Home All our topics

Our sites

AfterDawn HIGH.FI

Our apps

News Reader (Android)

Follow us

Facebook Twitter

© AfterDawn Oy

ZTE handsets have 'root backdoor', say developers

James Delahunty
14 May 2012 20:41

Flaw can give root to any app, as long as the password is right.
The Pastebin post referred to the ZTE Score M on MetroPCS in the United States. It runs the Android 2.3.4 (Gingerbread) operating system.
There is a setuid-root application at /system/bin/sync_agent that serves no function besides providing a root shell backdoor on the device.

Just give the magic, hard-coded password to get a root shell:
$ sync_agent ztex1609523
# id
uid=0(root) gid=0(root)
Nice backdoor, ZTE.

According to AndroidAuthority, the ZTE Skate, sold by Orange in the UK, is also affected. ZTE has reportedly confirmed the problem and is said to be working on a fix for it.
XDA Recognized Developer shabbypenguin and XDA Elite Recognized Developer jcase, suggest that ZTE engineers likely left this enabled accidentally on the affected handsets before they shipped.

More from us
VLC hits milestone: over 5 billion downloads 03/16/2024 4:31
Sideloading apps to Android gets easier, as Google settles its lawsuit 12/19/2023 11:09
Roomba Combo j7+ review - Clever trick allows robot vacuum finally to tackle home with rugs and carpets 06/06/2023 9:19
Neato, the robot vacuum company, ends its operations 05/02/2023 15:38
Tags
ZTE
We use cookies to improve our service.

© 1999 - 2024 AfterDawn Oy