OnePlus is left an internal tool on their phones able to get root

Rootsucc

Twitter user Elliot Alderson, a name borrowed from the protagonist of the Mr series. Robot has been discovered that OnePlus seems to have left a in-house tool called EngineerMode in the build official present in OnePlus 3, OnePlus 3T and OnePlus 5.

This should not pose any problem except because with this application is it possible to root the phone and could be used therefore as a backdoor to exploits. If you have a phone OnePlus is possible that you have this application presinstalada, but don’t panic, the likelihood that a malicious application to make use of this vulnerability is even lower.

A tool for testing

it Is normal that the phones include internal tools to analyze the state of the phone and its components. Tools these which are often accessed through intricate combinations of codes. What is not so normal is that allow you to root your phone.

EngineerMode is one of these applications, created by Qualcomm, but modified to OnePlus. the Is hidden, but little. That is to say, it appears in the list of applications preinstalled on the phone, but can’t open directly. However, all their activities are exported, a técnicismo to explain that her various “screens” can be launched from other applications such as this.

Engineer

it Has taken a lot of research, reverse engineering, and help other security experts to discover all the things you could do with EngineerMode and the password needed to do this. It was not easy, but not impossible, and this is how they managed to reveal the password required for grant root to ADB, a process that could be used later to install SuperSu.

therefore, should Not be a concern for the immediate safety for those owners of a phone OnePlus one, because in principle other applications could not take advantage of the vulnerability in and of itself. The only sure thing is that a person with bad intentions, your mobile phone and appropriate knowledge could rootearlo and take complete control of the phone.

What’s next: a tool for root… and fix

once you have discovered the calico, two promises for the future. On the one hand, Elliot Alderson promises that will create and publish coming soon on Google Play a tool for rooting phones OnePlus automatically. By the time you’re not ready: when it is, we’ll update this news.

on the other hand, Carl Pei has responded to the thread on Twitter with a classic “Thanks for the warning, we are reviewing”. Technically it should not be difficult for OnePlus to correct this problem, by modifying or completely eliminating EngineerMode entirely on their phones through an update of the system.

Via | XDA
Xataka Android | [Actualizado] OnePlus collects our usage data through OxygenOS without warning or possibility to avoid it


The news OnePlus is left an internal tool on their phones able to get the root was originally published in Xataka Android by Ivan Ramirez .


Xataka Android

(Visited 1 times, 1 visits today)
OnePlus is left an internal tool on their phones able to get root
Talking about:                             
Source: www.xatacandroid.com  

Do you know about...?


Google will let you choose what kind of ads you want to see
With exclusive Android games no clear loser; users
Android 4.4 available for Sony Xperia KitKat Z thanks to the community
Video shows how to build a HTC One