ROOTING FOR DUMMIES

A guide to get the maximum out of your android device

IndexIn this workshop,we shall focus on the following topics:-

•What is rooting ?•Why root ?•Terms like bootloader, kernel, root, unroot, superuser etc.•What cool things to do with a rooted phone.

What is Rooting?Rooting is the process by which you gain administrative access to your phone. Even though Android is an open source operating system, you still don’t have full “root access” to do what you please on your phone

Gaining root access on OSX(unfortunately,things aren’t as simple on android as we are not given administrative priveliges

on our android devices

This is usually how you can see if an android phone is rooted – the

SuperUser app

At this point,you must be like

Expectation Reality

In a few minutes,you’ll be

Expectation Reality

The next slides have been re-rendered in Helvetica to comply with iOS 7 design

principles(and to show you how much of a bad

idea it can be!!)

iOS designers

Rooting : The process

Rooting : technical overview

In Linux, the “root” user has all rights. “root” can read, write and execute any file in any directory. All other user's permissions can also be edited by “root”.

On an Android phone, each app runs as a separate user. eg. The app “Calendar” may be running as user “cal_01”. None of the apps can become root, and thus cannot have complete access to all filesystems.

The “rooting” process is by which we somehow gain access to the “root” user of an Android device. Once a device is successfully “rooted” any app can be given “root” permissions. Thus any app can now run as the root user and access all data on the phone and change anything it wants to.

The Android OS is designed to by default not allow any application run with

root priviledge. So essentially “rooting” is way of hacking into the Android

system.

Just like any other hacks, rooting also works by “exploiting” a

“vulnerability”. Various phones have different ways to root them, precisely

because of this. Different phones have different vulnerabilities that have

been exploited to gain root access.

Bootloader Unlockable Phones :No more exploits needed

The advent of the “NEXUS” brand by Google has brought forward a new breed of devices – the bootloader unlockable phones. In India most phones sold today have an unlockable bootloader. Phones sold in USA/Europe which are under carrier contracts are often NOT bootloader unlockable. These phones continue to need to be rooted in the traditional way.

Many Samsung phones do not have locked bootloader. Others like HTC and Sony allow users to unlock bootloaders. A phone with an unlocked bootloader can have a “prerooted” system image installed, thus completely doing away with the need to find vulnerabilities and exploit them.

WHY ROOT?There are several benefits to rooting.Some are as follows:-

1.Improved performance: You can speed up your Android device by relocating your phone’s cache, thus allowing you to save phone memory and have a faster phone.

2.Altering system files:You can replace many parts of the “Android core.” Doing so, you can add new themes, edit the core apps,binaries etc.

3.More application choices:You will be able to install apps that are only compatible with rooted phones .eg over clocking apps,tethering etc.

WHY ROOT?(Contd.)

4.Latest Android OS (operating system):With many manufacturers(<cough,cough> Huawei,Sony Ericsson etc.) holding back the updates to the latest Android operating system, rooting your device will give you the option to install any current and future OS’s by installing custom-tailored ROMs.Also,you can try ROMs with many useful features

What you won’t get from rooting..• Free apps-You really don’t need to root to get

free apps. In fact,we’d suggest you’re better off buying apps(One of the reasons developers release more games on iOS is because of the high rates of piracy in the android ecosystem.THAT’S WHY WE’LL never get Infinity Blade.Geez,thank you douchebags!!

• A perfect phone-We mean,you’ll get really close. There really isn’t a phone with a ROM that gives you the best battery life,the best camera app,most stable, and the best performance. Usually,it’ll be a compromise. In fact,if such a combination existed,EVERYONE would buy it,wouldn’t it?

We’re never gonna get this

Bad things that may happen• Soft brick-Implies that the phone is stuck

on the manufacturer’s “splash screen”. Usually caused if the ROM isn’t downloaded/signed properly. Always check the md5chekcsum and DO NOT RE-ZIP ROM files

• Bootloops-Usually caused by errors while flashing. eg not flashing correct boot.img

All of these problems can easily by flashing a new ROM as soon as you notice/restoring stock firmware

Bad things(Contd..)•Hard brick-Usually caused by human stupidity and/or drunkedness at time of flashing. Stupid things like flashing another phone’s radios(especially if a different manufacturer’s-how do you do that?Jokes apart,this can be a real problem if your manufacturer uses similar names for multiple devices(<cough,cough,Samsung galaxy s4 active,plus,exynos,snapdragon,zoom,HTC One X,One XL,Sensation XE,XL,Sony Xperia Z,ZL.

How to fix this?Well,you can’t. Sorry. Just be careful next time. Or just buy a Nexus

The Bootloader

What is the bootloader ?In literal terms, the bootloader is code that is executed before any

Operating System starts to run. Bootloaders basically package the

instructions to boot operating system kernel and most of them also have

their own debugging or modification environment. Think of the bootloader

as a security checkpoint for all those partitions. Because if you’re able to

swap out what’s on those partitions, you’re able to break things if you

don’t know what you’re doing.

Bootloader : Locked

• The bootloader will verify the signature of system image before booting

• The bootloader only allows system images signed by the OEM to boot

• Only allowing signed images stops bad things from happening. Thus locked bootloader keeps your phone safe and secure

• Your phone stays under warranty

• You cannot run modified kernels/OS or modify the files in your system partition

Bootloader : Unlocked

• Bootloader performs no signature verification on system images

• Bootloader will allow any kernel or system to boot

• Since bootloader performs no verification, a wrong kernel/OS can get booted which can brick your phone

• In most cases, warranty is void

• You can run a modified linux kernel or a modified Android OS on your phone. You can even run a non-Android OS on your phone (Ubuntu Touch, Sailfish OS, Firefox OS)

D

Rooting via Bootloader unlock

If the bootloader can be unlocked, then rooting is a much simpler matter.

1. Unlock the bootloader of the device

2. Get a system image (either by dumping the devices system partition or procuring it from the OEM)

3. Inject the “su” binary and “busybox” binary into the system image. (Make other necessary changes that may be required)

4. Flash this modified system image

Rooting : Precautions

Which phone do you have ? Sure ? Really sure ?

Countless phones have been bricked by performing a root method meant to work on some other phone.

For eg. If you own a Galaxy S2, find out if you are using i9100 or i9100g. That little “g” can make a difference between you having a working phone or a Rs. 30,000 paperweight.

Best place to find out phone model number is :

Settings > About Phone > Model Number

Get rooting guides from trusted sites

androidcentral.com/root collection of rooting guides

xda-developers.com largest forum for Android customization

google.com/search?q=root+htc+desire search on google (you know that right ?)

Scienc-ey stuffHere, we’ll go through a little bit of technical stuff

•Bootloader- In literal terms, the bootloader is code that is executed before any Operating System starts to run. Bootloaders basically package the instructions to boot operating system kernel and most of them also have their own debugging or modification environment. Think of the bootloader as a security checkpoint for all those partitions. Because if you’re able to swap out what’s on those partitions, you’re able to break things if you don’t know what you’re doing.

•Kernel-When software needs the hardware to do anything, it sends a request to the kernel. And when we say anything, we mean anything. From the brightness of the screen, to the volume level, to initiating a call through the radio, even what's drawn on the display is ultimately controlled by the kernel.

Science-ey stuff•Baseband-Baseband is the Radio or Modem version depending upon the Phone Model, Carrier and Android Software Stack version. The Radio/Modem file is flashed via Recovery tool (other options are ADB/ODIN). The mismatched Radio/Modem and ROM will lead to things not working. You need to find the matching Radio/Modem for the particular ROM you are running.The radio firmware controls basic low-level functions like network connectivity, Wi-Fi, and GPS.

•CWM-ClockworkMod, abbreviated as CWM, is a popular custom recovery for Android phones and tablets developed by Koushik Dutta (Koush), a well-known name in the Android dev community. ClockworkMod recovery allows you to perform several advanced recovery, restoration, installation and maintenance operations on your Android device

Demo