detectRootManagementApps • Using the PackageManager, check for a list of well known root apps • "com.noshufou.android.su" • "com.noshufou.android.su.elite" • "eu.chainfire.supersu" • "com.koushikdutta.superuser" • "com.thirdparty.superuser" • "com.yellowes.su"
detectPotentiallyDangerousApps • Using the PackageManager, check for a list of well known apps that require root • "com.koushikdutta.rommanager" • "com.koushikdutta.rommanager.license" • "com.dimonvideo.luckypatcher" • "com.chelpus.lackypatch" • "com.ramdroid.appquarantine" • "com.ramdroid.appquarantinepro"
detectRootCloakingApps • Using the PackageManager, check for a list of well known root cloak apps (not used in isRooted function) • “com.devadvance.rootcloak" • "com.devadvance.rootcloakplus" • "de.robv.android.xposed.installer" • "com.saurik.substrate" • "com.zachspong.temprootremovejb" • "com.amphoras.hidemyroot" • "com.amphoras.hidemyrootadfree" • "com.formyhm.hiderootPremium" • "com.formyhm.hideroot"
checkForBinary("busybox") • busybox • BusyBox combines tiny versions of many common UNIX utilities into a single small executable • https://busybox.net/about.html • RootԽͨ͠ޙʹೖΕͨΓ͢ΔΒ͍͠ • ೖͬͨ··ͷ͋ΔΒ͍͠ • RootBeer#isRootedWithoutBusyBoxCheck
checkForRWPaths() • When you're root you can change the permissions on common system directories, this method checks if any of these path Const.pathsThatShouldNotBeWrtiable are writable. • "/system" • "/system/bin" • "/system/sbin" • "/system/xbin" • "/vendor/bin" • "/sbin" • "/etc"
detectTestKeys() • Release-Keys and Test-Keys has to do with how the kernel is signed when it is compiled. Test-Keys means it was signed with a custom key generated by a third-party developer. • /system/build.propͷro.build.tags
magiepooh
nrryuya
nagiss
ikezoemakoto
keio_smilab
k_koheyi
yokawasa
miyake
saboyutaka
adavis
miyashino
kawaguti
pistatium
brianwarren
zenorocha
philhawksworth
edds
chriscoyier
jcasabona
paulrobertlloyd
reverentgeek
cassininazir
jakevdp
jlugia