It's Bugs All the Way Down

Security Research by Dan Rosenberg

Rooting the Droid 4: A Failed Bounty Experiment

Yesterday, I tried a little experiment in releasing a root exploit for the Motorola Droid 4. I set up a bounty, where the first $200 would go towards me buying myself a Droid 4 in exchange for the work I’ve done developing the exploit, and the remaining bounty money would go directly to the American Red Cross. I thought this would be a good arrangement for everyone: users get a shiny root exploit for a few bucks, I get a new phone in payment, and money gets donated to charity. Everybody wins.

Apparently this was considered unacceptable by the raging masses of Android fanboys, who not only believe they are entitled to exploits for free, but are also under the delusion that $200 total is a lot of money in exchange for this kind of work. I’m disappointed in the response by the community, but I’m going to turn it into a positive thing.

The bounty is now entirely for charity. 100% of proceeds will be donated to the American Red Cross. I will post donation receipts after donating. You can donate at https://www.wepay.com/donations/droid-4-root-bounty.

But Where’s the Root Exploit?

The Windows version of the exploit can be downloaded here. Make sure your device is in USB debugging mode, attach it to your PC, ensure you have the latest Motorola drivers installed, extract the entire zip file, and execute “run.bat”. Enjoy.

Update: a Linux/OSX version of the script is available here. Same deal: USB debugging mode, attach to PC, extract zip file, change into the zip directory, and invoke “./run.sh” from a shell.

This entry was posted on Saturday, February 11th, 2012 at 2:05 pm and is filed under Android, Exploitation. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.