I created a method for checking whether the android phone is rooted or not. This is done as follows
public int checkrootcommand(String string) {
// TODO Auto-generated method stub
Process exec;
try {
exec = Runtime.getRuntime().exec(new String[]{"su","-c"});
final OutputStreamWriter out = new OutputStreamWriter(exec.getOutputStream());
out.write("exit");
out.flush();
Log.i(SUPER_USER_COMMAND, "su command executed successfully");
return 0; // returns zero when the command is executed successfully
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return 1; //returns one when the command execution fails
}
But the problem is that the method checkrootcommand() is executed first it works perfectly, but when the same method called again the superuser session is still running. Is there any way to end the superuser session once the method is executed??
There is no reliable means of detecting a rooted condition on a device where hardware protections have been overcome by exploiting software vulnerabilities.
At best you can detect the presence of particular toolsets or scan for things that aren't supposed to be there or changes in files that are - but that requires knowledge of what a given installation should look like, and assumes that the OS functionality you are using to make the checks hasn't been modified to hide the changes.
To reliably scan, you need to be sure trusted code runs at a lower level than untrusted code; a rooted device is one where this assurance has been fundamentally broken, or where the end user is trusted more than you the developer are.
In your case, you should kill the process after executing it for the job which is done before returning. The following changes to your code should do the thing.
public int checkrootcommand(String string) {
// TODO Auto-generated method stub
Process exec = null;
try {
exec = Runtime.getRuntime().exec(new String[]{"su","-c"});
final OutputStreamWriter out = new OutputStreamWriter(exec.getOutputStream());
out.write("exit");
out.flush();
Log.i(SUPER_USER_COMMAND, "su command executed successfully");
return 0; // returns zero when the command is executed successfully
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} finally {
if (exec != null) {
try {
exec.destroy();
} catch (Exception ignored) {
}
}
}
return 1; //returns one when the command execution fails
}
You may not be able to universally detect whether phone is rooted or not but you should be able to request and then confirm is your app can access root by running id as root e.g., su -c id
validate if the command executed successfully and the output contains uid=0
i.e., the uid of the root user.
Method 1 : Application asks for ROOT access :
Add this in your app-level gradle build file :
dependencies {
compile 'eu.chainfire:libsuperuser:201501111220'
}
Now,
System.out.println(Shell.Su.available());
//Outputs true if user-granted else false
Method 2 : Application doesn't asks for ROOT :
boolean deviceisRooted() {
String[] filespaths = {"/system/app/Superuser.apk","/sbin/su", "/system/bin/su","/system/xbin/su"};
for (String xyz : filespaths) {
if (new File(xyz).exists()) return true;
}
return false;
}
System.out.prinln(deviceisRooted());
//Outputs true if device is ROOTED else false
//Doesn't asks user
//Also returns true IF NOT PROPERLY ROOTED (But ROOTED somehow)
Use this code:
Process executor = Runtime.getRuntime().exec("su -c ls /data/data");
executor.waitFor();
int iabd = executor.exitValue();
if(iabd != 0){ /*process exit value is not 0, so user is not root*/ }else{ /* user is root*/ }
You can achieve this from a terminal command and you can run terminal commands within an app.
if [ ! -z "$(/system/bin/ps -A | grep -v grep | grep -c daemonsu)" ]; then echo "device is rooted"; else echo "device is not rooted"; fi
Your application also doesn't require root access this way.