July 29, 2013 weblog

Hacker group finds a way to gain root access to Chromecast

by Bob Yirka , Phys.org

Hacker group finds a way to gain root access to Chromecast

(Phys.org) —GTVHacker has posted a blog entry describing a hack they've done on Google's new streaming stick Chromecast. Because the process is so simple, it appears as if Google intentionally left the "vulnerability" open for hackers and other commercial enterprises to exploit, much as they have done with Android devices.

Chromecast is a small (flash drive sized) device that connects directly to a television's HDMI port. Once installed it allows for wirelessly from a computer or handheld device to the . Principle streaming sources include Netflix and YouTube. The introduction of Chromecast created quite a stir when it was released last week as its price is a mere $35. As has been the case with virtually every other hardware device released to the public, hackers appear to have set to work trying to gain access to control the device in ways not intended by the manufacturer.

GTVHacker notes that the OS on the device is not Chrome (as its name implies) but a stripped down version of the software used to run Google TV. To gain access, a was attached to the device and then the power on/off button was held down (causing it to boot to USB mode) as the device was being powered on. Natural code on the device calls for a signed image to be detected on the USB device. As no verification of the image was required, the hackers were able to execute other code that they had written. Specifically, their hack allows for spawning a root shell on port 23.

That a hacker team was able to find such a vulnerability and exploit it in just four days is likely no surprise to Google. They've been using the services of hacker groups to help test new products since the introduction of Gmail and Android—doing so led to the early development of smartphone apps, and Google is no doubt hoping the same thing happens with Chromecast—early reports suggest its native applications are severely limited. The hack found by the team at GTVHacker means that pretty much anyone that wishes can development custom apps for the device, perhaps making it worth far more than its list price.

© 2013 Phys.org

Citation: Hacker group finds a way to gain root access to Chromecast (2013, July 29) retrieved 21 June 2024 from https://phys.org/news/2013-07-hacker-group-gain-root-access.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.

Explore further

Google fixes APK nightmare-waiting-to-happen, sends patch to partners
0 shares

Feedback to editors

Relevant PhysicsForums posts

How can you trade non integer values of Bitcoin?

4 hours ago

Looking for a reliable inkjet All-In-One printer for photos and docs

Jun 18, 2024

AI In Actual Use

Jun 17, 2024

The best and most secure password manager

Jun 14, 2024

Entering Greek Alphabet/Glyphs in PDF Comments

Jun 13, 2024

How Dangerous is Editing the Windows Registry?

Jun 10, 2024

More from Computing and Technology

Load comments (1)