Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bug In Android Passes Keystrokes To Root Shell

Posted by Soulskill on from the watch-what-you-type dept.

pasokon writes "ZDNet reports on an Android bug in T-Mobile G1s with early versions of the firmware: 'When the phone booted it started up a command shell as root and sent every keystroke you ever typed on the keyboard from then on to that shell. Thus every word you typed, in addition to going to the foreground application would be silently and invisibly interpreted as a command and executed with superuser privileges. ... open the keyboard tray on your G1, ignore anything you see on the screen, and type these 8 keystrokes: (enter)-r-e-b-o-o-t-(enter). Poof, your phone will reboot.'"

2 of 205 comments (clear)

  1. Re:False by cicatrix1 · · Score: 5, Informative

    Update: oops. it's real!

    I restarted my phone manually, and tried this on a fresh boot. My phone did immediately restart. Yikes.

    --

    I know more than you drink.
  2. Re:This is simply mind-boggling. by Otto · · Score: 5, Informative

    Read this:
    http://android.jim.sh/index.php/ConsoleShell

    Looks like debugging code left behind...

    --
    - Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.