All about Mobile, Web, Technology, Politics, Security, E-Commerce and Living in the Philippines.

Monday, July 07, 2008

UZZAP Hack

I have received a MMS blast from Smart announcing its new service Uzzap -- although I have opted out already many times to these alerts!

It's time to teach these folks some lesson.

I downloaded the app and registered then my firewall alerted me that its trying to connect to an IP at port 5222.

uzzap-epic-fail

Bingo it must be a Jabber server. I finished the registration and waited for the confirmation SMS and keyed in the PIN, at first the SMS didn't arrive so I have to click Resend PIN.

The UI is very mediocre so I fired up WireShark and started to sniff the Jabber packets. I need to do this to find out my JID -- WireShark didn't fail me and confirmed that its a Jabber server; it also found my complete JID.

It seems Smart bought another toy, this time from Kolipri. Why? Maybe because they wanted to kick out Chikka for the longest time already or they got envy because Globe has such an epic failure with IMEVRYWHR before that they had to top that too.

Anyway, whatever their reason is I don't really care but its time for some experiments.

I then added my JID to Trillian (you can use any other Jabber client) as a Jabber account and used the same password during registration and it works flawlessly.

Here is the settings for use with any Jabber client:

Jabber ID (JID): your_registered_username@demo.kolipri.com
Host: 125.5.109.121
Port: 5222

After login in using Trillian, Uzzap automatically gets disconnected. It seems there is an enforced single login rule in placed. That's Ok since I don't need the ugly Uzzap client anymore!

Lesson learned? Don't spam me with ads. Haha.

UPDATE:
Here is a screen shot of my Trillian Preferences showing that this hack works!

16 comments:

Arnold said...

You're evil, Godie. :D

Why, Smart will now know. How can we do this for ourselves now?

Nyahh!

godieYOSI said...

I also got from WireShark the client's Agent-ID. Should be easy to spoof also in case they start blocking non-Uzzap client user.

Hehe.

Anonymous said...

:D Can you spoof the registered mobile number? I'm sure with that nothing's gonna stop them from charging you soon, uzzap client or not.

godieYOSI said...

@anonymous I don't need Uzzap, I can send free SMS anytime. Hehe.

Anyway people will probably use it for its daily free SMS just like how we use Chikka: "Call me, no load. Don't reply here"

LOL

Tech Box Philippines said...

Hahaha!

Nice one Godie ;-)

Anonymous said...

di mo mahahack yan..hehe

Anonymous said...

bkt ako di ako makaconnect sa trillian client ko?

I have try what you said.

Anonymous said...

You are a dick roger

godieYOSI said...

@Anonymous

Here is a screen shot of my Trillian showing my settings for Uzzap:

http://img224.imageshack.us/my.php?image=uzzapontrillianau1.jpg

As you can see It works and I'm connected. I been change my resource name to iHackedYou so Smart can easily track me. LOL

And to the other Anonymous who has complemented me: yes I am and I'm loving it.

bonsoy said...

hack???? define hack??? pare you just tried to used another client.. anyone can do that and hindi po yan hacking.. :D kahit gamitin ko pidgin ko jan gagana yan.. nu yung hack na hack mo?? USERNAME and PASSWORD MO?? IP ng server?? hello???? anyway nice post.. galing mo gumamit ng wireshark..

godieYOSI said...

Bonsoy, the term hack doesnt not exclusively refer to system penetration or a malicious acts in general. Even companies such as Google or Yahoo would sponsor hacks or would invite developers to create hacks such as Google Hacks or Yahoo Hacks.

Pls update your vocabulary. You Hacked a system or a product when you are able to make it behave other than what is originally specified. Its because of misinformed people like you who misuse this term.

Giselle said...

Hi there,

Pls. HHEEEELLLLPPPPPPP.....
How can i download uzzap on my phone, having trouble donloading - my fone is LG KP500

godieYOSI said...

@Giselle

It's due to Smart's amazing 3G slowness that the download times out.

You have 2 options:

1. Try calling customer care at *888 but be warned its not pleasant. Read: http://fjordz-hiraya.blogspot.com/2009/07/whapack-calling-smarts-888-customer.html

2. Download any version with the same screen size like SE P9+ series to your PC and bluetooth transfer and install it.

Noel said...

can u show images that u have joined a room? and how..what are the parameters?

richard said...

help naman..paano i install mabuti ang uzzap sa windows 7 kasi lagi nlang after installation pag run ko na "uzzap-bin.exe has stopped working?any help??pls email me chardlee06@yahoo.com tnx

richard said...

pls help me how to install uzzap in windows 7 tnx..uzzap-bin.exe has stop working

Related Links