Skip to content

Android

Plaintext Storage of WiFi Credentials - Samsung Cloud Sync

This was my report to Samsung Security team 2023.11.07 03:55 AM (GMT +2)

I am writing to report a security vulnerability I have discovered in the Samsung Cloud synchronization process for WiFi credentials on Samsung devices. This issue concerns the exposure of sensitive information, which I believe warrants immediate attention.

This is not device specific but it happens because of the application and should therefore happen on all devices

Vulnerability Details:

  • Summary: Samsung Cloud syncs WiFi passwords in plaintext, which are then stored on the device and can be accessed by any individual or process with root access.
  • Affected Service: Samsung Cloud WiFi Profile Synchronization.
  • Affected Devices: Samsung devices running on Android 13 (further testing on other versions required).
  • Impact: Potential for unauthorized access to WiFi credentials if root access is obtained by a malicious actor.
  • in Android
  • 5 min read

Restoring Your Android Device from Factory Mode

Screenshot

Have you found yourself trapped in the SetupWizard activity on your Android device, unable to proceed or exit? This comprehensive guide provides a step-by-step solution to restore your device to its normal state and overcome the constraints of the SetupWizard activity using ADB commands and system settings manipulation.

The SetupWizard activity is designed to guide users through the initial setup process on Android devices. However, getting stuck in this mode can be frustrating, preventing you from accessing your device's full functionality. Fortunately, with the power of ADB commands and system settings manipulation, you have the means to break free from the SetupWizard activity and restore your device to its default state.

Hacking Android 12 - Motorola Edition (FRP Bypass)

Screenshot

In this guide, we will explore a method to bypass the Factory Reset Protection (FRP) on Motorola devices running Android 12. Specifically, we will focus on devices that have the GBoard app from Google pre-installed as the default keyboard. I have discovered a unique solution for this particular scenario, which has proven successful multiple times before

Please note that I have conducted all the procedures mentioned in this guide using a Motorola G50 device

Now, let's proceed with the method to bypass the factory reset protection on any Motorola device with the Google GBoard app installed as the default keyboard. By exploiting vulnerabilities in the GBoard app, we can crash it and gain access to the device's settings, effectively bypassing the protection. It's important to note that this method is specific to the current Android version (as of 2023-02-09) on the Motorola G50 device.

Taking control of Android 12 with Bixby's intelligent assistance

Works on all Samsung devices until Security Patch: 2022-02-01)

More information about the CVE from Samsung can be found here.

No worries, I've got you covered with a newer version (they are fast but not fast enough, so I decided to share this wiki with the public). This hack works perfectly for all Samsung devices with the latest security patch (2022-02-01). While the wiki was created on February 21, 2022, it still works awesomely. Please note that this method does NOT work on Android 11. If you have an Android 11 FRP locked device, you can upgrade to the latest firmware from Samsung.

I'm sharing this information freely because it's fun and because I can, and because I believe it's enjoyable to share knowledge. I never report exploits or security issues for money. For me, time is more valuable than money.