# GS3 Factory Reset iFrame Exploit



## JuggalotusHeat (Jul 20, 2011)

If anyone was unaware, there is an exploit for GS3 that allows people to put a USSD code in iFrames of websites and factory reset the device. Here is a link on the details:

http://ausdroid.net/...-reset-exploit/


----------



## Jaxidian (Jun 6, 2011)

I'm working on testing and identifying versions that are and are not vulnerable to this. So far it seems that anything based on AOSP is NOT vulnerable to this. Also, the latest JB/TW leaks (for d2tmo that would include I7 and I8) are NOT vulnerable to this. Reportedly the international and AT&T versions have already had patches hit OTA that fix this (~1 week ago?).

My testing is being done on the T-Mobile version.


----------



## RedRumy3 (Oct 24, 2011)

Hmm well that would suck if that happened to me even though I have everything backed up.

Sent From My Galaxy S III Using TapaTalk 2.


----------



## Jaxidian (Jun 6, 2011)

RedRumy3 said:


> Hmm well that would suck if that happened to me even though I have everything backed up.


I've yet to test if this factory reset also wipes the SD Card or not. So consider that in feeling safe with your backups...


----------



## SlimSnoopOS (Jan 19, 2012)

Jaxidian said:


> I've yet to test if this factory reset also wipes the SD Card or not. So consider that in feeling safe with your backups...


The way it's been reported in the US, it seems that it's the LTE reprovision code which wipes the internal sdcard not the external sd card. I'm basing this on information from the Verge, Android Central, and Droid Life. Am I wrong in that belief?


----------



## PoLoMoTo (Feb 28, 2012)

RedRumy3 said:


> Hmm well that would suck if that happened to me even though I have everything backed up.
> 
> Sent From My Galaxy S III Using TapaTalk 2.


Ha, backups! I like living on the edge, prevents strokes


----------



## Jaxidian (Jun 6, 2011)

SlimSnoopOS said:


> The way it's been reported in the US, it seems that it's the LTE reprovision code which wipes the internal sdcard not the external sd card. I'm basing this on information from the Verge, Android Central, and Droid Life. Am I wrong in that belief?


Currently, I do not know. My testing has been interrupted with work stuff. Too bad I have to actually work when I'm at work. ;-)


----------



## Jaxidian (Jun 6, 2011)

Okay....

So far, I've actually yet to be able to affect myself with this vulnerability. I've been going back through various releases and the most I can do is get it to open the dialer pre-populated with the USSD code, but it never actually executes it. Now this is clearly still a concern because all it takes is one accidental button press to accidentally wipe your device, but this is a far cry from being the "remote wipe" that this is advertised as being.

So far, I've gone back to T999UVALG1. I'm having trouble finding older Recovery-flashable images (at work so don't have an Odin setup to use).

FYI, all of my testing of TW ROMs have been stock+rooted but not debloated and has used the stock browser + stock dialer. I have tried navigating to the hacked page directly and also scanning a QR Code to navigate to it.


----------

