ZTE handsets have 'root backdoor', say developers

James Delahunty
14 May 2012 20:41

Flaw can give root to any app, as long as the password is right.
The Pastebin post referred to the ZTE Score M on MetroPCS in the United States. It runs the Android 2.3.4 (Gingerbread) operating system.

There is a setuid-root application at /system/bin/sync_agent that serves no function besides providing a root shell backdoor on the device.

Just give the magic, hard-coded password to get a root shell:

$ sync_agent ztex1609523
# id
uid=0(root) gid=0(root)

Nice backdoor, ZTE.

According to AndroidAuthority, the ZTE Skate, sold by Orange in the UK, is also affected. ZTE has reportedly confirmed the problem and is said to be working on a fix for it.

XDA Recognized Developer shabbypenguin and XDA Elite Recognized Developer jcase, suggest that ZTE engineers likely left this enabled accidentally on the affected handsets before they shipped.

11/13/2024 15:09

Android 16 will launch sooner than expected

11/01/2024 6:45

Winamp ends its "open source" project that wasn't really open source

10/20/2024 11:12

Winamp released its source code - but didn't go open source

09/25/2024 12:38

ZTE handsets have 'root backdoor', say developers

More from us

Tags