There are several ways to do this depending on the device, but usually the procedure is to open the Android settings application and find something along the lines of About or About phone. Enter the menu selection and you should get various information on your device. Scroll all the way down and find the item Build number and tap it 10 times - after 5 taps the device will tell you that you are 5 taps away from becoming a developer.

First, developer mode has to be enabled and Settings→Developer options→USB Debugging has to be enabled. Instead of installing an SSH server to be able to log-in to a rooted Android device, the adb tool can be used instead.

On OSX, adb can be installed via Homebrew:

brew install caskroom/cask/android-platform-tools

Once the device is connected via USB, issue:

adb shell

You may get the error message:

error: device unauthorized.
This adb server's $ADB_VENDOR_KEYS is not set
Try 'adb kill-server' if that seems wrong.

in which case, issue adb shell again but pay attention to the Android device screen because Android will prompt for authorization.

In order to be able to write to the root filesystem, issue:

mount -o remount,rw /

Some folders in the root are symlinked into the /system/ filesystem, which can also be (re)mounted with read-write permissions instead of read only:

mount -o remount,rw /system

Keys can be generated by issuing:

openssl genrsa -out key.pem 1024
openssl req -new -key key.pem -out request.pem
openssl x509 -req -days 9999 -in request.pem -signkey key.pem -out certificate.pem
openssl pkcs8 -topk8 -outform DER -in key.pem -inform PEM -out key.pk8 -nocrypt

and then can be signed using aospsign.jar (also available from Google):

java -jar SignApk.jar certificate.pem key.pk8 Application.apk Application_signed.apk

where:

• Application.apk is the application to sign,
• Application_signed.apk is the resulting file

A package can be opened with a simple zip program and you do not need to use apktool if you are looking to reverse-engineering Android packages.

To disable hardware keys, root is needed and then a hardware key map file must be edited. Using a root explorer, navigate to /system/usr/keylayout and locate the keylayout file - Generic.kl should work for most devices, mtk-kpd.kl works for MediaTek devices (AllView).

Edit the file and place a hash sign (#) in front of the button mapping, for instance:

key 115 VOLUME_UP

will turn into:

#key 115 VOLUME_UP

Finally, restart the device for the changes to take effect. Note that this is a good and reliable way to disable the power button.

An easy trick to disable calls (such as the emergency call button from the lock screen), is to go to the phone settings, manage applications and disable the Dialer or Phone application.

In case Android x86 under qemu/kvm boots to a command prompt (or just displays a blank screen with a curor) and does not go any further then most likely the problem is that -vga std has to be passed to the qemu/kvm command line.

After installing Android under libvirt, the domain name has to be edited, for instance:

virsh -c qemu:///system

followed by:

edit android.domain

The video tag has to be deleted and replaced by:

    <video>
      <model type='vga'/>
    </video>

to allow Android to boot the window manager.

Even better:

    <video>
      <model type='virtio'/>
    </video>

can be used for 3D acceleration.

Input events can be sent to a device connected to a computer with the Android Platform Tools installed via the adb command.

Here is a list of useful commands:

adb shell input tap 500 600

will tap the screen at .

adb shell input text 'Hello Android'

will type in the text 'Hello Android'.

Even raw key events can be sent:

adb shell input keyevent 66

will press the enter key.

Similarly, D-PAD events can be triggered:

For instance:

adb shell input keyevent 19

will press D-PAD up.

Issue the following commands via ADB to fix permissions for most packages involved with UnifiedNLP:

pm grant com.google.android.gms android.permission.ACCESS_COARSE_LOCATION
pm grant com.google.android.gms android.permission.ACCESS_FINE_LOCATION
pm grant com.google.android.gms android.permission.GET_ACCOUNTS
pm grant com.google.android.gms android.permission.READ_EXTERNAL_STORAGE
pm grant com.google.android.gms android.permission.READ_PHONE_STATE
pm grant com.google.android.gms android.permission.WRITE_EXTERNAL_STORAGE
 
pm grant com.android.vending android.permission.ACCESS_COARSE_LOCATION
pm grant com.android.vending android.permission.ACCESS_FINE_LOCATION
pm grant com.android.vending android.permission.GET_ACCOUNTS
pm grant com.android.vending android.permission.READ_EXTERNAL_STORAGE
pm grant com.android.vending android.permission.READ_PHONE_STATE
pm grant com.android.vending android.permission.WRITE_EXTERNAL_STORAGE
 
pm grant org.microg.nlp.backend.ichnaea android.permission.ACCESS_COARSE_LOCATION
pm grant org.microg.nlp.backend.ichnaea android.permission.ACCESS_FINE_LOCATION
pm grant org.microg.nlp.backend.ichnaea android.permission.READ_PHONE_STATE
 
pm grant org.fitchfamily.android.dejavu android.permission.ACCESS_COARSE_LOCATION
pm grant org.fitchfamily.android.dejavu android.permission.ACCESS_FINE_LOCATION
 
pm grant com.google.android.gms android.permission.ACCESS_COARSE_LOCATION
pm grant com.google.android.gms android.permission.ACCESS_FINE_LOCATION
pm grant com.google.android.gms android.permission.GET_ACCOUNTS
pm grant com.google.android.gms android.permission.READ_EXTERNAL_STORAGE
pm grant com.google.android.gms android.permission.READ_PHONE_STATE
pm grant com.google.android.gms android.permission.WRITE_EXTERNAL_STORAGE
 
pm grant com.android.vending android.permission.ACCESS_COARSE_LOCATION
pm grant com.android.vending android.permission.ACCESS_FINE_LOCATION
pm grant com.android.vending android.permission.GET_ACCOUNTS
pm grant com.android.vending android.permission.READ_EXTERNAL_STORAGE
pm grant com.android.vending android.permission.READ_PHONE_STATE
pm grant com.android.vending android.permission.WRITE_EXTERNAL_STORAGE
 
pm grant org.microg.nlp.backend.ichnaea android.permission.ACCESS_COARSE_LOCATION
pm grant org.microg.nlp.backend.ichnaea android.permission.ACCESS_FINE_LOCATION
pm grant org.microg.nlp.backend.ichnaea android.permission.READ_PHONE_STATE
 
pm grant org.fitchfamily.android.dejavu android.permission.ACCESS_COARSE_LOCATION
pm grant org.fitchfamily.android.dejavu android.permission.ACCESS_FINE_LOCATION

Delete the files under /data/system:

• password.key
• pattern.key
• locksettings.db
• locksettings.db-shm
• locksettings.db-wal

Here are a few measures you can take for hiding root if you are using Magisk from the Magisk settings:

• enable Zygote,
• hide the Magisk application,
• enable DenyList and enable enforcing the DenyList

Now depending on whether you are using microG services or the standard Android Google services, some applications should be blocked using the Magisk DenyList.

Intuitively, the application to hide root from should also be blocked using the Magisk DenyList feature.

The following services should be blocked using the Magisk DenyList:

• Google Play Protect Services,
• Google Play Services,
• Google Play Store,
• Google Service Framework.

microG serves the same set of functions as Google services such that all microG services have to be blocked, including:

• microG companion,
• microG Services Core,
• microG Services Framework Proxy.

In order to hide a folder from being indexed by Android, simply create an empty dotfile in the folder to be hidden named .nomedia and Android will ignore the folder from any media scanning. Note that the .nomedia dot file applies a recursive exclusion to all descendants, if any, such that the file should be created on a depth-first basis if hiding less is desired.