Android root and insecure adb boot image explained

There is a common mistake between insecure boot/adb and root access.

What is what?

“Rooting” as mostly referred is putting “su” in your system so apps can gain root access and do whatever they want(!!!dangerous!!!). Insecure boot image or adb is having root access through “adb shell”, this however does not let your apps gain root access.

Emulators for example come with insecure boot image it is so called engineering(eng) build, so one can execute various of command in order to test and debug hw and sw features.

How to find out if I have insecure boot?

Execute “adb shell id” from the console. The result should contain “root” and “uid=0”

How to make insecure boot and run adb as root?

Basically to make adbd run as root you have to edit default.prop and change others depending on the build) value to 0 and/or change adbd in your /sbin to a one that is compiled to work as root. Vendors nornally change adbd to their needs so the code can be different but there is a snippets of how approx this is happening…

static int should_drop_privileges() {
return 1;
#else /* ALLOW_ADBD_ROOT */
int secure = 0;

/* run adbd in secure mode if is set and
** we are not in the emulator
property_get("ro.kernel.qemu", value, "");
if (strcmp(value, "1") != 0) {
property_get("", value, "1");
if (strcmp(value, "1") == 0) {
// don't run as root if is set...
secure = 1;

// ... except we allow running as root in userdebug builds if the
// service.adb.root property has been set by the "adb root" command
property_get("ro.debuggable", value, "");
if (strcmp(value, "1") == 0) {
property_get("service.adb.root", value, "");
if (strcmp(value, "1") == 0) {
secure = 0;
return secure;
#endif /* ALLOW_ADBD_ROOT */
#endif /* !ADB_HOST */

property_get("", value, "0");
auth_enabled = !strcmp(value, "1");
if (auth_enabled)

If you need some ready made insecure boot images try this download page.

One thought on “Android root and insecure adb boot image explained

  1. Pingback: Get apk of installed app from Android device | jj crackers

Comments are closed.