It’s appearing that a root backdoor has appeared in ZTE phones, allowing full root to devices. It simply provides a root shell using a hard-coded password. This is serious news for any hackers, as this command can cause major damage to phones.
Here is the information, should you wish to have a go:
The ZTE Score M is an Android 2.3.4 (Gingerbread) phone available in the United States on MetroPCS, made by Chinese telecom ZTE Corporation. There is a setuid-root application at /system/bin/sync_agent that serves no function besides providing a root shell backdoor on the device. Just give the magic, hard-coded password to get a root shell: $ sync_agent ztex1609523 # id uid=0(root) gid=0(root) Nice backdoor, ZTE.
It is confirmed on these devices:
- ZTE Skate WWE edition
- More as we hear…