In the previous post, I mentioned about rooting the Android emulator. Now, rooting the real Android phone is another thing, quite different from rooting Android emulator.
What is the main difference? In the Android emulator, once we “adb shell”, it is “#” as root. That is why we can remount the filesystem, and do whatever as root. In the real Android phone, once we “adb shell”, it is “$” instead of “#”. That is the main difference. That is why we cannot remount the filesystem or do whatever.
Then, how should we do? According to this article, it mentions a very general way to have a temporary root. To simplify it, what we need to do is to get “psneuter“. We can get the source code of “psneuter” also. In my case, I compile the source myself with Android NDK.
Before connect the phone with the computer, make sure the setting of USB Debugging is enabled. Once we obtain this psneuter (compile by our own or get pre-compiled binary), we can
adb push psneuter /data/local/tmp
/data/local/tmp is the only folder that has read/write/execute access. So, “adb shell”, then in “adb shell”,
As a result, we will kick out from “adb shell”. Now, “adb kill-server”, then wait a while, then “adb devices”, then “adb shell” again. Now, we can see the “#” instead of “$”. Yes, this is a temporary root. If we reboot the phone, everything will be restored, then we need to run psneuter from “adb shell” again.
So, we can put the busybox or any other command-line tools in the /data/local/tmp/ as well.
PS: Next, I am going to post about game hacking. Actually, this is the original purpose that I want to root Android, because I am frustrated with some stupid games.