Skip to content

Instantly share code, notes, and snippets.

@steadfasterX

steadfasterX/guide.md

Last active August 8, 2024 05:04
Show Gist options
  • Save steadfasterX/aed2a1f397e387bd6efa01990aec761f to your computer and use it in GitHub Desktop.
Save steadfasterX/aed2a1f397e387bd6efa01990aec761f to your computer and use it in GitHub Desktop.
Download ZIP
adb_boot_debug
Raw
guide.md

Here are 3 ways to allow debugging on boot by connecting to adb. This is often called "insecure adb" - while it is not as "insecure" as you might think 😉

STEP 1

Prepare authorization

Since A7 you have to authorize your adb server which either requires to add your adb pub key into the ramdisk (directly on / ) or you must put it in /data/misc/adb/adb_keys, e.g when in recovery. Details here. This method will not work on FDE encrypted devices though. for this you need to mod the boot.img (see "Option A: Modding an existing boot.img").

important is that it has to have proper label and permission set. e.g when in recovery:

FORMAT(!) DATA in recovery!
REBOOT from recovery into recovery afterwards!
then go on:

adb push ~/.android/adbkey.pub /tmp/
adb shell
mkdir -p /data/misc/adb/

mv /tmp/adbkey.pub /data/misc/adb/adb_keys 
chcon u:object_r:adb_keys_file:s0 /data/misc/adb/adb_keys
chown system:shell /data/misc/adb/adb_keys 
chmod 640 /data/misc/adb/adb_keys

STEP 2

Choose an option and follow

Option A: Modding an existing boot.img (RECOMMENDED)

depending on the device you could unpack/repack your boot.img by one of

Whatever you use try first to: unpack -> repack -> flash (so without any modifications).

if that does not boot anymore use another tool. e.g. AIK does not work for the LG G4 sometimes so I use bootimgtool (-v qcom) instead.

default.prop (on newer android this might be named build.prop):
------------------------
ro.adb.secure=0
ro.secure=0
ro.debuggable=1
persist.service.adb.enable=1
persist.service.debuggable=1
persist.sys.usb.config=adb

# if that does not work try: persist.sys.usb.config=mtp,adb

!!! IMPORTANT: !!!
remove ANY other line which contains one of settings above

authorize your PC with ADB

within your unpacked boot.img put your adb key directly into the root of the RAMDISK (details here) as follows:

cp ~/.android/adbkey.pub <PATH-TO-RAMDISK-ROOTDIR>/adb_keys

in case of AIK this would be:

cp ~/.android/adbkey.pub <path>/AIK-Linux/ramdisk/adb_keys

repack the boot.img and flash

Option B: when on A12

when on a12 (and likely later) and you just wanna enable adb logcat during build (not truly insecure, its more like half-insecure): https://github.com/crdroidandroid/android_build/commit/a9f4cd5493ead4134aba6e17e80c81eb104cdf43

for a full insecure (i.e allowing adb root and then e.g. adb shell dmesg during boot) use one of the other options.

Option C: Enable during build

Within your android source directory (replace <ROM> with the vendor path of your ROM you building for. e.g vendor/lineage/config/common.mk)

sed -i "s/secure=./secure=0/g" build/core/main.mk
sed -i "s/secure=./secure=0/g" vendor/<ROM>/config/common.mk
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment