First things first.
I DID NOT discover this vulnerablity ("daniel.wro" did here and "The_0ne" elaborated the process here ). So all credits to them. I am just writing this post with some screenshots and a video.
Note to the mods : Dear mods, I don't know if this post meets the standards of xda, but since it's not some cracking tutorial but mere exploitation of a poorly coded program, I assumed that it is eligible to be posted here. I hope it doesn't break the rules of this forum. If it did, please DO take it down.
Note to advanced users: Warning! This is a newbie guide. So you'll find the instructions provided here as childish and intimidating.
Sorry about that.
Now, having said that, for those who don't know what the B2B support tool is, it's a tool to allow LG's partners to download all mobile phones files (Service manuals, Flash Files, Softwares, Flashers, etc) from LG's servers.
You could get the client for free but requires 100$ to get access into the database. So, you could either pay and get yourself an account or use this workaround to get into the database without paying up.
This tutorial makes use of programming vulnerablity in the support tool while it communicates with the authentication server.
Prerequisites:
B2B support tool
Get it here
A network traffic monitoring tool (Fiddler/Wireshark/Etherreal/Charles,etc). I will be using Fiddler throughout this tutorial.
Get it here
Syntax view plugin for fiddler
Get it here
Once everything's installed you're ready to go
How it's done?
Step 1: Launch Fiddler (After installing syntax view plugin) and check if automatic breakpoints is disabled under the rules tab.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Step 2: Launch B2B support tool (Installs in C:\ProgramData\LGMOBILEAX by default in win8). Wait for the authentication panel to show up.
Step 3: Once you see the authentication panel, go to fiddler and enable automatic breakpoints before requests.
Step 4: Now go back to the support tool and enter any username and password and press ok.
Step 5: Back to fiddler again. You should see a red colored entry with hostname csmg.lgmobile.com. Select it. On the right pane, select break on response and choose syntax view. You should see something like this.
Step 6: If that's your case too, hit run to completion. Next you should see an entry with host name gsfs-eu.lge.com. Click break on response and should see a message stating user_check status='FAIL' in the syntax view. Now change 'FAIL' to 'OK' and select run to completion.
Run it to completion.
Step 7: You should see 6 more csm.lgmobiles.com requests. Run them all to completion.
Step 8: Once you've done it. The B2B tool's GUI should show up.
You're in!!!
But be careful. Everytime you encounter the hostname gsfs-eu.lge.com (or any authentication server requests), make sure to change FAIL to OK and you're good to go.
I've added a video showing every step involved when you want to download a file. There's nothing uber hacky or anything. It's just keeping your eyes open and making changes wherever necessary.
For video, click here
Note: I would recommend using a download manager with resume ability when downloading larger files. Sometimes, the authentication info might expire (the download can't be resumed). This doesn't mean the link has expired. Just repeat the whole process again till the step where you got the download link. After doing this, just hit resume and the download continues as usual. I don't know if it's related to expiration of cookies with authentication info. But doing this helped me with the downloads.
It's people like you who will kill the access to this for the rest of you guys.
If you guys can't RE your own applications, and seriously need tutorials like this, then you don't deserve to be able to access it.
I'm glad that you're all blocked from RND and PIN, because I can only imagine how fast that would get ruined.
Here, crack my login and you can have it: [email protected]
foil said:
It's people like you who will kill the access to this for the rest of you guys.
If you guys can't RE your own applications, and seriously need tutorials like this, then you don't deserve to be able to access it.
I'm glad that you're all blocked from RND and PIN, because I can only imagine how fast that would get ruined.
Here, crack my login and you can have it: [email protected]
Click to expand...
Click to collapse
so u can give us screens if thers a f180 v30 or a e975 v20 listed..... (and download if its possible..)
2nd Sky said:
so u can give us screens if thers a f180 v30 or a e975 v20 listed..... (and download if its possible..)
Click to expand...
Click to collapse
No, I'm afraid I won't do that.
I warned the entire community about the end of b2b access coming to a halt, due to the abuse that it received.
My login is still alive and active, and I invite you to crack the password, and you can have it if so - it's a full admin account, and can create subs.
Related
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
[highlight]Mod Edit: No linking to external sites requiring registration.[/highlight]
World's First!!!Samsung I8700 Windows 7 Phone DIRECT UNLOCK
by NsPro team
Now all we need is a jailbreak.
more information here:
forum.gsmhosting.com/vbb/f452/sptbox-deluxe-9-9-7-released-1133092
i8700 usb cable unlock solution:
- ##634# and press call to enter Diagnosis Menu
- *#7284# and choose "Modem, USB Diag"
- Press OK to confirm device Reboot
- Plug USB cable and install drivers.
- Select i8700, select correct SAMSUNG Mobile Model Diagnostic Serial Port
- Select unlock and click Factory Mode.
- If after unlock procedure, phone still asks for code, dial 00000000
All Done.
Click to expand...
Click to collapse
download the program (Sptbox deluxe 9.9.7) here:
multiupload.com/HZ1531ZQRL
i just call ATT and tell them i travel worldwide (which i do) and need it unlocked to use overseas SIM. Usually 10 minutes later they call me with the unlock code free.
Just downloaded from multiupload.com/HZ1531ZQRL and MS Security essentials blocked it with a virus warning.
Does this unlock the MMS-locking by the carriers as well?
http://social.answers.microsoft.com...7/thread/7834506f-c60d-4eb6-b04a-9829131922ee
This wouldn't happen to work with the at&t focus, would it?
Thanks for sharing!
psynaut said:
Just downloaded from multiupload.com/HZ1531ZQRL and MS Security essentials blocked it with a virus warning.
Click to expand...
Click to collapse
Kaspersky too : packed.win32.black.a
But it seems not to be a problem :
The Packed.Win32.Black.a detection identifies files that are packed with a stolen version of the Themida software protection program.
Stolen versions of this program (which are usable with leaked licenses) can be used to hide malware. Identifying a file that has been packed by a stolen version is therefore a precautionary measure against potentially malicious files.
Poops weak
thx great job
it doesn' t work on ..there is an error ..
Does this not work on Windows 7? I am having the same "Smart card resource manager is not running" error as above.
I am on windows 7 too (x64) and got your error too.
You have to manually start the "Smart Card" service.
With that you can go one step further and get the following error
Error when listing readers !
SmartCard API error #801002E
Cannot find a smart card reader
don't know what to do next
Help appreciated !
desolateone1 said:
This wouldn't happen to work with the at&t focus, would it?
Click to expand...
Click to collapse
I second that question; I've been looking all over the net trying to find some way of unlocking my focus before I take my trip to Amsterdam. I know there are websites out there but they all seem shady. I'd hate to pay for service that wouldn't work. does someone know if this works on the Focus? Or worse case, a website that is I can trust to pay and unlock it for me?
yeh i get
Error when listing readers !
SmartCard API error #801002E
Cannot find a smart card reader
tried it on xp 32bit and win 7 64bit
desperate for an unlock, boo
Doesn't this tool need the SPTBox hardware?
I always thought they give away the tool for free, but you need to buy their ~250$ hardware to actually be able to use the software.
250 dollars for this? muhahahahahhahahaha.....................what else?
ok but it affects our software or not
Old thread but here is my log!
Hey everyone! Saw the latest build of the emulator and did some digging around. Here's the result:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Also, here's a video of it in action:
http://www.youtube.com/watch?v=7xdhxCdRQRA
Download:
http://windowsphonehacker.com/articles/latest_windows_phone_7_emulator_unlocked-02-05-11
Technical information:
To do this, I used this tutorial:
http://sviluppomobile.blogspot.com/2010/03/wp7-emulator-unlocked-how-to.html
And got the tools from SonicFlare's post here:
http://forum.xda-developers.com/showpost.php?p=5913715&postcount=218
Important note: The Settings menu is a bit broken, no About page working. I assume there's some SecureItem GUIDs I need to set, but time limits me from doing it myself. Anyone want to take a stab and report back?
Enjoy!
Awesome! I really cant wait until M$ releases the WP7 update. I could really use the copy and paste feature.
It works OK Thanks!
Very useful for developers.
Good news, but am waiting for official update to update
can i run it on 64bit?
can we now install xaps easily?
Tested on seven 64bit ... didn't work
i also couldn't run it omwin7 32bit ... it pause on loading
can any one teach us aesily this totarial? plz
Mr.zeus said:
Tested on seven 64bit ... didn't work
i also couldn't run it omwin7 32bit ... it pause on loading
can any one teach us aesily this totarial? plz
Click to expand...
Click to collapse
There must be another issue, as my development computer is Windows 7 64-bit
Does it work in Office?
Does it work in Excel and Word?
a_ok2me said:
Does it work in Excel and Word?
Click to expand...
Click to collapse
I just played around with Word, and it is definitely working. I am not sure about Excel, will update soon
I have downloaded this file half a dozen times, and I cannot unzip it using either Windows Explorer or WinRar... Is there another source for it?
it's really an important post,great work mate.
it's a rich material for WP7 Rom Cooking,,,who don't like recipes.....
Filesystem
Is there a way to view the file system of the emulator? Some of the original emulator unlocks seemed to have this feature but I haven't been able to find discussion of it with the more recent updates.
Any advice on how to view the root directories?
Is this a full rom with all the features on it ? (phone, xbox,etc)
Windows Phone 7 Emulator Unlocked - can't unzip
I have tried downloading the file, but WinRAR and Windows Explorer both say that the file is corrupt, and I can't unzip it. I have also tried following the directions to unlock it myself, but when I open up my bin file, everything is using the Cyrillic alphabet, so I don't know where to find the changes to make.
Suggestions?
Is there a way to unlock the settings to test syncing email accounts?
sutt359 said:
Is there a way to unlock the settings to test syncing email accounts?
Click to expand...
Click to collapse
Unfortunately, no. Even the original emulator that was super easy to crack and allowed almost-everything-under-the-sun didn't allow that unfortunately. It sucks because it looks like the new emulator is severely nerfed now where at least I could show off the basic functionality before. I hope MS goes back and gives us a ROM that does a little more 1:1 with a functional device. Not like I'd rather use the emulator than my phone anyway.
The process listed below is what I follwed to activate Reliance.
May b others have better way, Would really appreciate if can share below
So here is the key
1) unlock n root ur phone Follow below link
http://forum.xda-developers.com/showthread.php?t=1598964
2) Above steps are required to install MSL reader (Free APp in Ply store) which will tell u the MSL no., required to enable diagnostic mode
download softwares using below links
before Extracting disable Antivirus as cdma is cracked one n antivirus won’t allow to access it
Moderator Edit
Download link removed because it is against xda rules to post cracked applications
3)follow below steps now
Prerequisites
1) CDMA 800 Mhz handset (Which ofcourse you have) with its data cable.
2) CDMA workshop v 2.7 (though there are more softwares to do it, this is used commonly) - Use Google to find
2a) There is a possibility that your handset isn't supported by CDMA Workshop v 2.7. In that case you need QPST - Use Google to find
3) Knowledge of how to put your particular handset in DIAGNOSTIC mode along with its driver. You can Google that out.
3a) Though I have personally done 100's of different handset models, keeping track of each handset model is difficult. So I am mentioning the most common DIAG mode enabler below:
HTC Handsets: ##3424# or ##3424+Call button.
Palm/HP: ##8727277#
Samsung: ##8778# and select modem.
BlackBerry DIAG behaves on virtual port created by installing BlackBerry DM. This list will be huge if i keep writing. So I'll suggest if your handset isn't mentioned in this list then please ask on this topic and I will try to reply with your enabling DIAG solution.
4) Diagnostic Driver for your device. (There are so many handsets and usually there are different drivers for each devices, so this is something you have to request here, commonly used DIAG Drivers - Google for it)
5) Windows PC with XP or Win 7 32 bit. (Its very difficult to find 64 bit drivers so I'll keep and support this tutorial for 32 bit only)
6) Carrier specific NAM PRL or Preferred Roaming list file. (Check the pinned topics in Technical forum)
7) A-key or Authorization key. (will be provided by ESN/MEID Registrar or handset seller)
8) Your handset's SPC (check your handset cover box or ask your handset seller).
How to / Step by Step:
Note - There are many handsets/models and each time process is little different. But basic changes to latch your phone to Reliance network is mentioned here. I am using HTC DEVICE to do it for Tutorial.
1) Pick your phone and enable Diagnostic mode in it. ( I am using HTC HERO and so i punch: ##3424#). Please find your phone DIAG enabler in prerequisites above.
2) Connect your Phone to PC using Data cable and let the Driver search process begin. (mostly Driver installation failed and you have to do it manually) See pic or video.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
3) Now open CDMA workshop (You might have to disable your antivirus, as the crack for CDMA workshop uses Trojan pattern)
4) Open Device manager and expand Ports (COM & LPT) there u see which COM PORT assigned for your device. In my case its Com PORT 7
5) Select that comport on CDMA workshop and press connect. and press read.
6) Go to security Tab and enter SPC i.e msl and press SEND button. now put 000000 and press send return message should be SPC COrrect Phone unlocked See pic.
7) Now go to Nam Tab and press load and select Reliance.nam and press write.
8) Go to CAVE and enter your akey and press write. (You might have to calculate akey, see pic for details on calculation)
9) Go to Other tab and press write under PRL select Reliance.PRL file return message should be success.
10) Now your phone is flashed on Reliance CDMA network.
Note - Now after this process you need to visit Reliance webworld to transfer ur number from existing handset/RUIM to this phone. U can also use HCC (Handset Change Card) if its available and work in ur city/state.
Hope you enjoy flashing your phone.
Download link removed because it against the rules to post links to cracked applications.
Thread closed
If you can't access local shell (cmd.exe) via ssh session on your phone by using third-party ssh clients, don't waste your time (for these "junk" apps) but install famous and the "standard de facto" ssh client "PuTTY", it works prefect (as it supposed to be).
Unfortunately, author of the PuTTY didn't published his perfect app yet (I don't know why ) but we are still able to get it by using "store bug" trick.
To obtain "PuTTY", do the following:
open this link on your phone
wait until built-in "Store" app opens the page (you'll see that "PuTTY" isn't available but don't worry!)
now, search for any free app you haven't installed before
go to this free app page
press "Free" (not "Install" or "Get" or "Trial"") button than immediately "back" key (just once), to get back to the PuTTY page
after a few seconds you'll see that PuTTY starts installing on your handset
I suggest you to donate a few bucks to the PuTTY author (as I did) and ask him politely to publish app, it's too good to be forgotten!
To run cmd.exe locally, type new host address as a 127.0.0.1 (i.e. localhost) and use authentication you've prepared before (for example, I'm using certificate and everything is working great and fast).
Nice! Does accessing the localhost server require any firewall changes? Sandboxed apps aren't supposed to be able to connect to localhost, at least they weren't on WP8.x Not sure if W10M changed this...
GoodDayToDie said:
Nice! Does accessing the localhost server require any firewall changes?
Click to expand...
Click to collapse
Nope, it works out of the box (on interop-unlocked handset of course). I didn't tested with the login/password auth method but PuTTY works flawlessly with the imported certificate I've created before.
Tested with the login/password auth method and works fine.
But always cant use BCDEDIT
This store bug trick doesn't seem to be working for me. I do exactly as you say, but it just queues up the app I don't want to install. Also, the button doesn't say "Install", it says "Get". It only says "Install" for apps I already own but don't currently have installed. I wonder if this store bug has been patched already?
@GeoffreyK, my mistake, it should say "Free" (not "Get" or "Install" or "Trial"). Already corrected the OP.
If you look up telnet app on store you should see an app that is called the SSH client. Use that after following a guide on here to use bcdedit.
sensboston said:
@GeoffreyK, my mistake, it should say "Free" (not "Get" or "Install" or "Trial"). Already corrected the OP.
Click to expand...
Click to collapse
I don't know which build you're using, but no app has a button saying "Free" in my version of the Store. Free apps have a button saying "Get", and above the button is written the word "Free". However, pressing the Get button followed immediately by the back arrow takes me back to Putty but queues up the other app for download, not the Putty app. I have build 1493.67.
Hmm... I do have same build. BTW, I'm using US store.
so now, search for any free app you haven't installed before change to now, search for any paid app with trial you haven't installed before
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Playing:
Edit: erase .zip extension.
@spavlin, I can't even add a new connection to this "Wishstream" trial
@djtonka, where you see paid app on my screenshots? From my experience, if you see word "Free" it's enough. Maybe this will work with paid apps/trial apps, any apps - I don't know. I only suggest stuff what I did personally.
Hello, are you using the certs created with the puttygen? I can't seem to login due to the password prompt
anubis23 said:
Hello, are you using the certs created with the puttygen? I can't seem to login due to the password prompt
Click to expand...
Click to collapse
Yes. To get a correct private certificate, just follow the strikethrough instructions from this post: http://forum.xda-developers.com/windows-10-mobile/guide-filesystem-access-sftp-windows-10-t3185766
What was the buggy store version?
I've tried all steps, but I can't download the app. Can someone upload the appx package?
No
$5 Bitcoin Reward to whoever helps me get this done.
Yes, I have followed olli's guide and I cannot make sense of any of it. Half of the stuff I did was missing out of his odd job of a "tutorial", not to insult him as he has contributed but to somebody like me, who has no ****ing clue its frustrating to follow broken English and missing steps. Here is what I have done.
Preparation
I have downloaded adb-setup, ran the program as an administrator.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
I have downloaded a .img recovery file from the cyanogen website, which is named;
cm-13.0-20161220-SNAPSHOT-ZNH5YAO3XJ-crackling-recovery
Click to expand...
Click to collapse
Finally, I have downloaded SuperSU named;
UPDATE-SuperSU-v2.46.zip
Click to expand...
Click to collapse
I am aware there is a guide that already exists, it just skips too much of the vital information I need. I am not stupid, I am a comprehensive, experienced user on both linux and windows. I dont want to **** this phone up, I have some bad experiences with iPhones back in the day.
I need either a 1 to 1 talk through via Skype or for somebody to post here a step by step (Including everything, what buttons to press, when to plug in the USB cable) just a simple, step by step guide that does not skip half of the things I need or require me to hunt **** down when it could just be listed in the OP...
I am fairly certain this will take no longer than 10 minutes, and I will send you a $5 bounty in Bitcoin. I will be online for the next 2 hours ready to do this, let me know if you want to help me out.
Jayke. said:
$5 Bitcoin Reward to whoever helps me get this done.
Yes, I have followed olli's guide and I cannot make sense of any of it. Half of the stuff I did was missing out of his odd job of a "tutorial", not to insult him as he has contributed but to somebody like me, who has no ****ing clue its frustrating to follow broken English and missing steps. Here is what I have done.
Preparation
I have downloaded adb-setup, ran the program as an administrator.
I have downloaded a .img recovery file from the cyanogen website, which is named;
Finally, I have downloaded SuperSU named;
I am aware there is a guide that already exists, it just skips too much of the vital information I need. I am not stupid, I am a comprehensive, experienced user on both linux and windows. I dont want to **** this phone up, I have some bad experiences with iPhones back in the day.
I need either a 1 to 1 talk through via Skype or for somebody to post here a step by step (Including everything, what buttons to press, when to plug in the USB cable) just a simple, step by step guide that does not skip half of the things I need or require me to hunt **** down when it could just be listed in the OP...
I am fairly certain this will take no longer than 10 minutes, and I will send you a $5 bounty in Bitcoin. I will be online for the next 2 hours ready to do this, let me know if you want to help me out.
Click to expand...
Click to collapse
The Official Recovery is here
https://dl.twrp.me/crackling/
You put your phone in bootloader mode
run fastboot devices -----make sure your phone is seen by fastboot
run fastboot flash recovery (name of twrp recover above).img -------------copy and paste works if you don't like typing
Place SuperSu.zip on the Phone, SD card or internal storage
Boot to recovery and navigate to SuperSu.zip and install it.
Hi @Jayke.
Which step are you stuck at?
Did you get the ADB interface to work? If not make sure that the debugging (adb) is enabled under Settings - Developer options.
Also just as robin0800 suggested get TWRP as your custom recovery so you can flash SuperSU from there. Also make sure to get the latest Super SU from http://www.supersu.com/download (the .zip-file that's flashable from recovery).
If you're still stuck just reply with a detailed explanation on which step you're stuck at and I'll try to help.
Just to say, SuperSU v2.79 didn't work for me on COS13. I used v2.78.
The 'official' SU is now available - for crackling you need the 64bit-arm:
https://download.lineageos.org/extras
[sorry - this is for 14.1]