Android ENV Setup

how to develop on KaiOS from an Android device, by Luxferre

This discovery was born from Luxferre on September 2020, while him faced a need to be able to connect to different KaiOS devices from its Lenovo TB-X606X tablet without any "normal" PC nearby, by using a known web context vulnerability in KaiOS that allows us to manipulate Android property set directly from the browser. So, here's the guide.


1. Create a publicly available web page with a button that runs the following JS code on the click:

var masterExt = navigator.engmodeExtension || navigator.jrdExtension || navigator.kaiosExtensionvar propSet = { 'service.adb.tcp.port': 5555, 'ctl.stop': 'adbd', 'ctl.start': 'adbd'};for(var key in propSet) { masterExt.setPropertyValue(key, propSet[key])}

Essentially, what it does is setting the Android property service.adb.tcp.port and restarting adbd via the predefined ctl.* property hooks. NOTE that these hooks aren't present in KitKat-based systems, so for those, manual ADB restart will be required;

2. Prepare the necessary parts on Android side:

git clone

cd gdeploy

npm i --global

3. Make sure your Android and KaiOS device are connected to the same Wi-Fi network at this point. Record the IP address of your KaiOS device by going to the access point's preferences;

4. On KaiOS side, enable the debugger (ADB & DevTools) in the developer menu, optionally also enable the root access (via Wallace Toolbox, ADBroot, etc...) if needed. Then, go to the page you've published (at point 1) via the system browser and launch the code;

5. On Android side, run the following command:

adb connect [your_phone_ip]:5555

obviously repalce [your_phone_ip] with the ip address of your phone, then ensure you see the device using the command "adb devices";

6. Now you can manage the apps on the device with the gdeploy commands (gdeploy list/install/uninstall/start/stop/evaluate) fully wirelessly. Use Vim or other convenient editor for the development process on your Android and Termux + gdeploy for actual device testing.

Notes and limitations

  • you'll need to re-enable the remote ADB port via web page exploit every time your reboot your KaiOS device;

  • on KaiOS devices with Gonk layer based on Android version less than 6 (most MediaTek or Unisoc devices), you'll need to manually restart adbd via developer menu, by switching from "Debugger - None" to "Debugger - ADB & DevTools" again, after enabling the remote port;

  • Android doesn't have a full-featured B2G-compatible WebIDE, as it's only usually viewed as a target, not as a development host. However, alternatives like gdeploy may usually be sufficient for most of our purposes.

Have fun and (most importantly) never give up!