Results 1 to 17 of 17
Like Tree2Likes
  • 2 Post By cole2kb
  1. Thread Author  Thread Author    #1  
    A-android-B's Avatar

    Posts
    415 Posts
    Global Posts
    416 Global Posts
    ROM
    it changes so much

    Default USSD vulnerability

    Just stumbled across this thread in the optimus s forums and it seems that someone could pull our meid or even erase our phones without any user input whatever. A simple work around is to install a second dialer app and not set a default dialer. Check this out for a test page and way more info
    Sent from my LG-VM670 using Android Central Forums
    beamed from the mothership...
    but its only a proxy for my
    lubuntu 12.04
  2. #2  
    flapjack.fiasco's Avatar

    Posts
    776 Posts
    ROM
    JBC/Squid's Kernel

    Default Re: USSD vulnerability

    What are the chances of this actually happening though?

    Sent from my LG-VM670 using Tapatalk 2
    This space intentionally left blank.
  3. #3  
    Nico72's Avatar

    Posts
    55 Posts
    ROM
    Bobz CM9.1

    Default Re: USSD vulnerability

    I tried on Opera Mobile and it won't open the dialer with that link. I'm on Bobz CM9.1 if that makes a difference. Probably some stupid script kiddy thinking he is all bad...
  4. #4  
    sellers86's Avatar

    Posts
    1,835 Posts
    ROM
    CNA/CM9/Mirage

    Default Re: USSD vulnerability

    Nico, no, its a real threat... There is a submission on the cm ics gerrit. not sure if/when it will be accepted
    Guess whos coming back!
    Thanked by:
  5. #5  
    cole2kb's Avatar
    Retired Moderator

    Posts
    3,976 Posts
    Global Posts
    4,030 Global Posts
    ROM
    Stock

    Default Re: USSD vulnerability

    Who says our phones are affected? Any phone will pull up the MEID with that code. HOWEVER...just because you have a dialer code that pulls up your MEID does not mean we have one that initiates any sort of factory reset. There is no proof that our phones are vulnerable to this kind of attack.
    --Chris [cole2kb]
    Nico72 and glarepate like this.
  6. #6  
    flapjack.fiasco's Avatar

    Posts
    776 Posts
    ROM
    JBC/Squid's Kernel

    Default Re: USSD vulnerability

    Quote Originally Posted by cole2kb View Post
    Who says our phones are affected? Any phone will pull up the MEID with that code. HOWEVER...just because you have a dialer code that pulls up your MEID does not mean we have one that initiates any sort of factory reset. There is no proof that our phones are vulnerable to this kind of attack.
    Very true, but I think the real question is, how likely is it that someone would initiate this attack against you? I guess what I mean to say is, what's the motivation for doing this to someone? Is there anything to be gained through such an attack?

    Sent from my LG-VM670 using Tapatalk 2
    This space intentionally left blank.
  7. #7  
    cole2kb's Avatar
    Retired Moderator

    Posts
    3,976 Posts
    Global Posts
    4,030 Global Posts
    ROM
    Stock

    Default Re: USSD vulnerability

    If you can click on one of these links, it could dial a premium number and initiate a charge on your bill, but that's one of the beauties of being pre-paid, we can't even use these services.

    The worst case scenario is a factory reset, a la the Samsung phones affected. But, I have yet to find a dialer code to do that on our devices.
    --Chris [cole2kb]
    Thanked by 2:
  8. #8  

    Default Re: USSD vulnerability

    reminds me of the early days with "dialer" appz.
  9. #9  
    tvall's Avatar

    Posts
    591 Posts
    ROM
    cm9

    Default Re: USSD vulnerability

    I don't see any point for anyone to use this "vulnerability" in the wild for, well, anything. Its pointless. Worst case scenario is you have to restore one of your full backups (you do make these, right?)

    But tomorrow I will be patching my roms against this and releasing in the usual places.
    my roms & kernels (based on iho)

    If you'd like to donate to me, i accept litecoin, bitcoin, and hardware
    LTC - LTVALL5gsjPvgeiBWD7c6DHNWidbpzVu3w
    BTC - 1TVALLetFibDe8Zap5qPsqa4BAJWQYQ59
    Thanked by 2:
  10. #10  
    sellers86's Avatar

    Posts
    1,835 Posts
    ROM
    CNA/CM9/Mirage

    Default Re: USSD vulnerability

    Quote Originally Posted by tvall View Post
    I don't see any point for anyone to use this "vulnerability" in the wild for, well, anything. Its pointless. Worst case scenario is you have to restore one of your full backups (you do make these, right?)

    But tomorrow I will be patching my roms against this and releasing in the usual places.
    it essentially does a factory reset, if it actually pertains to this phone, so that means the unfortunate user would have the recovery bootloop.
    Guess whos coming back!
  11. Thread Author  Thread Author    #11  
    A-android-B's Avatar

    Posts
    415 Posts
    Global Posts
    416 Global Posts
    ROM
    it changes so much

    Default Re: USSD vulnerability

    What ever the attack could or couldn't do I think I can spare the 250kb of internal space with a second dialer app that for surely can't even execute any of the ussd's. But then again this is America were so many of us walk around unarmed like bad people don't exist. There will be Guinea pigs and some bad things might happen to good people but at least I'll be a spectator and not a participant.

    Sent from my LG-VM670 using Android Central Forums
    beamed from the mothership...
    but its only a proxy for my
    lubuntu 12.04
  12. #12  
    tvall's Avatar

    Posts
    591 Posts
    ROM
    cm9

    Default Re: USSD vulnerability

    Quote Originally Posted by sellers86 View Post
    it essentially does a factory reset, if it actually pertains to this phone, so that means the unfortunate user would have the recovery bootloop.
    I completely forgot about that issue....why hasn't someone fixed that?

    Sent from my LG-VM670 using Tapatalk 2
    my roms & kernels (based on iho)

    If you'd like to donate to me, i accept litecoin, bitcoin, and hardware
    LTC - LTVALL5gsjPvgeiBWD7c6DHNWidbpzVu3w
    BTC - 1TVALLetFibDe8Zap5qPsqa4BAJWQYQ59
  13. #13  
    sellers86's Avatar

    Posts
    1,835 Posts
    ROM
    CNA/CM9/Mirage

    Default Re: USSD vulnerability

    Quote Originally Posted by tvall View Post
    I completely forgot about that issue....why hasn't someone fixed that?

    Sent from my LG-VM670 using Tapatalk 2
    How? when it execute the factory reset it looks for the stock recovery, and flips when it doesn't find it. At least thats my theory.
    Guess whos coming back!
  14. #14  

    Default Re: USSD vulnerability

    Quote Originally Posted by tvall View Post
    I completely forgot about that issue....why hasn't someone fixed that?
    Here is a link to a patch from last June that addresses it:



    Courtesy of one of the main community support members over at Republic Wireless.
  15. #15  
    EarthnFire78's Avatar
    YAY!!! ME :)

    Posts
    964 Posts
    ROM
    Custom ROM & Kernel

    Default Re: USSD vulnerability

    As of right now both MiRaGe and OM-Mandylion have the fix applied in the latest update.
  16. #16  

    Default Re: USSD vulnerability

    The only ussd for the v that has factory reset, is the rtn code, I believe it only works on stock/froyo roms tho, and it requires you to have your spc, and then you have to click the button to reset the phone.
    Thanked by:
    bkttk2 
  17. #17  
    Nico72's Avatar

    Posts
    55 Posts
    ROM
    Bobz CM9.1

    Default Re: USSD vulnerability

    Quote Originally Posted by cole2kb View Post
    If you can click on one of these links, it could dial a premium number and initiate a charge on your bill, but that's one of the beauties of being pre-paid, we can't even use these services.

    The worst case scenario is a factory reset, a la the Samsung phones affected. But, I have yet to find a dialer code to do that on our devices.
    That's my theory, not every single phone is the same, so it is VERY hard to hit every single combo. As far as I know, the Samsung phones all have very similar codes and such, making them the biggest target in the Android world. If they could crack the iPhone, it would be even easier.

Similar Threads

  1. Vulnerability: Remote USSD Attack
    By darkavenger in forum LG Optimus S Rooting, ROMs, and Hacks
    Replies: 19
    Last Post: 10-06-2012, 11:23 PM
  2. Skype for Android Vulnerability!!! READ!
    By deeznuts2 in forum Verizon HTC Thunderbolt
    Replies: 17
    Last Post: 04-16-2011, 08:38 AM
  3. QCodes - ussd requests application
    By Solvek in forum Android Applications
    Replies: 0
    Last Post: 12-07-2010, 04:53 AM
  4. vulnerable after rooting?
    By droidandme in forum AT&T Captivate Rooting, ROMs, and Hacks
    Replies: 1
    Last Post: 08-03-2010, 05:16 PM
  5. EVO Vulnerabilities
    By barko12 in forum HTC EVO 4G
    Replies: 20
    Last Post: 06-04-2010, 06:22 AM

Posting Permissions

B