Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Hacking Android OS


Published on

Lecture note for Chiang Mai University (Thailand) Student by Click Connect Team about how to compile AOSP and create custom ROM for Android devices.

Published in: Technology
  • There are over 16,000 woodworking plans that comes with step-by-step instructions and detailed photos, Click here to take a look ♣♣♣
    Are you sure you want to  Yes  No
    Your message goes here
  • Want to preview some of our plans? You can get 50 Woodworking Plans and a 440-Page "The Art of Woodworking" Book... Absolutely FREE ★★★
    Are you sure you want to  Yes  No
    Your message goes here

Hacking Android OS

  1. 1. Hacking Android OS August 13, 2011 Room TTN1, ITSC-CMU
  2. 2. Topics (1)Why Android?Introduction to AOSP(Android Open-Source Project)Compiling AOSP and Creating ROMArchitecture of Android OSAndroid SDK, NDK, ADKIntroduction to CyanogenModInput Method CustomizationCreating your own LauncherTheme and Live Wall Paper
  3. 3. Topics (2)Rooting Android DevicesHBoot, FastBoot, Recovery, S-OFF, UnlockBootloaderHow to cook the Android ROMSuper User, ODEX, Deodex, Zip-align, SigningHow to trap SMSSensors in Android PhoneIntroduction to Arduino and Android ADK(Android Accessory Developer Kit)
  4. 4. Why Hacking?
  5. 5. Why Hacking?To know how it worksTo customize itTo make it betterTo enhance itTo have some FUN!Not to do something illegal.Not to do piracy.
  6. 6. The first step toThai Android OS
  7. 7. What will you get from this class? You will get NOTHING from this class but many links to where to read more You will break your phone’s warrantee You may BRICK your phone You may create the best phone on earth from the bad SH*T phone in your hands You may go to jail...
  8. 8. In case of Emergency
  9. 9. Why Android?
  10. 10. AndroidAndroid is an open-source software stack(OS, Middle ware, Applications) created formobile phones and other devices. The AndroidOpen Source Project (AOSP), led by Google,is tasked with the maintenance and furtherdevelopment of Android.
  11. 11. Why Android?“We created Android in response to our ownexperiences launching mobile apps. We wantedto make sure that there was no central pointof failure, so that no industry player canrestrict or control the innovations of anyother. Thats why we created Android, andmade its source code open.” - Google -
  12. 12. Why I love Android? I hate Dumbo!
  13. 13. Safe and Fun (for Kids)Fully automatic turning left (with up & down)Need to queue and payHave to be a “Good Boy” to get riding...
  14. 14. but more Fun (not for Kids)Turn left by yourselfNeed brave heartHave to be a “Good Boy” to buy BMW 1M
  15. 15. AOSP(Android Open Source Project)
  16. 16. AOSPThe goal of the Android Open Source Projectis to create a successful real-world productthat improves the mobile experience for endusers.To get and compile Android source code:http:/ /
  17. 17. Android Release History1.0 (branch name unknown, backnaming it Apple Pie)1.1 (branch name unknown, backnaming Banana bread)1.5 (Cupcake branch)1.6 (Donut branch)2.0 (Eclair branch)2.1 (Eclair branch)2.2 (Froyo branch)2.3 (Gingerbread branch)3.0 (Honeycomb branch)3.1 (Honeycomb branch)3.2 (Honeycomb branch)(Ice Cream Sandwich)
  18. 18. To startGet Android SourceCompile itUnlock your phone(lost your phone’s warantee)Install the result ROM to your phone(lost all of Google and Bundled apps)
  19. 19. Compile AOSP$ . build/$ lunch(Select target device)$ make -j4
  20. 20. What is Crespo?Developer Devices Dream (HTC G1) Sapphire Passion (Google Nexus One) Crespo (Google Nexus S) Crespo4G (Google Nexus S 4G)
  21. 21. Reboot to Bootloader$ adb reboot bootloaderUse hardware button
  22. 22. Unlock Bootloader$ fastboot oem unlock On Nexus One, the operation voids the warranty and is irreversible. On Nexus S and Nexus S 4G, the bootloader can be locked back with $ fastboot oem lock
  23. 23. Flash your built ROM$ fastboot flashall -w Congratulations! You lost all Google and bundled apps!
  24. 24. Goo-inside.meGoogle’s stuff and more...
  25. 25. RecoveryRom ManagerClockWorkMod Recovery
  26. 26. Try FlashGoogle AppsRestore your phone by flash OTA ROMHow to solve problem when you BRICK yourphone
  27. 27. HBoot, FastBoot, SPLHboot is the init script of the device. In others words, itmakes possible to the device power on and load all the"programs"Fastboot is protocol used to update the flash file system inAndroid devices from a host over USBThe SPL, or Second Program Loader, in conjunction with theIPL comprise a devices bootloader. Aside from bootstrappingAndroid, the bootloader also fulfills various diagnosticfunctions. One of these functions is the manipulation of datain the devices internal flash ram. Depending on the SPLinstalled, the user can apply a signed NBH file, flash nandimages, and more. Note that the SPL is installed and operatesindependently of the Android build that runs atop it.
  28. 28. FastBootFastboot Cheat Sheet
  29. 29. Radio, SPL, Recovery System, Cache, DataRecoveryROM
  30. 30. Android Boot Process ROM - load first stage bootloader intosystem RAMBootloader First stage bootloader - init memory Second stage bootloader - load kernel to RAMLinux KernelThe Init processZygote and Dalvik VMThe System ServerBoot completed
  31. 31. Android Architecture
  32. 32. Create your own Android BeagleBoard Panda Board instruments/pandaboard.html
  33. 33. CyanogenModCyanogenMod is an aftermarketfirmware for a number of cellphones based on the open-sourceAndroid operating system. Itoffers features not found in theofficial Android based firmwaresof vendors of these cell phones.
  34. 34. MIUIMIUI, Redefining Android.MIUI is one of the most popular Android ROMs inthe world.It is based on Android 2.3 and has a unique UIthat looks and feels great to use. MIUI isupdated every Friday based on the feedback fromits users, it is then translated to English by ourtranslation team for you all to use and love. Sowhat are you waiting for, head over to the ROMSsection and download MIUI for your phone.
  35. 35. AOSPWorkflow
  36. 36. Fixing Issue
  37. 37. Fixing Issue
  38. 38. Google TV & AndroidThe software that Google TV runs is aversion of Android that has been enhancedto support video search, HDTV signaling, anda full Google Chrome browser. It currentydoesnt support certain Android features likeinstalling third party apps.
  39. 39. Writing Android AppsAndroid Developer site SDK plugin for Eclipse NDK Open Accesory Development Kit (ADK)
  40. 40. Android App Building Box
  41. 41. Replace & Reuse Components
  42. 42. Customize AOSPOur Goal: Thai Android OS Thai IME Thai Launcher Thai Theme & Live Wallpaper Thai Web Browser Thai Date & Time Thai Character Display Thai Sorting Thai Essential Apps
  43. 43. Customize IME (Brief Examples)packages/inputmethods/LatinIMEAdd xml-thCustomize Keyboard layout for THAI(and many detail to fix and add such as wordsuggestion vocabulary and behavior)
  44. 44. Launcher Customization ADW Launcher is a good place to start showthread.php?t=645550 android/ Source code: android_packages_apps_Launcher
  45. 45. ADW.Launcher
  46. 46. ADW ThemeADW Theme Guide Template
  47. 47. LIVE WallpaperStart at “Cube LIVE Wallpaper” sample codefrom Android SDKTutorial
  48. 48. How to RootRevolutionary S II
  49. 49. HTC Bootloader Unlock(Coming soon) waiting, use Revolutionary :P
  50. 50. Cooking AndroidUnlock Bootloader (S-OFF)Flash Custom RecoveryCook a rooted ROMFlash ROMHave Fun!
  51. 51. dsixda’s KitchenA good start for Android ROM Cooker“This is NOT a tool to automatically turn you into a full-fledged ROM developer. ROM development normally involveswork from the ground up and involves time, research andpatience. I am just giving the tools to help the averageperson get things done quickly from an existing base.” dsixda
  52. 52. Reading about CookingHow to cook ROM (Hero) to cook ROM (Magic) ROM file from HTC’s RUU
  53. 53. Signed Update.zipThe "signed update" type ROM image always contains thefollowing components:boot.img - This file is a binary representation of the root filesystem of the device. It contains the system kernel and allfiles required to start the core part of Androidsystem - This is a directory containing all files foundunder /system on a running Android device. It has exactlythe same layout.META-INF - This is directory containing the update manifestand script. The manifest is a file which lists all file includedin the update, with their SHA1 checksums. The update scriptis used to apply the update on a device
  54. 54. ODEX File"Normal" apps have an APK with a manifest, resources, and a"classes.dex" inside. The classes.dex is optimized by the packagemanager on first use, and ends up in /data/dalvik-cache/."System" apps have the DEX optimization performed ahead of time. Theresulting ".odex" file is stored next to the APK, the classes.dex isremoved from the APK, and the whole thing works without having to putmore stuff in your /data partition.The optimized DEX files cannot easily be converted back to unoptimizedDEX, and Im not sure theres any benefit in doing so. Both kinds ofDEX files can be examined with "dexdump".More detail can be found in dalvik/docs/dexopt.html in the sourcetree, or on the web at:;a=blob_plain;f=docs/dexopt.html;hb=HEAD
  55. 55. De-odexDeodex Instruction
  56. 56. Boot Logo & AnimationHow to create
  57. 57. Trapping SMSBroadcast ReceiverSMS Received --> Your app --> FUN!
  58. 58. ADK & ArduinoArduino Mega ADK for Android
  59. 59. What’s next?All source code available athttp://clicknect.comNext Training Image Processing using OpenCV Introduction to OpenGL ES Introduction to WebGL Introduction to HTML5 Canvas (You can suggest topics)
  60. 60. Thank youEnjoy your hacking!