It’s a pretty easy task to setup an avd device. But for a security enthusiast, a rooted android device is essential to perform dynamic assessments of android application.
While many use genymotion (a pre-rooted Android Virtual device), Here we setup an rooted Android Studio Emulator. If you are a newbie to the android pentesting and looking for setting up an virtual device, you are at the right place. Just follow the steps i mentioned in this post.
NOTE: Enabling root is not the only task you have it is also important to maintain Root Persistence in your avd devices. So make sure you read and follow till the end && su binary you are downloading must match your emulator device architecture
Let’s Start -
Initial Setup
Turn on your system virtualization options.
Download latest version of android studio.
Add Sdk to your path emulator and platform-tools must needed to be in path for this setup
- In windows the default path when you install Android studio in Home folder is
C:\Users\username\AppData\Local\Android\Sdk - In Linux based os the default directory is
$HOME/Android/SdkYou can set path in Linux using command -
export PATH=$PATH:$HOME/Android/Sdk/emulator:$HOME/Android/Sdk/platform-tools
AVD Creation
- Simply open Android Studio’s AVD Manager. (Launch Android Studio and click on configure which gives a dropdown. Click on AVD Manager)
- A window pops up click on Create Virtual Device.
- Configure your device choose any of the listed devices.
- Choose image. This step is important. Select desired architecture(x86/x86-64) and __os-version__withTag(Google API)
- Next you can name your device and configure Memory_and_storage(optional)
All set your device is created. You can launch your avd through cli by command If path is configured
Linux: emulator -avd Device Name
Windows: emulator.exe -avd Device Name
AVD Rooting
If all good till now, we can start process of rooting it.
Download su binary of your device’s architecture from here
Start your emulator by command
$ emulator -avd testAVD -writable-system
$ adb root && adb remount
This opens a root shell of your android device. Now follow the commands -
# cp /sdcard/Download/su /system/xbin/su
# chmod 06755 /system/xbin/su
# su --install
# su --daemon&
# setenforce 0
Install Superuser android application into your avd. Supersu app allows you to enable root. Download Root-Checker app here
$ adb install supersu.apk
$ adb install root-checker.apk
- Open supersu app in your emulator device.
- It pops up an update permission click on continue
- Then choose Normal method.
- CLick on ok (Be sure you won’t click on reboot).
- Now pass if any prompt appears and check device root status from root-checker app. This gives root grant.
Root Persistance
Rebooting the device may revert all the changes you done so make sure you follow this every time you reboot your device.
From the extended controls of emulator navigate to snapshots section and click on Take Snapshot and rename the snapshop by clicking on pencil icon.
open AVD manager and select settings > show Advanced settings > Emulated performance section > Boot Options > select your snapshot under snapshot dropdown
This will make sure that your device always boot with the saved snapshot with root.
Always start your emulator from terminal/cmd with
Linux: emulator -avd testAVD -writable-system
Windows: emulator.exe -avd testAVD -writable-system
You are all done with rooting your avd.
If you face any issues while following the commands above
Google is your saviour.
Bye!
If you find it helps you, share
