Possible Duplicate:
Determine if running on a rooted device
How do you determine (programmatically) if an Android device is: rooted Running a cracked copy of your software or rom.
I have some sensitive information in my database, and I would like to encrypt it when the phone is rooted aka the user has access to the database. How do I detect that?
RootTools. isAccessGiven() not only checks that a device is rooted, it also calls su for your app, requests permission, and returns true if your app was successfully granted root permissions. This can be used as the first check in your app to make sure that you will be granted access when you need it.
Step 1: Open Settings, and click the "About phone" > "Status information" > "Phone status" option. Step 2: If your device has an official phone status, it is not rooted. Instead, if there is a custom tag on the screen, your phone has been rooted.
Access Phone Settings From Anywhere With WebKey Mobile Defense only allowed for very general tracking. Now, with a rooted Android, full remote access is possible, and that's what WebKey accomplishes. With WebKey, you can access your Android's GPS, SD card, location and a whole lot more.
Rooting detection is a cat and mouse game and it is hard to make rooting detection that will work on all devices for all cases.
See Android Root Beer https://github.com/scottyab/rootbeer for advanced root detection which also uses JNI and native CPP code compiled into .so native library.
If you need some simple and basic rooting detection check the code below:
/** * Checks if the device is rooted. * * @return <code>true</code> if the device is rooted, <code>false</code> otherwise. */ public static boolean isRooted() { // get from build info String buildTags = android.os.Build.TAGS; if (buildTags != null && buildTags.contains("test-keys")) { return true; } // check if /system/app/Superuser.apk is present try { File file = new File("/system/app/Superuser.apk"); if (file.exists()) { return true; } } catch (Exception e1) { // ignore } // try executing commands return canExecuteCommand("/system/xbin/which su") || canExecuteCommand("/system/bin/which su") || canExecuteCommand("which su"); } // executes a command on the system private static boolean canExecuteCommand(String command) { boolean executedSuccesfully; try { Runtime.getRuntime().exec(command); executedSuccesfully = true; } catch (Exception e) { executedSuccesfully = false; } return executedSuccesfully; }
Probably not always correct. Tested on ~10 devices in 2014.
If the information is sensitive you should probably just encrypt it for all users. Otherwise a user could install your app unrooted, then root and read your database once the data's been written.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With