CN105095742A - Root detection and recovery method for mobile terminal and mobile terminal - Google Patents
Root detection and recovery method for mobile terminal and mobile terminal Download PDFInfo
- Publication number
- CN105095742A CN105095742A CN201410206831.4A CN201410206831A CN105095742A CN 105095742 A CN105095742 A CN 105095742A CN 201410206831 A CN201410206831 A CN 201410206831A CN 105095742 A CN105095742 A CN 105095742A
- Authority
- CN
- China
- Prior art keywords
- root
- mobile terminal
- file
- described mobile
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Telephone Function (AREA)
Abstract
The invention is suitable for the technical field of communication, and provides a root detection and recovery method for a mobile terminal. The method comprises the following steps: detecting whether or not the mobile terminal is rooted; if so, extracting a file satisfying the escalation privilege of a root feature from the mobile terminal; and deleting the file satisfying the escalation privilege of the root feature. The invention correspondingly provides the mobile terminal for implementing the method. Thus, the losses of a user caused by malicious programs through a root privilege can be prevented, and the terminal security is protected.
Description
Technical field
The present invention relates to communication technical field, the root particularly relating to a kind of mobile terminal detects and restoration methods and mobile terminal.
Background technology
On normal terminal uses, user generally only has the user right of regulation, and can not carry out some high limiting operations, as accessed some system file etc.So, when user uses, arbitrarily cannot be promoted the authority of oneself by normal mode, effectively can ensure the safety and stability of terminal system whereby, thus the interests of protection user.
Because terminal does not provide the normal passage arbitrarily promoting authority, just need during ROOT to modify to terminal, import the passage that third party promotes authority in the terminal.Like this, the terminal system before and after ROOT will there are differences, and the terminal after ROOT can than having more the file served and carry power passage for realizing third party before ROOT.
For android system mobile phone, the ROOT mode of current main-stream, brushes exactly into self-defining su file in mobile phone.Android is the operating system based on Linux, Linux carry one by name " su " and executable file, switch identity for domestic consumer, perform the operation of some ROOT authorities, after being finished, user gets back to oneself identity again.Su file generally can not be integrated in the middle of mobile phone, and under normal circumstances, only has the user of specified permission can use su file.But, by amendment su code, remove authority decision logic when su is called, then this self-defining su file brush is entered after mobile phone, arbitrary process (comprising rogue program) can carry out the operation of ROOT authority by this su file, mobile phone is just by ROOT.
In existing terminal technology, lack the security mechanism of Active recovery after effective ROOT, when user has no to discover, ROOT state can be in for a long time by the terminal of ROOT.During this period, rogue program can carry out malicious operation (as access private data, malice is deducted fees) by ROOT authority completely, makes user suffer unnecessary loss inadvertently.
In summary, obviously there is inconvenience and defect in actual use in prior art, so be necessary to be improved.
Summary of the invention
For above-mentioned defect, a kind of root of mobile terminal is the object of the present invention is to provide to detect and restoration methods and mobile terminal, can the root state of effective monitor terminal, and Active recovery, lifting terminal security performance.
To achieve these goals, the root that the invention provides a kind of mobile terminal detects and restoration methods, and described method comprises:
Whether detect described mobile terminal by root;
If so, the file of the lifting authority meeting root feature in described mobile terminal is then extracted;
By the described file erase process meeting the lifting authority of root feature.
Root according to mobile terminal of the present invention detects and restoration methods, and whether the described mobile terminal of described detection is comprised by root step:
The file whether being improved authority under detecting described mobile terminal predefined paths occurs; Or
Whether the attribute detecting described mobile terminal predetermined file is the attribute after root.
Root according to mobile terminal of the present invention detects and restoration methods, and described method also comprises:
Whether there is under monitoring the destination path of described mobile terminal write or the establishment of the file of the lifting authority meeting root feature.
Root according to mobile terminal of the present invention detects and restoration methods, and described method also comprises:
Record the root information of described mobile terminal, described root information at least comprises root mode and root time;
The root information of described mobile terminal is sent to service end;
Perform the safety command that described service end issues.
Detect and restoration methods according to the root of mobile terminal of the present invention, described mobile terminal adopts android system, the file of the lifting authority of the described root of meeting feature is in described mobile terminal/system/bin path under su file.
The present invention also provides a kind of mobile terminal, comprising:
Root detection module, for whether detecting described mobile terminal by root, if then transfer to the process of file extraction module;
File extraction module, for extracting the file of the lifting authority meeting root feature in described mobile terminal;
Root recovers module, for by the described file erase process meeting the lifting authority of root feature.
According to mobile terminal of the present invention, described root detection module comprises:
First detection sub-module, occurs for the file whether being improved authority under detecting described mobile terminal predefined paths;
Whether the second detection sub-module is attribute after root for detecting the attribute of described mobile terminal predetermined file.
According to mobile terminal of the present invention, described mobile terminal also comprises
Root monitoring module, for monitor described mobile terminal destination path under whether there is write or the establishment of the file of the lifting authority meeting root feature.
According to mobile terminal of the present invention, described root monitoring module also comprises:
Information record sub module, for recording the root information of described mobile terminal, described root information at least comprises root mode and root time;
Information sends submodule, for the root information of described mobile terminal is sent to service end;
Described root recovers module also for performing the safety command that described service end issues.
According to mobile terminal of the present invention, described mobile terminal adopts android system, the file of the lifting authority of the described root of meeting feature is in described mobile terminal/system/bin path under su file.
The present invention is by setting up the root testing mechanism of mobile terminal, whether detect mobile terminal by root, if by root, then extracting the file of the lifting authority meeting root feature in described mobile terminal, take mobile terminal as android system is example, can be extracted it/system/bin path under su file, and by this file erase, make mobile terminal return to normal rights state, promote the security of terminal whereby, reduce user need not loss.
Accompanying drawing explanation
Fig. 1 is mobile terminal structure schematic diagram of the present invention;
Fig. 2 is the mobile terminal structure schematic diagram of one embodiment of the invention;
Fig. 3 is that the root of mobile terminal of the present invention detects and restoration methods process flow diagram;
Fig. 4 is that the root of the mobile terminal of one embodiment of the invention detects and restoration methods process flow diagram.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.
See Fig. 1, the invention provides a kind of mobile terminal, described mobile terminal 100 can be mobile phone, PDA (PersonalDigitalAssistant, personal digital assistant), panel computer etc., and this mobile terminal 100 comprises root detection module 10, file extraction module 20 and root recovery module 30, wherein:
Root detection module 10 for whether detecting described mobile terminal 100 by root, if then transfer to file extraction module 20 to process.The working method of this root detection module 10 can be arranged by system default or User Defined is arranged, and is detected after such as can arranging sense cycle by system at regular intervals, also initiatively can be initiated to detect by user.
File extraction module 20 is for extracting the file of the lifting authority meeting root feature in described mobile terminal 100.In embody rule, mobile terminal 100, by after root, has the file promoting authority and occurs under its corresponding file path.Android system for mobile terminal 100, if its/system/bin path under there is su file, then illustrate that this mobile terminal 100 is by root, file extraction module 20 need extract the file of this lifting authority.
Root recovers module 30 for by the described file erase process meeting the lifting authority of root feature.Or for Android system terminal, if delete the su file in mobile terminal 100, namely cut off the passage that its own right improves in domestic consumer, namely mobile terminal 100 reverts to the safe condition of non-ROOT.
It should be noted that, this embodiment only for android system, but is not limited to this system, when being applied to other system, and the corresponding different path of meeting and file, but there is identical processing mode, improve the security of mobile terminal whereby.
Again see Fig. 2, in this embodiment, described root detection module 10 comprises the first detection sub-module 11 and the second detection sub-module 12, wherein:
First detection sub-module 11 occurs for the file whether being improved authority under detecting described mobile terminal 100 predefined paths.Android system for mobile terminal 100, if its/system/bin path under there is su file, then illustrate that this mobile terminal 100 is by root.
Whether the second detection sub-module 12 is attribute after root for detecting the attribute of described mobile terminal 100 predetermined file.Mobile terminal 100 is by after root, and the attribute of partial association file can change, the associated with that different systems is corresponding different.Whether the attribute that mobile terminal 100 can detect these files is changed to the attribute after root, detects that whether mobile terminal 100 is by root whereby.
Preferably, in this embodiment, mobile terminal 100 also comprises root monitoring module 40, for monitor mobile terminal 100 destination path under whether there is write or the establishment of the file of the lifting authority meeting root feature.This root monitoring module 40 can be real-time monitoring mobile terminal 100 particular path under file change.For Android system terminal, the present invention realizes monitoring by the inotify mechanism in Linux.Need to illustrate, inotify is a kind of change notification mechanism of file system, as document creation, open, close, the event such as deletion can allow User space learn at once, its resource consumed is little, can reside in internal memory.By inotify mechanism, all supervision is added to all destination paths, file change under these paths of real-time monitoring, once there is the establishment action of file destination, mobile terminal 100 just can be notified immediately, and judge terminal by root, further mobile terminal 100 recovers module 30 by root and restores the system to non-root state, the security of system of real-time ensuring mobile terminal 100 whereby.
Better, described root monitoring module 40 also comprises information record sub module 41 and information sends submodule 42, wherein: information record sub module 41 is for recording the root information of described mobile terminal, and described root information at least comprises root mode and root time.Information sends submodule 42 for the root information of described mobile terminal 100 is sent to service end.Service end is each terminal maintenance a root information record, and at reasonable time, according to root record, remote control terminal carries out the work of anti-root, the terminal security service of customization differentiation, improves the security of terminal, and root recovers module 30 and may be used for performing the safety command that described service end issues, such as, monitoring environment etc. is upgraded.
See Fig. 3, the root that the invention provides a kind of mobile terminal detects and restoration methods, and it can be realized by mobile terminal 100 as shown in Figure 1, and the method comprises:
Whether step S301, detect described mobile terminal 100 by root, if then perform step S302.Can be arranged by system default the detection mode of mobile terminal 100 or User Defined setting, be detected by system at regular intervals after such as sense cycle can be set, also initiatively can be initiated to detect by user.Concrete, the present invention can be occurred by the file whether being improved authority under described mobile terminal 100 predefined paths of detection; Or whether the attribute detecting described mobile terminal predetermined file is that the attribute two kinds of modes after root are examined and judged that whether mobile terminal 100 is by root.
Step S302, extracts the file of the lifting authority meeting root feature in described mobile terminal 100.In embody rule, mobile terminal 100, by after root, has the file promoting authority and occurs under its corresponding file path.Android system for mobile terminal 100, if its/system/bin path under there is su file, then illustrate that this mobile terminal 100 is by root, file extraction module 20 need extract the file of this lifting authority.
Step S303, by the described file erase process meeting the lifting authority of root feature.Or for Android system terminal, if delete the su file in mobile terminal 100, namely cut off the passage that its own right improves in domestic consumer, namely mobile terminal 100 reverts to the safe condition of non-ROOT.
It should be noted that, this embodiment only for android system, but is not limited to this system, when being applied to other system, and the corresponding different path of meeting and file, but there is identical processing mode, improve the security of mobile terminal whereby.
Fig. 4 is that the root of the mobile terminal of the present invention one specific embodiment detects and restoration methods, and it can be realized by mobile terminal 100 as shown in Figure 2, and the method comprises:
Whether step S401, have write or the establishment of the file of the lifting authority meeting root feature under monitoring the destination path of mobile terminal 100 in real time.By root monitoring module 40 can be real-time monitoring mobile terminal 100 particular path under file change.For Android system terminal, the present invention by the inotify mechanism in Linux realize monitoring, are android system for mobile terminal 100, if its/system/bin path under there is su file, then illustrate that this mobile terminal 100 is by root, and perform step S402.
Step S402, the root information of record move terminal 100, described root information at least comprises root mode and root time.
Step S403, is sent to service end by the root information of mobile terminal 100.
Step S404, by the described file erase process meeting the lifting authority of root feature.
Step S405, receives and performs the safety command that described service end issues.
Concrete, service end is each terminal maintenance a root information record, and at reasonable time, according to root record, remote control terminal carries out the work of anti-root, and the terminal security service of customization differentiation, improves the security of terminal.
In sum, the present invention is by setting up the root testing mechanism of mobile terminal, whether detect mobile terminal by root, if by root, then extract the file of the lifting authority meeting root feature in described mobile terminal, take mobile terminal as android system be example, can be extracted it/system/bin path under su file, and by this file erase, make mobile terminal return to normal rights state, promote the security of terminal whereby, reduce user need not loss.
Certainly; the present invention also can have other various embodiments; when not deviating from the present invention's spirit and essence thereof; those of ordinary skill in the art are when making various corresponding change and distortion according to the present invention, but these change accordingly and are out of shape the protection domain that all should belong to the claim appended by the present invention.
Claims (10)
1. the root of mobile terminal detects and a restoration methods, and it is characterized in that, described method comprises:
Whether detect described mobile terminal by root;
If so, the file of the lifting authority meeting root feature in described mobile terminal is then extracted;
By the described file erase process meeting the lifting authority of root feature.
2. the root of mobile terminal according to claim 1 detects and restoration methods, and it is characterized in that, whether the described mobile terminal of described detection is comprised by root step:
The file whether being improved authority under detecting described mobile terminal predefined paths occurs; Or
Whether the attribute detecting described mobile terminal predetermined file is the attribute after root.
3. the root of mobile terminal according to claim 1 detects and restoration methods, and it is characterized in that, described method also comprises:
Whether there is under monitoring the destination path of described mobile terminal write or the establishment of the file of the lifting authority meeting root feature.
4. the root of mobile terminal according to claim 3 detects and restoration methods, and it is characterized in that, described method also comprises:
Record the root information of described mobile terminal, described root information at least comprises root mode and root time;
The root information of described mobile terminal is sent to service end;
Perform the safety command that described service end issues.
5. the root of the mobile terminal according to any one of Claims 1 to 4 detects and restoration methods, it is characterized in that, described mobile terminal adopts android system, the file of the lifting authority of the described root of meeting feature is in described mobile terminal/system/bin path under su file.
6. a mobile terminal, is characterized in that, comprising:
Root detection module, for whether detecting described mobile terminal by root, if then transfer to the process of file extraction module;
File extraction module, for extracting the file of the lifting authority meeting root feature in described mobile terminal;
Root recovers module, for by the described file erase process meeting the lifting authority of root feature.
7. mobile terminal according to claim 6, is characterized in that, described root detection module comprises:
First detection sub-module, occurs for the file whether being improved authority under detecting described mobile terminal predefined paths;
Whether the second detection sub-module is attribute after root for detecting the attribute of described mobile terminal predetermined file.
8. mobile terminal according to claim 6, is characterized in that, described mobile terminal also comprises
Root monitoring module, for monitor described mobile terminal destination path under whether there is write or the establishment of the file of the lifting authority meeting root feature.
9. mobile terminal according to claim 8, is characterized in that, described root monitoring module also comprises:
Information record sub module, for recording the root information of described mobile terminal, described root information at least comprises root mode and root time;
Information sends submodule, for the root information of described mobile terminal is sent to service end;
Described root recovers module also for performing the safety command that described service end issues.
10. the mobile terminal according to any one of claim 6 ~ 9, is characterized in that, described mobile terminal adopts android system, the file of the lifting authority of the described root of meeting feature is in described mobile terminal/system/bin path under su file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410206831.4A CN105095742A (en) | 2014-05-15 | 2014-05-15 | Root detection and recovery method for mobile terminal and mobile terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410206831.4A CN105095742A (en) | 2014-05-15 | 2014-05-15 | Root detection and recovery method for mobile terminal and mobile terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105095742A true CN105095742A (en) | 2015-11-25 |
Family
ID=54576151
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410206831.4A Pending CN105095742A (en) | 2014-05-15 | 2014-05-15 | Root detection and recovery method for mobile terminal and mobile terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105095742A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106446682A (en) * | 2016-06-24 | 2017-02-22 | 北京壹人壹本信息科技有限公司 | Security protection method and apparatus |
| WO2017185455A1 (en) * | 2016-04-28 | 2017-11-02 | 宇龙计算机通信科技(深圳)有限公司 | Root detection method, device, and terminal |
| WO2018090452A1 (en) * | 2016-11-17 | 2018-05-24 | 深圳Tcl数字技术有限公司 | Method and apparatus for protecting root permission |
| CN110378106A (en) * | 2019-07-23 | 2019-10-25 | 北京智游网安科技有限公司 | A kind of root detection method, intelligent terminal and storage medium |
| CN110399731A (en) * | 2019-07-31 | 2019-11-01 | 艾体威尔电子技术(北京)有限公司 | A kind of anti-root method of intelligent POS based on android system |
| US11755727B2 (en) | 2020-12-04 | 2023-09-12 | Bank Of America Corporation | Self-defending computing device |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102930190A (en) * | 2012-10-25 | 2013-02-13 | 中科方德软件有限公司 | Method for preventing user from acquiring super user permission in Android system |
| CN103188656A (en) * | 2013-03-28 | 2013-07-03 | 广东欧珀移动通信有限公司 | Information protection method and system of mobile communication terminal |
| CN103324887A (en) * | 2013-07-05 | 2013-09-25 | 百度在线网络技术(北京)有限公司 | Mobile terminal, security defense device thereof and security defense method thereof |
| CN103559431A (en) * | 2013-11-11 | 2014-02-05 | 北京国双科技有限公司 | Detection method, device and system of Android system user permission |
| CN103699417A (en) * | 2013-12-27 | 2014-04-02 | 宇龙计算机通信科技(深圳)有限公司 | Method and system for prompting users to switch seLinux mode intelligently |
| CN103747433A (en) * | 2013-12-02 | 2014-04-23 | 上海斐讯数据通信技术有限公司 | Method and mobile terminal for realizing root request management through manufacturer server |
-
2014
- 2014-05-15 CN CN201410206831.4A patent/CN105095742A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102930190A (en) * | 2012-10-25 | 2013-02-13 | 中科方德软件有限公司 | Method for preventing user from acquiring super user permission in Android system |
| CN103188656A (en) * | 2013-03-28 | 2013-07-03 | 广东欧珀移动通信有限公司 | Information protection method and system of mobile communication terminal |
| CN103324887A (en) * | 2013-07-05 | 2013-09-25 | 百度在线网络技术(北京)有限公司 | Mobile terminal, security defense device thereof and security defense method thereof |
| CN103559431A (en) * | 2013-11-11 | 2014-02-05 | 北京国双科技有限公司 | Detection method, device and system of Android system user permission |
| CN103747433A (en) * | 2013-12-02 | 2014-04-23 | 上海斐讯数据通信技术有限公司 | Method and mobile terminal for realizing root request management through manufacturer server |
| CN103699417A (en) * | 2013-12-27 | 2014-04-02 | 宇龙计算机通信科技(深圳)有限公司 | Method and system for prompting users to switch seLinux mode intelligently |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017185455A1 (en) * | 2016-04-28 | 2017-11-02 | 宇龙计算机通信科技(深圳)有限公司 | Root detection method, device, and terminal |
| CN106446682A (en) * | 2016-06-24 | 2017-02-22 | 北京壹人壹本信息科技有限公司 | Security protection method and apparatus |
| WO2018090452A1 (en) * | 2016-11-17 | 2018-05-24 | 深圳Tcl数字技术有限公司 | Method and apparatus for protecting root permission |
| CN110378106A (en) * | 2019-07-23 | 2019-10-25 | 北京智游网安科技有限公司 | A kind of root detection method, intelligent terminal and storage medium |
| CN110378106B (en) * | 2019-07-23 | 2021-08-03 | 北京智游网安科技有限公司 | Root detection method, intelligent terminal and storage medium |
| CN110399731A (en) * | 2019-07-31 | 2019-11-01 | 艾体威尔电子技术(北京)有限公司 | A kind of anti-root method of intelligent POS based on android system |
| US11755727B2 (en) | 2020-12-04 | 2023-09-12 | Bank Of America Corporation | Self-defending computing device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105095742A (en) | Root detection and recovery method for mobile terminal and mobile terminal | |
| CN103327183B (en) | Black box protecting method and system for private data of Android user based on tag | |
| EP4080368A1 (en) | Alarm information generation method and apparatus, electronic device, and storage medium | |
| US10956383B2 (en) | Device backup and wipe | |
| CN102929807A (en) | Method for initiatively performing loss judgment and data processing and mobile terminal | |
| CN103632107B (en) | A kind of information of mobile terminal security protection system and method | |
| CN104008345A (en) | Method and device for protecting user privacy data of application program | |
| CN105049592A (en) | Voice safety protection method and system for mobile intelligent terminal | |
| CN105704758A (en) | Method and device of closing social applications based on flow monitoring | |
| CN104870068A (en) | Method and router for access network | |
| CN104753861A (en) | Security event handling method and device | |
| CN113507691B (en) | Information pushing system and method based on power distribution network cross-region service | |
| CN105657712A (en) | Access control method and device of WiFi hotspot | |
| CN104809046A (en) | Application program networking control method and application program networking control device | |
| CN105227358A (en) | The method to set up of network type and system | |
| CN104601341B (en) | One kind broadcast hold-up interception method and device | |
| CN106325993A (en) | Freezing method of application program and terminal | |
| KR102213460B1 (en) | System and method for generating software whistlist using machine run | |
| CN104346410A (en) | Method and equipment for monitoring terminal equipment | |
| CN104992116A (en) | Monitoring method and system based on intent sniffer | |
| CN105260658A (en) | Method and system for setting privacy interface | |
| CN105453104A (en) | File security management apparatus and management method for system protection | |
| JP2015052950A (en) | Data storage device, secure io device | |
| CN103533563A (en) | Restoring method and terminal for wireless local area network account number | |
| CN103428370A (en) | Mobile phone and multi-user control method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20151125 |
|
| RJ01 | Rejection of invention patent application after publication |