Sunday, January 31, 2016

HUAWEI Y530-U00 STOCK ROM/FIRMWARE DOWNLOAD






Y530-U00 Hang on Huawei Logo. By Update with SD Card it Fixed.

I shared with my all gsmhosting Friends.

01. download File 
02. Extract and copy dload Folder into root of SD card.
03. Power off mobile and insert SD Card and press and hold Vol+ and Vol- and Power on.
04. wait for update complete.
05. Enjoy.

Y530-U00 FIRMWARE DOWNLOAD
                                                   Link 1
                                                   Link 2



HUAWEI M HORSE Y530 CLONE FIRMWARE DOWNLOAD
                                                   Link




read full thread @ gsmforum

HOW TO UNLOCK HTC BOOTLOADER




You can now unlock your HTC  bootloader athttp://htcdev.com/.

Just follow the steps on htcdev.com, and at the last step you will have a factory reset. So, please make sure you do a backup before attempting this unlock trick. (Thanks to NilsP for pointing this out)

Bootloader unlock will grant perm root and possibility of flashing customized roms.

Note: S-on remains



BE AWARE:

bootloader unlock will VOID your rezound's WARRANTY, I am not responsible for any damage it may cause 


[INSTRUCTIONS]:

[Prerequisites:]
HTC Sync (Windows Only)
HTC Super Tool
Enable USB Debug on Rezound
Use Charge Only mode when connected to PC
Exit HTC Sync on PC

[Steps:]
1. Go to HTCDEV website: http://www.htcdev.com/bootloader/
2. Click on "Begin Unlock Bootloader" (create a user if you don't have one)
3. Use HTC Super Tool in the [Prerequisites] to generate your token. (Or, alternatively, follow the instructions step 1 through step 10 on htcdev.com)
4. In step 10, when posting your token, make sure you remove the blanks preceding each line
5. After you receive your Unlock_code.bin in email, follow step 11.
6. Now your rezound should reboot and you have your bootloader unlocked.

Now you are unlocked. You can follow the following threads to obtain perm root, flash recovery, flash new kernel, and overclock.
[Guide] You are Unlocked. Now What?
[GUIDE] Super-noob guide to unlocking, rooting, and flashing Ziggys kernel

7. After unlocking your bootloader, use this one to get perm root:
One Click Perm Root (Thanks to NilsP)

8. Flash the recovery if you need.
[Recovery] Amon Ra style vigor
[Recovery]ClockworkMod Recovery 5.5.0.4

scrosler kindly provides a tool to flash the recovery or boot img.
You can find it here

9. Flash Deodexed ROMs:
Clean ROM 1.0 from scrosler
RezROM v1.0 Beta from lllboredlll

Questions about flashing ROMs:
Possibility of flashing ROMs (Thanks to scrosler)

To uninstall the bloatware, try ROM Toolbox


READ MORE & XDA DEVELOPERS

FREE BLACKBERRY UNLOCK TOOL DOWNLOAD




Free unlocking BlackBerry Software is now Available,.. No internet connection or Dongle required,... I've tested it and it works 100% You can Generate Codes using mep or PRD.

I don't know if I will be criticized by all the unlockers here, Also not sure if I'm allowed to post a link to it, as I don't want to be banned.

Download Link -- 4SHARED           MEDIAFIRE


METHOD 2
                                        VISIT THE LINK  BELOW TO GENERATE UNLOCK ONLINE

                                         CHIMERAL TOOL

BLACKBERRY IMEI GENERATOR APK NOW AVAILABLe



Thank God we have found an application to Generate Blackberry Imei on Android devices, I'm very happy when I saw this application because I know that this app will release the big loads on my neck and my PC also will rest for generating blackberry IMEI. This time around, there will be no more "9JAROM please I need like  blackberry IMEI". Now it is easy for you to Generate Blackberry IMEI with your Android devices.

All credits go to Codeberg for developed this very useful, ever wanted software.

Simply Download IMEI Generator APK Version here

Friday, January 29, 2016

Critical cross-site scripting (XSS) vulnerability allowed potential hackers to take over users’ Facebook accounts

Critical cross-site scripting (XSS) vulnerability allowed potential hackers to take over users’ Facebook accounts
The vulnerability was discovered by UK-based security consultant Jack Whitton who immediately informed Facebook. Facebook engineers quickly took cognizance of the critical flaw and patched it within six hours.He earned $7,500 for responsibly disclosing the issue, an amount confirmed by Facebook representatives.
“As these sort of issues become harder to find on sites which have a mature bug bounty programme (Facebook & Google), the rewards increase quite a lot, which means the payouts are really worth your time,” Whitton said via email.
Whitton has detailed the XSS flaw in his blog post and states that the attack consists of two vectors, content type and a DNS issue.
Whitton discovered that in some cases it’s possible to get an uploaded file to be interpreted as an HTML simply by changing its extension to .html. Thought the regular photo and video cant be modified, but Whitton found that advertising images uploaded through the Facebook Ads Manager could be modified.
Using a technique described in 2012, the expert managed to encode an XSS payload into a PNG image’s IDAT chunk. Unlike Exif and iTXt data, which are removed by Facebook from uploaded JPEG and PNG images, IDAT chunks are not. Once that was done, Whitton had to bypass the Link Shim system in Facebook and needed to find a way to move from the CDN hostname to a proper facebook.com domain.
He discovered that the DNS entries for the photo.facebook.com domain were pointing to the CDN, allowing him to get his payload executed by navigating to the uploaded HTML file on the photos.facebook.com domain.
Whitton found that several Facebook plugins are designed to be placed in an iframe, which bypasses such protections. Once this was done Whitton could easily steal user’s CSRF token and make requests on the victim’s behalf simply by getting the victim to click on a link.
“In this case, because it’s a client-side issue, an attacker would need to persuade a user to click/visit a link they control,” Whitton told Security Week. “This could be by posting a status with the link, or sending an email.”
“This is a bit easier than it sounds, because the URL is a legitimate facebook.com URL, rather than a suspicious domain. Once they’d clicked it, then the script in the background could do anything with their account – post a status, read private messages. In addition, the script could post a link to itself to the victim’s Facebook account, which could trick their friends into opening it, and so on,” he added.
Whitton told Security Week that Facebook quickly addressed the DNS issue, but left the content type weakness unpatched, most likely because it was a low risk flaw on its own.

DOWNLOAD JAF SETUP LATEST 1.98.67

DOWNLOAD JAF SETUP LATEST 1.98.67
J.A.F BOX NEW SETUP VERSION 1.98.67 FREE DOWNLOAD DIRECT VIS SINGLE LINK J.A.F BOX SETUP v1.98.67 WORKS WITH LATEST ORIGINAL UPDATE RELEASED By JAF TEAM DOWNLOAD O'R INSTALL THIS JAF SETUP ON YOUR PC TO EASY FLASHING AND UNLOCKING ALL NOKIA DCT4 SL3 AND ALL BB5 PHONE . THIS IS AMAZING SETUP CONTACT USF 3 BOX AND USE THIS SETUP, THIS JAF SETUP IS FULL SPORT USF 3 BOX .

Download it from jaf setup


Update FBus Loader

NOKIA SL3 Full Factory Setting

Fixed N70 U.S.B Flashing

Added New Phones For DCT4 + Unlock

Improved BB5 U.S.B Flashing

Easy Use On window 7 / window XP / window VISTA

JAF Box Setup With Latast Version 7.1.69.0 NOKIA Connectivity Cable Driver

Moved Product's Folder's To J.A.F Support Tab You Can Change The Folder's Without An Interface Connected.

HOW TO REMOVE LOCK ON M HORSE PHONE

HOW TO REMOVE PATTERN PASSWORD PIN GOOGLE LOCK ON M HORSE

M HORSE Y530

M HORSE 720

ALL KIND OF SPREADTRUM CPU


METHOD 1
step 1: backup the phone with miracle or gpg dragon box
step2: click on file unlock...
select the file u backup and click start
wait still process completed
step3: check the log and locate screen lock code 



METHOD 2

 DISCLAIMER: I WILL NOT BE HELD RESPONSIBLE FOR ANY DAMAGE DONE TO YOUR DEVICE

USE miracle box to unlock it
click on read/unlock
select usb 
and click start

then start make sure u seleect boot spd 8810/6820


DOWNLOAD FAHEEM ANDROID TOOL ~ SOLVE BRICK ANDROID TABLET~


Image result for faheem android



download tool here


Check device
- you can now check device by clicking "search device" in device check icon
if device is detected it means device is set to ENABLE USB DEBUGGING

- if device is detected you can use WIPE DATA
if device is not detected proceed to flashing using LiveSuit and ETC.

Scr!tp Tools

- ENABLE USB DEBUGGING must be set on device or android tablet
- added "search device" to know if tablet is detected before scr!pt editing.

FIX TOUCH SCREEN TOOLS

- ENABLE USB DEBUGGING must be set on device or android tablet
- A13 All winner chips is supported but you can do experimental in other device chips
but use at your own risk and always do back up rom or firmware prepared just incase what
happen to your device after injecting fixers tools.

CAMERA FIXER TOOLS

- ENABLE USB DEBUGGING must be set on device or android tablet
- A13 All winner chips is supported but you can do experimental in other device chips
but use at your own risk and always do back up rom or firmware prepared just incase what
happen to your device after injecting fixers tools.

COMBO FIXER TOOLS

- ENABLE USB DEBUGGING must be set on device or android tablet
- this tools can only fix on specific model available in my shell button.
- you can do experiment by injecting scr!pt to other device but use at your own risk.

Android X-tools by Xeven2nd Version 2
Android X-tools by Xeven2nd Version 2



FEATURES ADDED:

Check device

- you can now check device by clicking "search device" in device check icon
if device is detected it means device is set to ENABLE USB DEBUGGING

- if device is detected you can use WIPE DATA
if device is not detected proceed to flashing using LiveSuit and ETC.



Scr!tp Tools

- ENABLE USB DEBUGGING must be set on device or android tablet
- added "search device" to know if tablet is detected before scr!pt editing.



FIX TOUCH SCREEN TOOLS

- ENABLE USB DEBUGGING must be set on device or android tablet
- A13 All winner chips is supported but you can do experimental in other device chips
but use at your own risk and always do back up rom or firmware prepared just incase what
happen to your device after injecting fixers tools.





CAMERA FIXER TOOLS

- ENABLE USB DEBUGGING must be set on device or android tablet
- A13 All winner chips is supported but you can do experimental in other device chips
but use at your own risk and always do back up rom or firmware prepared just incase what
happen to your device after injecting fixers tools.



COMBO FIXER TOOLS

- ENABLE USB DEBUGGING must be set on device or android tablet
- this tools can only fix on specific model available in my shell button.
- you can do experiment by injecting scr!pt to other device but use at your own risk.







full thread @ GSM FORUM

HOW TO UNBRICK / FLASH SAMSUNG PHONE USING ODIN


Hello I will be showing you how to flash, upgrade or unbrick samsung devices using odin. Please follow the steps below carefully so as to avoid permanent damage on your smart phone.

Download an install samsung usb drivers from here.
Download odin (latest version preferred) from here.
Download the exact rom of your device. Check out samsung roms from here.


Launch odin
Make sure only Auto Reboot & F. Reset Time is ticked.

Put your device into download mode by pressing down Volume Down > Home > Power key
Press volume up on the screen that has a yellow triangle to get into odin mode.




Connect the device to the computer.
Added!! will be seen showing the device has connected successfully.

Click on AP (new versions of odin) or PDA (older versions of odin).
Navigate to the folder containing the rom of the device.
Select the rom. (roms names always end with .tar or .md5).
Wait for odin to process the rom.
Click start.


The flashing or upgrading process will now begin.
A green progress bar will be seen at the top left.
This process will take about 8 mins or more (depends on the size of the rom.
When you see PASS! at the top of odin GUI know that you have successfully flashed or upgraded the device



The device will reboot.
First boot after this process takes time. Be patient.......................

Do a factory reset if phone bootloops.
Press Volume up > Home > Power key
Select factory reset.
Scroll down to Yes. 

Thursday, January 28, 2016

Bug in OpenSSL allows attackers to decrypt HTTPS traffic




Maintainers of the OpenSSL cryptographic code library have fixed a high-severity vulnerability that made it possible for attackers to obtain the key that decrypts communications secured in HTTPS and other transport layer security channels.
While the potential impact is high, the vulnerability can be exploited only when a variety of conditions are met. First, it's present only in OpenSSL version 1.0.2. Applications that rely on it must use groups based on the digital signature algorithm to generate ephemeral keys based on the Diffie Hellman key exchange. By default, servers that do this will reuse the same private Diffie-Hellman exponent for the life of the server process, and that makes them vulnerable to the key-recovery attack. DSA-based Diffie-Hellman configurations that rely on a static Diffie-Hellman ciphersuite are also susceptible.
Fortunately, the requirements don't appear to be met by many mainstream applications that rely on OpenSSL and use DSA-based Diffie-Hellman. The Apache Web server, for instance, turns on the SSL_OP_SINGLE_DH_USE option, which causes different private exponents to be used. The OpenSSL-derived BoringSSL code library, meanwhile, got rid of SSL_OP_SINGLE_DH_USE support a few months ago, and LibreSSL deprecated it earlier this week. The applications and libraries may still be vulnerable when using a static ciphersuite, however.
When the edge conditions are met, attackers can send a large number of handshake requests to a vulnerable server or end-user computer. When enough calculations are completed, the attacker can obtain partial secret values and combine the results with the Chinese remainder theorem to eventually deduce the decryption key. For a much more technical description of the vulnerability, which is indexed as CVE-2016-0701, see this blog post published Thursday by Antonio Sanso, the Adobe Systems researcher who discovered and privately reported it. OpenSSL officials have additional details here. Among other things, the OpenSSL advisory warns that the fix may compromise performance.

Also See: Alert:This Link Will Reboot Your iOS Device Within 30 Seconds

The time it took OpenSSL maintainers to fix the flaw is impressive. Sanso said he reported the bug on January 12. That means it took just over two weeks for the maintainers to complete and distribute a fix. Interestingly, when the researcher reported the vulnerability, the fix preventing the reuse of Diffie-Hellman exponents had already been committed, but it was not yet made available for release. The completion of the partial fix may have contributed to the speed of the patch release.

Remember Logjam?

Thursday's release also contained additional hardening against an HTTPS-crippling vulnerability that threatened tens of thousands of servers when it was first disclosed last May. Dubbed Logjam, it allowed attackers to downgrade Diffie-Hellman-generated encrypted connections to use extremely weak 512-bit key material. From there, attackers could use pre-computed data prepared ahead of time to deduce the key negotiated between the two parties.
OpenSSL will now reject all key negotiations with Diffie-Hellman parameters shorter than 1,024 bits. A previous OpenSSL patch had increased the limit to 768 bits.
People using OpenSSL version 1.0.2 should upgrade to 1.0.2f, while those still using version 1.0.1 should install 1.0.1r. Thursday's OpenSSL advisory also reminded users that support for version 1.0.1 will end at the end of this year, after which no security fixes will be available. Support for versions 0.9.8 and 1.0.0 ended in December.

HOW TO DISABLE BLACKBERRY BUILT IN STORAGE

 FREE-Disable/Enable Built-in Media Storage on BlackBerry



9810
 9850
9860,
9900,
9930


DOWNLOAD IT HERE





Free - Disable/Enable Built-in Media Storage on BlackBerry 9810, 9850,9860,9900,9930

- Fix BlackBerry Freeze Loading stuck : by Format Partition or By Enable partition.
Enable/Disable are done by single click.
- Support Super Wipe All BlackBerry Device, up to QNX Device (BlackBerry Format Tool : OS,FS,APP,UMP,Radio,ExtendedOS)
- Ultimate Killer [KILL ME] : will shred phone calibration with no mercy - avoid to use this feature !

DOWNLOAD MOTOROLA RAZR M XT905 STOCK ROM/FIRMWARE










Wednesday, January 27, 2016

DOWNLOAD MOTOROLA XT926 STOCK ROM / FIRMWARE





DOWNLOAD MOTOROLA XT1030 STOCK ROM/FIRMWARE


























MOTOROLA



                               

             LEARN HOW TO FLASH THIS DEVICE HERE











keep eye for other product







Tuesday, January 26, 2016

Alert:This Link Will Reboot Your iOS Device Within 30 Seconds

Sending one link can cause anyone’s smartphone to crash

Prank website forces iPhones to reboot and will cause computers and Android devices to hang. This link is viral on social networking sites that can crash any smartphone, when you open the link in any browser.

Sending One Link Can Cause Anyone’s Smartphone to Crash

The website, crashsafari.com (and crashchrome.com — needless to say, don’t visit either), adds numbers to the address bar as fast as it can — crashsafari.com/0, then /01, then /012, /0123, and eventually /0123456789101112131415… and so on. Each time it adds a number, that page is saved to your history — and it adds up fast causing the iPhone/Android to handle such a huge request and crash.
This attack consists of four lines of code which forces the iPhone user to reboot and can cause Android Phone to crash. It is working on both chrome and safari browsers. It also works in some browsers including chrome on desktop. This website actually exhausts your RAM, thus resulting in browser crash. In iPhone, after 20 seconds it will forces the iPhone to reboot as it particularly heats the phone when the smartphone tries to hold the code of this website.

CrashSafari site's code is very simple and includes:
  • A Header Title that you will never actually see because the browser crashes.
  • A small piece of JavaScript that calls the HTML5 History API thousands of times in a loop, potentially causing Safari to freeze.
Social Networking Sites are abuzz with this website. Many users share its URL by shortening it like that http://goog.gl/hty7, if you are knowing crashsafari.com, you won’t visit it because it will cause your browser to crash but do shortened URL predict your browser cash? Obviously not. If post might be like this and it has shortened URL of crash website and the title displaying, “Get free stuff”, if you click on its link it will cause your browser to crash.
However, this crash or bug is not malicious, it crashes your browser or reboots your phone that can be easily restored, it is irritating to many users. The smartphone will work normally after crash. According to various sources, it reveals that this link has been shortened 1,00,000 times.
So this was all about Sending one link can cause anyone’s smartphone to crash. A single link can cause your browser to crash and forcing iPhone users to reboot their phone. Many people are using this URL to play pranks on their friends or to other users. We hope that you enjoyed this article, kindly feel free to share this with your friends.

Now Intel Bring Intel Authenticate Technology In Processors To Defeat Hackers

Multinational technology giant Intel announced its new technology Intel Authenticate which is designed specifically to curb and foil hackers who use fake email ID’s to lure employees into giving in their usernames and passwords. The authentication system, which will use the multi-factor authentication – a system which uses more than one method to identify a user, will be a part of the company’s sixth generation processors.
Intel Authenticate is also said to allow future corporate IT managers to replace the long and ever-changing passwords with a rather short personal identification number, among other identification procedures that may include biometric identification systems such as the fingerprint system, location of the building the employee is in and other systems such as the proximity of the employee’s mobile or badge etc.
IT managers also have the option to choose the features to be embedded into the chip. Tom Garrison, an Intel Vice President said, “IT has full power”.
Intel will add Authenticate to all the processors that it will sell for all enterprise computers. However, the chips embedded with Authenticate will enter production after being tested by some businesses, Garrison said.
Garrison also reported that an estimated 117,000 corporate cyber-attacks occur every day and involve phishing for the username and password. Phishing is a method used to trick people into revealing their usernames and passwords. The biggest advantage of including Authenticate into the chips is the inherent inclusion of an element of security in the PC. In other words, the PC itself becomes a part of the security system. Industry analyst Patrick Moorhead of Moor Insights and Strategy supported this by saying:
One of the biggest keys to this is there is a secure element inside the Intel processor that manages all of this. That wasn’t available before. A lot of different pieces had to come together. Hardware is a lot harder to get into.
Even if someone obtained the password, he would be blocked by layers of additional security stashed inside the computer’s processor, he said.
Can Intel Authenticate change the current security scenario?

MOTOROLA XT907 STOCK ROM/FIRMWARE DOWNLOAD




Download motorola xt907 stock rom firmware
learn how to flash /unbrick motorola xt907 with RSD lite From here

BASIC INFORMATION:
Device type:
Phone
Design:
Classic
Released:
2012 r.
SIM card size:
Mini Sim - Regular
GSM:
850 900 1800 1900
HSDPA:
850 900 1900 2100
LTE:

Dimensions (H/L/W):
122.5 x 60.9 x 8.3 mm, vol. 61 cm³
Display:
AMOLED Color (16M)540x960px (4.3") 256ppi
Touch screen:

Weight:
126 g
Battery:
Li-Ion 2000 mAh
Built-in memory:
8 GB
Memory card:
 MicroSD max. 32 GB
OS:
Android 4.0
Chipset:
Qualcomm MSM8960
CPU #1 freq.:
1500.0 MHzBASIC INFORMATION:
Device type:
Phone
Design:
Classic
Released:
2012 r.
SIM card size:
Mini Sim - Regular
GSM:
850 900 1800 1900
HSDPA:
 850 900 1900 2100
LTE:

Dimensions (H/L/W):
122.5 x 60.9 x 8.3 mm, vol. 61 cm³
Display:
AMOLED Color (16M)540x960px (4.3") 256ppi
Touch screen:

Weight:
126 g
Battery:
Li-Ion 2000 mAh
Built-in memory:
8 GB
Memory card:
 MicroSD max. 32 GB
OS:
Android 4.0
Chipset:
Qualcomm MSM8960
CPU #1 freq.:
1500.0 MHz

VZW_XT907_4.4.2-KDA20.62-15.1_CFC_1FF_SVC.xml

DOWNLOAD MOTOROLA XT908 STOCK ROM/FIRMWARE





MOTOROLA XT912 STOCK ROM/FIRMWARE




Download motorola xt912 stock rom Firmware
Flash/unbrick with RSD lite learn how to flash motorola xt912 from here

SPECS:
CONSTRUCTION
DIMENSION 130.7x68.9x7.1mm (5.15x2.71x0.28")
WEIGHT 127gr (4.48oz)
FORM FACTOR Candy Bar
MATERIAL Water Resistant
COLORS 

USABILITY
DISPLAY RESOLUTION 540x960px
DISPLAY SIZE 54x96mm (2.13x3.78") ~256PPI
DISPLAY DIAGONAL 4.3"
DISPLAY TYPE 16M AMOLED
INPUT Capacitive Touchscreen
TALK TIME 9 hours, 20 minutes
STANDBY TIME 12 days, 16 hours
OS Android OS, v2.3.5
JAVA Available
VIBRATION Available
RINGTONE Polyphonic

HARDWARE
CHIPSET TI OMAP 4430
PROCESSOR 2 Cores @ 1.2GHz ARM Cortex-A9
GPU PowerVR SGX540
RAM 1GB
INTERNAL MEMORY 16GB
EXTERNAL MEMORY microSD
CAMERA RESOLUTION 8 Megapixel
CAMERA FLASH LED
SECONDARY CAMERA 2 Megapixel
OTHER FUNCTIONALITIES Digital Compass
Accelerometer
Proximity Sensor
SPEAKER Mono
BATTERY CAPACITY 1780mAh
BATTERY TYPE Non-removable Battery

CONNECTIVITY
WIFI Wi-Fi 802.11 b/g/n
USB v2.0
BLUETOOTH v4.0
POSITIONING SYSTEM Integrated GPS
TV OUT HDMI (TV Out)
AUDIO OUTPUT 3.5mm jack
RADIO FM
RDS

CELLULAR NETWORK
NETWORK COMPATIBILITY GSM 1800, 1900, 850, 900
UMTS 900, 850, 2100, 1900
HSPA 900, 850, 2100, 1900
CDMA 800, 1900
SIM CARDS Micro
GPRS Class 12
EDGE Class 12
CDMA2000 1XEV-DO 1xEV-DO

VRZ_XT912_9.8.2O-72_VZW-16-5_CFC.xml