It is just amazing how small the boards are for some really powerful smart phones. For instance, the diminutive size of this Meizu MX Android phone’s board is only outshone by the intricate packaging the phone arrived in. [Adam Outler] did an unboxing of the device. But for him that mean tearing down all of the components and using a Bus Pirate to root the device.
In the video after the break he gives us a candid look at what it takes to exploit this piece of hardware. You might be a little spooked by the commands, which he reads aloud character by character, but watch closely and you’ll see they’re really quite common functions.
His rooting quest began by reading the datasheet for the main processor to find the USART parameters. With that information he hooked his Bus Pirate to ground, then probed around various test points on the board while it was rebooting until serial data started scrolling on the screen. He had found the USART lines and soldered a breakout connector onto them so that he had access after reassembling the phone.
From there he used the Bus Pirate to merge with the board’s terminal, then rebooted the phone using the Android Debug Bridge. Once it fires up, the Bus Pirate terminal window is sitting at a root prompt (many companies disable this but [Adam] was lucky). He remounts the internal file system to be rewritable, then uses the ADB to push the Linux substitute user (su) command onto the device as it will be needed by the Superuser.apk program. That is the next thing to be installed and once it is he officially has root.
What has this to do with the real power of the Bus Pirate ? It seems he just used it as a USB/Serial TTL cable…..
That’s AdamOutler’s schtick. Nothing any of us couldn’t do if we had the cash to sacrifice opening our brand new expensive gadgets. But the kiddies on XDA eat it up.
Valid point– any serial to USB adapter could have been used. You can find serial to USB adapters for $4 now a days but if you have a Bus Pirate (or two) around, why not use it? Perhaps they should have left “Bus Pirate” out of the title?
Not so valid. I enjoy taking apart electronics to reverse engineer, fix, hack. It is challenging and fun but seldom easy. I think it takes some amount of intelligence and intestinal fortitude to dismantle a brand new phone, modify it (voiding the warranty), and root it. And the best part is sharing the knowlege so that others can attempt do the same.
It’s kinda sad that you need to tear the phone apart to root it.
Can this same thing be done on an Iphone 4s or 5?