Android Root Detection Techniques. Android Root Detection Techniques Introduction I have taken a look at a lot of Mobile Device Management (MDM) solutions lately to figure out how they are detecting rooted Android devices.
Through some research I have discovered that many of these MDM solutions use similar methods to detect rooted devices. This usually involves looking for specific packages and files, directory permissions, and running certain commands. I won't be disclosing which MDMs use which methods, but I will provide a list of packages, files, folders, and commands that I have found to be used in root detection.
Default Files & Configurations The first root detection checks are for default files and configurations that should be present on a non-rooted device. Checking the BUILD tag for test-keys. Root@android:/ # cat /system/build.prop | grep ro.build.tags ro.build.tags=release-keys Checking for Over The Air (OTA) certs. Installed Files & Packages Superuser.apk. Any chainfire package. Directory Permissions Commands Su. Can you stop certain apps from detecting root? : cyanogenmod. Root access - How to prevent applications from discovering my phone as being Rooted.
To detect rooting status of device, an app issues su command.
If exit status is 0, it means device is rooted.. otherwise, not. To prevent this, you can simply Deny the root access using SuperUser's pop-up (Provided its allowed from SuperUser settings, a pop-up appears when an app issues su command). After this, the app will get non-zero exit status & it can't determine rooting status. Update: Some apps can use other ways to check root status (like checking the su binary file existence). I'd like to admit that none are perfect methods without false-positive result, but sometimes they are successful with luck. The best universal method to prevent detection: Restrict the permission of app's daemon. In the last, I'd like to say: Technically, there's no way to prevent detection by 100% success rate.
Unroot / 100% Reliably Hide Root On Cm11 - Hack / Mod Request. For what it's worth.. i was able to use the Lloyds app by renaming the su binary under xbin (/system/xbin/su) manually, (hidemyroot doesn't seem to do this like it should) the only issue is, if you move it back after, any time you open the app again (or it's open and you're doing it via adb) their app will detect the root and log you out and de-authorize your phone within a matter of seconds, and you have to repeat the process of cleaning data, crippling the root and going through the activation process again... the only tangible solution i can think of that would make this process less annoying is for someone to build a launcher for the app that hides the su binary, then launches the app for you and keeps it hidden until you exit the app (and force close it to be sure) before restoring the binary.. unless the CM dev team can come up with a more graceful solution for this of course.
Android Root Detection Techniques. Why Android’s OTA Updates Remove Root and How to Keep It. Android’s OTA (over-the-air) updates remove root access, forcing you to root them again if you depend on root-only apps.
There are ways to preserve this root access, and re-rooting a device will be easier on some devices than others. This can be annoying on a Nexus device that receives regular updates straight from Google. On an old device that never receives Android updates, it’s not something you’d even think about. Why You Lose Root Android is based on Linux, so Android devices come with a “root” user that functions like the Administrator user account on Windows. The root process also installs an application like SuperSU or Superuser. You’ll usually lose your root access when you install an operating system update.
If you have the Xposed Framework installed, you may need to uninstall it first before running the OTA update. SuperSU’s OTA Survival Mode. How To Trick Apps Into Thinking Your Android Is Not Rooted. Unfortunately, some developers block access to their apps if they detect that the device they’re installed on is rooted.
This is due to a variety of reasons, but usually its due to security (banking apps) or Digital Rights Management (video apps). The worry is that rooted devices, if compromised, have access to more sensitive information thanks to their unrestricted access, as well as the fact that users could find and extract normally hidden DRM content on their devices using a file manager with root access. But you’re the kind of person who roots your Android device and refuses to let others tell you what you can and cannot do with it, so let’s work around this annoyance. Install Xposed The Xposed Framework is a super handy app that allows you to customize your rooted Android phone without flashing a custom ROM.
Now go ahead and install the Xposed Framework. However, Xposed by itself doesn’t do you much good; you’ll need RootCloak to really get anything done. Install RootCloak The Results.