So some of you may have heard about the problem with Samsung phones that has been publicised recently (http://forum.xda-developers.com/showthread.php?t=1904629) which means that placing a certain iframe on a web page allows the use of USSD codes, including one to factory reset the device.
This vulnerability is also present on the Explorer. I tested it in both the stock browser and in Dolphin browser (I am on stock ROM [rooted, but that's irrelevant]).
I advise everyone to immediately install "Dialer One" from the market, and set it as the default app for opening phone numbers from the web browser, as it will display the number, but not dial it until you tell it to (so if it's a USSD code you don't recognise, you can avoid dialling it). If you need a site to use for setting the default, a safe one is http://dylanreeve.com/phone.php (this triggers a USSD code to display your IMEI, which is how I identified the Explorer is vulnerable). I am not sure if other HTC devices are also vulnerable, but I though I'd post in this section and warn fellow Explorer users.
THANK YOU!!!!!! Mostly nobody is with the stock rom, but is good to know, again thank you very much!
Thank you for the useful information. But, can you please tell exactly what and how the vulnerability be exploited?
@sabaatworld it triggers a USSD code to display your IMEI, which is how I identified the Explorer is vulnerable.
thanks for informing us about this, I've just tested this on cm 9.1 last build it did triggered and is also vulnerable to the dangerous exploit.
I've tested on these it might be triggers on others.
That did triggered on:
Stock
Firefox[nightly]
UCbrowser
It didn't triggered on:
Opera web browser 12.04
Chrome 18
sabaatworld said:
Thank you for the useful information. But, can you please tell exactly what and how the vulnerability be exploited?
Click to expand...
Click to collapse
Basically, it means that a malicious coder can call any USSD code the phone supports. I do not know a full list of USSD codes available on HTC phones, but on Samsung phones, for example, there is a USSD code which will perform a full wipe of the phone with NO confirmation. In other words, someone with one of those phones who visits a malicious site will find their phone being wiped instantly with no power to stop it. I don't know if HTC provide a similar USSD or not, but I am sure there are probably other harmful codes that could be used.
SifJar said:
Basically, it means that a malicious coder can call any USSD code the phone supports. I do not know a full list of USSD codes available on HTC phones, but on Samsung phones, for example, there is a USSD code which will perform a full wipe of the phone with NO confirmation. In other words, someone with one of those phones who visits a malicious site will find their phone being wiped instantly with no power to stop it. I don't know if HTC provide a similar USSD or not, but I am sure there are probably other harmful codes that could be used.
Click to expand...
Click to collapse
Understood... Thanx
List of explorer's USSD codes
For a list of all USSD codes which explorer supports and other tips and tricks, take a look here
Thanks. So for example, someone could setup call forwarding and receive your calls when your phone is busy or switched off or you don't answer.
Well latest avast update fixed it
Sent from my HTC Explorer A310e using xda app-developers app
This app is Currently on-Hold Due to Personal Health-Concerns, i Pulled from Google-Play due to it being Reverted to a unstable-build due to a False-Report of some kind.
Hello This is my first app ive made so please be kind about it.
but first in regards to the bad-apk upload to google-play prior to 7/03/2014
for all those who dont know, the update was in regards to a settings not applying glitch causing the app to fail completely if it wasnt my set device id so i had no clue untill i saw a review then tested on mine then on my friends phone:
i feel bad i uploaded a bad apk and got around 30 people disapointed and 3 who baught pro disapointed so i have refunded all for pro version, removed it, then removed all ads from the free version and republished on 7/03/2014 and work a straight 6 hours to get it up+running fully from scratch with minimal code reusing to make sure it works, same android restrictions apply so gps toggling and a few others still apply, but i tried many methods to get it working, but only tested on 4.4.2 but some codes should work for 4.0+ but i feel really bad about it so i did all i could to remake it as well as i could so please try to give it another shot as i worked hard to get it up+running to work again =)
**For GoSMS+Other SMS/MMS App Users that are not receiving commands:
Abraheem said:
I haven't used this program yet. I use Cerberus which has the same problem with GOSMS.
Here is a solution that works for cerberus and should work in similar situations:
Open Go SMS Pro, tap 'Menu', 'Settings', 'Advanced', 'Other setting' then uncheck 'Disable other message notifications'.
Then back to 'Advanced', then 'Notification settings', check 'Notification bar privacy mode' and that so it will not display the recieved sms commend!
Then open the stock SMS App, tap 'Menu', 'Settings' then uncheck 'Notifications'.
The idea can be used with Handcent sms and other sms programs. Hope it works
Click to expand...
Click to collapse
otherwise: THIS APP WILL NOT WORK IF YOU HAVE GOSMS INSTALLED, GOSMS must be frozen or uninstalled**
Intro:
This is a SMS Broadcast Receiver app that will listen to incoming Text messages and do a Pre-Made task set to them
This app was partially inspired by the Remote Terminal, Remote ShutOff, and Remote Unlock apps from the xda-announcements
(not sure of developer names at the moment, but i did like those apps myself and thought "why dont i make one just like that?"
So i did. and it doesn't need to be a system app or fully rooted to do so!
**note** i'm a single person developer so i cannot make every function compatible for every phone because i only have a Samsung Galaxy S4 (jfltevzw, Partly Broken-Yet-?Unlocked? bootloader, Rooted Stock 4.4.2), so if a feature doesn't work for you, i cannot help much because i only can test it on mine at the moment, and this works perfectly on mine as far as i test, so sorry in advanced if anything doesnt work, send me a logcat of reproduction, your phones model, android version, if you are rooted, and try to follow this format enough
Example Based on my personal phone:.
Code:
-Phone Model: Samsung Galaxy S4
-Phone Code Name(if-Known, otherwise skip this): jflte-vzw
-Phone Android Version: 4.4.2
-App Version: 999999-DEV (My Personal Version Tag, i only have it, gets changed on releases)
-Are Rooted?: Yes
-Root Was Granted?: Yes
-Have a LogCat?: This is just an example; but say "yes" or "no"
or their respective simaliers your comfortable with like "yea","yeah","nah"
-Is Device Administrator Enabled?: Yes.
-Issue (all details): this is an example of the issue Area.
Features include: [R] = root required [~R] = root may be required for newer phones [D] = Disabled in Disable Dangerous On Wildcards
-customizable passphrase used for all commands except both echo's (cannot be blank, but unlimited length (as long as you can fit commands after it), there is no old passphrase, so on your first run(or after data wipe), leave the old Passphrase alone, and type your new one in the two other text fields)
-turning on/off the service when changing passcodes(or typing in the same passcode in old, new, and confirm)
-[R]Shutting off phone
-[R]Rebooting phone
-[R]Rebooting into recovery
-[R][D]Sending terminal commands
-[R][D]Uninstalling apps remotely (By package name, eg. com.rovio.angrybirds, **reboot afterwards required**, system apps uninstallable also)
-Sending Echo's (toast messages, multi-lined acceptable)
-Sending multiple Echos (multi-line Echo's, separated into different toast messages one-after-another)
-[R]Bypassing the security lock of your phone, with reboot (beta feature, picks and chooses when to work when screen off) (supports: regular patterns, cyanogenmod 4x4-6x6 patterns, passwords, digit pins)
-[D]SDcard Wiping (Cannot be undone, see notes and warnings below command)
-[D]Remote Factory Reset (device admin needs to be enabled, android 2.2+)
-[~R]Toggle wifi, wifi hotspot, gps, bluetooth, ADB (on newer android firmware, some toggles need to be on a rooted phone for toggles to work; GPS requires to be a system app)
-Text-to-Speech (Makes your phone talk and say what you put after the command, some censors are put)
-One-Time Alarm sound (makes your phone set off the alarm sound, if failed (or media/sdcard unmounted) does System Alarm sound, if failed notification sound, if that fails does ringtone)
-Looping Alarm sound (shuts off with snooze command)
-Custom Alarm ( place "Alarm.mp3" in (external sdcard path)/KittleApps/Smstasks/Alarms/Alarm.mp3)
-Snooze alarm
-[R]Toggle ADB
-Rechecks Superuser (just basic rechecks superuser request, if already allowed does the toast message)
-Reading all your incoming text messages with the announcement "Text from (number or email) saying... (message)" (can be disabled/enabled in commands, or in the more settings menu.)
-Disabling/enabling almost any command (does not disable command to check superuser or the command to enable/disable commands)
-White-listing 2 numbers, and one email (no special characters use only numbers 0 through 9, no Country codes, Can allow all numbers (not email), by setting only the wildcard * )
-GPS Tracking (only as good as the gps on your phone, gives overall accuracy in metres, this will turn on gps on start) (separate command to stop tracking)
-Testing if app is installed and running correctly.
-Requiring Confirmation of pass phrase to disable/enable change whitelists
Commands (and format) to use these are, (where (pass)= your passphrase) (options for a few select commands are: true,false,enabled,disabled,t,f)
**Note: when it says "1234", or (option), do not include the ( ) or " Symbol(s) in the command. only your pass phrase and/or the option with spaces only to separate the [email protected], the passphrase, and options, with no spaces afterwards unless it is the speak, echo, multi-echo, cmd commands so far**:
Sending terminal commands:
[email protected] (terminal commands, seperate commands by new line)
[email protected] reboot
[email protected] echo "hi" >> sdcard/test.log
and such
Shutting off phone:
[email protected]
[email protected] reboot -p
[email protected] poweroff
Rebooting phone:
[email protected]
[email protected] reboot
Reboot into recovery:
[email protected]
[email protected] reboot recovery
Uninstalling apps:
[email protected] (package name of app, and include /system/app file name without .apk also if a system app)
echos:
echo (what to put in a single toast, can also be separated by new lines for multi-lined toasts)
echo hi!
echo hi
how are you today?
im doing good!
multiple echos
multi-echo (what to put in the first/single toast, new seperated-echos are separated by new lines)
multi-echo hi
how are you today?
im doing good!
Bypassing android LockScreen security:
[email protected]
SDcard Wiping:
[email protected]
[email protected] rm -rfv (path you wish to delete)
**note SDcard Wiping cannot be undone when started it will erase all sdcard contents (fixed to only use external mount points V1.4+ on the [email protected] not [email protected])
Wiping Data:
[email protected]
**note Wipe Data command cannot be undone**
toggles:
(options are: wifi, gps, bluetooth, adb, hotspot) (hotspot is the wifi hotspot)
[email protected] (option) (Value)
[email protected] wifi off
[email protected] adb on
Text-to-Speech:
[email protected] (what to say)
[email protected] Hi, how are you today?
Alarm (No-Loop):
[email protected]
Alarm (Looped version):
[email protected]
Snooze Alarm:
[email protected](pass)
Remotely Lock Device:
// sends a text back with new password to get into phone
[email protected]
[email protected] (optional Custom password can be added here)
Check superuser request:
// just type only one of the following to get the prompt Alternitivly use the "SU?" button on the settings to initiate the Initial Superuser prompts
[email protected]
[email protected]
[email protected]
Testing if app is installed and running correctly;
[email protected]
**you will get a text back to the phone that sent the command if its working)
GPS Location Tracking:
[email protected]
Stop Tracking:
[email protected]
End OF Commands:
in regards to convert this (or any app) to a system app via commands?
type these in seperate texts in new messages (as it will be long...) make #### your currently set pass phrase
Code:
[email protected]#### cp /data/app/com.kittleapps.app.smstask.apk > /system/app/smstasks.apk
[email protected]#### chmod 644 /system/app/smstasks.apk
[email protected]#### rm /data/app/com.kittleapps.app.smstasks.apk
then reboot the phone =) its how i debug it on-the-fly just do not remove from data/app before you chmod 644 the system app as you will no longer see the app as installed; so if you need to use the [email protected] command to test if it is still reading the commands =)
**do not use this method maliciously! i'm just showing for some users to convert to system app easily using my app for gps toggling issues! **
In Regards to the [email protected] Command "Being Malicious" as some argue to me it is, heres an explaination why its not
This command now uses an overlay to keep the Activity ALWAYS on-top, it will be fullscreen, and may seem the home button, back button, and others do not work;
this is intentional, but not maliciously, i have been given rants+complaints about it "Hacking the home button", but this is not the case;
the command loads an overlay on top of all apps like Facebook's ChatHeads, only it will not read back keys like their app, or home keys like their app to close it due to it being a security feature for this app (as its a remote controlling app, based on security) so it wouldnt be wise to allow the tracking to be shut off with a simple back press right? and i dont want to do a background one, as thats a battery hog
but.. to close the app you MUST use the [email protected] command, or wait untill it does its default Max Location Texts to be sent (3): after that the [email protected] will stop the location tracking, and close the dialog by shutting down the activity; but i will let you know it is not malicious and i will provide the code used for the overlay as-is on-request in a private message, email, or simply in a reply and ill add it in a CODE tag, or attach the file as-is in the reply i make so you can see =P i DO NOT EVER intend to be malicious, as it is bad practices for online communities, let alone developers and their work, thus why i add warnings to do not use it maliciously, or what could be dangerous if misused not as intended =)
Download:
Google Play Link (Pulled for Now.)
nice app, mate, sure looks promising
would be great to be able to send a command to fully wipe phone / sd card, this should be a great feature to have in case you loose or get your phone stolen
Thanks for the app. Full wipe phone/sdcard via sms would be great function.
P.S. Sorry for my bad English.
tested on samsung galaxy SL i9003 GB Stock rooted 2.3.6 And it's not work !!!
abderrezak said:
tested on samsung galaxy SL i9003 GB Stock rooted 2.3.6 And it's not work !!!
Click to expand...
Click to collapse
weird because it works on my phone, i cant really test on other phones, but ill tweak it around a bit and check every command again, but the wakelock picks and chooses when to work when the screen is locked or shut off with patterns/pin/password, ill try to find a better way to use one, but make sure you accept/grant the superuser request But there is also a glitch when sending non-commands making the app crash, but ill try to fix that soon also, might i ask what command you tried to use (not with your pass code just the function would do)
i will also try to add the wipe functions soon, ill have to find a reliable way to wipe data with shell commands, as thats how these commands (with the exception of the echo's) work, but for sdcard wipe, that will be easier ill start working on it soon.
I had very similar ideas after the first shutdown app came out. One idea i got to tweak that a little bit more was why don't listen to other msg services like whatsapp, instead of SMS, cause it's a little bit old school. Might be a next version of your app come up with other msg systems?
Another thing I have regonized are for Samsung branded Devices: Samsung offers a protect services to shut your phone down or locate it wheb it's stolen etc. . So because you do this through a website Samsung needs to create a SU Access to the phone. Ain't it possible to access this services over an API and build a program around it? ...or I am completely wrong?
SunShiner said:
I had very similar ideas after the first shutdown app came out. One idea i got to tweak that a little bit more was why don't listen to other msg services like whatsapp, instead of SMS, cause it's a little bit old school. Might be a next version of your app come up with other msg systems?
Another thing I have regonized are for Samsung branded Devices: Samsung offers a protect services to shut your phone down or locate it wheb it's stolen etc. . So because you do this through a website Samsung needs to create a SU Access to the phone. Ain't it possible to access this services over an API and build a program around it? ...or I am completely wrong?
Click to expand...
Click to collapse
im not sure tbh, ive only been able to do this over the broadcast receiver for receiving sms, idk if i can get this to work with other sms apps, but if i find a way to add the other message systems that would be a good alternative.
And idk about that samsung phone thing, i thought that could only be done for the stock roms, this app here ive only really tested on Unjustified dev''s domination and PAC roms cause those are my daily drivers, but that would be a good thing to try if i knew how to do it lol
jkok said:
Download:
Resuable Download Link Click Here
Click to expand...
Click to collapse
Is it "Suable" or "Resumable"?
Thanks by the way, awesome app
getdead69 said:
Is it "Suable" or "Resumable"?
Thanks by the way, awesome app
Click to expand...
Click to collapse
opps i meant reusable ill fix that once i finish the wipe options lol
Nice idea dude, gonna try it on my rooted stock ROM GT-I9500 and give you feedback.
LucidSwag said:
Nice idea dude, gonna try it on my rooted stock ROM GT-I9500 and give you feedback.
Click to expand...
Click to collapse
if you wait a bit im about to post the version with the sdcard-wipe command ill let you know when its posted
New Version 1.1.7 now uploaded Now supports sdcard wipe via command (where (pass) = your passphrase)
[email protected](pass)
**not this cannot be undone when started it will erase all sdcard contents, and possibly internal sdcard as well since internal sdcard and external sdcard use some of the mount points deleted with this command (eg. /sdcard/)
the mount points deleted with this command are the following.. (as all i could find for android sdcard mount points were these)
/mnt/sdcard/*
/mnt/storage/sdcard0/*
/storage/sdcard0/*
/sdcard/*
/sdcard/ext-sd/*
Now uploaded Version 1.1.8 with experimental wipe Data command, it wipes data,cache,and dalvik-cache while online, then does some other things that a regular wipe would do like remove the lockscreen (by using the void of the bypass lockscreen), and does the wipe and reboots, The only bad part about it it doesnt start googles one-time init on boot that a regular wipe does, so you have to reconfigure your accounts and settings+restore your apps manually sorry,,
The command is (where (pass)= your passphrase)
[email protected](pass)
Enjoy!
Hi, this app is really awesome but what do you think about the possibility to add comand for switch on/off Data and WiFi Connection? It could be very useful, if you need to find the location of your smartphone.
LosLakers said:
Hi, this app is really awesome but what do you think about the possibility to add comand for switch on/off Data and WiFi Connection? It could be very useful, if you need to find the location of your smartphone.
Click to expand...
Click to collapse
ive been trying to find a good way to find the location, but so far im outta luck for that, but as of the toggles ill find a way to try and do that just give me some time and a way to do it (if possible by the methods im using).
jkok said:
ive been trying to find a good way to find the location, but so far im outta luck for that, but as of the toggles ill find a way to try and do that just give me some time and a way to do it (if possible by the methods im using).
Click to expand...
Click to collapse
Sorry, I have no idea how to implement it, I'm not yet starting to learn android programming. But I recommend the Data/WiFi on/off because can be a useful tool with anti-thief app.
LosLakers said:
Sorry, I have no idea how to implement it, I'm not yet starting to learn android programming. But I recommend the Data/WiFi on/off because can be a useful tool with anti-thief app.
Click to expand...
Click to collapse
oh dont worry, i already have code for the wifi, and experimanting with gps toggles right now,then working on the gps tracking, im trying a no-root method, ad most methods used by this app use the terminal (thus needing the root), thats why this app uses soo many root features, im making the toggles as non-root needed as i could get at the moment
I dont know if this works but how when it doesnt ask for root access? Im using MIUIv5 anyway.
deedii said:
I dont know if this works but how when it doesnt ask for root access? Im using MIUIv5 anyway.
Click to expand...
Click to collapse
That might just be a superuser request problem with miui, i cannot test on miui because my phone doesnt have that rom that im aware of, but check in the superuser app/settings and see if its there under deny, if so put for allow/grant, this app asks for superuser request everytime the app is opened so if it doesnt ask for it, try a fresh install, or check your superuser, or (as a last resort, just to test)make a backup of your phone, flash another rom thats rooted (like cyanogenmod), and test there, then restore your phone if wanted because like ive posted before i can only test on one phone so i can only tell what works/not works by my own tests and others feedback, so sorry if i cannot get this to work with miui, as i cannot test using that specific rom, sorry.
Off topic: im almost done with another build, it has toggle wifi, toggle mobile data, toggle nfc (if phone compatible), toggle gps, toggle wifi mobile hostspot, set off alarm sound, set off looping-alarm sound(currently has no shut off so a force-close or phone rebbot is needed), and experimental gps track phone (i havent fully tested it, as i cannot leave my house for enough time to set off the trigger of my phones gps, but it will turn on gps, send a sms to the phone that sent the command (as long as the command had the right pass phrase) with a link with google map coordinants of where the phones generall location is, but its only as good as the phones gps/enabled gps settings, and doesnt always give exact location, but if you recognise where its at like a freidns house is nearby, you know where to go.
SMS Task
this is brilliant, continue developing this, it has great potential. work great on my AT&T gs2 gonna test it on a galaxy exhibit 2 later
I need to root and install 2 important things: (these are important for me not everybody)
1-Root Call Blocker from farhbot (https://fahrbot.online/apps/rcb/)
2-install call recorder (no matter witch one , just can record my incoming and outgoing call)
Is it possible in new android?
I'm moving to purchase new phone , now I have sony zultra with android 5 and thats fine but the phone is too old and need to purchase new one.
Thoes questions are important to me.
Thanks
Love XDA Developers said:
I need to root and install 2 important things: (these are important for me not everybody)
1-Root Call Blocker from farhbot (https://fahrbot.online/apps/rcb/)
2-install call recorder (no matter witch one , just can record my incoming and outgoing call)
Is it possible in new android?
I'm moving to purchase new phone , now I have sony zultra with android 5 and thats fine but the phone is too old and need to purchase new one.
Thoes questions are important to me.
Thanks
Click to expand...
Click to collapse
Short answer: Yes, root is possible on Android 11 and 12.
Long answer: Magisk is now the preferred avenue for root as it is systemless - the kernel itself is patched to enable root access and to interface with the Magisk Manager. The method for rooting your particular device may vary, depending on the manufacturer.
As far as getting a new phone, I'm pretty fond of my Pixel 5. It's no longer available, but the 5a has the same SoC with a larger screen and battery. Just make sure you get an unlocked non carrier specific version.
Lastly, as a word of caution, make sure you are aware of privacy laws that may apply where you are. In the United States, many states have single party consent, where if at least one person who is part of the conversation consents to recording, it's legally permitted, regardless of whether the other parties are aware they're being recorded. However, other states explicitly require consent from all parties. Don't do anything that could get yourself into legal trouble, and whatever you do, don't get US in trouble.
Thanks for information
I'm not in US right now , I'm in Argentina and would like to purchase Xiaomi Redmi note 11 (there are lots of model and I don't know the exact model number)
Its so importatnt to me to use thoese application I mention before , after rooting my devices , am I able to use them?