AERoot is a command line tool that allows you to give the root privileges on-the-fly to any process running on the Android emulator with Google Play flavors AVDs.
This project is a rewrite from scratch of the android-emuroot tool (https://github.com/airbus-seclab/android_emuroot). It comes with new features:
- Recent AVDs support (Android API > 27)
- Execution time optimization
- Selection of a process by its PID
| Release Name | API Level | ABI | Target |
|---|---|---|---|
| Nougat | 24 | x86 | Android 7.0 (Google Play) |
| Nougat | 25 | x86 | Android 7.1.1 (Google Play) |
| Oreo | 26 | x86 | Android 8.0 (Google Play) |
| Oreo | 27 | x86 | Android 8.1 (Google Play) |
| Pie | 28 | x86 | Android 9.0 (Google Play) |
| Pie | 28 | x86_64 | Android 9.0 (Google Play) |
| Q | 29 | x86 | Android 10.0 (Google Play) |
| Q | 29 | x86_64 | Android 10.0 (Google Play) |
| R | 30 | x86 | Android 11.0 (Google Play) |
| R | 30 | x86_64 | Android 11.0 (Google Play) |
git clone https://github.com/quarkslab/AERoot.gitpip3 install -r requirements.txtFirst of all, you must launch the Android emulator with the gdb qemu option (-qemu -s).
emulator @Your_AVD -qemu -sThen run aeroot.py by choosing the mode among:
- pid: give the root privileges to a process selected by its PID.
- name: give the root privileges to a process selected by its name.
- daemon: give the root privileges to the ADB daemon, so shells created with adb shell will automaticaly have root rigths.
aeroot.py [-h] [--verbose | --quiet] [--device DEVICE] [--host HOST] [--port PORT] {name,pid,daemon} ...aeroot.py pid 1337Gives the root privileges to the process with pid 1337
aeroot.py name my_processGives the root privileges to the process named "my_process"
aeroot.py daemonGives the root privileges to the ADB daemon
You can find additional options by checking the help of the tool: aeroot.py -h