There are tens of thousands of unique android devices out there, almost all of them have a slightly different rooting method. So, in this article we’re going to look at everything you need to know about rooting your android phones and take a high level view of the steps you need to follow.

The Risk

First of all, we need to acknowledge the risk involved in rooting your phone. For popular models, such as the Samsung S series or the Nexus models, you will usually find very active communities based on rooting these specific devices (on reddit, XDA etc.) as well as long term support from popular custom ROMs like the Lineage OS (previously CyanogenMod). For such devices there is little to no risk in rooting your devices, so long as you follow the steps accurately.

If your devices aren’t very popular, then rooting becomes a bit tricky. For these devices it is of utmost importance that you completely understand the rooting process (which is why we’re here), are capable of debugging any errors that may occur and obtain your rooting method from a reputable source.

So let’s dive in. We’ll take a look at everything you need to know about rooting your Android phone: What is it exactly, reasons for doing it, reasons for not doing it and finally how to do it.

What is rooting?

To understand rooting we first need to understand how Android works. Android is based on a Linux kernel. The kernel is the essential center of a computer operating system, the core that provides basic services for all other parts of the operating system. It directly talks to the hardware and does whatever job it is assigned.

But there are certain things which it isn’t allowed to perform for the average user for their own safety. Such commands require admin level privileges to execute and on normal devices nobody except the operating system itself can perform this. This is important. This is what stops apps from performing something the user did not allow. As an example, perhaps you’ve noticed that no app can enable the data connection on your phone, you must manually do it.

Further, all the apps are like different users of the operating system. When you agree to the permissions asked by an app, you are defining what all it can do, what all information it has access to and what all it can ask the Linux kernel to do.

Rooting is the process of obtaining root-level access (or administrative privileges) to your device, allowing you to be in control of every aspect of the device.

So what are these secret things that rooting allegedly allows you to do?

Why root your device?

Rooting is pretty awesome. Here are some things one can do with a rooted Android smartphone, to name a few:

  • Get rid of bloatware and uninstall default apps
  • Improve battery life
  • Automate any tasks
  • Block all advertisements
  • Install custom ROMs
  • Get complete anonymity by using Tor
  • Finally, almost all hacking related apps (sniffers, MITM-ers, WiFi crackers) require rooted devices.
  • Rooting is reversible. Don’t like it? You can go back.

Why not root your device?

  • It’s a security risk.
  • It may void your warranty.
  • If something goes wrong, you will be the owner of an expensive brick.

How to root your device?

Once again, as this is a high level view, we won’t be going into the gritty details as there are too many devices out there. So here we’ll take a look at the rooting process in general. These are the two steps that you will have to follow no matter what your device is:

  1. Unlocking or bypassing any bootloader protection. This allows the system partition to be overwritten.
  2. Installing the device-specific binaries allowing you to acquire root.

Now how these two steps are carried out differs from device to device.

Unlocking The Bootloader

While some phones such as the Nexus are almost too easy to root, not all OEMs (original equipment manufacturers) feel that users should be messing with their devices. So in many popular phones today, OEMs try to protect the bootloader. The bootloader is simply the program on your phone that places the Android OS into the memory (RAM) when the phone is starting up. From there on, the OS is in charge. And if the bootloader is locked, then there’s no clear path for us to get root privileges. So this is something that we have to deal with before we are able to root our device.

Unlocking the bootloader usually involves exploiting a vulnerability in the OEMs software in order to be able to rewrite certain partitions. These are the partitions in the internal memory of the phone and contain the OS. There are a few common ways to go about this:

  • Flashing a new bootloader
  • Flashing a new recovery
  • Temporarily booting from an image over USB in order to gain recover access to the system partition.

On development phones, such the Nexus range by Google, this step can be as simple as running the fastboot oem unlock command (although this wipes the phone clean).

So this is step 1. You should always check for an official route to rooting your phone before you seek third party solutions.

Installing the root binaries

The hard part is over. Installing the root binaries includes two things:

  • The backend: Installing the ‘su’ (superuser) binary
  • The frontend: Installing a user facing apk, an app for handling root permissions for all the other apps. For example: SuperSU

For installing the su binary, the most common approach is to simply use a pre-rooted ROM provided by the community. Again, you’ll have to check which ROMs are available for your device.

Some devices may require additional steps to complete the rooting process. For example, rooting-in-place, that is rooting your pre-installed OS usually involves exploiting a vulnerability in the OS.

So long as you follow the steps from a reputed and reliable source there will be zero risk of bricking your device.



Want to be a real hacker? Sign Up!



go to top