Backdoor Found in HTC EVO & Sprint Hero, Exploited to Gain Root Access
- sending and monitor user tap and drag input (“PentapHook”),
- sending key events (“InputCapture”),
- dumping the framebuffer (“captureScreen”),
- listing processes (“GetProc”),
- rebooting the device immediately,
- and executing arbitrary shell commands as root (“LaunchChild”)
It was skyagent that unrevoked used for their 1-click root method that can be found at unrevoked.com
Likewise, hstools was another executable binary that could be used to pass command input to the phone with root permission. Hstools was exploited by unrevoked after skyagent was removed by the EVO launch-day OTA update.
Unrevoked makes a point to mention that they do not believe that either HTC or Sprint had any malicious intent with regards to these two vulnerabilities. It is believed that skyagent was a debugging binary that was never removed from the phone before official release. Unrevoked goes on to praise Google, HTC, and Sprint for their efforts in patching the vulnerabilities and provides a timeline of events:
- 31 May 2010 23:53:08 EDT: Google security notified about skyagent
- 01 Jun 2010 03:53:30 UTC: Automated Google response
- 01 Jun 2010 16:45:46 UTC: Response from Google Security Team
- 02 Jun 2010 23:18:31 EDT: Sprint security contacted about skyagent
- 03 Jun 2010 01:18:58 CDT: Sprint response
- 04 Jun 2010: Sprint OTA update removingskyagent binary.
- 30 Jun 2010: Sprint OTA update patchinghstools vulnerability.
You might also like
I would really love to know what it was that caused Samsung to wake up. Let’s face it, their first couple of Android phones weren’t exactly terrific, and I think
Augmented reality is really an advanced concept. It’s not advertised nearly enough, though. Well, it’s getting a little recognition today. Augmented Planet held an awards competition of sorts, to name the best augmented reality apps. W
There is a good news for Sony Xperia Z3 users! Sony Electronics COO Michael Fasulo announced that the company will start rolling out Android 5.0 Lollipop update for Xperia Z3