RootAppDetector
Pre-configured tamper detector that identifies device rooting by checking for known root management applications.
This detector extends PackageDetector and specifically looks for installed packages of popular root management applications. It maintains a comprehensive list of known root applications that are commonly found on rooted Android devices.
The detector checks for the following categories of root applications:
Classic Root Managers:
Superuser (com.noshufou.android.su) - Original Android root management
Superuser Elite (com.noshufou.android.su.elite) - Premium version
SuperSU (eu.chainfire.supersu) - Popular root access manager by Chainfire
Koush Superuser (com.koushikdutta.superuser) - CyanogenMod integrated superuser
Alternative Root Solutions:
Third Party Superuser (com.thirdparty.superuser) - Generic superuser implementations
YellowADB (com.yellowes.su) - Alternative root management
Magisk (com.topjohnwu.magisk) - Modern systemless root solution
One-Click Root Tools:
KingRoot (com.kingroot.kinguser) - Popular one-click rooting tool
Kingo Root (com.kingo.root) - Android rooting utility
OneClickRoot (com.smedialink.oneclickroot) - Simplified rooting tool
Root Master (com.zhiqupk.root.global) - Chinese rooting application
Framaroot (com.alephzain.framaroot) - Exploit-based rooting tool
This detector provides a reliable method for identifying rooted devices by checking the package manager for installed applications, which is harder to bypass than some file-based detection methods.
Example usage:
val detector = RootAppDetector()
val isTampered = detector.isTampered(context)
// Or in analyze DSL:
val isTampered = analyze {
detector {
add(RootAppDetector())
}
}