Determine if running on a rooted device

Question

My app has a certain piece of functionality that will only work on a device where root is available  Rather than having this feature fail when it is used  and then show an appropriate error message to the user   I d prefer an ability to silently check if root is available first  and if not hide the respective options in the first place   Is there a way to do this

User · Answer

if you don t want to use any 3rd party library or any random solution then just use google lib for detecting it  Android Device Verification response        quot timestampMs quot   9860437986543     quot nonce quot    quot R2Rra24fVm5xa2Mg quot      quot apkPackageName quot    quot com package name of requesting app quot      quot apkCertificateDigestSha256 quot     quot base64 encoded  SHA-256 hash of the                                   certificate used to sign requesting app quot       quot ctsProfileMatch quot   true     quot basicIntegrity quot   true     ctsProfileMatch it gives false if the device is rooted  ref link   1   https   developer android com training safetynet attestation

User · Answer

Using my library at rootbox  it is pretty easy  Check the required code below         Pass true to  lt Shell gt  start      call to run as superuser     Shell shell   null      try               shell   Shell start true         catch  IOException exception                exception printStackTrace              if  shell    null                 We failed to execute su binary             return      if  shell isRoot                     Verified running as uid 0  root   can continue with commands                       else             throw Exception  Unable to gain root access  Make sure you pressed Allow Grant in superuser prompt

User · Answer

Many of the answers listed here have inherent issues    Checking for test-keys is correlated with root access but doesn t necessarily guarantee it  PATH  directories should be derived from the actual  PATH  environment variable instead of being hard coded The existence of the  su  executable doesn t necessarily mean the device has been rooted The  which  executable  may or may not be installed  and you should let the system resolve its path if possible Just because the SuperUser app is installed on the device does not mean the device has root access yet   The RootTools library from Stericson seems to be checking for root more legitimately  It also has lots of extra tools and utilities so I highly recommend it  However  there s no explanation of how it specifically checks for root  and it may be a bit heavier than most apps really need   I ve made a couple of utility methods that are loosely based on the RootTools library  If you simply want to check if the  su  executable is on the device you can use the following method   public static boolean isRootAvailable        for String pathDir   System getenv  PATH   split                if new File pathDir   su   exists                  return true                      return false      This method simply loops through the directories listed in the  PATH  environment variable and checks if a  su  file exists in one of them   In order to truly check for root access the  su  command must actually be run  If an app like SuperUser is installed  then at this point it may ask for root access  or if its already been granted denied a toast may be shown indicating whether access was granted denied  A good command to run is  id  so that you can verify that the user id is in fact 0  root    Here s a sample method to determine whether root access has been granted   public static boolean isRootGiven        if  isRootAvailable              Process process   null          try               process   Runtime getRuntime   exec new String    su    -c    id                 BufferedReader in   new BufferedReader new InputStreamReader process getInputStream                  String output   in readLine                if  output    null  amp  amp  output toLowerCase   contains  uid 0                    return true            catch  Exception e                e printStackTrace              finally               if  process    null                  process destroy                         return false      It s important to actually test running the  su  command because some emulators have the  su  executable pre-installed  but only allow certain users to access it like the adb shell    It s also important to check for the existence of the  su  executable before trying to run it  because android has been known to not properly dispose of processes that try to run missing commands  These ghost processes can run up memory consumption over time

User · Answer

RootBeer is a root checking Android library by Scott and Matthew  It uses various checks to indicate whether device is rooted or not      Java checks         CheckRootManagementApps   CheckPotentiallyDangerousAppss   CheckRootCloakingApps   CheckTestKeys   checkForDangerousProps   checkForBusyBoxBinary   checkForSuBinary   checkSuExists   checkForRWSystem         Native checks      We call through to our native root checker to run some of it s own   checks  Native checks are typically harder to cloak  so some root   cloak apps just block the loading of native libraries that contain   certain key words          checkForSuBinary

User · Answer

Here is my code based on some answers here             Checks if the phone is rooted              return  lt code gt true lt  code gt  if the phone is rooted   lt code gt false lt  code gt       otherwise          public static boolean isPhoneRooted             get from build info     String buildTags   android os Build TAGS      if  buildTags    null  amp  amp  buildTags contains  test-keys            return true                check if  system app Superuser apk is present     try         File file   new File   system app Superuser apk          if  file exists              return true                catch  Throwable e1             ignore            return false

User · Answer

Here is a class that will check for Root one of three ways         author Kevin Kowalewski    public class RootUtil       public static boolean isDeviceRooted             return checkRootMethod1      checkRootMethod2      checkRootMethod3               private static boolean checkRootMethod1             String buildTags   android os Build TAGS          return buildTags    null  amp  amp  buildTags contains  test-keys               private static boolean checkRootMethod2             String   paths       system app Superuser apk     sbin su     system bin su     system xbin su     data local xbin su     data local bin su     system sd xbin su                     system bin failsafe su     data local su     su bin su            for  String path   paths                if  new File path  exists    return true                    return false             private static boolean checkRootMethod3             Process process   null          try               process   Runtime getRuntime   exec new String       system xbin which    su                  BufferedReader in   new BufferedReader new InputStreamReader process getInputStream                  if  in readLine      null  return true              return false            catch  Throwable t                return false            finally               if  process    null  process destroy

User · Answer

Instead of using isRootAvailable   you can use isAccessGiven    Direct from RootTools wiki   if  RootTools isAccessGiven             your app has been granted root access        RootTools isAccessGiven   not only checks that a device is rooted  it   also calls su for your app  requests permission  and returns true if   your app was successfully granted root permissions  This can be used   as the first check in your app to make sure that you will be granted   access when you need it    Reference

User · Answer

public static boolean isRootAvailable                Process p   null              try                 p   Runtime getRuntime   exec new String     su                    writeCommandToConsole p  exit 0                   int result   p waitFor                   if result    0                     throw new Exception  Root check result with exit command     result                  return true                catch  IOException e                    Log e LOG TAG   Su executable is not available    e                 catch  Exception e                    Log e LOG TAG   Root is unavailable    e                finally                   if p    null                      p destroy                              return false             private static String writeCommandToConsole Process proc  String command  boolean ignoreError  throws Exception              byte   tmpArray   new byte 1024               proc getOutputStream   write  command     n   getBytes                 proc getOutputStream   flush                int bytesRead   0              if proc getErrorStream   available    gt  0                   if  bytesRead   proc getErrorStream   read tmpArray    gt  1                       Log e LOG TAG new String tmpArray 0 bytesRead                        if  ignoreError                          throw new Exception new String tmpArray 0 bytesRead                                                if proc getInputStream   available    gt  0                   bytesRead   proc getInputStream   read tmpArray                   Log i LOG TAG  new String tmpArray 0 bytesRead                              return new String tmpArray

User · Answer

if      adb shell which su   grep -io  permission denied        permission denied      then    echo  Yes  Rooted device    else    echo  No  Device not rooted  Only limited tasks can be performed  Done       zenity --warning --title  Device Not Rooted  --text  The connected Android Device is  lt b gt NOT ROOTED lt  b gt   Only limited tasks can be performed   --no-wrap fi

User · Answer

Root check at Java level is not a safe solution  If your app has Security Concerns to run on a Rooted device   then please use this solution    Kevin s answer works unless the phone also has an app like RootCloak   Such apps have a Handle over Java APIs once phone is rooted and they mock these APIs to return phone is not rooted   I have written a native level code based on Kevin s answer   it works even with RootCloak   Also it does not cause any memory leak issues    include  lt string h gt   include  lt jni h gt   include  lt time h gt   include  lt sys stat h gt   include  lt stdio h gt   include  android log h   include  lt errno h gt   include  lt unistd h gt   include  lt sys system properties h gt   JNIEXPORT int JNICALL Java com test RootUtils checkRootAccessMethod1          JNIEnv  env  jobject thiz            Access function checks whether a particular file can be accessed     int result   access   system app Superuser apk  F OK        ANDROID LOGV   File Access Result  d n   result        int len      char build tags PROP VALUE MAX      PROP VALUE MAX from  lt sys system properties h gt       len     system property get ANDROID OS BUILD TAGS  build tags      On return  len will equal  int strlen model id       if strcmp build tags  test-keys      0           ANDROID LOGV   Device has test keys n   build tags           result   0            ANDROID LOGV   File Access Result  s n   build tags       return result      JNIEXPORT int JNICALL Java com test RootUtils checkRootAccessMethod2          JNIEnv  env  jobject thiz          which command is enabled only after Busy box is installed on a rooted device       Outpput of which command is the path to su file  On a non rooted device   we will get a null  empty path       char  cmd   const cast lt char   gt  which su       FILE  pipe   popen  which su    r        if   pipe  return -1      char buffer 128       std  string resultCmd           while  feof pipe             if fgets buffer  128  pipe     NULL              resultCmd    buffer            pclose pipe        const char  cstr   resultCmd c str        int result   -1      if cstr    NULL     strlen cstr     0            ANDROID LOGV   Result of Which command is Null         else          result   0          ANDROID LOGV   Result of Which command  s n   cstr                 return result      JNIEXPORT int JNICALL Java com test RootUtils checkRootAccessMethod3          JNIEnv  env  jobject thiz          int len      char build tags PROP VALUE MAX      PROP VALUE MAX from  lt sys system properties h gt       int result   -1      len     system property get ANDROID OS BUILD TAGS  build tags      On return  len will equal  int strlen model id       if len  gt 0  amp  amp  strstr build tags  test-keys      NULL           ANDROID LOGV   Device has test keys n   build tags           result   0             return result       In your Java code   you need to create wrapper class RootUtils to make the native calls      public boolean checkRooted             if  rootUtils checkRootAccessMethod3       0    rootUtils checkRootAccessMethod1       0    rootUtils checkRootAccessMethod2       0              return true        return false

User · Answer

If you are already using Fabric Firebase Crashlytics you can call  CommonUtils isRooted context    This is the current implementation of that method   public static boolean isRooted Context context        boolean isEmulator   isEmulator context       String buildTags   Build TAGS      if  isEmulator  amp  amp  buildTags    null  amp  amp  buildTags contains  test-keys              return true        else           File file   new File   system app Superuser apk            if file exists                  return true            else               file   new File   system xbin su                return  isEmulator  amp  amp  file exists

User · Answer

Some modified builds used to set the system property ro modversion for this purpose  Things seem to have moved on  my build from TheDude a few months ago has this   cmb apollo    adb -d shell getprop  grep build  ro build id    CUPCAKE   ro build display id    htc dream-eng 1 5 CUPCAKE eng TheDudeAbides 20090427 235325 test-keys   ro build version incremental    eng TheDude 2009027 235325   ro build version sdk    3   ro build version release    1 5   ro build date    Mon Apr 20 01 42 32 CDT 2009   ro build date utc    1240209752   ro build type    eng   ro build user    TheDude   ro build host    ender   ro build tags    test-keys   ro build product    dream   ro build description    kila-user 1 1 PLAT-RC33 126986 ota-rel-keys release-keys   ro build fingerprint    tmobile kila dream trout 1 1 PLAT-RC33 126986 user ota-rel-keys release-keys   ro build changelist    17615  end build properties    The emulator from the 1 5 SDK on the other hand  running the 1 5 image  also has root  is probably similar to the Android Dev Phone 1  which you presumably want to allow  and has this   cmb apollo    adb -e shell getprop  grep build  ro build id    CUPCAKE   ro build display id    sdk-eng 1 5 CUPCAKE 148875 test-keys   ro build version incremental    148875   ro build version sdk    3   ro build version release    1 5   ro build date    Thu May 14 18 09 10 PDT 2009   ro build date utc    1242349750   ro build type    eng   ro build user    android-build   ro build host    undroid16 mtv corp google com   ro build tags    test-keys   ro build product    generic   ro build description    sdk-eng 1 5 CUPCAKE 148875 test-keys   ro build fingerprint    generic sdk generic  1 5 CUPCAKE 148875 eng test-keys    As for the retail builds  I don t have one to hand  but various searches under site xda-developers com are informative  Here is a G1 in the Netherlands  you can see that ro build tags does not have test-keys  and I think that s probably the most reliable property to use

User · Answer

Forget all that detecting root apps and su binaries  Check for the root daemon process  This can be done from the terminal and you can run terminal commands within an app  Try this one-liner   if     -z     system bin ps -A   grep -v grep   grep -c daemonsu      then echo  device is rooted   else echo  device is not rooted   fi   You don t need root permission to achieve this either

User · Answer

I suggest using native code for root detection  Here is a full working example      JAVA wrapper   package com kozhevin rootchecks util    import android support annotation NonNull   import com kozhevin rootchecks BuildConfig   public class MeatGrinder       private final static String LIB NAME    native-lib       private static boolean isLoaded      private static boolean isUnderTest   false       private MeatGrinder                 public boolean isLibraryLoaded             if  isLoaded                return true                    try               if isUnderTest                    throw new UnsatisfiedLinkError  under test                              System loadLibrary LIB NAME               isLoaded   true            catch  UnsatisfiedLinkError e                if  BuildConfig DEBUG                    e printStackTrace                                    return isLoaded             public native boolean isDetectedDevKeys         public native boolean isDetectedTestKeys         public native boolean isNotFoundReleaseKeys         public native boolean isFoundDangerousProps         public native boolean isPermissiveSelinux         public native boolean isSuExists         public native boolean isAccessedSuperuserApk         public native boolean isFoundSuBinary         public native boolean isFoundBusyboxBinary         public native boolean isFoundXposed         public native boolean isFoundResetprop         public native boolean isFoundWrongPathPermission         public native boolean isFoundHooks          NonNull     public static MeatGrinder getInstance             return InstanceHolder INSTANCE             private static class InstanceHolder           private static final MeatGrinder INSTANCE   new MeatGrinder              JNI wrapper native-lib c    JNIEXPORT jboolean JNICALL Java com kozhevin rootchecks util MeatGrinder isDetectedTestKeys          JNIEnv  env          jobject  this          return  jboolean  isDetectedTestKeys       JNIEXPORT jboolean JNICALL Java com kozhevin rootchecks util MeatGrinder isDetectedDevKeys          JNIEnv  env          jobject  this          return  jboolean  isDetectedDevKeys       JNIEXPORT jboolean JNICALL Java com kozhevin rootchecks util MeatGrinder isNotFoundReleaseKeys          JNIEnv  env          jobject  this          return  jboolean  isNotFoundReleaseKeys       JNIEXPORT jboolean JNICALL Java com kozhevin rootchecks util MeatGrinder isFoundDangerousProps          JNIEnv  env          jobject  this          return  jboolean  isFoundDangerousProps       JNIEXPORT jboolean JNICALL Java com kozhevin rootchecks util MeatGrinder isPermissiveSelinux          JNIEnv  env          jobject  this          return  jboolean  isPermissiveSelinux       JNIEXPORT jboolean JNICALL Java com kozhevin rootchecks util MeatGrinder isSuExists          JNIEnv  env          jobject  this          return  jboolean  isSuExists       JNIEXPORT jboolean JNICALL Java com kozhevin rootchecks util MeatGrinder isAccessedSuperuserApk          JNIEnv  env          jobject  this          return  jboolean  isAccessedSuperuserApk       JNIEXPORT jboolean JNICALL Java com kozhevin rootchecks util MeatGrinder isFoundSuBinary          JNIEnv  env          jobject  this          return  jboolean  isFoundSuBinary       JNIEXPORT jboolean JNICALL Java com kozhevin rootchecks util MeatGrinder isFoundBusyboxBinary          JNIEnv  env          jobject  this          return  jboolean  isFoundBusyboxBinary        JNIEXPORT jboolean JNICALL Java com kozhevin rootchecks util MeatGrinder isFoundXposed          JNIEnv  env          jobject  this          return  jboolean  isFoundXposed       JNIEXPORT jboolean JNICALL Java com kozhevin rootchecks util MeatGrinder isFoundResetprop          JNIEnv  env          jobject  this          return  jboolean  isFoundResetprop       JNIEXPORT jboolean JNICALL Java com kozhevin rootchecks util MeatGrinder isFoundWrongPathPermission          JNIEnv  env          jobject  this          return  jboolean  isFoundWrongPathPermission       JNIEXPORT jboolean JNICALL Java com kozhevin rootchecks util MeatGrinder isFoundHooks          JNIEnv  env          jobject  this          return  jboolean  isFoundHooks        constants      Comma-separated tags describing the build  like   unsigned debug   const char  const ANDROID OS BUILD TAGS    ro build tags       A string that uniquely identifies this build   BRAND PRODUCT DEVICE RELEASE ID VERSION INCREMENTAL TYPE TAGS   const char  const ANDROID OS BUILD FINGERPRINT    ro build fingerprint    const char  const ANDROID OS SECURE    ro secure    const char  const ANDROID OS DEBUGGABLE    ro debuggable   const char  const ANDROID OS SYS INITD    sys initd   const char  const ANDROID OS BUILD SELINUX    ro build selinux     see https   android googlesource com platform system core   master adb services cpp 86 const char  const SERVICE ADB ROOT    service adb root    const char   const MG SU PATH                 data local              data local bin              data local xbin              sbin              system bin              system bin  ext              system bin failsafe              system sd xbin              su xbin              su bin              magisk  core bin              system usr we-need-root              system xbin            0     const char   const MG EXPOSED FILES                 system lib libxposed art so             system lib64 libxposed art so             system xposed prop             cache recovery xposed zip             system framework XposedBridge jar             system bin app process64 xposed             system bin app process32 xposed             magisk xposed system lib libsigchain so             magisk xposed system lib libart so             magisk xposed system lib libart-disassembler so             magisk xposed system lib libart-compiler so             system bin app process32 orig             system bin app process64 orig           0     const char   const MG READ ONLY PATH                 system             system bin             system sbin             system xbin             vendor bin             sbin             etc           0      root detections from native code   struct mntent  getMntent FILE  fp  struct mntent  e  char  buf  int buf len         while  fgets buf  buf len  fp     NULL               Entries look like   dev block vda  system ext4 ro seclabel relatime data ordered 0 0              That is  mnt fsname mnt dir mnt type mnt opts mnt freq mnt passno          int fsname0  fsname1  dir0  dir1  type0  type1  opts0  opts1          if  sscanf buf     n  s n  n  s n  n  s n  n  s n  d  d                       amp fsname0   amp fsname1   amp dir0   amp dir1   amp type0   amp type1   amp opts0   amp opts1                      amp e- gt mnt freq   amp e- gt mnt passno     2                e- gt mnt fsname    amp buf fsname0               buf fsname1      0               e- gt mnt dir    amp buf dir0               buf dir1      0               e- gt mnt type    amp buf type0               buf type1      0               e- gt mnt opts    amp buf opts0               buf opts1      0               return e                      return NULL      bool isPresentMntOpt const struct mntent  pMnt  const char  pOpt        char  token   pMnt- gt mnt opts      const char  end   pMnt- gt mnt opts   strlen pMnt- gt mnt opts       const size t optLen   strlen pOpt       while  token    NULL            const char  tokenEnd   token   optLen          if  tokenEnd  gt  end  break          if  memcmp token  pOpt  optLen     0  amp  amp                tokenEnd      0      tokenEnd            tokenEnd                        return true                    token   strchr token                if  token    NULL                token                        return false     static char  concat2str const char  pString1  const char  pString2        char  result      size t lengthBuffer   0       lengthBuffer   strlen pString1                       strlen pString2    1      result   malloc lengthBuffer       if  result    NULL            GR LOGW  malloc failed n            return NULL            memset result  0  lengthBuffer       strcpy result  pString1       strcat result  pString2       return result     static bool isBadPropertyState const char  key  const char  badValue  bool isObligatoryProperty  bool isExact        if  badValue    NULL            GR LOGE  badValue may not be NULL            return false            if  key    NULL            GR LOGE  key may not be NULL            return false            char value PROP VALUE MAX   1       int length     system property get key  value       bool result   false         A length 0 value indicates that the property is not defined        if  length  gt  0            GR LOGI  property   s     s    key  value           if  isExact                if  strcmp value  badValue     0                    GR LOGW  bad value  s  equals to   s  in the property   s    value  badValue  key                   result   true                          else               if  strlen value   gt   strlen badValue   amp  amp  strstr value  badValue     NULL                    GR LOGW  bad value  s  found in   s  in the property   s    value  badValue  key                   result   true                                else           GR LOGI    s  property not found   key           if  isObligatoryProperty                result   true                      return result     bool isDetectedTestKeys         const char  TEST KEYS VALUE    test-keys       return isBadPropertyState ANDROID OS BUILD TAGS  TEST KEYS VALUE  true  false      bool isDetectedDevKeys         const char  DEV KEYS VALUE    dev-keys       return isBadPropertyState ANDROID OS BUILD TAGS  DEV KEYS VALUE  true  false      bool isNotFoundReleaseKeys         const char  RELEASE KEYS VALUE    release-keys       return  isBadPropertyState ANDROID OS BUILD TAGS  RELEASE KEYS VALUE  false  true      bool isFoundWrongPathPermission          bool result   false      FILE  file   fopen   proc mounts    r        char mntent strings BUFSIZ       if  file    NULL            GR LOGE  setmntent            return result             struct mntent ent    0       while  NULL    getMntent file   amp ent  mntent strings  sizeof mntent strings              for  size t i   0  MG READ ONLY PATH i   i                  if  strcmp   amp ent - gt mnt dir  MG READ ONLY PATH i      0  amp  amp                  isPresentMntOpt  amp ent   rw                      GR LOGI   s  s  s  s n     amp ent - gt mnt fsname    amp ent - gt mnt dir    amp ent - gt mnt opts                            amp ent - gt mnt type                   result   true                  break                                  memset  amp ent  0  sizeof ent              fclose file       return result      bool isFoundDangerousProps         const char  BAD DEBUGGABLE VALUE    1       const char  BAD SECURE VALUE    0       const char  BAD SYS INITD VALUE    1       const char  BAD SERVICE ADB ROOT VALUE    1        bool result   isBadPropertyState ANDROID OS DEBUGGABLE  BAD DEBUGGABLE VALUE  true  true                       isBadPropertyState SERVICE ADB ROOT  BAD SERVICE ADB ROOT VALUE  false  true                       isBadPropertyState ANDROID OS SECURE  BAD SECURE VALUE  true  true                       isBadPropertyState ANDROID OS SYS INITD  BAD SYS INITD VALUE  false  true        return result     bool isPermissiveSelinux         const char  BAD VALUE    0       return isBadPropertyState ANDROID OS BUILD SELINUX  BAD VALUE  false  false      bool isSuExists         char buf BUFSIZ       char  str   NULL      char  temp   NULL      size t size   1      start with size of 1 to make room for null terminator     size t strlength       FILE  pipe   popen  which su    r        if  pipe    NULL            GR LOGI  pipe is null            return false             while  fgets buf  sizeof buf   pipe     NULL            strlength   strlen buf           temp   realloc str  size   strlength       allocate room for the buf that gets appended         if  temp    NULL                   allocation error             GR LOGE  Error  re allocating memory                pclose pipe               if  str    NULL                    free str                             return false            else               str   temp                    strcpy str   size - 1  buf           size    strlength            pclose pipe       GR LOGW  A size of the result from pipe is   zu   result  n   s     size  str       if  str    NULL            free str             return size  gt  1   true   false     static bool isAccessedFile const char  path        int result   access path  F OK       GR LOGV    s  has been accessed with result    d    path  result       return result    0   true   false     static bool isFoundBinaryFromArray const char  const  array  const char  binary        for  size t i   0  array i     i            char  checkedPath   concat2str array i   binary           if  checkedPath    NULL       malloc failed             return false                    bool result   isAccessedFile checkedPath           free checkedPath           if  result                return result                      return false     bool isAccessedSuperuserApk         return isAccessedFile   system app Superuser apk       bool isFoundResetprop         return isAccessedFile   data magisk resetprop       bool isFoundSuBinary         return isFoundBinaryFromArray MG SU PATH   su       bool isFoundBusyboxBinary         return isFoundBinaryFromArray MG SU PATH   busybox       bool isFoundXposed         for  size t i   0  MG EXPOSED FILES i     i            bool result   isAccessedFile MG EXPOSED FILES i            if  result                return result                      return false     bool isFoundHooks         bool result   false      pid t pid   getpid        char maps file name 512       sprintf maps file name    proc  d maps   pid       GR LOGI  try to open   s    maps file name       const size t line size   BUFSIZ      char  line   malloc line size       if  line    NULL            return result            FILE  fp   fopen maps file name   r        if  fp    NULL            free line           return result            memset line  0  line size       const char  substrate    com saurik substrate       const char  xposed    XposedBridge jar       while  fgets line  line size  fp     NULL            const size t real line size   strlen line           if   real line size  gt   strlen substrate   amp  amp  strstr line  substrate     NULL                  real line size  gt   strlen xposed   amp  amp  strstr line  xposed     NULL                 GR LOGI  found in   s     s    maps file name  line               result   true              break                      free line       fclose fp       return result

User · Answer

In my application I was checking if device is rooted or not by executing  su  command  But today I ve removed this part of my code  Why    Because my application became a memory killer  How  Let me tell you my story   There were some complaints that my application was slowing down devices Of course I thought that can not be true   I tried to figure out why  So I used MAT to get heap dumps and analyze  and everything seemed perfect  But after relaunching my app many times I realized that device is really getting slower and stopping my application didn t make it faster  unless I restart device   I analyzed dump files again while device is very slow  But everything was still perfect for dump file  Then I did what must be done at first  I listed processes     adb shell ps   Surprize  there were many processes for my application  with my application s process tag at manifest   Some of them was zombie some of them not   With a sample application which has a single Activity and executes just  su  command  I realized that a zombie process is being created on every launch of application  At first these zombies allocate 0KB but than something happens and zombie processes are holding nearly same KBs as my application s main process and they became standart processes   There is a bug report for same issue on bugs sun com  http   bugs sun com view bug do bug id 6474073 this explains if command is not found zombies are going to be created with exec   method  But I still don t understand why and how can they become standart processes and hold significant KBs   This is not happening all the time   You can try if you want with code sample below   String commandToExecute    su   executeShellCommand commandToExecute     Simple command execution method   private boolean executeShellCommand String command       Process process   null                  try          process   Runtime getRuntime   exec command           return true        catch  Exception e            return false        finally          if process    null               try                  process destroy                 catch  Exception e                                      To sum up  I have no advice for you to determine if device is rooted or not  But if I were you I would not use Runtime getRuntime   exec     By the way  RootTools isRootAvailable   causes same problem

User · Answer

You can do this by following code   public boolean getRootInfo         if  checkRootFiles      checkTags              return true            return false     private boolean checkRootFiles         boolean root   false      String   paths     quot  system app Superuser apk quot    quot  sbin su quot    quot  system bin su quot    quot  system xbin su quot    quot  data local xbin su quot    quot  data local bin su quot    quot  system sd xbin su quot                quot  system bin failsafe su quot    quot  data local su quot    quot  su bin su quot        for  String path   paths            root   new File path  exists            if  root              break            return root     private boolean checkTags         String tag   Build TAGS      return tag    null  amp  amp  tag trim   contains  quot test-keys quot       You can also check this library RootBeer

User · Answer

Further to  Kevins answer  I ve recently found while using his system  that the Nexus 7 1 was returning false for all three methods - No which command  no test-keys and SuperSU was not installed in  system app   I added this   public static boolean checkRootMethod4 Context context        return isPackageInstalled  eu chainfire supersu   context           private static boolean isPackageInstalled String packagename  Context context        PackageManager pm   context getPackageManager        try           pm getPackageInfo packagename  PackageManager GET ACTIVITIES           return true        catch  NameNotFoundException e            return false            This is slightly less useful in some situations  if you need guaranteed root access  as it s completely possible for SuperSU to be installed on devices which don t have SU access   However  since it s possible to have SuperSU installed and working but not in the  system app directory  this extra case will root  haha  out such cases

User · Answer

Based on some of the answers here  I think this is a nice solution       JvmStatic     fun isProbablyRooted    Boolean           return try               findBinary  quot su quot             catch  e  Exception                e printStackTrace               false                      private fun findBinary binaryName  String   Boolean           val paths   System getenv  quot PATH quot           if   paths isNullOrBlank                  val systemPlaces  List lt String gt    paths split  quot   quot               return systemPlaces firstOrNull   File it  binaryName  exists        null                   val places   arrayOf  quot  sbin  quot    quot  system bin  quot    quot  system xbin  quot    quot  data local xbin  quot    quot  data local bin  quot                    quot  system sd xbin  quot    quot  system bin failsafe  quot    quot  data local  quot           return places firstOrNull   File it  binaryName  exists        null        You can also add a check if some popular root-related apps are installed  like of Magisk Manager  which has package-name  quot com topjohnwu magisk quot    but just like all solutions here  it s just a guess

User · Answer

Update 2017 You can do it now with Google Safetynet API  The SafetyNet  API provides  Attestation API which  helps you assess the security and compatibility of the Android environments in which your apps run  This attestation can helps to determine whether or not the particular device has been tampered with or otherwise modified  The Attestation API returns a JWS response like this      quot nonce quot    quot R2Rra24fVm5xa2Mg quot      quot timestampMs quot   9860437986543     quot apkPackageName quot    quot com package name of requesting app quot      quot apkCertificateDigestSha256 quot     quot base64 encoded  SHA-256 hash of the                                   certificate used to sign requesting app quot       quot apkDigestSha256 quot    quot base64 encoded  SHA-256 hash of the app s APK quot      quot ctsProfileMatch quot   true     quot basicIntegrity quot   true     Parsing this response can help you determine if device is rooted or not  Rooted devices seem to cause ctsProfileMatch false   You can do it on client side but parsing response on  server side is recommend  A basic client server archtecture with safety net API will look like this -

User · Answer

Using C   with the ndk is the best approach to detect root even if the user is using applications that hide his root such as RootCloak  I tested this code with RootCloak and I was able to detect the root even if the user is trying to hide it   So your cpp file would like    include  lt jni h gt   include  lt string gt              function that checks for the su binary files and operates even if     root cloak is installed     return integer 1  device is rooted  0  device is not    rooted    extern  C  JNIEXPORT int JNICALL   Java com example user root 1native rootFunction JNIEnv  env jobject thiz   const char  paths       system app Superuser apk     sbin su     system bin su                           system xbin su     data local xbin su     data local bin su     system sd xbin su                           system bin failsafe su     data local su     su bin su     int counter  0  while  counter lt 9       if FILE  file   fopen paths counter   r             fclose file           return 1            counter      return 0      And you will call the function from your java code as follows  public class Root detect                         function that calls a native function to check if the device is       rooted or not        return boolean  true if the device is rooted  false if the       device is not rooted          public boolean check rooted             int checker   rootFunction             if checker  1              return true           else              return false                    static       System loadLibrary  cpp-root-lib     name of your cpp file          public native int rootFunction

User · Answer

Two additional ideas  if you want to check if a device is root capable from your app    Check for the existing of the  su  binary  run  which su  from Runtime getRuntime   exec   Look for the SuperUser apk in  system app Superuser apk location

User · Answer

There is Safety Net Attestation API of Google play services by which we can assess the device and determine if it is rooted tampered   Please go through my answer to deal with rooted devices  https   stackoverflow com a 58304556 3908895

User · Answer

http   code google com p roottools   If you do not want to use the jar file just use the code   public static boolean findBinary String binaryName            boolean found   false          if   found                String   places       sbin      system bin      system xbin                          data local xbin      data local bin                          system sd xbin      system bin failsafe      data local                  for  String where   places                    if  new File where   binaryName  exists                          found   true                       break                                                    return found          Program will try to find su folder   private static boolean isRooted             return findBinary  su            Example   if  isRooted         textView setText  Device Rooted       else      textView setText  Device Unrooted

User · Answer

Indeed it is interesting question and so far nobody has deserved award  I use the following code     boolean isRooted           try                   ServerSocket ss   new ServerSocket 81                   ss close                                        return true                catch  Exception e                       not sure                   return false        The code is certainly not bulletproof  because network can be not available so you get an exception  If this method returns true then 99  you can be sure  otherwise just 50  that not  Networking permission can also spoil the solution

User · Answer

The RootTools library offers simple methods to check for root   RootTools isRootAvailable     Reference

[android] Determine if running on a rooted device

Examples related to android

Examples related to root