If you need assistance, please send an email to forum at 4hv dot org. To ensure your email is not marked as spam, please include the phrase "4hv help" in the subject line. You can also find assistance via IRC, at irc.shadowworld.net, room #hvcomm.
Support 4hv.org!
Donate:
4hv.org is hosted on a dedicated server. Unfortunately, this server costs and we rely on the help of site members to keep 4hv.org running. Please consider donating. We will place your name on the thanks list and you'll be helping to keep 4hv.org alive and free for everyone. Members whose names appear in red bold have donated recently. Green bold denotes those who have recently donated to keep the server carbon neutral.
Special Thanks To:
Aaron Holmes
Aaron Wheeler
Adam Horden
Alan Scrimgeour
Andre
Andrew Haynes
Anonymous000
asabase
Austin Weil
barney
Barry
Bert Hickman
Bill Kukowski
Blitzorn
Brandon Paradelas
Bruce Bowling
BubeeMike
Byong Park
Cesiumsponge
Chris F.
Chris Hooper
Corey Worthington
Derek Woodroffe
Dalus
Dan Strother
Daniel Davis
Daniel Uhrenholt
datasheetarchive
Dave Billington
Dave Marshall
David F.
Dennis Rogers
drelectrix
Dr. John Gudenas
Dr. Spark
E.TexasTesla
eastvoltresearch
Eirik Taylor
Erik Dyakov
Erlend^SE
Finn Hammer
Firebug24k
GalliumMan
Gary Peterson
George Slade
GhostNull
Gordon Mcknight
Graham Armitage
Grant
GreySoul
Henry H
IamSmooth
In memory of Leo Powning
Jacob Cash
James Howells
James Pawson
Jeff Greenfield
Jeff Thomas
Jesse Frost
Jim Mitchell
jlr134
Joe Mastroianni
John Forcina
John Oberg
John Willcutt
Jon Newcomb
klugesmith
Leslie Wright
Lutz Hoffman
Mads Barnkob
Martin King
Mats Karlsson
Matt Gibson
Matthew Guidry
mbd
Michael D'Angelo
Mikkel
mileswaldron
mister_rf
Neil Foster
Nick de Smith
Nick Soroka
nicklenorp
Nik
Norman Stanley
Patrick Coleman
Paul Brodie
Paul Jordan
Paul Montgomery
Ped
Peter Krogen
Peter Terren
PhilGood
Richard Feldman
Robert Bush
Royce Bailey
Scott Fusare
Scott Newman
smiffy
Stella
Steven Busic
Steve Conner
Steve Jones
Steve Ward
Sulaiman
Thomas Coyle
Thomas A. Wallace
Thomas W
Timo
Torch
Ulf Jonsson
vasil
Vaxian
vladi mazzilli
wastehl
Weston
William Kim
William N.
William Stehl
Wesley Venis
The aforementioned have contributed financially to the continuing triumph of 4hv.org. They are deserving of my most heartfelt thanks.
Registered Member #902
Joined: Sun Jul 15 2007, 08:17PM
Location: North Texas
Posts: 1040
while working on an engagement at work (security consulting), I found a 3rd party involved has a security vulnerability that affects many phone designs.
I just had to send an email to a target, and just by the email being opened (no link clicked or attachment opened/downloaded), I could wipe the data on the device or trigger other malicious acts that can be operated using phone number commands (as these are a common way to execute diagnostic and system level operations). Worst part, the software vendor didn't think this was a problem. Took forever to convince them that it was an issue at all. They considered the ability to embed auto-executing iframes a feature rather than a vulnerability. There wasn't even an option to disable HTML in emails received.
Registered Member #96
Joined: Thu Feb 09 2006, 05:37PM
Location: CI, Earth
Posts: 4059
Thats pretty bad.
On some PCs its possible to trigger a crash by leaving a particular brand of pendrive plugged in during boot. System loads up as far as the BIOS screen then goes berserk, with runes in place of the normal POST.
I have reason to believe that this "feature" never actually got fixed as it would require that the USB be disabled during boot which would break external keyboards etc.
Its also possible to crash some PCs by feeding garbage data in via a "Generic Webcam" if you can convince the target to load AmCap32 if it is already on their machine. Symptoms:- if the stream gets interrupted mid-frame, instant BSoD. Works on many boards, even happened on my Samsung x series with the built in webcam if I disconnected it from the wiring loom. This could happen with a flaky lid cable or just from another device upsetting the USB controller.
This site is powered by e107, which is released under the GNU GPL License. All work on this site, except where otherwise noted, is licensed under a Creative Commons Attribution-ShareAlike 2.5 License. By submitting any information to this site, you agree that anything submitted will be so licensed. Please read our Disclaimer and Policies page for information on your rights and responsibilities regarding this site.
Add your security disaster here
