Business

It’s possible to obtain root access on OnePlus phones without unlocking

The dust has barely settled on OnePlus’ private data collection issue, and already a new challenge has cropped up for the company. Now, a developer has confirmed that it’s possible to obtain root access on OnePlus phones without unlocking them.

Basically, OnePlus devices contain an app called ‘EngineerMode,’ which is used for factory testing (to confirm whether or not the unit is working properly). There’s an activity – dubbed ‘DiagEnabled’ – associated with this app, which if launched with the correct password will give you the root access.

So yes, if you send the command: adb shell am start -n https://t.co/yYfeX14Ioj.engineeringmode/.qualcomm.DiagEnabled –es “code” “password” with the correct code you can become root!

Elliot Alderson (@fs0c131y) November 13, 2017


And if you are thinking how did the developer get the password, it was with the help of some security experts.

Awesome! Thanks to @insitusec and the @NowSecureMobile team, we have the password! It’s now possible to root an @Oneplus device with a simple intent pic.twitter.com/gN0awYijBv

Elliot Alderson (@fs0c131y) November 13, 2017


The developer further claims that the Chinese company has intentionally left the backdoor in their devices.

The best thing in this story is the password. It’s angela (see the reference?). This backdoor is here intentionally. When the fiction become a reality. Good luck @getpeid, you will need a very good explanation.
cc @whoismrrobot pic.twitter.com/IJgsu6hCEc

Elliot Alderson (@fs0c131y) November 14, 2017


For its part, OnePlus has confirmed that the company is looking into the claims made by the developer.

Thanks for the heads up, we’re looking into it.

Carl Pei (@getpeid) November 13, 2017


Source | Via