• Announcements

    • Reminder - MoDaCo position on illegal content   07/30/15

      ILLEGAL CONTENT I'd like to just reaffirm MoDaCo's position regarding piracy and illegal content in the light of some recent questions / postings. Posts will be censored by myself or my moderation team if the contain or link to: Illegal / pirated / cracked software or sites that host such softwareNintendo emulators / ROMs or sites hosting them (in light of Nintendo's legal stance)CUSTOM ROMS You may discuss and post links to custom device ROMs on MoDaCo, provided the following rules are adhered to: ROMs must not contain any illegal 3rd party software (this includes trial versions included without permission)ROMs must give full credit to the original authorISSUES If you have any issues with this policy, please contact PaulOBrien directly via PM.
    • Reminder: Selling items on the forum directly is not allowed   07/30/15

      Please note that selling items on the forum directly is not allowed by the forum rules. There is a forum for eBay auctions whereby you can list the items on eBay and link to them there. This is the ONLY forum for this type of activity. You may also advertise links to the eBay forum in your signature. Please note that selling directly in contravention of these rules will result in a warning / suspension / ban.
Sign in to follow this  
Followers 0

Samsung 'reset' vulnerability discovered - be careful out there!

13 posts in this topic

Posted · Report post

A vulnerability has emerged, courtesy of long time Android hacker Pof, which provides the potential for a Samsung handset to be hard reset just by visiting a page containing a specific piece of HTML. Erk!

The issue, which uses HTML to tell the device to run the reset code, applies to the stock Android browser but not to Chrome, so if you are on ICS upwards I would strongly recommend you avoid using the regular browser should your device be vulnerable.

The exploit has been confirmed working on a large number of Samsung devices (including some software releases on the Galaxy S III). You can test if you're vulnerable by crafting as a page shown below but, well, you're potentially gonna blow away your device in the process. :)

Additional USSD codes could potentially also be triggered doing further mischief on your device so it is quite a nasty issue and one that Samsung are apparently looking into now - we'll update the topic as further information becomes available.

sammyissue.png

Click here to view the item

0

Share this post


Link to post
Share on other sites

Posted · Report post

Just wondering, but if you had an app watching for a TEL: intent, possibly with a warning if it was a USSD command which then said do you wish to continue be possible?

0

Share this post


Link to post
Share on other sites

Posted · Report post

That might work...

P

0

Share this post


Link to post
Share on other sites

Posted · Report post

what about firefox?

0

Share this post


Link to post
Share on other sites

Posted (edited) · Report post

Just install something like "Dialer One" from Play Store. That will then become an alternative "tel" protocol handler and you will be prompted for handling app first if you haven't set a default. Also Dialer One isn't vulnerable and will require the user to confirm anyway unlike the stock dialler which just goes ahead with no user confirmation or prompting. Other Dial apps can also be installed.

Has been discovered that Huawei G300 on GB and ICS ROMs is vulnerable to the USSD attack. Not known if it has a "self-destruct" code yet though. See thread (including more details on workaround) at http://www.modaco.co...-vulnerability/

Edited by Hogweed
0

Share this post


Link to post
Share on other sites

Posted · Report post

Latest news is saying that this has "already been fixed in latest version"

0

Share this post


Link to post
Share on other sites

Posted · Report post

not just samsung apparently?

0

Share this post


Link to post
Share on other sites

Posted · Report post

Yeah, concerning! :blink:

P

0

Share this post


Link to post
Share on other sites

Posted · Report post

https://gist.github.com/3801768 is the change to block/defeat the exploit

Sorry if I'm being dull, but what do I do with this file? Its not zipped, so it's not flashable, right?

Also, is it better than the telstop app? I have that installed, but it seems to update every day (probably at least 4 times since installing it last week). If your fix gets to the heart of the matter, then it should be a better solution?

Thanks

0

Share this post


Link to post
Share on other sites

Posted · Report post

avast! has just sent an update that now covers the USSD vulnerability. Good app that...

0

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0

MoDaCo is part of the MoDaCo.network, © Paul O'Brien 2002-2015. MoDaCo uses IntelliTxt technology.