Google TV enthusiasts over at GTV Hacker have revealed how they were able to take advantage of an exploit in the software of the Chromecast that allowed them to hack into and analyze the inner workings of Google’s hottest new toy. This has also led to GTV Hacker’s first public release of a package for hacking the Chromecast.
Google announced the Chromecast just last week and it has already been the subject of discussion over the Internet and geek circles. The device, which is the size of a USB thumb drive, connects to a TV over HDMI and allows users to stream media to the TV from any device and any operating system. Within just a day of availability over at Google Play, the Chromecast already sold out, probably due in part to a free three-month Netflix offer which was unfortunately cancelled.
In a blog post, the folks at GTV Hacker narrated how they read the source code for the Chromecast in order to look for bugs that would allow them to hack into the system, discovering multiple possible options. One such way would allow them to boot an unsigned custom kernel by exploiting a bug in the bootloader. When the button on the Chromecast is pressed while turning it on, the device boots into USB mode and looks for a signed kernel image at a certain location in the USB. While the image itself is passed on to be verified, the result of this process is actually never checked, making it possible to execute any code, like executing a custom kernel.
This allowed GTV Hackers to create an image that modifies the system and runs a root shell, giving researchers tools to examine the system. One such examination revealed that the device is basically running a modified Google TV system and not ChromeOS. This puts it closer to Android but without Bionic and Dalvik. It doesn’t mean it can install and run regular APKs nor will it be of any use to regular users. But GTV Hacker hopes that this is just the first step in rallying the Google TV community to further investigate the so far mysterious device.
VIA: GTV Hacker