[ROOT] New Chromecast Root Method! (8/17/2014)

Team-Eureka · Aug 17, 2014

Dear XDA Users,

We’re happy to announce that fail0verflow, GTVHacker, and Team-Eureka have jointly discovered and exploited a new vulnerability in the Chromecast which allows root access on the current software build (17977) as well as new in box devices (proof). This is not a purely software-based exploit; to take advantage of it, you’ll need to have a Teensy++ 2.0 or a Teensy 2.0 development board as well as the powered USB OTG cable required to use FlashCast.

Although we’re not quite ready to release an exploit package yet, we’re giving you this information early so that you can acquire the needed hardware ahead of time, as we predict you won’t have much time to root your device before Google releases a patch. When we release the exploit package in the near future, we’ll post updates both to this board and to our Twitter feeds (below). Until then, we suggest that you let your device update to build 16664 or above and then disconnect it from the internet to prevent further updates.

Exploit Demo: https://www.youtube.com/watch?v=S2K72qNv1_Q

Twitter
@fail0verflow
@gtvhacker
@Dev_Team_Eureka

Update: Root is out at http://forum.xda-developers.com/hardware-hacking/chromecast/root-hubcap-chromecast-root-release-t2855893

cj_000 · Aug 17, 2014

I would like to point out that fail0verflow and Team-Eureka put a large amount of time into getting this working properly, and in the end it will be incredible. Great work guys!

caifaz · Aug 17, 2014

xD

THANKS! :'( I'm waiting.

joshw0000 · Aug 17, 2014

Awesome. I had almost given up on root for this thing. So what can I do once I root it?

fattire · Aug 17, 2014

Cool... But is the ~~$24~~ $16 hardware always going to be necessary?

ddggttff3 · Aug 17, 2014

fattire said:
Cool... But is the ~~$24~~ $16 hardware always going to be necessary?

Just for the initial root process. After the devices is rooted, you no longer need the teensy.

persianrisk · Aug 17, 2014

Where can we buy it must cheaply? The teensy?

philicibine · Aug 17, 2014

Can this be done with a raspberry pi?

ddggttff3 · Aug 17, 2014

joshw0000 said:
Awesome. I had almost given up on root for this thing. So what can I do once I root it?

http://forum.xda-developers.com/showthread.php?t=2563143

persianrisk said:
Where can we buy it must cheaply? The teensy?

I personally use adafruit, but just google around.

philicibine said:
Can this be done with a raspberry pi?

No, only the Teensy 2 and 2++ devices are supported.

tvall · Aug 17, 2014

yay! now I can finally buy a chromecast, and have an excuse to use to justify a teensy purchase to my wife

when will it be released? I just ordered my teensy a moment ago, so i have like a week before its in my hands.

edit: after watching the video, I'm kinda dissapointed that a nice fancy teensy 2.0++ is used but not a single pin is connected to anything. was looking forward to taking a soldering iron to the chromecast.

Kyonz · Aug 17, 2014

tvall said:
after watching the video, I'm kinda dissapointed that a nice fancy teensy 2.0++ is used but not a single pin is connected to anything. was looking forward to taking a soldering iron to the chromecast.

Don't let the video stop you, the video has the suggested method of installing the root - feel free to solder everything to everything else, I heard if you do it right you unlock a superroot.

dageeknerd · Aug 18, 2014

Do i need the pins in the teensy 2.0? or can i root it without the headers

GateheaD · Aug 18, 2014

hopefully we can use this to change the DNS and we wont have to have people outside of USA have a dd-wrt dns redirect for 8.8.8.8 and 8.8.4.4 to use netflix

Kyonz · Aug 18, 2014

GateheaD said:
hopefully we can use this to change the DNS and we wont have to have people outside of USA have a dd-wrt dns redirect for 8.8.8.8 and 8.8.4.4 to use netflix

You can definitely, Eureka Rom provides a web interface to adjust DNS location (including a drop down of DNS providers)

Asphyx · Aug 18, 2014

Great job by all on this....
I just ordered my Teensy and unplugged the CCast!
Finally I will get to have some fun with Team Eureka! LOL

rumblpak · Aug 18, 2014

Great job, even better considering I have a couple of teensys already. While I am not part of the team at all, I'm going to take a guess that this attack has something to do with mishandling the usb stack similar to the ps3 descriptor hack, though I could be completely wrong.

Bronto9 · Aug 18, 2014

Great new, but needing to buy a teensy probably means that my chromecast will remain unrooted...

Kurre · Aug 18, 2014

Could we use any usb dev board with AT90USB1286 or ATmega32u4 chip on it?

Not that Teensy boards would be overly expensive (at least if you have some other use for those boards too), but to have broader selection of choices to choose from. Of course Teensy boards would probably be only "officially" supported boards, but for enthusiasts other boards could be potential choice.

Anyway, I'm gonna order Teensy board and unplug my CC..now

LecheConCarnie · Aug 18, 2014

Best news I've heard in a while! I'm going to pick up a second Chromecast tonight. I've also ordered my powered OTG cable and Teensy to get ready.

Restorer · Aug 18, 2014

ddggttff3 said:
No, only the Teensy 2 and 2++ devices are supported.

Is there any advantage to having the 2++ device over the v2 for this project only?

[ROOT] New Chromecast Root Method! (8/17/2014)

Senior Member

Member

Senior Member

Senior Member

Inactive Recognized Developer

Inactive Recognized Developer

Senior Member

Senior Member

Inactive Recognized Developer

Senior Member

Senior Member

Member

Member

Senior Member

Senior Member

Member

Senior Member

Senior Member

Member

Senior Member

Similar threads

Top Liked Posts