I manually rooted my emulator using following commands
adb shell mount -o rw,remount -t yaffs2 /dev/block/mtdblock03 /system
adb push su /system/xbin/su
adb shell chmod 06755 /system
adb shell chmod 06755 /system/xbin/su
adb install superuser.apk
It is successfully rooted and working su command but while closing emulator and again opening emulator then su command is not working. To overcome this one I want to create a sample app for execute above commands programmaticaly using
Runtime.getRuntime().exec();
Please can one help me how to execute above commands programmatically.
The emulator is rooted out of the box in that the ADB shell runs as root.
What you've done is not "rooted" it, but rather used that pre-existing root shell to install a common hack which will then let application programs run helper tasks as root.
But you cannot do this from an application on the device which does not already have the ability to launch a helper as root - so you are stuck with a circular dependency or chicken-and-egg problem of needing root in order to install a root helper.
You will not be able to do this on the device or even emulator without finding a security hole (or pre-existing intentional privilege escalation mechanism) to exploit.
However:
you could read up on how to make the emulator's state persistent, and do it manually only once
you could issue the commands from a script running on the develpment machine, rather than on the device/emulator
Related
How to know which Emulator image will contain su?
I can see that often it only contains su or google play
Run adb root and you get a root shell ... otherwise su needs to be manually installed.
However, when already having a root shell available, installing it isn't much of a problem.
All images are rooted, but SDK apps requesting escalation of privileges do rely upon su.
This question here generally duplicates: How to get root access on Android emulator?
adb shell scripting must:
start the emulator
run adb root
run adb shell
remount system partition
adb push the su binary
chmod to set permissions
exit
Or to answer the question:
start the emulator
and check if the file exists, eg. with adb shell stat /usr/bin/su
Where stat gives this response, when it's not installed:
stat: '/usr/bin/su': No such file or directory
One could even loop all Android images installed in $ANDROID_SDK_HOME...
there's no "one click" solution, but adb can be fully automated with Bash or Batch. And one wouldn't even have to run the emulator, but can mount QCOW2 as a nbd network block device.
We are making our application system app by moving the apk to system dir and restarting the device. In order to do this, need to run couple of adb commands.
In the production stage we cannot ask the client to run all these commands from their system. So i wanted to know is there any was i can run an script file which will do all these processes for me.
Commands i need to execute:
adb root
adb remount
adb push /sdcard/download/base.apk /system/priv-app/
adb shell chmod 644 /system/priv-app/base.apk
adb reboot
And is it possible to run a script file without the help of any third-party application ?
From a shell on my PC, I can run adb shell cmd package list packages, and get a list of all installed packages. I would like to run this and similar commands locally on my Android phone (Nexus 6P) in a terminal emulator (currently using Termux).
If I open the same shell with /system/bin/sh, and then try to run /system/bin/cmd package list packages, nothing happens (no errors, just outputs nothing and reloads the prompt).
If I run /system/bin/cmd -l the list of options appears as expected. $PATH and $LD_LIBRARY_PATH are the same in both environments. One major difference is that echo $USER returns "shell" from adb shell, but returns my local username from /system/bin/sh launched from Termux.
Is there any way to replicate the behavior of commands run from adb shell in a terminal emulator locally on Android?
Edit:
My device is rooted, and I am OK with root only solutions.
The problem is Termux. By design, Termux runs only (or is mostly?) the Linux command line programs that you install from within Termux using apt or the newer "native" package management interface, e.g. apt install bsdtar. What you need to run the adb shell commands is a terminal emulator that can truly access the underlying Android file system, not just the Termux that is practically a chroot save for the fact that it's aware it's not running commands from the filesystem root /.
As a simple test, run the following command:
which ls
It should return something like /system/bin/ls. But if it returns something like /data/data/com.termux/files/usr/bin/applets/ls then you have to change your terminal emulator to something else. I suspect that Termux was designed to take into account the more restrictive shell execution policies that Google put into place after KitKat or the Android 4.X.
The Android distribution I'm using, LineageOS 14.1, comes with a built-in shell emulator that allows me to run commands found in /system/bin/ls.
I don't have a rooted Nougat device handy, but something like the following may be a close enough approximation to adb shell (assuming you are using SuperSU):
env -i USER=shell "$(PATH=/system/xbin:/system/bin:/su/bin:/sbin:/magisk/.core/bin which su)" shell --context u:r:shell:s0 --shell /system/bin/sh --command COMMAND
I (very briefly) tested it from Termux on a rooted Marshmallow device.
To elaborate:
the -i flag is used to start with an empty environment
USER=shell isn't specifically required, but for some reason su refuses to run with a completely empty environment
$(PATH=/system/xbin:/system/bin:/su/bin:/sbin:/magisk/.core/bin which su) points to the full path of the su binary on your device and can be hardcoded if you prefer
shell instructs the su binary to login as the shell user (the same as adb shell)
--context u:r:shell:s0 sets the appropriate SELinux context
--shell /system/bin/sh instructs SuperSU to use the system shell rather than it's own sush shell
Another option would be to actually run adb from the device, connecting to itself over TCP. If you need some functionality that is only available via adb (e.g. in my case it was adb forward) then this may be your only option. Unfortunately this isn't particularly convenient.
I wasn't able to find success with any publicly available adb binaries, so I build it myself with a few minor changes. You can see the sources I used and the changes I made at https://github.com/shakalaca/fastboot-adb-android and https://github.com/brbsix/fastboot-adb-android, respectively.
Once you have adb installed, here's an abbreviated list of commands I used to connect to the device:
# Add iptables rules to block external connections to port 9999'
su root iptables -N adbd
su root iptables -A adbd -i lo -p tcp -m tcp --dport 9999 -j ACCEPT
su root iptables -A adbd -p tcp -m tcp --dport 9999 -j DROP
su root iptables -A INPUT -j adbd
# Necessary in order to display authorization prompt
su shell setprop ro.debuggable 1
su shell setprop service.adb.tcp.port 9999
su root start adbd
adb connect 127.0.0.1:9999
adb wait-for-local-device
To shut down:
adb kill-server
su root stop adbd
su shell setprop ro.debuggable 0
su shell setprop service.adb.tcp.port 0
su root iptables -D INPUT -j adbd
su root iptables -F adbd
su root iptables -X adbd
So I tried this recently...if you're rooted you can use a terminal emulator.
su
then the command you want without "adb shell" part of it.
i tried the command "adb shell dumpsys deviceidle force-idle" in order to force device into doze.
I did this on the device via terminal emulator as:
"dumpsys deviceidle force-idle" and it did take effect.
also the dumpsys batterystats command worked.
be careful with commands with extensive text output, as the screen will be flooded with the output and will be unresponsive for some time.
EDIT
I originally answered this without the termux tag in mind. This worked for me while trying to execute shell commands on a vanilla emulator and saw this question while researching, so I tried to answer it differently.
You almost had it there in your question. You only need to execute sh:
int result = -1;
try {
final Process shell = Runtime.getRuntime().exec("sh");
final DataOutputStream commands = new DataOutputStream(shell.getOutputStream());
commands.writeBytes("write a series");
commands.writeBytes("of commands here");
commands.writeBytes("exit\n");
commands.flush();
result = shell.waitFor();
}
} catch (Exception e) {
e.printStackTrace();
}
If result == 0 the commands were succesful, else otherwise
Only rooted android
Busybox must be installed (though you can try without it)
Just write the normal command without the prefix adb
My phone Samsung Galaxy S5 mini is rooted. I'm trying to pull files from /data/data/myapp.package/ to folder on my PC.
adb pull /data/data/myapp.package E:\myapp\myapp.package
it gives me this error
adb: error: failed to copy '/data/data/myapp.package' to 'E:\myapp\myapp.package': Permission denied
I found many questions like mine but no answer solved my problem. Some suggested to execute this command adb root before pulling files. Some suggested to install adbd insecure app to enable root access. In fact after installing that app, phone disappeared from adb terminal. Both solution didn't work for me.
BTW, I can copy files using cp command from adb shell but I have to copy files to sdcard and then pull from sdcard. I'm looking for solution which allows me to copy files directly from /data/data/myapp.package to my PC
Any solution?
For your adb to be able to access /data/data directly (for adb pull), your adbd should be running as root - which can generally be done by adb root command.
adb root would not work on commercial devices like Samsung Galaxy S5 mini as commercial devices have ro.secure=1, i.e., the adbd can't be restarted as root due to a check of property called ro.secure. adbd insecure app circumvents this and restarts adbd in root mode to enable adb pull, etc. to work.
In short, if adbd insecure app doesn't work for you, it's not possible to do adb pull from /data/data in your existing ROM. It might be possible if you change the ROM / do some boot.img tweaks, but I would probably suggest trying latest version / different versions of adbd insecure app before going for ROM changes.
Read more on rooting here.
First you need to hit these two command from command line
adb root
adb remount
then
adb pull /data/data/myapp.package E:\myapp\myapp.package
This is my example pulling DB file from the root directory
adb -e shell "run-as com.example.project cp /data/data/com.example.project/databases/project.db /sdcard"
The key is run-as
Here's a one-liner that lets you pull a file without installing anything else and without having to copy it to a public location on the device to then pull it to your computer:
adb exec-out su -c cat /data/data/myapp.package/my_file.apk > my_file.apk
What this does:
adb exec-out runs a command and outputs the raw binary output
su -c runs the provided command as root
cat <file> prints out the file contents
> <file> redirects the output from adb (i.e. the raw file contents) to a local file.
I know there are quite a few question like this around but none of them really seems to work for me.
I am writing a program that automatically updates and installs itself, however to install the update it requires user confirmation but I do not want this as the device I will deploy on will never be physically used by anyone. So to try work around this I want to root the device and use a runtime command in the code to get it to just install.
To test this out I want to try it on the (AVD) emulator first however it (obviously) needs to be rooted. So how would i go about this?
I have tried commands in the adb shell (and out of it with the adb shell) like:
mount -o rw,remount -t yaffs2 /dev/block/mtdblock03 /system
push su /system/xbin/su
chmod 06755 /system
chmod 06755 /system/xbin/su
and a few others I can't find again at this moment but they will always give me errors such as cannot stat 'su' and stuff like that (will edit if i can find the commands and recreate again) or they just don't say anything and it doesn't appear to work.
If it helps i'm using xamarin in visual studio.
When working with android emulators, just do:
adb.exe root - restart adbd with root permissions
adb.exe unroot - restart adbd without root permissions
You can find adb.exe at: android_sdk\platform-tools\
You can confirm if the device is rooted by doing:
adb.exe shell
Inside the shell type: whoami. Then type exit to exit the shell
Example
P:\Android\sdk\platform-tools>adb.exe shell
generic_x86:/ $ whoami
shell
generic_x86:/ $ exit
P:\Android\sdk\platform-tools>adb.exe root
P:\Android\sdk\platform-tools>adb.exe shell
generic_x86:/ # whoami
root
generic_x86:/ # exit
P:\Android\sdk\platform-tools>adb.exe unroot
P:\Android\sdk\platform-tools>adb.exe shell
generic_x86:/ $ whoami
shell
generic_x86:/ $ exit
You can use https://www.genymotion.com/. All devices created are rooted by default. For example start a device then type adb shell command. It will open a rooted shell.