All right. It’s Friday night, I have no date, a two-liter bottle of Gamer Fuel and my all-Crystal Method mix-tape…let’s hack.
On a whim I happened to catch an article on the website for the local news station I follow. The article was about an Android app called IgnoreNoMore. Pretty much the idea is a parent installs the app on their child’s phone, and if the parent tries to call or text the child, and the child ignore said calls or texts, it will either automatically or by remote command lock the child out of their phone, only being allowed to call/text the parent or call 911.
This peaked my interest since I knew it had to run as a service in the background – meaning it was likely exploitable. The website makes the BOLD claim “Virtually impossible to be removed by your child.” Really now? Well, unfortunately for the developer, they just wrote a huge check they can’t cash – not even at Freddy May or Fanny Mac.
To make matters worse, the phone they show all over the website in a Google/LG Nexus 5 – which is an unlocked developer.
So with that, I present you, within 48 hours of the public release of the app, a fully working “exploit” to stuff the app for good.
It requires that one of the following is true: your device is rooted; that you have an unlocked bootloader; or that you have a custom recovery like TWRP or CWMR.
If you’re rooted, just fire up your favorite file manager (I like RootExplorer), navigate to /system/apps and find “IgnoreMeNoMore.apk” – rename it to have a different extension (“IgnoreMeNoMore.apk.bak” works), quit your file manager, and reboot your device. App = toast.
If you’re rooted and have ADB enabled, you can do it over an adb shell with the following commands:
mv /system/apps/IgnoreMeNoMore.apk /system/apps/IgnoreMeNoMore.apk.bak
If you’ve got a custom recovery with a file manager, you can use that and follow the same instructions for RootExplorer – you usually don’t need root since the custom recovery can mount as rw.
That’s it…yes – it’s that easy. And sadly for the developer, this “bug” is unpatchable – it’s part of working with Android as a platform. The iPhone version likely will be rejected from the apps store, as the permissions this app requires will almost surely violate Apple’s App Nazi rules.