Jump to content


Recent Columns

  • James Norton's Photo
    The James Norton Column: MoDaCo reviews and battery tests

    The James Norton column

  • James Norton's Photo
    The James Norton Column: Camera Shoot-out

    The James Norton column

  • James Norton's Photo
    The James Norton Column: The MoDaCo Man

    The James Norton column


Recent Articles

  • icon
    The MoDaCo last-minute gift guide

    PaulOBrien -

  • icon
    Decrypt and (optionally) add double-tap to wake on your Nexus 6

    PaulOBrien -

  • icon
    Sonim XP7 Extreme hits crowdfunding target + Ask MoDaCo

    PaulOBrien -

  • icon
    MMW 89 - Does it spring?

    PaulOBrien -

  • icon
    MMW 88 - So much to discuss

    PaulOBrien -

  • icon
    Motorola Moto G 2nd Gen Review

    Mark Dearlove -


Recent Article Comments

  • fantastico's Photo
    22 random things you didn't know about MIUI 6 and the Mi4

    fantastico -

  • kitty start's Photo
    LG G Watch R Review

    kitty start -

  • PaulOBrien's Photo
    The MoDaCo last-minute gift guide

    PaulOBrien -

  • hecatae's Photo
    Sonim XP7 Extreme hits crowdfunding target + Ask MoDaCo

    hecatae -

  • PaulOBrien's Photo
    Decrypt and (optionally) add double-tap to wake on your Nexus 6

    PaulOBrien -

  • dakarli's Photo
    Motorola Moto G 2nd Gen Review

    dakarli -


Recent Topics

  • arnookie's Photo
    Hudle 2 how to use external sd card to full effect

    arnookie -

  • arnookie's Photo
    Hudle 2 with Xposed framework Obb on sd, Youtube adaway, Fake wifi,

    arnookie -

  • Himsent3985's Photo
    need for speed app android

    Himsent3985 -

  • monesocr's Photo
    [App] MIX by Camera360 v1.2.2

    monesocr -

  • monesocr's Photo
    [GAme] STRIKERS 1945-2 v1.1.7

    monesocr -

  • Intel_sk's Photo
    Christmas

    Intel_sk -


Recent Replies

  • sedj's Photo
    [OFFTOPIC] China Phone Discussion - UPDATED 30/10/2013

    sedj -

  • tool_king's Photo
    Mourta-Kernel-3.4 A new beginning [update 2014-11-27]

    tool_king -

  • agrnomist's Photo
    [KK] [4.4.4] CyanogenMod 11.0 [ROM] [WEEKLY BUILDS ON FRIDAY]

    agrnomist -

  • arnookie's Photo
    Hudle 2 how to use external sd card to full effect

    arnookie -

  • arnookie's Photo
    Hudle 2 with Xposed framework Obb on sd, Youtube adaway, Fake wifi,

    arnookie -

  • nasir.kouhistani's Photo
    Zte Blade 3 Only red light

    nasir.kouhistani -


Sponsored Links



- - - - -

Samsung 'reset' vulnerability discovered - be careful out there!


A vulnerability has emerged, courtesy of long time Android hacker Pof, which provides the potential for a Samsung handset to be hard reset just by visiting a page containing a specific piece of HTML. Erk!

The issue, which uses HTML to tell the device to run the reset code, applies to the stock Android browser but not to Chrome, so if you are on ICS upwards I would strongly recommend you avoid using the regular browser should your device be vulnerable.

The exploit has been confirmed working on a large number of Samsung devices (including some software releases on the Galaxy S III). You can test if you're vulnerable by crafting as a page shown below but, well, you're potentially gonna blow away your device in the process. :)

Additional USSD codes could potentially also be triggered doing further mischief on your device so it is quite a nasty issue and one that Samsung are apparently looking into now - we'll update the topic as further information becomes available.

Posted Image

About the author

PaulOBrien's Photo
Paul O'Brien founded MoDaCo in 2002 as a site focused on Windows Smartphones and has grown it since then by concentrating on providing a friendly community for both experienced and beginner mobile enthusiasts.

  • 0


12 Comments

Just wondering, but if you had an app watching for a TEL: intent, possibly with a warning if it was a USSD command which then said do you wish to continue be possible?
    • 0
That might work...

P
    • 0
what about firefox?
    • 0
Just install something like "Dialer One" from Play Store. That will then become an alternative "tel" protocol handler and you will be prompted for handling app first if you haven't set a default. Also Dialer One isn't vulnerable and will require the user to confirm anyway unlike the stock dialler which just goes ahead with no user confirmation or prompting. Other Dial apps can also be installed.

Has been discovered that Huawei G300 on GB and ICS ROMs is vulnerable to the USSD attack. Not known if it has a "self-destruct" code yet though. See thread (including more details on workaround) at http://www.modaco.co...-vulnerability/
    • 0
Latest news is saying that this has "already been fixed in latest version"
    • 0
not just samsung apparently?
    • 0
Yeah, concerning! :blink:

P
    • 0
Photo
Colossae3.23
Sep 26 2012 12:08 PM
there's an app for that :-)

https://play.google.....telstop&rdot=1

Thanks to Cyda, for the heads up
    • 0
Photo
moochermick
Sep 26 2012 11:43 PM
other browsers tested same result.
http://securitywatch...d-hack-now-what
    • 0
https://gist.github.com/3801768 is the change to block/defeat the exploit :)
    • 0
Photo
Colossae3.23
Oct 01 2012 01:13 PM

https://gist.github.com/3801768 is the change to block/defeat the exploit data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAUCAMAAAC6V+0/AAAABGdBTUEAANbY1E9YMgAAAiJQTFRFV0AI////V0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIV0AIW0IIV0AIW0IIW0QJW0IIV0AIV0AIV0AIQzQQa0oJbEwJbVELbk4Kb0wJb1QMcVILc1cMlF8Ll2oNmXEQnn8Vo2gLpGgLpGoMpW8NpXEOp3YQq4MUrH0Rro0Xr4QUsI4XsZAYuXQNwIkSwI0VyIAOyocQyqcdy4QQzosS1Kod1rIf3ZMS3ZUT3a8c3o4Q3rcf4ZER5JUR5ZYS5ZgS5aIW55wT554U6KkZ6qQV6qUW6qYW6qcX66gW7Lsf7a0X7a0Y7a8Z7bEb7rAY7rEY7rMa7rMb77EY77Ma77QZ77cd77oc8bgb8bkb8bob8b4f8cUh8skh87wb870c88If88kk89Im9Mwl9cMd9cch9sUe9scf9sgg9skh9swi9swk98og988k99Mm+c8h+dMk+dYm+9Mh+9Mi+9Uj+9Yk+9cl+9gl+9kn+9on+9oo+9op+9so/Ncl/Ngl/Non/Nso/N0o/N0p/dkk/dok/d4o/eAp/eEp/tsk/twk/t0k/t4l/uAn/uAp/uIq/uMp/uMq/uQq/94l/94m/98l/98m/+Am/+An/+En/+Eo/+Io/+Ip/+Mo/+Mp/+Mq/+Qp/+Qq/+Qr/+Uq/+UrX/9jcQAAACd0Uk5TAAABCQoLHCYnMDY4OjuCg4WHiImKm56fx8jJys3P1Ofp6enq7/DyAdnyKAAAAUZJREFUGNNt0b9Kw1AYhvH3OzlJ2qRpiiVCIxUUdXIRdFd0cfQOvA4HF3UWr0Fw83J0VEQpaLX/myY5Od/n0FGfS/g9RPibhgBwfB00MMuqwgIgDQBelMbRLj9NRp/TEgCRKD9Jjjq+FIvy9fm7XzA5BC/dPuu00tjx0EhsubCk4Mbd03Z6DVq5TcJ4J21qaPido6BNsACaeR50J1mm4cVhXQTCAPmeG0QuFIKWH4sFiwVHNa3jOjRqG2KV3FjgikVEtA8FkvzCMphZeLZ4rARQyF8KWGZhFlsYmMpAYTEuzi8ti3A1Hz4cmlEGh5x64u3fHSjJsp/7k1H+NTBEemVrL6o9AACOx9nH27Aiktra+nboKnA5n5TDt15BGih7ZrQZaqlMVbwP+gYgEsCLVptRk6fjWX9aAkS0RHbDBmZzs0Sm/3b8Apz1nhT0ICJTAAAAAElFTkSuQmCC



Sorry if I'm being dull, but what do I do with this file? Its not zipped, so it's not flashable, right?

Also, is it better than the telstop app? I have that installed, but it seems to update every day (probably at least 4 times since installing it last week). If your fix gets to the heart of the matter, then it should be a better solution?

Thanks
    • 0
Photo
Colossae3.23
Oct 02 2012 09:05 PM
avast! has just sent an update that now covers the USSD vulnerability. Good app that...
    • 0