Skip to content

Instantly share code, notes, and snippets.

@varhub
Created December 23, 2016 17:54
Show Gist options
  • Save varhub/7b9555cdd1e5ad785ffde2300fcfd0bd to your computer and use it in GitHub Desktop.
Save varhub/7b9555cdd1e5ad785ffde2300fcfd0bd to your computer and use it in GitHub Desktop.
Android - Enable ADB from recovery

Android - Enable ADB from recovery

Credits to @TheOnlyAnil-@Firelord1

  • Requirements: a) stock recovery + rooted phone b) custom recovery

  • Files changed:

    • /system/build.prop
    • /data/property/persist.sys.usb.config
    • /data/misc/adb/adb_keys

Enable ADB (1/2): enable USB debugging

same as "Settings >> Developer Opcions >> USB debugging" ON

  • Connect the device to Mac or PC in recovery mode.
  • Now open terminal/CMD in computer and go to platform-tools/. type and enter adb devices to check if the device is connected in recovery mode.
  • Now type adb shell mount data and adb shell mount system to mount the respective directories.
  • Get the persist.sys.usb.config file in your system using adb pull /data/property/persist.sys.usb.config /Your directory
  • Now open that file in a texteditor and edit it to mtp,adb and save.
  • Now push the file back in the device; adb push /your-directory/persist.sys.usb.config /data/property
  • Get the build.prop file; adb pull /system/build.prop /your-directory
  • Add these lines:
persist.service.adb.enable=1                                                    
persist.service.debuggable=1
persist.sys.usb.config=mtp,adb
  • Push build.prop back into the device; adb push /your-dir/build.prop /system/

Fast way

adb shell
mount data
echo -n 'mtp,adb' > /data/property/persist.sys.usb.config

Verify options are not present before do it: adb shell "grep 'persist.service.adb.enable' /system/build.prop"

adb shell
mount system
echo '' >> /system/build.prop
echo '# Enable ADB' >> /system/build.prop
echo 'persist.service.adb.enable=1' >> /system/build.prop 
echo 'persist.service.debuggable=1' >> /system/build.prop
echo 'persist.sys.usb.config=mtp,adb' >> /system/build.prop 

Enable ADB (2/2): RSA verification

For the RSA verification that you asked to bypass, I don't know whether it would work in your device, but it worked in my little experiment. In Lollipop, the ADB keys (after authorization) are saved in /data/misc/adb/adb_keys. Your private key is saved in computer. In Linux the directory location is $HOME/.android/. On Windows that usually translates to %USERPROFILE%.android, but keys might end up in C:\Windows\System32\config\systemprofile.android in some cases.

adb push ~/.android/adbkey.pub /data/misc/adb/adb_keys

Bibliography

Footnotes

  1. http://android.stackexchange.com/questions/120394/can-i-enable-usb-debugging-using-adb

Copy link

ghost commented May 12, 2023

@ValorNaram thats pretty smart but why am i still getting notified for this

@gabrc52
Copy link

gabrc52 commented May 12, 2023

I think you get notifications if you commented once

@char101
Copy link

char101 commented Jul 24, 2023

/system is twrp system. To mount android /system use mount /system_root.

@Jaspix
Copy link

Jaspix commented Oct 15, 2023

On LineageOS 20 I needed to do

How did you do the RSA verification? Isn't the /data partition encrypted by default on LineageOS 20?

@kazakovDanil1
Copy link

hello guys, i make first file inside data/property/persist.sys.usb.config >> "mtp, adb"

next add inside /system_root/system/build.prop >>

"persist.service.adb.enable=1
persist.service.debuggable=1
persist.sys.usb.config=mtp,adb"

as i understand right now my phone should receive adb commands from terminal , but it's not. Why?

i tries to enter ./adb command

/system/bin/sh: appops: inaccessible or not found

android 14

i'm on the galaxy s23+

who did this on newer phones?

@nift4
Copy link

nift4 commented Jan 23, 2024

adb shell rm /data/property/persistent_properties instead of (or in addition to) echo -n 'mtp,adb' > /data/property/persist.sys.usb.config worked for me

@BobWidlar
Copy link

I create Magisk Module for this, check this out. https://github.com/lexavey/Adb-Root-Enabler

Hi guys, I am on lineageos 9. I managed to get usb debugging enabled through twrp, but I can't seem to bypass the RSA verification even though I have copied the key as mentioned above. Unfortunately, I don't have magisk installed, but is there a way to install the unauthorized adb manually through twrp?

@io2345
Copy link

io2345 commented Mar 20, 2024

Thanks to all, especially the threadstarter for the idea. And a special thanks to @nift4 for the final trick with deleting or renaming the persistent_properties. That did the trick finally.

@NCLnclNCL
Copy link

I create Magisk Module for this, check this out. https://github.com/lexavey/Adb-Root-Enabler

Hi guys, I am on lineageos 9. I managed to get usb debugging enabled through twrp, but I can't seem to bypass the RSA verification even though I have copied the key as mentioned above. Unfortunately, I don't have magisk installed, but is there a way to install the unauthorized adb manually through twrp?

Edit build prop, need command twrp mount /system
Pull adb public key to data/misc/adb
And this
echo "1" > /data/property/persist.service.adb.enable
echo "1" > /data/property/persist.service.debuggable
echo "mtp,adb" > /data/property/persist.sys.usb.config

@undali
Copy link

undali commented Sep 3, 2024

To generate adbkey.pub from adbkey file

(base) ➜ pwd
/home/xyx/.android
(base) ➜ adb pubkey adbkey > adbkey.pub
(base) ➜ adb push adbkey.pub /data/misc/adb/adb_keys

@jinhan1414
Copy link

jinhan1414 commented Sep 23, 2024

Hello everyone, I have successfully implemented it on the Xiaomi 8 Dipper(lineageos 21 ). The main steps are as follows,
in twrp :
mount /system_root

adb pull /system_root/system/build.prop build.prop

`
persist.service.adb.enable=1

persist.service.debuggable=1

persist.sys.usb.config=adb

ro.adb.secure=0
`

adb push build.prop /system_root/system/build.prop

mount /vendor
adb pull /vendor/etc/fstab.qcom fstab.qcom

移除fstab.qcom中的加密配置fileencryption=ice,
adb push fstab.qcom /vendor/etc/fstab.qcom
`
reboot

@NCLnclNCL
Copy link

If your system is readonly, need magisk and service.d to run prop value

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment