Upload

Loading icon Loading...

This video is unavailable.

Samsung S3/Note 2 (i747 Rogers, Bell, Telus, AT&T) Lock Screen Bypass Demo/Security Hole

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to like Jeremy Phan's video.

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to dislike Jeremy Phan's video.

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to add Jeremy Phan's video to your playlist.

Published on Mar 6, 2013

UPDATE: The exploit has been patched.

As published on Tuesday, March 5th, 2013 on Terence Eden's blog: http://shkspr.mobi/blog/2013/03/samsu.... (Also published by Sean McMillan: http://seclists.org/fulldisclosure/20....)

This video demonstrates the lock screen bypass security hole present on Samsung S3s (both North American [i747] and International [i9300/i9305] versions) and also confirmed on the Samsung Galaxy Note 2 running Android v4.1.x.

It's also been confirmed on the Advance (i9070) as well as other Samsung phones. The Samsung Galaxy Nexus is unaffected.

This exploit ONLY affects Samsung phones running the OEM/TouchWiz firmwares! If you're using CM10 or any other custom ROM, your phone is unaffected.

The exploit works through the emergency call screen. By going into contacts, pressing [HOME] and then [POWER], one is able to bypass ANY lock screen (PIN and pattern demoed in the video) and gain FULL access to the phone. It requires precise timing but isn't too difficult. When done incorrectly, it occasionally shows off a glimpse of the home screen as well before returning to the lock screen.

Hopefully Samsung patches this security hole soon!

When they do, it should be available as an over-the-air (OTA) update automatically.

If not, stock ROM downloads will be available on XDA for flashing through Odin:
i747 stock firmwares: http://forum.xda-developers.com/showt...
i9300/i9305/etc: http://www.sammobile.com/firmwares/

NOTE: Flashing your device through Odin is an advanced procedure. Do NOT attempt if you are unfamiliar with flashing!

Odin/flashing guide: http://forum.xda-developers.com/showt...

The S3 shown in the video is a Rogers-branded, i747 running v4.1.1 build JRO03L.I747MVLDLK4. It's been rooted and SIM/network unlocked but that has no effect on this security exploit.

Loading icon Loading...

Loading icon Loading...

Loading icon Loading...

The interactive transcript could not be loaded.

Loading icon Loading...

Loading icon Loading...

Ratings have been disabled for this video.
Rating is available when the video has been rented.
This feature is not available right now. Please try again later.

Loading icon Loading...

Advertisement
Loading...
Working...
to add this to Watch Later

Add to