Sunday, April 21, 2013

Rooting your android devices using ADB shell

As prerequisites you should have an android device and a USB cable to connect with the PC. Download this zip package which you will need in the rooting process, please follow this link and get the files you need and the Android SDK/ADB up and running on your computer. If you are unfamiliar with ADB, please follow this ADB tutorial.

Unzip the SuperOneClick .zip find the su-v3, busybox, Superuser.apk, psneuter, and GingerBreak files. Rename su-v3 to su, and place the files in your ADB Platform-tools directory, which is contained in the Android SDK folder on your computer for the ease of executing shell commands.

If you are a windows user, please download USB drivers for your android device from the manufacturers website.

Steps for Rooting your device

The method we're going to use in order to rot the device is, using an exploit. (An exploit takes advantage of a known vulnerability to allow the Android user the ability to increase his or her level of privilege and access root.) When you have ADB setup and the proper exploit files, you are ready to root. Still, before you start running commands, you need to put your phone in USB debugging mode (settings > applications > development > enable USB debugging) and connect it to your computer.

Open the command prompt (windows) or the terminal (linux). Change your directory (cd command) to platform-tools folder in the android sdk folder.

This command will leave you with a shell prompt in the platform-tools directory. From here, you can run the commands that will actually root your phone. Be sure to run these commands in the same order.

First, here are the commands that run the psneuter exploit and gain a root shell.

adb devices
adb push psneuter /data/local/tmp
adb shell
$ cd /data/local/tmp
$ chmod 777 psneuter
$ ./psneuter

At this point, the exploit will run and close the shell. You will need to run these commands to restart the ADB server.
db kill-server
adb devices

Then use this command,
adb shell

command to open a shell. If you see a "#" sign, you have root access, so go ahead and continue to the next step.

We now need to make this root permanent. From the root shell you just opened, type the following commands.
# mount -o remount,rw -t rfs /dev/block/st19 /system
# exit
adb push busybox /system/bin
adb push su /system/bin
adb install Superuser.apk
adb shell
# chmod 4755 /system/bin/busybox
# chmod 4755 /system/bin/su
# mount -o remount,ro -t rfs /dev/block/st19 /system
# exit
adb reboot

Your device will reboot now. To check whether your device is rooted, try and install a root only app like Titanium Backup. If such an app works in your device, that means you have successfully rooted your device. Enjoy. :)

2 comments:

  1. I tried this and received this message after trying to execute psneuter. Failed to set prot mask (Inappropriate ioctl for device). Any ideas on how to go forward?

    ReplyDelete