Android – Detect Root Access from inside an app

Background

Google Wallet used three methods to determine whether an Android device had root access configured. Google Wallet used to mark a device as “Unsupported” if root access was detected on the Android device. The code used to implement the root detection methods was reversed and posted here on pastebin.com.

Overview

Three methods were used:
1) Check if the “su” command was successful
2) Check if the file “/system/app/Superuser.apk” exists
3) Check if the system OS was built with test-keys
If any of these three methods were true, Google Wallet would mark the device as “Unsupported”.

Code Analysis

First method – Execute “su” command

The first method created an interface to the environment, where the app was running, through getting a singleton instance by invoking getRuntime() and passing the “su” command. If an IOException error was not encountered, the command was determined successful.

  private boolean canExecuteSuCommand()
  {
    try
    {
      Runtime.getRuntime().exec("su");
      i = 1;
      return i;
    }
    catch (IOException localIOException)
    {
      while (true)
        int i = 0;
    }
  }

Second method – Check for apk

The second method created an “abstract” representation of a file by using the absolute path and filename to the most popular Superuser application. A call would be made to this representation of the file to check whether the file exists. If the file exists, the command was determined successful.

  private boolean hasSuperuserApk()
  {
    return new File("/system/app/Superuser.apk").exists();
  }

Third method – OS built with test-keys

The third method would extract the operating system build information from a system properties file (/system/build.prop). The extracted build tags information was searched for the phrase “test-keys” and if “test-keys” was found in the build tags information, the command was determined successful.

  private boolean isTestKeyBuild()
  {
    String str = Build.TAGS;
    if ((str != null) && (str.contains("test-keys")));
    for (int i = 1; ; i = 0)
      return i;
  }

Summary method – Determine whether a device is rooted

The final method gathered the results from the prior three tests and if any of the three test results were successful, would return true, indicating the device is rooted.

  public boolean isRootedPhone()
  {
    int i = 0;
    if (!this.mClientConfigurationManager.getClientConfiguration().isRootedPhoneDetectionEnabled());
    while (true)
    {
      return i;
      if ((!isTestKeyBuild()) && (!hasSuperuserApk()) && (!canExecuteSuCommand()))
        continue;
      i = 1;
    }
  }
Tagged with: , , ,
One comment on “Android – Detect Root Access from inside an app
  1. Vaibhav says:

    very good article … it works fine. 🙂 Thanks a lot.

Leave a Reply

Your email address will not be published. Required fields are marked *

*