ReVuln Exploit for E Series

Ideas and dreaming will go this forum
Post Reply

MacaroniToni
Posts: 1
Joined: Fri Dec 14, 2012 12:08 pm

ReVuln Exploit for E Series

Post by MacaroniToni » Fri Dec 14, 2012 1:50 pm

Hello,

today I found this news: Samsung's smart TVs 'wide open' to exploits
And the Video: The TV is watching you

Maybe it is useful?

E3V3A
Posts: 247
Joined: Wed Oct 31, 2012 2:31 am
Location: /dev/zero

Re: ReVuln Exploit for E Series

Post by E3V3A » Sat Dec 15, 2012 4:55 pm

Nice, but not quite as revolutionary as it claims.
You probably need to get physical access first. But then if you can also manipulate the Skype camera and activate it, it would be a slightly different story...

But this is not what we do here. We just wanna improve our TV sets and remove crappy bloat-ware to install things that is actually useful!
HW: UE40ES5700SXXH
FW: T-MST10PDEUC-1029.0 Onboot: 1003

arris69
Official SamyGO Developer
Posts: 1700
Joined: Fri Oct 02, 2009 8:52 am
Location: Austria/Vienna (no Kangaroos here)
Contact:

Re: ReVuln Exploit for E Series

Post by arris69 » Sat Dec 15, 2012 6:08 pm

MacaroniToni wrote:Hello,

today I found this news: Samsung's smart TVs 'wide open' to exploits
And the Video: The TV is watching you

Maybe it is useful?
they discovered develop account? in the video it's the smarthub from d-series...

User avatar
erdem_ua
SamyGO Admin
Posts: 3100
Joined: Thu Oct 01, 2009 6:02 am
Location: Istanbul, Turkey
Contact:

Re: ReVuln Exploit for E Series

Post by erdem_ua » Sun Dec 16, 2012 7:15 am

It's clearly, fake.

A hacker doesn't develop a `windows program` named "exploit" and use it for multiple hacks, without flag.
Also IP address is 10.0.0.2. Let make some guess.
10.0.0.1 -> router and if 10.0.0.2 -> TV, where is the god damn IP of the windows computer? 10.0.0.3? :)
Indeed router gives first available IP to computer since they registers their IPs before TVs and default lease time doesn't allow another device to have first available IP even if you don't open your computer for weeks. And If you are hacker, you have to open your computer every day :)

So ReVuln is not work it's lesson :)
They not ranked even as a LaMeR for me :)

mamaich
Official SamyGO Developer
Posts: 65
Joined: Sun Nov 21, 2010 4:15 am

Re: ReVuln Exploit for E Series

Post by mamaich » Wed Dec 19, 2012 3:49 am

erdem_ua wrote:It's clearly, fake.
This demo may be possible if they've found a way to read any file from firmware via network. The second demo shows how they get USB flash image, while the first one may get files /dev/mmcblk* (/mtd_rwarea, mtd_rwcommon, etc)
But yes, they are using the same tool "exploit.exe" without command line switches. So 2 thoughts immediately happen: this video is completely a fake, or it reads some config file that is modified in parallel and not shown here.
Anyway this exploit is really possible in theory - samsung FW is full of security holes, it opens several HTTP servers, has remote X server listening to a network, has a TV remote control interface. Noone have looked deeply in this direction.
They could even be using a SamyGO "rooted" TV - everything displayed is possible with it (getting files via FTP, etc) :)

mamaich
Official SamyGO Developer
Posts: 65
Joined: Sun Nov 21, 2010 4:15 am

Re: ReVuln Exploit for E Series

Post by mamaich » Wed Dec 19, 2012 3:59 am

erdem_ua wrote:Also IP address is 10.0.0.2. Let make some guess.
10.0.0.1 -> router and if 10.0.0.2 -> TV, where is the god damn IP of the windows computer? 10.0.0.3? :)
Indeed router gives first available IP to computer since they registers their IPs before TVs and default lease time doesn't allow another device to have first available IP even if you don't open your computer for weeks.
Not always true. You may have a PC sharing its internet via WiFi. In this case it can have 10.0.0.1 IP, act as a gateway, and WiFi client would have the first available IP address (10.0.0.2 in this case). And even more: as all internet traffic passes via your PC - you can easily modify it as you wish, for example give fake applets (or EMPs) to TV during its autoupdate that starts every time you launch SmartTV.
And do not forget that on most modern routers you can make DHCP reservations, so your TV and PC would get arbitrary IP addresses every time.

The morale of this demo is simple: do not make your TV reachable directly from the internet, and protect your home WiFi so noone could connect to it and reach your TV without your notice.

User avatar
nobody
Posts: 182
Joined: Sat Nov 12, 2011 1:45 am

Re: ReVuln Exploit for E Series

Post by nobody » Sat Dec 22, 2012 3:40 am

the hack is not a fake but its not original either.

This hack works only on D series (perhaps some previous models too).
It's not a remote hack and can only work from the same LAN.
Unless the idiot didn't map it's tv on his router as a DMZ host ... eheheheh

The dude that bragged about this hack is italian as I am but he is famed for releasing unuseful hacks (for example one that bricks a samsung tv).

User avatar
erdem_ua
SamyGO Admin
Posts: 3100
Joined: Thu Oct 01, 2009 6:02 am
Location: Istanbul, Turkey
Contact:

Re: ReVuln Exploit for E Series

Post by erdem_ua » Sat Dec 22, 2012 7:22 pm

I mean, there is "no evidence or sign of rooting TV via exploit" at the video.
Yes, everything is possible in theory, even this movie.
But for me, this video looks like an illusion, not the truth.

Post Reply

Return to “[E] Brainstorm”