Saturday, 5 March 2016

Fiddling with Nexus 4 boot image

TLDR; How to modify any system to set ro.debuggable=1 without rebuilding it from source. This setting will make any apk debuggable on the device.

Get the existing boot image off the phone

dd if=/dev/block/mmcblk0p6 of=/mnt/sdcard/boot.img # on the phone adb pull /mnt/sdcard/boot.img # on your computer

/dev/block/mmcblk0p6 is Nexus 4's boot partition.

Install abootimg from https://github.com/coruus/abootimg. The rest of the process below is stolen from this page.

Extract and unpack initrd

mkdir boot  cd boot abootimg -x /tmp/boot.img mkdir initrd cd initrd cat ../initrd.img | gunzip | cpio -vid 
 
 Edit default.prop, setting anything you want, including ro.debuggable=1.
 
 Repack initrd and boot image
 
cd initrd find . | cpio --create --format='newc' | gzip > ../myinitrd.img cd .. abootimg --create myboot.img -f bootimg.cfg -k zImage -r myinitrd.img 
 
 Flash to phone
 
adb reboot-bootloader fastboot flash boot myboot.img 
 
 
 
 
  Posted by    at             
  
 
 
  Labels: ,