[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Massive Security Vulnerability In HTC Android Devices (EVO 3D, 4G, Thunderbolt, Others) Exposes Phone Numbers, GPS, SMS, Emails Addresses, Much More



*laughs* Ah I remember those days well... I just broke into my own
voicemails off a friends phone to test... Still vuln to this day! (well, it
is a "feature", not a bug, or so I am told...)

On Mon, Oct 3, 2011 at 12:36 PM, GloW - XD <doomxd@xxxxxxxxx> wrote:

> haha.. reminds me of old days of pbxs!
>
> hang each others voicemail greetings for fun...
>
> rofl.. we used to press 1+# and 0+# or 1+* sometimes, always oen fo those
> combos.. together (produce a sharper tone) but had to be that combo,on old
> analogues, it would break thru most answering-machines and we could then
> change for example "welcome to the deans residence.." to "welcome to hot,
> sweaty ...."u get the drift :P
> lol... those days are over for me now but, darn miss analogue!
> gnite!
> xde
>
>
>
> On 3 October 2011 22:24, Darren Martyn 
> <d.martyn.fulldisclosure@xxxxxxxxx>wrote:
>
>> NOTW "Hacking" method for phones is nothing to do with this. Voicemail
>> hacking in the UK involves calling the victim, hammering the # button while
>> the phone rings, and being redirected to their voicemail box. Then you just
>> press 0000 and # and DONE! (sometimes they have a password, but a 4 digit
>> pass is 10,000 combinations. Most people use easy to remember ones so a
>> simple bit of SE and some simple "looking at the phone keypad" and BOOM!
>> done!)
>>
>> As kids we used to do this to each other and change each others voicemail
>> greetings for fun... Nothing has changed in the UK and Eire since. IN fact,
>> I will post agian in an hour to confirm - I will break into my own
>> voicemails and check.
>>
>> On Mon, Oct 3, 2011 at 12:17 PM, GloW - XD <doomxd@xxxxxxxxx> wrote:
>>
>>> No surpise... theyre ext4 partitions are completely vulnerable.. try tell
>>> an anddroid user that, tho. Spender 9grsecurity.net0 has exposed the ext4
>>> bug, wich allows remote user addition to, whatever kernel, i assume runs the
>>> ext4 right... with some small changes ofc to code... so, it is strange they
>>> dont patch, i myself use 1.6 , but, wow this rally blows things for many
>>> users.. interesting stuff, and maybe is good thing i use the old 1.6 api..
>>> hehe. seems newer the stuff, more the chances of malicious activity.. i
>>> guess NOTW m anagement mustve known this one forsure.
>>> thx for that, insightful , and,reminds me more that, a phone nowdays is
>>> almost as dangerous as a laptop in your hand.
>>> cheers,
>>> xd
>>>
>>>
>>>
>>> On 3 October 2011 19:30, Di. Tled <ditled@xxxxxxxxx> wrote:
>>>
>>>>
>>>> http://www.androidpolice.com/2011/10/01/massive-security-vulnerability-in-htc-android-devices-evo-3d-4g-thunderbolt-others-exposes-phone-numbers-gps-sms-emails-addresses-much-more/
>>>>
>>>> _______________________________________________
>>>> Full-Disclosure - We believe in it.
>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>
>>>
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/