androidadbuser-accounts

ADB Root: backup / Restore Androids Account Manager credentials / fingerprints


I've been exploring ways to create a backup of the central account management on my rooted Android phone using ADB and potentially SQLite.

My goal is to ensure that I can restore either specific acocunts or all at once (if the first is not possible). Anyhow I'm only running very few accounts. Basically I want to be able to programmatically switch between two accounts for a specific app, let's say Dropbox.

Here's what I've done and tried so far:

I've pulled the following files using ADB:

adb pull /data/system_ce/0/accounts_ce.db
adb pull /data/system_de/0/accounts_de.db

Using an SQLite browser, I am able to view the Dropbox-account stored in these databases including authtoken, cookie etc...

However, I am facing issues: When I reinstall the Dropbox App, i.e. therefore effectively deleting the account of that particular app in the android settings and then attempting to restore these files back onto the device: They are not recognized by Dropbox.

Despite pushing them back to their original locations on the same device, the accounts do not seem to be reinstated as expected, even after reboot.

Has anyone successfully managed to backup and restore these account databases?

Are there additional steps or considerations I might be missing in this process?

Any advice or guidance on how to successfully accomplish this would be greatly appreciated.


Solution

  • One can get the accounts of the currently logged in user with AccountManager.
    while Android is multi-user and there may be several such database files ...
    Obvioulsly, one can also use AccountManager to properly add accounts.

    https://android.googlesource.com/platform/frameworks/base/+/master/core/java/android/accounts

    This would not work with root, but only as system app in a custom ROM:

    <permission name="android.permission.GET_ACCOUNTS_PRIVILEGED"/>
    

    Allows access to the list of accounts in the Accounts Service.

    There it reads:

    The app has to be pre-installed and in the system/priv directory in the filesystem.


    This means, that adb root is entirely useless, when it's more alike adb reboot bootloader.

    No app could ever obtain privileged permission unless been preinstalled to system/priv. Later coming there and believing one could simply extract the accounts for whatever purpose is naive, as one cannot preinstall an app without flashing the system partition, which subsequently will cause setup of encryption. Only then one could enter accounts to be extracted easily. The whole concept is absurd, because of Google Password Manager, which potentially has these accounts anyway. There is nothing to "backup" on the end-device by a third party in this closed ecosystem, which not only offers backup for accounts, but meanwhile also for 2FA.