This is a short blog post on how you can get root access on a Android 12 emulated device with Google services, using a tool (script) called rootAVD by newbit1. I also share a few recommendations which are helpful during mobile analysis.

Android Studio

For mobile analysis I generally use my Google Pixel 3a device. However, sometimes I will try to avoid it if I can, especially when I’m only curious about an app’s network traffic or API endpoints. I will use the Android Studio device emulator instead.

Android Studio supports three types of system images:

  • Google Services and PlayStore
  • Google Services
  • Open source project (without Google API or PlayStore)

The following screenshot shows an example of different system images available under the device creation configuration pane. You can see there are a various targets, architectures and API versions options:

I opt to go for the Android 12 with arm64-v8a image with Google Services PlayStore. This configuration was chosen because I’m running on the Apple M1 chip, and I also want to be able to download apps from the PlayStore.

Note: Not all apps are available from the Play Store on an emulated device.

rootAVD

rootAVD is available on GitHub https://github.com/newbit1/rootAVD. It is a collection of scripts that automatically modify Android Studio Virtual Device system files, in order to gain root using Magisk.

There’s really only three steps:

  1. Create a AVD on Android Studio
  2. Show a list of available AVDs and paths: ./rootAVD.sh ListAllAVDs
  3. Select a AVD to be rooted: ./rootAVD.sh ~/Library/Android/sdk/system-images/android-31/google_apis_playstore/arm64-v8a/ramdisk.img

Extras

After successfully rooting a device, I highly recommend doing the following.

Install Magisk Modules

These are some of the modules I use to extend the features of Magisk.

Create a Snapshot

When your virtual device has been configured. I suggest creating a snapshot. This is especially helpful when you’re analysing malicious apps, or when you’re doing something dangerous which might corrupt the system.