Meizu MX rooted using the Bus Pirate

It is just amazing how small the boards are for some really powerful smart phones. For instance, the diminutive size of this Meizu MX Android phone’s board is only outshone by the intricate packaging the phone arrived in. [Adam Outler] did an unboxing of the device. But for him that mean tearing down all of the components and using a Bus Pirate to root the device.

In the video after the break he gives us a candid look at what it takes to exploit this piece of hardware. You might be a little spooked by the commands, which he reads aloud character by character, but watch closely and you’ll see they’re really quite common functions.

His rooting quest began by reading the datasheet for the main processor to find the USART parameters. With that information he hooked his Bus Pirate to ground, then probed around various test points on the board while it was rebooting until serial data started scrolling on the screen. He had found the USART lines and soldered a breakout connector onto them so that he had access after reassembling the phone.

From there he used the Bus Pirate to merge with the board’s terminal, then rebooted the phone using the Android Debug Bridge. Once it fires up, the Bus Pirate terminal window is sitting at a root prompt (many companies disable this but [Adam] was lucky). He remounts the internal file system to be rewritable, then uses the ADB to push the Linux substitute user (su) command onto the device as it will be needed by the Superuser.apk program. That is the next thing to be installed and once it is he officially has root.

Comments

  1. Per Jensen says:

    What has this to do with the real power of the Bus Pirate ? It seems he just used it as a USB/Serial TTL cable…..

    • chango says:

      That’s AdamOutler’s schtick. Nothing any of us couldn’t do if we had the cash to sacrifice opening our brand new expensive gadgets. But the kiddies on XDA eat it up.

      • Peter says:

        What has this to do with the real power of the Bus Pirate?”

        Valid point– any serial to USB adapter could have been used. You can find serial to USB adapters for $4 now a days but if you have a Bus Pirate (or two) around, why not use it? Perhaps they should have left “Bus Pirate” out of the title?

        Nothing any of us couldn’t do if we had the cash to sacrifice opening our brand new expensive gadgets. But the kiddies on XDA eat it up.

        Not so valid. I enjoy taking apart electronics to reverse engineer, fix, hack. It is challenging and fun but seldom easy. I think it takes some amount of intelligence and intestinal fortitude to dismantle a brand new phone, modify it (voiding the warranty), and root it. And the best part is sharing the knowlege so that others can attempt do the same.

  2. Tom says:

    It’s kinda sad that you need to tear the phone apart to root it.

  3. iphonefr33k says:

    Can this same thing be done on an Iphone 4s or 5?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 98,644 other followers