Some of you may have heard the big news, there is a bit of html code that can remotely do a factory reset on your device while browsing around without your consent or way to stop it. the website has to have it setup and has to the stock web browser. since this exploit was released into the public it is unknown on if any sites may "maliciously" add it in. i cant confirm or deny that this device may be subject to this exploit, but its for teh best that you know anyways.
the code can be viewed via a frame on a website, so some jerk posting the html code into a comment isnt gunna make the site screw your phone up. so it has to be setup to run the exploit, but since it is only a few lines im sure a few sites already have ill intentions. Exploit test should show if you are vulnerable
so far it seems its only samsung devices that are affected but many more could be.
now this means that on a stock rom dialer codes can be tripped by malicious websites
Quote:
Originally Posted by Shabbypenguin
ok lord vincent did some testing and here is basically a rundown:
may not be of any big concern, everyone is ranting about the sgs3 reset code since even the sgs2 has a diff code to reset it it means that the "exploit" may be on many devices but in order to effectively target them you would have to have every dialer code for every phone and i dont see that happening.
a more likley solution is someone who knows of lets say the prevail, builds a new site that gets a lot of google hits like prevailcyanogenmod9.com or something of teh sort and expects prevail owners to pull it up on their device
so while your chances of being hijacked by this are VERY slim. this is all the more reason on why you should be doing regular nandroids and saving to your computer in the event something does happen
__________________
I dont ask for much, but my friend is going through some rough times,
if you wish to donate to me send it his way, he needs it more than i do Donate here
Know an unloved device? swing by our new forums
Last edited by Shabbypenguin; September 25th, 2012 at 04:22 PM.
The Following 7 Users Say Thank You to Shabbypenguin For This Useful Post:
Device(s): galaxy prevail ctmod 3.75.2kk2.5 ssm oc at 946 fast and smooth running swap
Carrier: Boost Mobile
Thanks: 487
Thanked 612 Times in 477 Posts
Quote:
Originally Posted by Lordvincent 90
Pm me the link. I just made a backup I'll be A test dummy
Yeah then let us know the results. Thx.
__________________
EVERYTHING HAPPENS FOR A REASON/TODAY IS THE LAST DAY BEFORE TOMORROW SO USE IT WISELY !!!!!!!!! Thanks Button Is The Right Thing To Do!!
The One Who Dies With The Most Toys WINS
At First If You Don't Succeed Maybe This Is Not For You!!!!
ok lord vincent did some testing and here is basically a rundown:
may not be of any big concern, everyone is ranting about the sgs3 reset code since even the sgs2 has a diff code to reset it it means that the "exploit" may be on many devices but in order to effectively target them you would have to have every dialer code for every phone and i dont see that happening.
a more likley solution is someone who knows of lets say the prevail, builds a new site that gets a lot of google hits like prevailcyanogenmod9.com or something of teh sort and expects prevail owners to pull it up on their device
if you give me the dialer codes for this device ill make a page to test, im not gunna use teh factory reset one ill use something like debug menu etc
so while your chances of being hijacked by this are VERY slim. this is all the more reason on why you should be doing regular nandroids and saving to your computer in the event something does happen
edit: bah thats what i get for typing up a long explanation, LV already replied :P
I was wrong... The one i was thinking of us ##72786# and it only does some update... Nothing gets deleted
Edit-and still requires you to enter your msl! That may be what saves us... Most hidden menu functions ask for your msl (ps this code is what they gave my sister to fix her phone. It randomly stopped receiving/sending phone calls bit 3g still worked... Not sure what it changes, but it restored her ability to use this phone as a phone)
Last edited by Lordvincent 90; September 26th, 2012 at 12:44 AM.
I was wrong... The one i was thinking of us ##72786# and it only does some update... Nothing gets deleted
still stands you guys are suseptible to teh exploit, as is teh admire and ZTE warp so im gunna leave this thread here. you guys are lucky enough to have a solid cm rom but i imagine a lot of phones that this attacks wont be as lucky. since cm doenst let you use dialer codes
Device(s): galaxy prevail ctmod 3.75.2kk2.5 ssm oc at 946 fast and smooth running swap
Carrier: Boost Mobile
Thanks: 487
Thanked 612 Times in 477 Posts
Quote:
Originally Posted by Shabbypenguin
still stands you guys are suseptible to teh exploit, as is teh admire and ZTE warp so im gunna leave this thread here. you guys are lucky enough to have a solid cm rom but i imagine a lot of phones that this attacks wont be as lucky. since cm doenst let you use dialer codes
so ct mod doesn't let you use the dialer after 2.4 or something. so that is safe too then?
Hmm, it shows shrimps jammin' on the jimjam on my laptop but on my phone it shows a page to enter my msl? I used the xscope browser, so the exploit seems to work with that too. Yikes! If I remove the stock browser, it would break several apps that depend on it like geniewidget.apk, voicesearch.apk, plus quicksearchbox.apk & voicedialer.apk (both depends on voicesearch.apk). All of these apps will force close when the browser is removed.
Hmm, it shows shrimps jammin' on the jimjam on my laptop but on my phone it shows a page to enter my msl? I used the xscope browser, so the exploit seems to work with that too. Yikes! If I remove the stock browser, it would break several apps that depend on it like geniewidget.apk, voicesearch.apk, plus quicksearchbox.apk & voicedialer.apk (both depends on voicesearch.apk). All of these apps will force close when the browser is removed.
the way i setup the code is it loads two frames one being my homepage at shabbypenguin.com (where the flash animation comes in) and the other frame contains the "exploit"
so ct mod doesn't let you use the dialer after 2.4 or something. so that is safe too then?
After 2.5
Quote:
Originally Posted by Lordvincent 90
I was wrong... The one i was thinking of us ##72786# and it only does some update... Nothing gets deleted
Edit-and still requires you to enter your msl! That may be what saves us... Most hidden menu functions ask for your msl (ps this code is what they gave my sister to fix her phone. It randomly stopped receiving/sending phone calls bit 3g still worked... Not sure what it changes, but it restored her ability to use this phone as a phone)
I think that updates the MMS settings. That is code I used to fix my MMS on the Marquee.
__________________
Is there a reason you're not rooted yet??
Do the right thing and hit THANKS!
Last edited by wetbiker7; September 26th, 2012 at 07:05 AM.
The Following User Says Thank You to wetbiker7 For This Useful Post:
Yup. Us Proclaim users are vulnerable too. I took Shabbypenguin's test page, posted it on my server, and edited the number to a Verizon Wireless hidden menu code. Sure enough, it launched the hidden page.
Last edited by DarkJedi; September 26th, 2012 at 02:08 PM.
Reason: Verified
not to alarm anyone, but while a factory reset dialer code is fairly uncommon with devices, and teh odds of being targetted for that are slim there is however a fairly universal dialer code.
**21#phonenumber
it sets up call forwarding to whatever you use as the phone number. what that means is ytou can go to a site that has this code setup and it will forward all of your calls automatically without you knowing. worse still imagine if they were all.. "adult" phone numbers. people calling you would be charged 1-5 dollars per call depending on how long they try figuring out wtf is going on and recalling.
installing a second dialer program and never setting teh default will add a layer of security, go to teh website and it activates the code and your phone asks which dialer (obviously a warning sign).
Ok so im a little behind here but I went to two test sites for this and both showed me as open to the exploit so I got telstop from the play store which seems to a shorter version of shabbys suggested fix
Device(s): galaxy prevail ctmod 3.75.2kk2.5 ssm oc at 946 fast and smooth running swap
Carrier: Boost Mobile
Thanks: 487
Thanked 612 Times in 477 Posts
In the lounge someone suggested adding another dialer, I did that and when I run these tests it asks which dialer to use, but doesn't affect me making or recieving calls. Would this be a fix too?
In the lounge someone suggested adding another dialer, I did that and when I run these tests it asks which dialer to use, but doesn't affect me making or recieving calls. Would this be a fix too?
The Samsung Galaxy Prevail is an entry level device for Boost Mobile. Unlike some of it's Galaxy S cousins, you wont find some of the higher end "Galaxy S" features and it doesn't have the familiar TouchWhiz interface seen on so m... Read More
4Likes
PSA: Watch what sites you load
I'll be A test dummy
(ps this code is what they gave my sister to fix her phone. It randomly stopped receiving/sending phone calls bit 3g still worked... Not sure what it changes, but it restored her ability to use this phone as a phone)
187MoD-HoneyBread + Genocide-Kernels
