, you did well, you are the man: go out for a beer, keep calm and carry on". I will ask the questions first, and later I will explain why I ask such questions, and finally what are the steps I did.
The questions are: How can I remove root from a custom rom, and how can I be sure that I properly did? I know that many of us think that "This is stupid / Why do you want to do such a thing / the power of your phone will... / go to stock / etc". But, any way, I have a deep concern on expanding concepts and knowledge, and I thing that root process, root means and rooted phone securing checklist are not as clear as I would like to find them. And more important: I *have* to remain in a custom rom but I *must not* be root.
So the why's are not the question but, just to add some reasonable context: I have a phone that does not fit my needs with the stock rom, because a hardware component is falling apart and I need a software workaround (YEAH, right LOL: a Nexus One with the power button falling apart and I need to be able to unlock / wake with the trackball; but this thread is Android-wide because it tries to find a deep insight into rooting itself). This software workaround does not work in stock rom when I configure the password / PIN / pattern. And the problem with custom roms is that they run into trouble with certain data-protection aware environments, which do not allow rooted terminals. And more important than all: I have no need at all to be root, at least by now.
So, I spent hours searching, and I figured out that I should remove "su" command and related APK's (ROM Manager, Superuser, ... and some others that I won't need). All by myself and with some posts (I don't remember if they were here or in "HTCMania", a good spanish smartphones board, either) that suggested it.
The exact process I did was to download CyanogenMod 7.2 RC1, check signature & md5 to make sure the zip was what it claimed to be (because later I found that I needed to shut down recovery signature check) open the .zip, remove "/system/xbin/su", install the rom, remove su-related ".apk" with adb, and try to check if it still had any sort of superuser permission scalation. It aparently does not have. I checked /data directory with Root Explorer, I downloaded and ran Root Checker Basic.
The results seem what I expected (and that's the question: they seem, and I don't know if they are): I am running on CyanogenMod, the workaround (wake on trackball) works, the PIN/password works fine with it, and it seems I am not able to gain root access.
But my question are deeper than that: is there any remaining technical mean that could be used to gain root access on my phone? Do I have to get rid of more su-companion tools to be sure and to be "non-root"-compliant? Is there any checklist we should follow to check both if our custom ROM is rooted-but-secure and if our ROM is properly un-rooted? And most important: did I miss / failed to find the correct resource in these forums?
Thanks to every body and congrats for this outrageous boards.
Hello.
I discovered that the encryption, which I understand comes with ICS, is not available with my cheap D2Pad with ICS 4.0.4. I have looked in Settings/security, and do not find encryption there, or anywhere else. The online documentation points me to Settings/Personal/Security/encryption, but my problem is that Personal and Encryption are missing entirely from my settings interface.
Is it possible to install Encryption through a file obtained here at XDADevelopers? I have downloaded a settings.apk posted by one of your members. Is this what I need to replace? Would I use ADB to push/pull the Settings.apk?
My theory, after doing some reading on this, is that my device has a dumbed-down version of ICS, which has excluded encryption from the settings.apk.
May I ask for your advice?
The NOOB video is wonderful, by the way.
Thanks in advance.
Robert
hello,
sorry if this isn't the right place to ask this question, and please redirect me, this is a fairly huge site.
I know this question has been asked many times, but I didn't see a clear answer to it from security experts, or it is from several years ago and things might have changed.
My question is double:
first of all, nowadays, how does the process of rooting an android phone work (please detail if there are various alternatives) ? Does it rely on a security hole, or is it a kind of attack (such as physical access to the device) that is not part of the security perimeter of android ? In the first case, why is it that it's not fixed, as there are open bounties for the android system ? Note that I'm just talking about the android system itself (such as a Nexus Phone), with the latest patches.
Second related question: What would be the security risk of rooting an android phone ? If I am not mistaken, these could be grouped in at least two issues: the rooting process itself, and the aftermath.
a. Regarding the rooting process, is there any open source procedure (or at least closely reviewed) to root a nexus phone that could guarantee that there's no malware installed in the process ? (see also first question)
b. From what I understand, having a rooted android is no different than having a linux OS with a root account. Are there any (free, open source?) apps that can monitor (what commands have been launched, etc) and prevent apps from getting access to the root account without my agreement ? (so that it is linux OS where any account that requires root privileges must go through 'sudo' and ask the user to enter their password).
Please tell me if I'm asking in the wrong part of the site.