Friday, June 24, 2016

[Emulator][How-To] Manually Root and Debloat BlueStacks



Ahoy, I'm Rumbla Threepwood....a mighty pirate...
...wait, that's for another time, another story....


Hello fellas, here I am with an adventure in the Fabulous world of "BlueStacks Rooting and Debloating".
When I first started rooting BlueStacks this way, you needed a linux machine/VM to mount the root.fs in a read/write mode and modify it.
That's not very practical, isn't it?
Also, lately, they changed the format of these "filesystem" file to 'vdi' (Virtual Box format?) and these are not so easily mountable anymore.

So what?
Well, I came up with another, much simpler and less demanding method.
This new one, won't require any linux OS, nor copy around your filesystems!
Keep in mind that's always better have a backup of these filesystem you're going to modify, but even that it's not really necessary.
You could always just uninstall/reinstall BlueStacks and start anew!

Ohh....and this method should be working with EVERY BlueStacks version.
That's it, from 0.9.x to the latest 2.3.x
Once again, I don't know if this method will work with future BlueStacks versions, but hey, I will gladly accept a crystall ball as donation, if you wish to do so!

Like in the previous thread, we will still be using the closed-source classic Android App "SuperSU" (from chainfire!)
Here's the link: http://ift.tt/28RgovB
If you want to know more about it here are some links:
https://su.chainfire.eu
http://ift.tt/1uRM35c
http://ift.tt/1a93NRB

If you don't like "Closed Source" you could try this method using the WiP Open-Source Android app "SuperUser", but then you're on your own.
As for SuperSU, here's some links about "phh's SuperUser":
http://ift.tt/28WZaR8
http://ift.tt/1NmhkW5
http://ift.tt/1F0bond


Well, let's get started!
First of all, to root BlueStacks this way you need access to just one thing: "cmd.exe" (with admin-privileges, for some tasks)
You will also need some linux knowledge. It's not stricly necessessary, but I won't provide any support about the part dealing with linux commands. You could just follow my instructions blindly and probably you will be able to root it, but it might not be that simple...well, at least, I told you.

The second step requires you to gather the necessary software. Namely, an Android App to handle root-permission (SuperSU/SuperUser).
At this time, you should be able to find SuperSu v2.65 (Stable). The instructions should be the same with other SuperSU versions. I can't really say.
About SuperUser, you're on your own (but if you try and you succeed, I would like to read about your discoveries...and instruction, so I can add them here!)

Here is a link (it should be the direct link from the developers...ChainFire!):
http://ift.tt/20Xi6Bl

Well, you should now have all the needed software, but you may want to gather some APKs with the software you like the most...so you can install it right away!
In fact, if you follow this How-To fully, you would end up even without the stock BlueStacks launcher, so be prepared.

This How-To assumes you already have BlueStacks installed on your system, but make sure it isn't running.

So, let's get started.


Quote:
WARNING These instructions are for BlueStacks 2.3.29.6222. They may be slightly different for older/newer versions, but the method is the same!

1) Unpack SuperSU/SuperUser zip archive somewhere. You need to copy files from this archive into your Root.fs!

1b) Unpack your busybox (I usually use this one: http://ift.tt/28WZ77W, already unpacked!) and keep it ready.
1c) You could install busybox using an APK, the outcome should be same...I usually don't do that tho (see 1b)...

2) Start up your cmd.exe. This will be your best-friend for the next 10/15 minutes

3) Let's start changing some "Registry" values.
These changes should stop your BlueStacks calling back-home.
They will turn off BlueStacks Camera.
They will fake your "position" to 0.0/0.0, turning off the GPS too.
They will turnoff SystemStats (is this really needed?).
They will take away some of the default "Shared-Folders"
Code:
reg add HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Agent\AppSync /f /v Enabled /t REG_DWORD /d 0
reg add HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Agent\Cloud /f /v Host /t REG_SZ /d https://127.0.0.1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Agent\Cloud /f /v Host2 /t REG_SZ /d https://127.0.0.1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Agent\Cloud /f /v CCPinCheckSecs /t REG_DWORD /d 0xffffffff
reg add HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Agent\Cloud /f /v SyncIntervalSecs /t REG_DWORD /d 0xffffffff

reg add HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Config /f /v OEM /t REG_SZ /d BlueStacks

reg add HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Guests\Android\Config /f /v Camera /t REG_DWORD /d 0
reg add HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Guests\Android\Config /f /v IsFrontendFirstLaunch /t REG_DWORD /d 0
reg add HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Guests\Android\Config /f /v SystemStats /t REG_DWORD /d 0
reg add HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Guests\Android\Config /f /v UsbAutoMount /t REG_DWORD /d 0
reg add HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Guests\Android\Config /f /v GpsMode /t REG_DWORD /d 0
reg add HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Guests\Android\Config /f /v GpsLatitude /t REG_SZ /d "0.0"
reg add HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Guests\Android\Config /f /v GpsLongitude /t REG_SZ /d "0.0"
reg add HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Guests\Android\Config /f /v OEM /t REG_SZ /d BlueStacks

reg add HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Updater /f /v ManifestURL /t REG_SZ /d "http://ift.tt/28Rgnb1;

# Admin Privileges required for these changes ###########
reg add HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Guests\Android\SharedFolder\1 /f /v Name /t REG_SZ /d "InputMapper"
reg add HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Guests\Android\SharedFolder\1 /f /v Path /t REG_SZ /d "C:\BlueStacks\UserData\InputMapper\"

reg delete HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Guests\Android\SharedFolder\2 /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Guests\Android\SharedFolder\3 /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Guests\Android\SharedFolder\4 /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks\Guests\Android\SharedFolder\5 /f

4) To speed up BlueStacks slightly, you could turn off both BlueStacks Updater and BlueStacks Logs
How? Very simple, but you need admin privileges to do so:
Code:
# Admin Privileges required for these changes ###########
move "C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe" "C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.norun.exe"
move "C:\Program Files (x86)\BlueStacks\HD-LogRotator.exe" "C:\Program Files (x86)\BlueStacks\HD-LogRotator.norun.exe"
move "C:\Program Files (x86)\BlueStacks\HD-LogCollector.exe" "C:\Program Files (x86)\BlueStacks\HD-logCollector.norun.exe"
move "C:\Program Files (x86)\BlueStacks\HD-Updater.exe" "C:\Program Files (x86)\BlueStacks\HD-Updater.norun.exe"

5) Now, let's get to the "core" of the rooting process!
First of all we need adb working so:
Code:
sc start BstHdAndroidSvc

"C:\Program Files (x86)\BlueStacks\HD-Adb.exe" kill-server
"C:\Program Files (x86)\BlueStacks\HD-Adb.exe" start-server
"C:\Program Files (x86)\BlueStacks\HD-Adb.exe" wait-for-device

6) Now, let's start an adb shell and get done with the "SECRET" (or the core of this rooting method)
Code:
"C:\Program Files (x86)\BlueStacks\HD-Adb.exe" shell

Now you should have an user-prompt (can you see that $?).
To modify our filesystem we need root privileges, tho....
...but BlueStacks' guys were so kind they left an hidden "su" for us!
Let's run it...getting some root privileges!
Code:
/system/xbin/bstk/su

Now you should have a root-prompt (can you see that #?).
Keep this cmd.exe windows open....remember? It's your best-friend now.

7) Now that we are the Nietzsche's SuperHuman, we can go on and do all of our stuff!!!
First of all, let's mount "system" as read/write. I also create a tmp directory there, to store my tmp stuff
Code:
mount -o remount,rw /dev/sda1 /system
mkdir /system/tmp

Now, you should open another cmd.exe window and use it to push some stuff in our newly-create directory
Code:
"C:\Program Files (x86)\BlueStacks\HD-Adb.exe" push path_to/SuperSU/2.65/common/SuperUser.apk /system/tmp
"C:\Program Files (x86)\BlueStacks\HD-Adb.exe" push path_to/SuperSU/2.65/x86/su /system/tmp
"C:\Program Files (x86)\BlueStacks\HD-Adb.exe" push path_to/SuperSU/2.65/x86/supolicy /system/tmp
"C:\Program Files (x86)\BlueStacks\HD-Adb.exe" push path_to/SuperSU/2.65/x86/libsupol.so /system/tmp
"C:\Program Files (x86)\BlueStacks\HD-Adb.exe" push path_to/busybox/busybox-i686 /system/tmp/

Get back at your android-root-prompt.

Time to copy the apk:
Code:
chown system:system /system/tmp/SuperUser.apk
chmod 664 /system/tmp/SuperUser.apk
mv /system/tmp/SuperUser.apk /system/app

This will actually permanently "root" out BlueStacks
Code:
chown root:root /system/tmp/su
chown root:root /system/tmp/supolicy
chown root:root /system/tmp/libsupol.so
chmod 775 /system/tmp/su
chmod 775 /system/tmp/supolicy
chmod 664 /system/tmp/libsupol.so
cp /system/tmp/su /system/xbin/daemonsu
mv /system/tmp/su /system/xbin/
mv /system/tmp/supolicy /system/xbin/
mv /system/tmp/libsupol.so /system/lib/

Busybox installation...not really needed, but I do it!
Code:
chmod 775 /system/tmp/busybox-i686
chown root:root /system/tmp/busybox-i686
cp /system/tmp/busybox-i686 /system/xbin/
mv /system/tmp/busybox-i686 /system/xbin/busybox

init.sh modification to have the su binary listening as a daemon
Code:
awk '/\tdo_init/{print;print "\t\t/system/xbin/daemonsu --auto-daemon &";next}1' /system/etc/init.sh > /system/etc/init.sh.tmp
mv /system/etc/init.sh /system/etc/init.sh.bs
mv /system/etc/init.sh.tmp /system/etc/init.sh
chown system:system /system/etc/init.sh
chmod 664 /system/etc/init.sh

Let's now "Debloat" our system. This is not necessary, but I do it!
Code:
ls /system/app/

rm /system/app/BasicSmsReceiver.apk
rm /system/app/Calculator.apk
rm /system/app/Calendar.apk
rm /system/app/Camera2.apk
rm /system/app/DeskClock.apk
rm /system/app/DocumentsUI.apk
rm /system/app/DownloadProviderUi.apk
rm /system/app/Gallery.apk
rm /system/app/LiveWallpapersPicker.apk
rm /system/app/Music.apk
rm /system/app/NotePad.apk
rm /system/app/PicoTts.apk
rm /system/app/PrintSpooler.apk
rm /system/app/QuickSearchBox.apk
rm /system/app/SoundRecorder.apk
rm /system/app/TelephonyProvider.apk
rm /system/app/com.google.android.apps.uploader.apk
rm /system/app/com.google.android.syncadapters.calendar.apk
rm /system/app/com.google.android.syncadapters.contacts.apk

ls /system/priv-app/

rm /system/priv-app/BackupRestoreConfirmation.apk
rm /system/priv-app/CalendarProvider.apk
rm /system/priv-app/Contacts.apk
rm /system/priv-app/ContactsProvider.apk
rm /system/priv-app/Dialer.apk
rm /system/priv-app/MusicFX.apk
rm /system/priv-app/OneTimeInitializer.apk
rm /system/priv-app/SharedStorageBackup.apk
rm /system/priv-app/TeleService.apk
rm /system/priv-app/WallpaperCropper.apk

Now let's clean up our mess (not really a mess, is it?) and remount "system" as read-only
Code:
rm /system/tmp/*
rmdir /system/tmp
mount -o remount,ro /dev/sda1 /system

Some more "Debloating" in process
Code:
mount -t ext4 /dev/block/sdd1 /mnt/prebundledapps

ls /mnt/prebundledapps/downloads/

rm /mnt/prebundledapps/downloads/AppGuidance.apk
rm /mnt/prebundledapps/downloads/AppSettings.apk
rm /mnt/prebundledapps/downloads/BstFakeGps.apk
rm /mnt/prebundledapps/downloads/MyBluestacks.apk
rm /mnt/prebundledapps/downloads/S2P.apk
rm /mnt/prebundledapps/downloads/WindowsFileManager.apk
rm /mnt/prebundledapps/downloads/bluestacksHome.apk
rm /mnt/prebundledapps/downloads/bluestacksServices.apk
rm /mnt/prebundledapps/downloads/newAppFinder.apk
rm /mnt/prebundledapps/downloads/setupWizard.apk

ls /mnt/prebundledapps/app/

rm /mnt/prebundledapps/app/com.google.android.apps.photos-1.apk

ls /mnt/prebundledapps/system-app

rm /mnt/prebundledapps/system-app/com.google.android.apps.uploader.apk
rm /mnt/prebundledapps/system-app/com.google.android.syncadapters.calendar.apk
rm /mnt/prebundledapps/system-app/com.google.android.syncadapters.contacts.apk

ls /mnt/prebundledapps/system-priv-app

umount /mnt/prebundledapps

ls /data/app/

rm /data/app/com.google.android.apps.photos-1.apk

Man, we should be done now. Let's clear the Dalvik-cache!
Code:
find /data/dalvik-cache/ -type f -exec rm {} +

exit
exit

And we're DONE!!!

8) Let's now restart BlueStacks...and see what happend!

From your cmd.exe
Code:
sc stop BstHdAndroidSvc

#### wait some seconds (10?)

sc start BstHdAndroidSvc

Now, I usually go modify the Oem.cfg file (admin privileges are needed to do so).
Why? Becase I don't EVER start BlueStacks using "GameManager", but merely the "classic" FrontEnd.
So, open the file and search for:
Code:
<IsFrontendBorderHidden>true</IsFrontendBorderHidden>
Change it to
Code:
<IsFrontendBorderHidden>false</IsFrontendBorderHidden>
This will bring back the "classic" windows' decoration to the Frontend!
And here is how I ALWAYS start my BlueStacks:
Code:
"C:\Program Files (x86)\BlueStacks\HD-Frontend.exe" Android

If you want to use GameManager, you should probably skip the last couple of tasks...
Keep in mind that I won't give any support if you decide to do so (cause I NEVER tested it)

WoW.....scary, isn't it? Nothing appears on your BlueStacks window but a black background and a tiny "#" notification on top.
You should also get a request for your "Position"....I usually decline that...

Well, nothing to fear about. It's just our "almost completely debloated" BlueStacks running.
If this is the case....YES...YOU DID IT!

Just click the "#" notification.
You will be prompted about a SuperSU update. Choose the "normal" way and after the update, restart your BlueStacks.

Code:
"C:\Program Files (x86)\BlueStacks\HD-Quit.exe"
"C:\Program Files (x86)\BlueStacks\HD-Frontend.exe" Android
The notification should be gone now!
Your BlueStacks is now Rooted&Debloated.

9) BlueStacks like this, is not really usable...so we need to do something more.
Remember when I told you to gather your preffered APKs somewhere...well, this is the reason.
It's time to install these now.

From a cmd.exe window
Code:
"C:\Program Files (x86)\BlueStacks\HD-Adb.exe" kill-server
"C:\Program Files (x86)\BlueStacks\HD-Adb.exe" start-server
"C:\Program Files (x86)\BlueStacks\HD-Adb.exe" wait-for-device

Now we can use "push" and "shell pm"
Code:
### Apex Launcher 3.1.0 (PlayStore)
"C:\Program Files (x86)\BlueStacks\HD-Adb.exe" push apk\com.anddoes.launcher-3.1.0-3101-minAPI15.apk /sdcard/Download
"C:\Program Files (x86)\BlueStacks\HD-Adb.exe" shell pm install /sdcard/Download/com.anddoes.launcher-3.1.0-3101-minAPI15.apk
"C:\Program Files (x86)\BlueStacks\HD-Adb.exe" shell rm /sdcard/Download/com.anddoes.launcher-3.1.0-3101-minAPI15.apk

Here is an example to install ApexLauncher!
Do the same with all of your APKs and you're done.
You could probably Drag the APS directly on BlueStacks' window...

Here is what I usually install
  • ApexLauncher
  • Fx (RootExplorer!)
  • Full!Screen
  • ConnectBot (terminal emulator and ssh client)


As always, please, report back any mistake you spot....
...and any suggestion you may have about all this how-to!



Hope you enjoyed this how-to and I hope you will enjoy your newly rooted BlueStacks.


from xda-developers http://ift.tt/28WZejV
via IFTTT
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)