Rooting Android is simply installing the su binary, in one way or another, on the device. The su binary is modified in a way that it displays a dialog, asking to grant or deny permission from the user, once granted, it's similar to running then sh command. Apps that use root simply execute commands in a shell (by running su -c or by using a shell and writing to its stdin, and parsing stdout). The difficult part in rooting is getting the binary installed on the device, since it has to be in /system which is read-only, so you'd need to find a way to remount it as RW, with exploits to gain privileges or recovery which unpacks zips to /.