Two mobile phones developed by Chinese device manufacturer ZTE have been found to carry a hidden backdoor, which can be used to instantly gain root access via a password that has been hard-coded into the software. Android devices typically ship with the user unable to run commands as the 'root user', in order to protect customers from any inadvertent damage they could cause, and to reduce the chance of rogue applications taking complete control of the device. However, following an anonymous post to Pastebin on Thursday, security researcher Dmitri Alperovitch confirmed on Monday that ZTE has installed an application on the Score M and the Skate mobile phones that makes rooting these phones simple. The post on Pastebin said: "There is a setuid-root [set user ID upon execution] application at /system/bin/sync_agent that serves no function besides providing a root shell backdoor on the device. Just give the magic, hard-coded password to get a root shell." pastemonium v0.0
intro - Posted: May Wed 14th 10:53 PM (Never Expires) - Format: text
  1. Welcome to my pastebin project.  Please understand that you're looking at the pre-alpha state of the project.  Being under development the possibility of general wonkiness does exist!
  2.  
  3. Talk about features:
  4. * PHP code base
  5.   * Open; fork your own
  6. * Security
  7.   * Respectable encryption
  8.   * Open; download and run your own
  9.   * Runs fine without javascript, cookies, etc.; even from CLI
  10.   * Self-destructing and hidden pastes available
  11. * GUI / CLI interface
  12.   * CLI Examples:
  13.       echo TEST | curl -F 'cli=<-' -H "Expect: " 'https://snarf.info/'
  14.       echo TEST | curl -F 'cli=<-' -F 'password=two' -H "Expect: " 'https://snarf.info/'
  15.  
  16.       curl -s 'https://snarf.info/?cli=intro'
  17.       curl -s 'https://snarf.info/?cli=test&password=test'
  18.     * 'snarf.sh' shell script for streamlined CLI usage
  19.   * GUI:
  20.     * List enhancements (e.g., accounts, admin controls, etc.)
  21.   * Ease of use
  22.     * List enhancements (e.g., functional install script, etc.)

Paste Content:

Paste Options:

Recent Pastes:

14 days ago

a7682

27 days ago

4fc54

185 days ago

10819

207 days ago

HOW_TO_HACK_FH2.txt

221 days ago

md5

223 days ago

a78a0

230 days ago

4d8a6

260 days ago

3b92e

1230 days ago

intro