Android Phone's Hidden Secret Codes

Posted by
Tags , , ,
Hello GreenHackerz....
Today I'm going to show you some Hidden Secret Codes that can be used in Google Android Phone


This information is intended for experienced users. Not intended for basic users, hackers, or mobile phone thieves. Please do not try any of the following methods if you are not familiar with the phone. We will not be liable for any use or misuse of this information, including data loss or hardware damage. So, there are risks in your own hands.

So, in this topic, you will get Some Hidden Secret Code that can be used in the Google Android Phone, Access to things that are not accessible by default. :)

* # * # 4636 # * # *                                                                          

This code can be used to obtain some interesting information about your phone and battery. This suggests the following four on-screen menu:

(1) Information Phone
(2) Battery information
(3) History of Batteries
(4) Usage Statistics


* # * # 7780 # * # *                                                                            

This code can be used to reset data such as origin. This will delete the following things:


(1) Google account settings are stored in your phone
(2) System and application data and settings
(3) Applications that were NOT going to download and delete:
(4) Current software systems and application packages
(5) Card SD files such as photos, music files, etc.

NOTE: After you provide this code, you get a prompt screen asking you to click on the button “Reset Phone”. So you get a chance to cancel your Surgery.



* 2767 * 3855 #                                                                                



Think before you give this code. This code is used for formatting the original manufacturer. This will delete all files and settings, including internal memory storage. This will also reinstall the phone’s firmware.

NOTE: After you provide this code, there is no way to cancel the operation unless you remove the battery from the phone. So think twice before giving these codes.




# * # 34971539 # * # *                                                                     

This Code is used to Obtain Information about Camera Phones. This suggests the following four menus:

(1) Update the camera firmware in the picture (Do not try this option)
(2) Update the camera firmware in the SD card
(3) Get the camera firmware version
(4) Obtain a count of firmware updates

WARNING: Do not uses the first option is declared, the camera phone will stop working and you will need to take your phone to a service center / shop to reinstall the firmware of the Camera.



* # * # 7594 # * # *                                                                           


This one is one of my favorites. This code can be used to change the “End Call / Power” action on your phone keypad. So the default, if you press the button for a moment, it will display a screen that asks you to select options from the Silent mode, and Turn off Airplane mode phone.

You can change the action using this code. You can activate this power directly from the button so you do not have to waste your time in choosing the option.

* # * # 273 283 * 255 * 663 282 *#*#*                                             

This code will open a copy of the screen where you can file for backup media files such as image, voice, video and voice memos.

* # * # 197328640 # * # *                                                                 


This code can be used for entry into service mode. You can run various tests and setting changes in service mode.

Test Code: WLAN, GPS and Bluetooth :


* # * # 232 338 # * # *              Displays the MAC address of WiFi

* # * # 1472365 # * # *                     GPS test

* # * # 1575 # * # *                           Test a GPS who others are.

* # * # 232 331 # * # *                      Bluetooth test

* # * # 232 337 # * #                         Displays the Bluetooth address

* # * # 8255 # * # *                          This code can be used to launch GTalk Service Monitor.                                            


Code to get the firmware version information: 


* # * # 4986 * 2650468 # * # *                             PDA, phone, H / W, RFCallDate


* # * # 1234 # * # *                                               PDA and Phone


* # * # 1111 # * # *                                               FTA SW Version

* # * # 2222 # * # *                                               FTA HW Version

* # * # 44 336 # * # *                                            PDA, Phone, CSC, Build Time, Changelist number.


Code to launch various tests Factory:

* # * # 0283 # * # *                                               Loopback packet

* # * # 0 *#*#*                                                      LCD test

* # * # 0673 # * # * or * # * # 0289 # * # *         Melody tests

* # * # 0842 # * # *                                               Test Device (Vibration test and Backlight)

* # * # 2663 # * # *                                               Touch screen version

* # * # 2664 # * # *                                               Touch screen test

* # * # 0588 # * # *                                               Proximity sensor test

* # * # 3264 # * # *                                               RAM version

NOTE: All the above code has been tested on Google Android phones Samsung I7500 Galaxy. should also function on the Google Android phone else. 



Continue Reading...

Advanced Password Hacking Using Google ...

Posted by
Tags , , , , ,

Hello GreenHackerz...

Google is your best friend when it comes to hacking. The search engine giant has crawled loads of data which was intended to be protected by webmasters, but is being exploited and mined by smart users using Google dorks. Today I will be discussing some practical dorks which will help you gain passwords, databases and vulnerable directories. The basic methodology remains the same, query Google using specialized dorks with precise parameters and you are good to go.

I assume you have basic working knowledge of  google dorks.


Lets start, shall we ?

FTP  Passwords


ws_ftp.ini is a configuration file for a popular win32 FTP client that stores usernames, (weakly) encoded passwords, sites and directories that the user can store for later reference.
intitle:index.of ws_ftp.ini

You can also this dork which uses "parent directory" to avoid results other than directory listings
filetype:ini ws_ftp pwd
Or
"index of/" "ws_ftp.ini" "parent directory"
even if the site or file has been taken offlline, you can still search the contents in the Google cache using the following dork
"cache:www.abc.com/ws_ftp.ini"
where
www.abc.com is the site you want to check the dork for.

The ws_ftp password uses quite weak encryption algorithm, hence once you get the password, you can break it using the decryptor provided here or from here.


PHP Hacking


Sites made in PHP have a file known as “config.php” which stores configuration and the username and password for the sql database the site is hosting. This password is required only once per transaction (i.e when ever admin logins or a transaction is committed at administrator level) and hence will be specified by the ‘require_once’ parameter in the config file or in index file.
intitle:index.of config.php
to view php file contents
intitle:"Index of" phpinfo.php
you can also try the directory traversal attack in php using the following dork
inurl:download.php?=filename
if you are lucky, substitute the filename with ‘index.php’, download it, read it and get the password (hint:if you are not able to find it, try looking for globals.php).
Since most websites today deny this trick, but you may get lucky with some :)

SQL Dumps





We will be hunting for SQL password dumps saved in database, here ext:sql specifies the type of password dump, e10adc3949ba59abbe56e057f20f883e is the md5 hash for 123456; one of the most common password people keep..and intext dork will allows to search inside the dump.
ext:sql intext:@gmail.com intext:e10adc3949ba59abbe56e057f20f883e
ext:sql intext:"INSERT INTO" intext:@somemail.com intext:password
Remember Friends

(1) Use different email providers, substitute gmail/yahoomail instead of somemail ,or try custom domain mail providers.

(2) Use different file extensions.


(3) Use different type of hashes, some older ones might be using md4 and some others might be using other prominent encryption algorithms.

(4) Just mix everything up and try different combinations :)



Its not over..Yet

A very flexible query can be used to hunt for WS_FTP.log which in turn can disclose valuable information about the server.

+htpasswd +WS_FTP.LOG filetype:log
You can substitute "+htpasswd" for "+FILENAME" & you may get several results not mentioned before using the normal search. You can further explore filenames by using keywords like
phpinfo, admin, MySQL, password, htdocs, root, Cisco, Oracle, IIS, resume, inc, sql, users, mdb, frontpage, CMS, backend, https, editor, intranet
The list goes on and on..
Also you cam try this dork to data mine information about the uploader
"allinurl: "some.host.com" WS_FTP.LOG filetype:log"
which tells you more about who's uploading files to a specific site, quite handy for some passive reconnaissance.

You can do it using some software like Google Hacks..but remember, manual way is the way to go. I may have included some software specific password mining, but that would cripple your imagination.
Go postal by using your imagination and developing your own dorks and queries.
I guess that was enough for this time...

Happy Password Hacking @@@@
Continue Reading...
Subscribe to: Comments (Atom)