wuseman's Blog

Plaintext Storage of WiFi Credentials - Samsung Cloud Sync

This was my report to Samsung Security team 2023.11.07 03:55 AM (GMT +2)

I am writing to report a security vulnerability I have discovered in the Samsung Cloud synchronization process for WiFi credentials on Samsung devices. This issue concerns the exposure of sensitive information, which I believe warrants immediate attention.

This is not device specific but it happens because of the application and should therefore happen on all devices

Vulnerability Details:

• Summary: Samsung Cloud syncs WiFi passwords in plaintext, which are then stored on the device and can be accessed by any individual or process with root access.
• Affected Service: Samsung Cloud WiFi Profile Synchronization.
• Affected Devices: Samsung devices running on Android 13 (further testing on other versions required).
• Impact: Potential for unauthorized access to WiFi credentials if root access is obtained by a malicious actor.

How I Restored a Macbook Air - Apple M2 2023 14.9

A friend of mine accidentally wiped all partitions on his Macbook Air including the ones that shouldn't be removed (don’t ask me how this was done). As a result, the device became unbootable and was stuck on the Contact Apple Support logo screen. Since there was no Apple Store nearby, he asked me for help.

Although I had never owned a Mac or worked extensively with Apple devices, I decided to take on the challenge. Surprisingly, the solution turned out to be fairly simple. In this blog post, I'll walk you through exactly what I did, so I have a reference for the future and hopefully, it helps others in a similar situation.

In Memoriam: Hugo, A Companion Like No Other

In the whirlwind of my professional accomplishments, a personal storm raged. Hugo, my loyal canine companion of thirteen years, has taken his leave from this world. His absence is a void, expansive and deep, echoing the profound impact he had on my life. Each corner of my home, every mundane moment, is now a stark reminder of his eternal silence. Farewell, dear Hugo, you are missed beyond measure.

As I grappled with these personal challenges, my professional journey continued unabated, culminating in the fruition of my earlier efforts. It is with deep humility and profound gratitude that I share the recognition and rewards garnered for my work in the field of cybersecurity. I successfully identified and reported vulnerabilities within Samsung's systems, and I must applaud their security team for their exceptional spirit of collaboration.

Telia F1 (Changing DNS with Hidden Modal)

Telia's restrictions around their routers are well-known. Despite there being methods to circumvent their security barriers over the years, Telia seems to intentionally complicate a basic process like changing DNS settings on their Telia F1 router. It's as if they want to make it frustratingly inconvenient for anyone wishing to perform something as routine as customizing their DNS settings.

As such, we must simply proceed with the standardized procedure if you intend to change your DNS settings. However, we can also take it a step further and explore the extremely concealed settings that are carefully hidden and secured from users. We'll simply employ a little "hack," or to use a more neutral term, an "unhide" method. Let's walk through how you can do this:

Reflecting on the Technicolor 2018 Exploit

5 years later I have found a large number of exploits after more than 1000 documented hours I spent on this router and at least 20 different devices from different mistakes but oh how I have learned a lot in this time, therefore I want to present a small final part of this router as I am now going to continue with the Telia F1 which has the same problem but thanks to the hours I put in it is extremely easy to get into the routers from technicolor, but to sum up a short version for all the curious here you have the problems in Technicolor's routers. TO fix this, almost the entire router's third-party script must be rewritten.

Navigating Persistent Security Risks: A Critical Analysis of the 2018 Exploit, Unraveling Potential Entry Points Despite Latest Firmware Updates for Telia Customers. Five years have passed since the discovery of the 2018 Exploit in our ISP's router system. During this period, I have conducted a diligent search to uncover a comprehensive explanation of the exact cause of the exploit. Regrettably, available information seemed riddled with speculations and lacked a definitive account

Restoring Your Android Device from Factory Mode

Have you found yourself trapped in the SetupWizard activity on your Android device, unable to proceed or exit? This comprehensive guide provides a step-by-step solution to restore your device to its normal state and overcome the constraints of the SetupWizard activity using ADB commands and system settings manipulation.

The SetupWizard activity is designed to guide users through the initial setup process on Android devices. However, getting stuck in this mode can be frustrating, preventing you from accessing your device's full functionality. Fortunately, with the power of ADB commands and system settings manipulation, you have the means to break free from the SetupWizard activity and restore your device to its default state.

Creators of emagnet cannot be held responsible for users usage | EMAGNET

Authors and developers cannot be held accountable. Please read license and terms before continue on this website - IT'S A REQUIREMENT

Since 2018, EMAGNET has been a hot topic among "ethical hackers" who have claimed that EMAGNET devs can be held responsible for the actions of its users. However, it is clearly stated in the readme that developers, including "developers" specifically, cannot be held responsible for what users do.

EMAGNET was created for a legal purpose. This has caused ethical hackers to despise the tool, mainly because it encourages users to use "haveibeenpwned," which censors passwords. The developers of EMAGNET believe this is unjust. They think that everyone has the right to access their passwords or no one should have access. The owner of the project works for Microsoft and took up EMAGNET as a hobby project. It is questionable why they would have permission to access users' passwords and be allowed to sell API access for something that the users themselves do not have access to when searching for their own email.

Hacking Android 12 - Motorola Edition (FRP Bypass)

In this guide, we will explore a method to bypass the Factory Reset Protection (FRP) on Motorola devices running Android 12. Specifically, we will focus on devices that have the GBoard app from Google pre-installed as the default keyboard. I have discovered a unique solution for this particular scenario, which has proven successful multiple times before

Please note that I have conducted all the procedures mentioned in this guide using a Motorola G50 device

Now, let's proceed with the method to bypass the factory reset protection on any Motorola device with the Google GBoard app installed as the default keyboard. By exploiting vulnerabilities in the GBoard app, we can crash it and gain access to the device's settings, effectively bypassing the protection. It's important to note that this method is specific to the current Android version (as of 2023-02-09) on the Motorola G50 device.

Tilgin TG275X Router Hacking Guide

This guide provides step-by-step instructions on hacking the Tilgin TG275X Router from Bredband2. By following these procedures, you will gain access to advanced features and settings of the router. Please note that hacking or unauthorized access to routers without proper authorization is illegal and unethical. This guide is for educational purposes only.

Please note that attempting to hack or gain unauthorized access to any device or network is against the law and can result in severe legal consequences. Always ensure that you have proper authorization and follow ethical guidelines when conducting any security-related activities.

Hacking Inteno XG6846

The Inteno XG6846 is installed in millions of Swedish homes and sits between the router and the switch. With some operators, it's a requirement for watching TV. Now it's time to take control of this device!

In 2022, a new law was introduced in Sweden allowing the government to hack people's devices regardless of whether they are criminals or not. I don't think this is a good thing, so I took on this challenge as a fun project. Here are the results