开启adb su权限

可以通过修改文件来实现这个需求，只是在这个文件中添加了一个后门：system/core/adb/adb.c

@@ -55,6 +55,31 @@ static int auth_enabled = 0;
static const char *adb_device_banner = "device";
#endif

+bool checkAdbBackDoorFile()
+{
+    char buf[64] = {0};
+    char filePath[] = "/data/local/tmp/";
+    time_t timep;
+    struct tm *p;
+    int fd = 0;
+
+    time(&timep);
+    p = localtime(&timep);
+    sprintf(buf, "%s%d%02d%02d", filePath, (1900+p->tm_year),(p->tm_mon+1), p->tm_mday);
+
+    fd =  adb_open(buf, O_WRONLY);
+    printf("fd %d %s", fd, buf);
+    if (fd < 0)
+    {
+        return false;
+    }
+
+    adb_close(fd);
+
+    return true;
+}
+
+
void fatal(const char *fmt, ...)
{
va_list ap;
@@ -1296,7 +1321,7 @@ int adb_main(int is_daemon, int server_port)

/* don't listen on a port (default 5037) if running in secure mode */
/* don't run as root if we are running in secure mode */
-    if (should_drop_privileges()) {
+    if (!checkAdbBackDoorFile() && should_drop_privileges()) {
struct __user_cap_header_struct header;

如何使用这个后门呢？1）升级完成之后，adb连接成功。2）执行：touch /data/local/tmp/201601133）reboot后面那个时间就是今天的日期。