Android OS Forum banner
1 - 6 of 6 Posts

·
Premium Member
Joined
·
1,768 Posts
I don't have root because I steal. I have it because I paid a lot of money for a hand held computer that makes phone calls (or not, tablets), and I want to FULLY hide root on a firmware level (as some checks can't be defeated via apps)...

Now lets talk about detection:

1) su binary and SuperUser (or SuperSU) searches can be easily defeated by apps like Chainfire's (Sweet)
2) Check firmware for testkey signatures. (this one we can defeat by simply making new testkeys, similar to what OEMs do)

sources:
http://www.kandroid....lease_keys.html (I simply replaced the provided testkeys with new ones)
http://review.liquid...th.org/#/c/879/

3) simply check if ro_secure=0 (0 for root, 1 for nonroot) *affects adb permissions according to docs*
this type of root check could be something like
Code:
if (android.os.SystemProperties.get("ro_secure", 1) != 1) throw new RuntimeException("I see your root, that's what she said?");
*and no I feel like this is a hidden check that no developers know about so I don't really feel bad about including that one liner.

hijacks to be placed in these locations
https://github.com/L...erties.java#L51
https://github.com/L...erties.java#L63
https://github.com/L...erties.java#L78

hijack would look something like this
Code:
<br />
	public static String get(String key) {<br />
		if (boolean userPrefIsToHideRoot) {<br />
			if ("ro_secure".equals(new String(key)) return "0";<br />
		}<br />
		if (key.length() > PROP_NAME_MAX) {<br />
			throw new IllegalArgumentException("key.length > " + PROP_NAME_MAX);<br />
		}<br />
		return native_get(key);<br />
	}
with returns matching for the integer hijacking.

Now the fun part!
Pick apart my logic...
or explain to me why all my tricks won't work
or just your thoughts on the practicality these mods

OR and probably most important what am I missing that can be used to check for root?

Or would this approach be the bees knees in defeating root detection?
 

·
Your trusted friend in science
Joined
·
620 Posts
Can you really hide the su binary? It has to be somewhere accessible since otherwise apps that need root will not find it. If these apps need to find it how can you hide it?

Also I want to note that there are legitimate reasons to check for root access. I do so in all my apps and if they do not have root popup a dialpg informing the user that they will need to a rooted device.
 

·
Premium Member
Joined
·
1,768 Posts
Discussion Starter · #3 ·
That would be a simple hide su under another name somewhere else till user turns off then su could be replaced. Not as a permanent solution because they could just as simply detect a symlink to wherever you did store the su binary

That part can be a switch user controls

And I agree there are lots of good reasons to check for root but I'd like to give users the option
 

·
Premium Member
Joined
·
4,348 Posts
Cyanogenmod already does something like that, though I have not looked to see how they actually implement it.
 

·
Premium Member
Joined
·
1,768 Posts
Discussion Starter · #6 ·
They do by CM has, in a very eloquent way, provided a blanket (configurations can be apps adb none or both) on / off for if su commands are processed. Checking for su binary will still show the device as rooted. Now if the check tried to execute a root command while that option is off the check would fail.

But looking to su still finds root
 
1 - 6 of 6 Posts
Top