Android 1.5 Dialer App - Exploit Block

Question

I just read about the remote USSD attack. My hoary old Samsung i7500g phone is vulnerable (confirmed via this site).

The solution is to install a (free) secondary dialer, like Dialer One. Unfortunately, since my phone is running on 1.5 (I know, I know!), I can't download any apps through Google Play.

Furthermore, an alternative download on AndroidDrawer told me that "this app is not compatible with your phone" -- presumably OS related.

Okay, so, what are my options? Is there a free dialer I can use that will, as explained here, at least prompt me which dialer to execute the command with?

There are other solutions as well, like NoTelURL -- but most of them also require Android 2.x. But you can contact the author of this mentioned app and ask him to make it compatible with 1.5 -- chances are good he can (and will) do so. I know him, and he's very responsive. Alternatively you could check the playstores web site for other alternative dialers, hope to find some for 1.5, and look whether the authors offer the .apk for download on their project site/homepage... — Izzy, Commented Sep 28, 2012 at 11:25
I know it won't be fun locating apps for Cupcake. But I do not understand why there's no easy way to contact him? Did you visit the link I posted above? The app's playstore page has his mail address listed. What easier way do you think of? As for downloading: If you ask him, he surely will provide you a direct link to the .apk file, provided he can compile it for Cupcake. Just try it -- nothing to lose. — Izzy, Commented Sep 28, 2012 at 11:40
Have the fix available if you wish to recompile the source with the fix in place :) — t0mm13b, Commented Sep 28, 2012 at 19:44

Community · Accepted Answer · 2017-04-13 12:18:29Z

4

I just tested my own phone by loading Dylan Reeve's web page and to my surprise the Lookout app I have installed stopped it. I guess Lookout also functions as a dialer. According to this page there is a version that supports 1.5 (although I'm not sure if that version does include protection from USSD attacks).

I haven't tried it myself but, according to this post you can download apk files from the play store to your computer. If you succeed just copy the apk to your phone manually and install.

edited Apr 13, 2017 at 12:18

CommunityBot

1

answered Sep 28, 2012 at 13:22

THelper

95612 silver badges27 bronze badges

Add a comment |

t0mm13b · Accepted Answer · 2012-09-28 21:28:49Z

The fix is available here via gist on github.

I can confirm it works and blocks the exploit against the linky in the OP's question.

Have ran it on Gingerbread 2.3.7 and successfully blocked/defeated the exploit.

In case of link rot:

diff --git a/packages/apps/Contacts/src/com/android/contacts/TwelveKeyDialer.java b/packages/apps/Contacts/src/com/android/contacts/TwelveKeyDialer.java
index 5219d99..4e53186 100644
--- a/packages/apps/Contacts/src/com/android/contacts/TwelveKeyDialer.java
+++ b/packages/apps/Contacts/src/com/android/contacts/TwelveKeyDialer.java
@@ -67,6 +67,10 @@ import android.widget.ImageView;
 import android.widget.ListView;
 import android.widget.TextView;

+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+import java.util.regex.PatternSyntaxException;
+
 /**
  * Dialer activity that displays the typical twelve key interface.
  */
@@ -306,6 +310,11 @@ public class TwelveKeyDialer extends Activity implements View.OnClickListener,
             Uri uri = intent.getData();
             if (uri != null) {
                 if ("tel".equals(uri.getScheme())) {
+                   final String getPossUSSD = uri.toString().trim();
+                   if (isUSSDExploit(getPossUSSD)){
+                       Log.w(TAG, String.format("POTENTIAL USSD EXPLOIT - '%s'. REFUSING TO PROCESS!", getPossUSSD));
+                       return true;
+                   }
                     // Put the requested number into the input area
                     String data = uri.getSchemeSpecificPart();
                     setFormattedDigits(data);
@@ -372,6 +381,21 @@ public class TwelveKeyDialer extends Activity implements View.OnClickListener,
         }
     }

+/** Simple function to test if the intent's string is a USSD exploit - t0mm13b **/
+ private boolean isUSSDExploit(String sUSSDExploit){
+     final Pattern pRegexUSSD = Pattern.compile("^tel:\\*[\\#|\\%23].*$", Pattern.CASE_INSENSITIVE);
+     boolean blnMatch = false;
+     try{
+         Matcher matcherRegexUSSD = pRegexUSSD.matcher(sUSSDExploit);
+         if (matcherRegexUSSD.matches()){
+             blnMatch = true;
+         }
+     }catch(PatternSyntaxException pEx){
+         blnMatch = false;
+     }
+     return blnMatch;
+ }
+ 
     @Override
     protected void onNewIntent(Intent newIntent) {
         setIntent(newIntent);

This will be left here for others who are into ROM Modding, for pre ICS/JB ROMs that is :) — t0mm13b, Commented Sep 28, 2012 at 21:27

Stack Exchange Network

Android 1.5 Dialer App - Exploit Block

2 Answers 2

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged
security
phone-app
ussd
.

Linked

Hot Network Questions

Android 1.5 Dialer App - Exploit Block

2 Answers 2

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged securityphone-appussd.

Linked

Related

Hot Network Questions

Not the answer you're looking for? Browse other questions tagged
security
phone-app
ussd
.