Important: This script is not really meant to be used as is, instead you should execute each step one by one, understanding its purpose. I highly recommend you read the accompanying Twitter thread before trying it.
--
This is a script that performs all needed actions to mount the userdata partition of an Android 12 emulator device (AVD).
To use it, run it from the AVD's folder (i.e. the folder where userdata-qemu.img
and encryptionkey.img are located). A data folder will be created, and
the userdata partition will be mounted there.
Like I said, I highly recommend you read my Twitter thread first. TL;DR:
-
Before running, make sure you have
qemu-nbd,dmsetupand especiallyfscryptctl -
Before running, you need to download my Android scripts in the current directory.
-
Before running, you need to patch your kernel to have
dm-default-keysupport. This is the patch to apply. -
This is for Android 12, which comes with FBE + Metadata encryption by default.
- Older Androids don't come with metadata encryption, so
the
extract metadata keyanddecrypt diskblocks can be skipped (mount nbd0 directly). - Even older Androids come with an entirely different (and more simple) approach called FDE (Full Disk Encryption). You can find scripts for decrypting that around the internet.
- If it's the oldest possible thing ever, then it has no encryption.
- Keep in mind your version may be patched or use different defaults.
- Older Androids don't come with metadata encryption, so
the
-
This assumes only 1 user on the emulador.
-
Again, this is meant to be executed by you. It's a very primitive script; for example, if it fails, you've have to clean up before running it again.