Root Which exploit does EasyRoot use?

Discussion in 'Android Devices' started by Nexeo, Aug 10, 2010.

  1. Nexeo

    Nexeo Active Member
    36

    Jul 25, 2009
    35
    4
    36
    Software Engineer
    Colorado
    Does anyone know what exploit the one-touch apps like EasyRoot and DMUpdater use? They certainly can't be flashing a new .sbf, right?
     

    Advertisement

  2. OMJ

    OMJ Bazinga
    VIP Member
    213

    Nov 27, 2009
    3,290
    825
    213
    Finance
    Pennsylvania
  3. vincentp

    vincentp Well-Known Member
    128

    Nov 11, 2009
    1,640
    59
    128
    Mortgage Underwriter
    Rochester, NY
    No, it definitely can't flash an SBF. IIRC someone said the only access it requests is to Bluetooth, so maybe there's some sort of BT exploit that allows root access. I don't know for sure though.
     
  4. VIO

    VIO Well-Known Member
    53

    May 12, 2010
    263
    62
    53
    As an aside, it's it a bit frightening that an app could, for these devices, secretly root a phone and sit in the system doing what ever the hell it wants downloading apps secretly, uploading information, etc.

    all the user would ever see is something masking itself as a Bluetooth toggle widget, complete with all and only the appropriate permission for that type of app. Prudence or paranoia anent gonna save you in that case, just no way of knowing unless you are at a console or already rooted (unless it checks for the "real" su app and hides if it finds it)

    Honestly its so fricken foolproof, that if I was evil i'd be all about it
     
  5. OMJ

    OMJ Bazinga
    VIP Member
    213

    Nov 27, 2009
    3,290
    825
    213
    Finance
    Pennsylvania
    I agree completely. I really hope they get this hole patched soon and start pushing out said patch to all phones. Although we all know how quickly OTAs come out
     
  6. supersaki

    supersaki Well-Known Member
    43

    Dec 3, 2009
    386
    36
    43
    Supposedly patched in CM nightlies :)
     
  7. VIO

    VIO Well-Known Member
    53

    May 12, 2010
    263
    62
    53
    yeah as much I am all about "freeing the phone" I'm also all about having my identity/money/life left intact. These are gaping security holes that we are exploiting and then publishing the code for all over the internet.

    Viva la open source, but lets just stick to the exploits that at least require human contact and a computer/adb, or at the very least propose a fix and offer it up for review to AOSP to source code commitment a long with releasing to us to use.
     
  8. OMJ

    OMJ Bazinga
    VIP Member
    213

    Nov 27, 2009
    3,290
    825
    213
    Finance
    Pennsylvania
    huh didnt know that but doesnt surprise me. CM is always ahead of the curve. Makes me glad Im on a CM Nightly :D
     
  9. patch

    patch Well-Known Member
    38

    Feb 14, 2010
    108
    11
    38
    Thanks for link to source OMJ :)

    Before I got as far to see that they include the an "exploid" binary and the easyroot.apk includes the symbolic link to the hotplug device -- and they're trigging the hotplug in the kernel using a Bluetooth API. Brilliant IMHO.

    So vincent not an exploit of bluetooth per se, but the hotplug feature in the Linux kernel, they're just activating it using Bluetooth.

    To those that "wish these didn't happen" you wouldn't have your fancy "custom roms" today if were not for these exploits so really you should check yourself before you wreck yourself :p
     
  10. VIO

    VIO Well-Known Member
    53

    May 12, 2010
    263
    62
    53
    True, but there are always new exploits we "legitimate" rooters can use. I just prefer the ones that aren't really susceptible to an app stealing me blind :p
     
  11. OMJ

    OMJ Bazinga
    VIP Member
    213

    Nov 27, 2009
    3,290
    825
    213
    Finance
    Pennsylvania
    I agree with that to an extent but something like this that effects every android device and can easily be done by an app is something to be concerned about.

    Thats actually part of the reason that I like the SPRecovery root method because its not something that can be done without the users knowledge unless you give someone your phone.
     
  12. patch

    patch Well-Known Member
    38

    Feb 14, 2010
    108
    11
    38
    Yeah, it's a double edged sword -- we probally wouldn't be able to unlock our devices to their full potential, but at the same time it could be used for very malicious purposes.

    I think the fact they are in the public knowledge and widespread is better than only 1 person knowing about it, since the more public it is yes people could take advantage, but it also allows Google to fix the holes and perhaps rethink certain aspects of the OS overall which maybe could prevent these type of exploits in the future across perhaps other vulnerable areas.
     

Share This Page

Loading...