This is an old revision of the document!
There are several ways to do this depending on the device, but usually the procedure is to open the Android settings application and find something along the lines of About
or About phone
. Enter the menu selection and you should get various information on your device. Scroll all the way down and find the item Build number
and tap it 10
times - after 5
taps the device will tell you that you are 5
taps away from becoming a developer.
First, developer mode has to be enabled and Settings→Developer options→USB Debugging
has to be enabled. Instead of installing an SSH server to be able to log-in to a rooted Android device, the adb
tool can be used instead.
On OSX, adb can be installed via Homebrew:
brew install caskroom/cask/android-platform-tools
Once the device is connected via USB, issue:
adb shell
You may get the error message:
error: device unauthorized. This adb server's $ADB_VENDOR_KEYS is not set Try 'adb kill-server' if that seems wrong.
in which case, issue adb shell
again but pay attention to the Android device screen because Android will prompt for authorization.
In order to be able to write to the root filesystem, issue:
mount -o remount,rw /
Some folders in the root are symlinked into the /system/
filesystem, which can also be (re)mounted with read-write permissions instead of read only:
mount -o remount,rw /system
Keys can be generated by issuing:
openssl genrsa -out key.pem 1024 openssl req -new -key key.pem -out request.pem openssl x509 -req -days 9999 -in request.pem -signkey key.pem -out certificate.pem openssl pkcs8 -topk8 -outform DER -in key.pem -inform PEM -out key.pk8 -nocrypt
and then can be signed using aospsign.jar (also available from Google):
java -jar SignApk.jar certificate.pem key.pk8 Application.apk Application_signed.apk
where:
Application.apk
is the application to sign,Application_signed.apk
is the resulting file
A package can be opened with a simple zip program and you do not need to use apktool
if you are looking to reverse-engineering Android packages.
To disable hardware keys, root is needed and then a hardware key map file must be edited. Using a root explorer, navigate to /system/usr/keylayout
and locate the keylayout file - Generic.kl
should work for most devices, mtk-kpd.kl
works for MediaTek devices (AllView).
Edit the file and place a hash sign (#
) in front of the button mapping, for instance:
key 115 VOLUME_UP
will turn into:
#key 115 VOLUME_UP
Finally, restart the device for the changes to take effect. Note that this is a good and reliable way to disable the power button.
An easy trick to disable calls (such as the emergency call button from the lock screen), is to go to the phone settings, manage applications and disable the Dialer
or Phone
application.
In case Android x86 under qemu/kvm boots to a command prompt (or just displays a blank screen with a curor) and does not go any further then most likely the problem is that -vga std
has to be passed to the qemu/kvm command line.
After installing Android under libvirt, the domain name has to be edited, for instance:
virsh -c qemu:///system
followed by:
edit android.domain
The video
tag has to be deleted and replaced by:
<video> <model type='vga'/> </video>
to allow Android to boot the window manager.
Even better:
<video> <model type='virtio'/> </video>
can be used for 3D acceleration.
Input events can be sent to a device connected to a computer with the Android Platform Tools installed via the adb
command.
Here is a list of useful commands:
adb shell input tap 500 600
will tap the screen at .
adb shell input text 'Hello Android'
will type in the text 'Hello Android'.
Even raw key events can be sent:
adb shell input keyevent 66
will press the enter key.
Similarly, D-PAD events can be triggered:
Direction | KeyCode |
---|---|
Up | 19 |
Down | 20 |
Left | 21 |
Right | 22 |
For instance:
adb shell input keyevent 19
will press D-PAD up.