• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Help PSA: Watch what sites you load

Shabbypenguin

Extreme Android User
Mar 28, 2011
5,381
5,072
36
Some of you may have heard the big news, there is a bit of html code that can remotely do a factory reset on your device while browsing around without your consent or way to stop it. the website has to have it setup and has to the stock web browser. since this exploit was released into the public it is unknown on if any sites may "maliciously" add it in. i cant confirm or deny that this device may be subject to this exploit, but its for teh best that you know anyways.

the code can be viewed via a frame on a website, so some jerk posting the html code into a comment isnt gunna make the site screw your phone up. so it has to be setup to run the exploit, but since it is only a few lines im sure a few sites already have ill intentions. Exploit test should show if you are vulnerable

so far it seems its only samsung devices that are affected but many more could be.

Update

Confirmed you guys are exploitable http://i.imgur.com/UFfxj.png

now this means that on a stock rom dialer codes can be tripped by malicious websites :(


ok lord vincent did some testing and here is basically a rundown:

may not be of any big concern, everyone is ranting about the sgs3 reset code since even the sgs2 has a diff code to reset it it means that the "exploit" may be on many devices but in order to effectively target them you would have to have every dialer code for every phone and i dont see that happening.

a more likley solution is someone who knows of lets say the prevail, builds a new site that gets a lot of google hits like prevailcyanogenmod9.com or something of teh sort and expects prevail owners to pull it up on their device

so while your chances of being hijacked by this are VERY slim. this is all the more reason on why you should be doing regular nandroids and saving to your computer in the event something does happen ;)
 
ok lord vincent did some testing and here is basically a rundown:

may not be of any big concern, everyone is ranting about the sgs3 reset code since even the sgs2 has a diff code to reset it it means that the "exploit" may be on many devices but in order to effectively target them you would have to have every dialer code for every phone and i dont see that happening.

a more likley solution is someone who knows of lets say the prevail, builds a new site that gets a lot of google hits like prevailcyanogenmod9.com or something of teh sort and expects prevail owners to pull it up on their device

if you give me the dialer codes for this device ill make a page to test, im not gunna use teh factory reset one ill use something like debug menu etc

so while your chances of being hijacked by this are VERY slim. this is all the more reason on why you should be doing regular nandroids and saving to your computer in the event something does happen ;)

edit: bah thats what i get for typing up a long explanation, LV already replied :p
 
Upvote 0
  • Like
Reactions: The~Skater~187
Upvote 0
I was wrong... The one i was thinking of us ##72786# and it only does some update... Nothing gets deleted

Edit-and still requires you to enter your msl! That may be what saves us... Most hidden menu functions ask for your msl :) (ps this code is what they gave my sister to fix her phone. It randomly stopped receiving/sending phone calls bit 3g still worked... Not sure what it changes, but it restored her ability to use this phone as a phone)
 
Upvote 0
I was wrong... The one i was thinking of us ##72786# and it only does some update... Nothing gets deleted

still stands you guys are suseptible to teh exploit, as is teh admire and ZTE warp so im gunna leave this thread here. you guys are lucky enough to have a solid cm rom but i imagine a lot of phones that this attacks wont be as lucky. since cm doenst let you use dialer codes
 
Upvote 0
still stands you guys are suseptible to teh exploit, as is teh admire and ZTE warp so im gunna leave this thread here. you guys are lucky enough to have a solid cm rom but i imagine a lot of phones that this attacks wont be as lucky. since cm doenst let you use dialer codes
so ct mod doesn't let you use the dialer after 2.4 or something. so that is safe too then?
 
Upvote 0
Hmm, it shows shrimps jammin' on the jimjam on my laptop but on my phone it shows a page to enter my msl? I used the xscope browser, so the exploit seems to work with that too. Yikes! If I remove the stock browser, it would break several apps that depend on it like geniewidget.apk, voicesearch.apk, plus quicksearchbox.apk & voicedialer.apk (both depends on voicesearch.apk). All of these apps will force close when the browser is removed.
 
Upvote 0
Hmm, it shows shrimps jammin' on the jimjam on my laptop but on my phone it shows a page to enter my msl? I used the xscope browser, so the exploit seems to work with that too. Yikes! If I remove the stock browser, it would break several apps that depend on it like geniewidget.apk, voicesearch.apk, plus quicksearchbox.apk & voicedialer.apk (both depends on voicesearch.apk). All of these apps will force close when the browser is removed.

the way i setup the code is it loads two frames one being my homepage at shabbypenguin.com (where the flash animation comes in) and the other frame contains the "exploit"
 
Upvote 0
so ct mod doesn't let you use the dialer after 2.4 or something. so that is safe too then?


After 2.5;)


I was wrong... The one i was thinking of us ##72786# and it only does some update... Nothing gets deleted

Edit-and still requires you to enter your msl! That may be what saves us... Most hidden menu functions ask for your msl :) (ps this code is what they gave my sister to fix her phone. It randomly stopped receiving/sending phone calls bit 3g still worked... Not sure what it changes, but it restored her ability to use this phone as a phone)

I think that updates the MMS settings. That is code I used to fix my MMS on the Marquee.
 
  • Like
Reactions: cwhatever
Upvote 0
not to alarm anyone, but while a factory reset dialer code is fairly uncommon with devices, and teh odds of being targetted for that are slim there is however a fairly universal dialer code.

**21#phonenumber

it sets up call forwarding to whatever you use as the phone number. what that means is ytou can go to a site that has this code setup and it will forward all of your calls automatically without you knowing. worse still imagine if they were all.. "adult" phone numbers. people calling you would be charged 1-5 dollars per call depending on how long they try figuring out wtf is going on and recalling.

installing a second dialer program and never setting teh default will add a layer of security, go to teh website and it activates the code and your phone asks which dialer (obviously a warning sign).
 
Upvote 0

BEST TECH IN 2023

We've been tracking upcoming products and ranking the best tech since 2007. Thanks for trusting our opinion: we get rewarded through affiliate links that earn us a commission and we invite you to learn more about us.

Smartphones