How to make su on your own in Android

Source: Internet
Author: User

The original blog: http://hubingforever.blog.163.com/blog/static/171040579201372915716149/

Create a directory under system \ extras (for example, Android4.0 \ system \ extras) of Android source code, such as su_robin directory

The su_robin directory contains three files: Su. h file

#ifndef SU_h #define SU_h 1#ifdef LOG_TAG#undef LOG_TAG#endif#define LOG_TAG "robin"#define REQUESTOR "com.noshufou.android.su"#define REQUESTOR_DATA_PATH "/data/data/" REQUESTOR#define REQUESTOR_CACHE_PATH "/dev/" REQUESTOR#define REQUESTOR_DATABASES_PATH REQUESTOR_DATA_PATH "/databases"#define REQUESTOR_DATABASE_PATH REQUESTOR_DATABASES_PATH "/permissions.sqlite"/* intent actions */#define ACTION_REQUEST REQUESTOR ".REQUEST"#define ACTION_RESULT REQUESTOR ".RESULT"#define DEFAULT_SHELL "/system/bin/sh"#ifdef SU_LEGACY_BUILD#define VERSION_EXTRA"l"#else#define VERSION_EXTRA""#endif#define VERSION "3.1.1" VERSION_EXTRA#define VERSION_CODE 17#define DATABASE_VERSION 6#define PROTO_VERSION 0struct su_initiator { pid_t pid; unsigned uid; char bin[PATH_MAX]; char args[4096];};struct su_request { unsigned uid; int login; int keepenv; char *shell; char *command; char **argv; int argc; int optind;};struct su_context { struct su_initiator from; struct su_request to; mode_t umask;};enum { DB_INTERACTIVE, DB_DENY, DB_ALLOW};#endif

Note that many things here are redundant. Su. c file

#include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "su.h"int main(int argc, char *argv[]){ LOGI("hello !robin-su begin %d !",getuid()); printf("hello !robin-su begin"); int uid=0; int gid=0;if(setgid(gid) || setuid(uid)) {LOGI("robin su: permission denied\n");fprintf(stderr,"su: permission denied\n");return 1;} char command[1024]; LOGI("hello !robin-su end %d !",getuid()); printf("hello !robin-su end"); /* Default exec shell. */ execlp("/system/bin/sh", "sh", NULL); fprintf(stderr, "su: exec failed\n"); return 1;}

Android. mk File

LOCAL_PATH := $(call my-dir)include $(CLEAR_VARS)LOCAL_MODULE := surLOCAL_SRC_FILES := su.cLOCAL_STATIC_LIBRARIES := \ liblog \ libc \LOCAL_MODULE_PATH := $(TARGET_OUT_OPTIONAL_EXECUTABLES)LOCAL_MODULE_TAGS := eng debugLOCAL_FORCE_STATIC_EXECUTABLE := trueinclude $(BUILD_EXECUTABLE)

Compile the Android source code to generate the rom. If you do not know how to compile the Android source code, please refer to the pull push command to push it to the system \ xbin directory on your mobile phone, switch to the root user by executing the system's original su, and execute the chmod 6777 sur command on the sur file on the opponent's machine. Change the file attribute to rwsrwsrwx, as shown in the following figure, rwsrwsrwx root 58960 sur. Then, you can switch to the root user by executing the sur that was originally carried by the system. For details about the chmod 6777 sur command, refer to the basic chmod command and refer 《 chmod command advanced (SetUID and SetGID) for more information about setuid, see use of setuid () and setgid!

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.