Update: With the new Jelly bean update rolling out, this bug seems to be fixed on 4.1.2 android, but is still present in 4.0.3 and 4.0.4 ICS versions of S2.
I have been using android for past few months. So this post was just to test the bug in the android stock browser (Touchwiz) that was going around and haven't been fixed yet. So clicking on the following linksfrom android phone will open phone dialer and do as mentioned.
Click to see your IMEI
It happens because because i have embedded IMEI (*%2306%23) code in an html anchor tag.
Why is it dangerous:
If the IMEI code is displayed on clicking the IMEI Link then your phone can also be remotely wiped using the USSD bug with some default USSD codes available for each phone.
USSD codes for Reseting phones are:
*#7780# Factory Reset
*2767*3855# Full Factory Reset
*#*#7780#*#* Factory data reset
If these codes are included in iframe html tag then these codes are executed on Page load.
Work around until your phone developer fix it is that you install a seperate Dialer. Just go to play store and search for Dialers. So when ever it tries to open any malicious code it will ask for which dialer to choose.
I have been using android for past few months. So this post was just to test the bug in the android stock browser (Touchwiz) that was going around and haven't been fixed yet. So clicking on the following linksfrom android phone will open phone dialer and do as mentioned.
html tag used: tel:
Click to see your IMEI
It happens because because i have embedded IMEI (*%2306%23) code in an html anchor tag.
Vulnerability Video:Demo Dirty use of USSD Codes in Cellular Network en Ekoparty 2012
Why is it dangerous:
If the IMEI code is displayed on clicking the IMEI Link then your phone can also be remotely wiped using the USSD bug with some default USSD codes available for each phone.
USSD codes for Reseting phones are:
*#7780# Factory Reset
*2767*3855# Full Factory Reset
*#*#7780#*#* Factory data reset
If these codes are included in iframe html tag then these codes are executed on Page load.
Work around until your phone developer fix it is that you install a seperate Dialer. Just go to play store and search for Dialers. So when ever it tries to open any malicious code it will ask for which dialer to choose.
.png "English"){kind=small}
0 comments:
Post a Comment