Before knowing the rooting process, you must understand android architecture. On how android applications work or how Linux kernel provide services to the upper layer, all these concepts are the part of ethical hacking and mobile hacking courses offered by International Institute of Cyber Security. Actually, hardware components is the low level layer which provide services to the Linux Kernel which then connects hardware components to its required driver.
Android Architecture –
Hardware Components :-
- Hardware components interacts with the drivers to interact with the upper layers. When any signal is received from any end-user application, this layers converts signal from hardware devices to soft layers. For eg. – calling system. Same way Cameras, Wifi, Antenna’s, & other devices works. Mostly Android uses ARM processors.
- ARM is used to design architectures & instruction sets which is then gives licenses to chip manufactures companies. Who designs the chips for mobiles. For ex – Qualcomm sells Snapdragon which is now seen is most android devices is the popular chip manufacturing company.
- Some another companies like – Mediatek, ARM, Qualcomm Snapdragon, AMD, Nvidia, Samsung, IBM, Broadcom INC & Intel which create chips specially for computes.
- ARM is most used hardware in android devices. For checking your android mobile processors. Use CPU-Z applicaion : https://play.google.com/store/apps/detailsid=com.cpuid.cpu_z&hl=en_IN
- ARM is based on RISC (reduced instruction set computer) which is designed to perform million of instructions at higher speed. Since instruction requires fewer transistors which make them cheaper to design & produce.
- Most of the instructions are completed in one cycle, which can allow processor to handle more instructions at same time.
Linux Kernel :
- Linux kernel is main component which is responsible for connecting with android libraries, android framework, end-user applications. Linux kernel act like level of abstraction (Level of Abstraction – the highest level with less details & lowest level with high details). It is important to note that android runs entirely on Linux kernel.
- For checking Linux kernel version in any android mobile. Go to About Phone/ About Device section in settings. There you will see Linux kernel version.
Android debug bridge (adb)
- Android debug bridge (adb) is a command line tool that enable users to access device internal files. ADB commands gives variety of commands which can help in debugging of apps. Adb act like client-server program which includes three main components:-
- Client – Client is used to interact by sending an commands to adb. Here we can use computer as client by connecting it with mobile.
- Daemon (adbd) – Daemon runs the command on mobile. It provides service for the objects which are running.
- Server – Server manages the communication & services between daemon & the client. Server runs on background process on your mobile.
For Accessing ADB (Android Debug Bridge) :-
- If you download & run terminal emulator on non rooted devices. Adb command will not work. As terminal emulator needs superuser permission. And superuser permission can only be granted if the device is rooted. So adb command will return with adb not found. If you run adb in recent android versions on non-rooted devices. adb will not found, as shown below. According to Ethical hacking researcher of International Institute of Cyber Security, Companies regularly updates the security patches to block admin access.
- From mobile – Use Terminal Emulator application for accessing android shell. Download the application : https://play.google.com/store/apps/details?id=jackpal.androidterm&hl=en_IN
- For using all features of android shell. Your mobile must rooted.
- Ensure that terminal emulator application is granted in Superuser.apk or Kingoroot superuser.apk
- Type adb root for getting root access in terminal emulator.
- For knowing the kernel version. uname -a
- ADB From computer – Download the file on your computer for accessing mobile using ADB from your computer: https://forum.xda-developers.com/showthread.php?t=2588979
- Download version 1.3. Install & run the program. Enter Y & press enter.
- Enter Y
- Enter Y, An popup will appear to isntall adb.
- Install adb & your computer will be configured to run adb shell in windows command prompt.
- For running open cmd as administrator.
- Connect your device with computer. Make sure the device drivers are installed on your computer. For testing we are using rooted samsung galaxy grand neo plus I9060. Download driver for this model from : https://www.samsungusbdrivers.net/2017/02/samsung-galaxy-grand-neo-2014-usb.html
- Open CMD as administrator. Type adb devices
- Above you will see list of available devices. You can get the kernel version of your android mobile through computer. Type adb shell for knowing the kernel version.
- Above screenshot shows the kernel version of your android mobile.
- Adb has lot more features. adb is even used while developing applications.
POWER OF ADB (ANDROID DEBUG BRIDGE)
Know the Wifi Password :-
- For knowing the password of connected wifi network.
- Enter the following command on the adb shell we got in the last steps- cat /data/misc/wifi/wpa_supplicant.conf Supplicant.conf stores the wifi password in plain text form.
- For security reasons we have hide the username & password.
- Above screenshot shows the username – ssid password – psk.
Backup Your Files with adb :-
- Type adb backup -all -f E:\backup.ab
- -all will backup all configuration of your device.
- E:\backup.ab is the backup file.
- After entering above command. Press enter & pop up will appear in your mobile to encrypt that file with a password. enter the password.
- Above you can see that backup file has been saved in desired location. You can save different files. But it will only save the configuration of that application.
- Different formats:
- .apk will only save its configuration
- .obb will save obb files.
- .shared will save sd card files.
Restore Backup Files :-
- Type adb restore E:\backup.ab
- Above file has been restored to your mobile device.
Install Multiple Applications :-
- If you want to install multiple applications in your device. Enter following command.
- Type For %f in (E:\android_apps*.apk) do adb install “%f”
- Above screenshot shows that three applications has installed into your device.
Copy Any Application From Your Phone :-
- First of all applications of your mobile. Enter adb shell pm list packages will list all the applications of your mobile.
- According to the ethical hacking researcher of iicybersecurity, you can use the to find any spy apps in your mobile phone.
- For extracting application type adb shell pm path com.package /data/app/com.sec.android.app.samsungapps-1.apk
- com.package– You can enter any package name.
- Enter the location of the application.
- For finding location. Open another cmd as administrator.
- Connect your device with adb. Type cd /data/app
- Then run below command.
- For pulling out the apk. Type adb pull /data/app/com.sec.android.app.samsungapps-1.apk E:\application
- Above screenshot that application has pulled out in your local computer.
- Above is the application which has been pulled out from device.
Gather Information about the device :-
- This command show all the details of the device. Including running services, dump of blue in screen, account details & many other details of mobile.
- Type adb shell dumpsys or type adb logcat
- Above command shows lot of information about the device. This command can be used in gathering information which can help in many phases of cyber forensics.
- For searching any particular service. For ex – Type adb shell dumpsys battery
- Above screenshot shows the information about the battery. Including its voltage with company name of the battery.
Linux Libraries/ Android Runtime :-
- Android libraries are on the top of linux kernel. Android library are responsible for playing or recording videos, audios with defined formats. Some common native libraries like – Media, Webkit, SqLite, OpenGL, FreeType etc. Android library consists of Java-based, C/C++ library.
- Open GL Library – Its an cross platform application program used to create graphics.
- Webkit – Its provides the function to display web content to shorten the page load.
- Media Framework – This library provide to play or to record audio & video.
- Secure Socket Layer (SSL) – This library is used to provide internet security.
Cyber Security Researcher. Information security specialist, currently working as risk infrastructure specialist & investigator.
He is a cyber-security researcher with over 25 years of experience. He has served with the Intelligence Agency as a Senior Intelligence Officer. He has also worked with Google and Citrix in development of cyber security solutions. He has aided the government and many federal agencies in thwarting many cyber crimes. He has been writing for us in his free time since last 5 years.