How to remove the backdoor from ZTE's Score M smartphone
Posted on 28 May 2012.
The existence of the recently discovered vulnerability in ZTE's Score M smartphone which allows any attacker in possession of the hardcoded password to access and take over the phone has been confirmed by the Chinese handset maker.

The company has also said that it has started working on a patch but, in the meantime, some security firms have taken it upon themselves to do the same thing, or at least, to find a workaround for the problem.

Trend Micro researcher Weichao Sun has published a set of instructions for removing the backdoor from the device:


1. Run the backdoor on an adb shell: /system/bin/sync_agent ztex1609523
2. To check which device your /system dir has mounted, use the command: mount. There should be a print out like below, note the device name underlined in red:


3. Remount the system partition as RW with command: mount –o remount,rw /your/device/name /system.
4. Remove the backdoor from the system with command: rm /system/bin/sync_agent.
5. Terminate the backdoor with ctrl+c.

Granted, the instructions aren't of much use to users who don't know how to go about implementing them - and that is most users - but are nonetheless welcome as ZTE is dragging its feet on this.






Spotlight

Email scammers stole $215M from businesses in 14 months

Posted on 29 January 2015.  |  In 14 months there have been nearly 1200 US and a little over 900 non-US victims of BEC scams, and the total money loss reached nearly $215 million.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Jan 30th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //