Basic operation of ROOT and rooting of Android mobile phones——take Redmi Note7 rooting and rooting Android native system as an example

Mobile 2023-07-18 17:13:38 views: null

Article Directory

foreword

To learn Android reverse engineering, you need to debug. Although you can do some debugging by rooting the test machine before, some software cannot run and debug normally, so you choose to flash the Android native system (PixelExperience)

1. Introduction

1. Android permissions

  1. Software permissions (third-party software) have the lowest permissions, and you need to request permissions from the user
  2. User permissions are higher than third-party software and can be authorized
  3. ROOT authority highest authority

2. Android Partition

Boot partition

Including the kernel (Kernel) and virtual memory (Ramdisk), the root is mainly to modify the boot partition, if the boot is damaged, it will not be able to start, and it will be stuck on the first screen boot logo page

System partition

Contains the entire operating system and system software. System upgrades and flashing are usually operated on this partition. If the system partition is damaged, it will be stuck on the second screen, the boot animation interface, and cannot enter the system. The Vendor partition contains vendor-customized applications and library
files
. Many manufacturers will also directly put these files in the system partition

Data partition

Contains various user data stored in the mobile phone, including applications, audio and video, pictures, documents, system settings, etc. Erasing this partition will clear all data in the mobile phone and will not affect the system startup

Cache partition

The cache area of ​​the Android system is used to quickly open the most frequently accessed data and applications of the system. Clearing the cache will not affect the use of the system

Recovery Partition

Recovery partition, including a simple linux system, can be used to restore and update other partitions, similar to Windows PE, it can also perform operations such as erasing and restarting other partitions, and flashing is often performed in this partition

3. Fastboot

Brief introduction of wire brush and card brush:

  1. Wire brush: connect to the computer through the data cable, enter the fastboot flash machine
  2. Card swiping: Download the system package to the mobile phone, enter the recovery flashing machine

In recent years, there have been more and more mobile phones without recovery partitions. Android has introduced a new ota upgrade method A/B system updates since 7.0. This method changes the boot and system partitions into two sets of A/B, which can be Seamless upgrade, automatically switch partitions after restarting the phone

Please add a picture description

At this time, you need to use fastboot to flash the machine
. Similar to the BIOS of a computer, after booting, the bootloader will initialize the hardware device, boot the operating system kernel, and then you can choose to enter the fastboot mode to
flash. enter fastboot
Please add a picture description

2. Preparation

1. Android SDK tools

Download link SDK platform tool version description
After decompression, you can see the adb and fastboot tools.
You can directly open cmd in the folder or add the folder to the environment variable to execute the command
Please add a picture description

2. Unlock BL

  1. Open developer options, turn on usb debugging and oem unlock
  2. Unlock the Bootloader lock (BL lock)
    Click the device unlock status in the developer options, bind the account and device (you need to insert a mobile phone card) and then use the unlock tool
    on Xiaomi's official website , enter the fastboot mode of the phone and follow the unlock tool prompts to unlock the BL Lock

3. ROOT

1. Fastboot wire brush (recommended)

Get the system boot image

For MIUI, you can select the corresponding model to download the card flash package on xiaomiROM.com
, or you can choose to download the complete update package in the mobile phone system update option, and then transfer the file to the computer to
get the boot.img file after decompression

patch boot.img

  1. Install the Magisk management app on the phone
  2. Use the command adb push boot.img /sdcard to push the newly obtained boot file to the mobile phone
    and open the file management to find boot.img in the internal storage device directory
  3. Click Install in magisk, choose to patch a file, and patch the boot.img file just now
  4. You can find the img file of magisk_pached in the /Download/ directory of the internal storage device, and then transfer the patched boot.img to the computer

Brush into boot

  1. The phone enters fastboot mode
  2. computer use command
    adb reboot fastboot                   //重启至fastboot
fastboot flash boot "boot.img路径"    //刷入修补后的boot
  3. If the ab partition model fails to flash the prompt, you can use
    fastboot flash boot_a xxx.img			//刷a分区
fastboot flash boot_b xxx.img			//刷b分区
    Erase the two partitions
    and open the magisk management app after restarting. If the version number and super user options are successfully displayed, the root authority is successfully obtained.
    Please add a picture description

2. Recovery card swiping (you can try)

  1. Enter the twrp official website , download the boot.img file corresponding to the model of the device
  2. Execute the flash command fastboot flash recovery "img file path" on the computer
  3. Install magisk in recovery
    and put the magisk package (the suffix name is changed to zip) into the phone.
    Press and hold the power and volume + keys until the logo appears to enter recovery.
    Install magisk.zip
    . After restarting, change .zip to .apk and install magisk On the management side,
    if magisk displays the version and there is a super user option below, it means that the root is successful

Disadvantages: twrp is required to adapt the mobile phone, and the ab partition mobile phone may need to be flashed twice

4. Redmi Note7 flash Android native system

Log in to the official website of pixelexperience,
find note7, and click install guidePlease add a picture description

Operate according to the InstallGuide , click Show Instructions below to view the detailed steps (very detailed, just do it)

  1. unlock BL lock
  2. Download the recovery partition image file and install
    adb reboot bootloader
    fastboot flash recovery "img path"
    After shutdown, press and hold the power and volume + keys until the logo appears to enter recovery
  3. Download and install the PixelExperience installation package.
    In the recovery, first restore the factory settings
    , then select update and Apply from ADB
    computer. After using adb sideload filename.zip,
    the pixel system will be automatically refreshed. After restarting, it can be used normally.

In this step, you can extract the boot.img in the .zip file, then use magisk to patch it, and enter fastboot for root

V. References

Play machine must see! Take you into the pit of Android flashing, the ROOT basic guide that even Xiaobai can understand is here!

Guess you like

Origin blog.csdn.net/OrientalGlass/article/details/131306975
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com