Philippines Telecoms 4G Web 2.0 Shortcode SMS MMS WAP Mobile Technology: UZZAP Hack

Monday, July 07, 2008

UZZAP Hack

Tags: Hack, IMEVRYWHR, Jabber, smart, SMS, Windows, XMPP

I have received a MMS blast from Smart announcing its new service Uzzap -- although I have opted out already many times to these alerts!

It's time to teach these folks some lesson.

I downloaded the app and registered then my firewall alerted me that its trying to connect to an IP at port 5222.

Bingo it must be a Jabber server. I finished the registration and waited for the confirmation SMS and keyed in the PIN, at first the SMS didn't arrive so I have to click Resend PIN.

The UI is very mediocre so I fired up WireShark and started to sniff the Jabber packets. I need to do this to find out my JID -- WireShark didn't fail me and confirmed that its a Jabber server; it also found my complete JID.

It seems Smart bought another toy, this time from Kolipri. Why? Maybe because they wanted to kick out Chikka for the longest time already or they got envy because Globe has such an epic failure with IMEVRYWHR before that they had to top that too.

Anyway, whatever their reason is I don't really care but its time for some experiments.

I then added my JID to Trillian (you can use any other Jabber client) as a Jabber account and used the same password during registration and it works flawlessly.

Here is the settings for use with any Jabber client:

Jabber ID (JID): your_registered_username@demo.kolipri.com
Host: 125.5.109.121
Port: 5222

After login in using Trillian, Uzzap automatically gets disconnected. It seems there is an enforced single login rule in placed. That's Ok since I don't need the ugly Uzzap client anymore!

Lesson learned? Don't spam me with ads. Haha.

UPDATE:
Here is a screen shot of my Trillian Preferences showing that this hack works!

16 comments:

Anonymous said...: You're evil, Godie. :D

Why, Smart will now know. How can we do this for ourselves now?

Nyahh!; Monday, July 07, 2008 11:50:00 AM
godie said...: I also got from WireShark the client's Agent-ID. Should be easy to spoof also in case they start blocking non-Uzzap client user.

Hehe.; Monday, July 07, 2008 1:12:00 PM
Anonymous said...: :D Can you spoof the registered mobile number? I'm sure with that nothing's gonna stop them from charging you soon, uzzap client or not.; Monday, July 07, 2008 4:01:00 PM
godie said...: @anonymous I don't need Uzzap, I can send free SMS anytime. Hehe.

Anyway people will probably use it for its daily free SMS just like how we use Chikka: "Call me, no load. Don't reply here"

LOL; Monday, July 07, 2008 7:07:00 PM
Anonymous said...: Hahaha!

Nice one Godie ;-); Monday, July 07, 2008 10:07:00 PM
Anonymous said...: di mo mahahack yan..hehe; Tuesday, July 08, 2008 4:22:00 PM
Anonymous said...: bkt ako di ako makaconnect sa trillian client ko?

I have try what you said.; Tuesday, July 08, 2008 5:42:00 PM
Anonymous said...: You are a dick roger; Thursday, July 10, 2008 10:14:00 AM
godie said...: @Anonymous

Here is a screen shot of my Trillian showing my settings for Uzzap:

http://img224.imageshack.us/my.php?image=uzzapontrillianau1.jpg

As you can see It works and I'm connected. I been change my resource name to iHackedYou so Smart can easily track me. LOL

And to the other Anonymous who has complemented me: yes I am and I'm loving it.; Thursday, July 10, 2008 11:11:00 AM
bonsoy said...: hack???? define hack??? pare you just tried to used another client.. anyone can do that and hindi po yan hacking.. :D kahit gamitin ko pidgin ko jan gagana yan.. nu yung hack na hack mo?? USERNAME and PASSWORD MO?? IP ng server?? hello???? anyway nice post.. galing mo gumamit ng wireshark..; Tuesday, August 26, 2008 4:51:00 PM
godie said...: Bonsoy, the term hack doesnt not exclusively refer to system penetration or a malicious acts in general. Even companies such as Google or Yahoo would sponsor hacks or would invite developers to create hacks such as Google Hacks or Yahoo Hacks.

Pls update your vocabulary. You Hacked a system or a product when you are able to make it behave other than what is originally specified. Its because of misinformed people like you who misuse this term.; Tuesday, August 26, 2008 5:34:00 PM
gsel said...: Hi there,

Pls. HHEEEELLLLPPPPPPP.....
How can i download uzzap on my phone, having trouble donloading - my fone is LG KP500; Monday, July 20, 2009 4:39:00 PM
godie said...: @Giselle

It's due to Smart's amazing 3G slowness that the download times out.

You have 2 options:

1. Try calling customer care at *888 but be warned its not pleasant. Read: http://fjordz-hiraya.blogspot.com/2009/07/whapack-calling-smarts-888-customer.html

2. Download any version with the same screen size like SE P9+ series to your PC and bluetooth transfer and install it.; Thursday, July 23, 2009 5:13:00 AM
Unknown said...: can u show images that u have joined a room? and how..what are the parameters?; Wednesday, September 16, 2009 10:51:00 AM
Unknown said...: help naman..paano i install mabuti ang uzzap sa windows 7 kasi lagi nlang after installation pag run ko na "uzzap-bin.exe has stopped working?any help??pls email me chardlee06@yahoo.com tnx; Wednesday, February 17, 2010 5:01:00 AM
Unknown said...: pls help me how to install uzzap in windows 7 tnx..uzzap-bin.exe has stop working; Wednesday, February 17, 2010 5:03:00 AM

Post a Comment

About This Blog

This blog aims to profile, test, analyze, and help in development of technologies, services, business models, platforms, and applications for the Philippine context.

We hope to contribute define and influence the future of Philippine mobile industry by sharing and receiving feedbacks from the consumers; bridging them with developers and decision makers who will ultimately develop concepts and models for Philippine's Mobile 2.0

We also tackles a lot about Web 2.0 technologies, system designs, politics, open source and news that relates on our experiences with software engineering and development in mobile.

Finally we take occasional breaks by sharing personal posts that we hope shows the lighter side of people that works in the mobile industry.

Disclosure

This blog is a personal blog written and edited by me. For questions about this blog, please contact Roger Filomeno (rpfilomeno At Gmail Dot com).

This blog accepts forms of cash advertising, sponsorship, paid insertions or other forms of compensation.

The compensation received will never influence the content, topics or posts made in this blog. All advertising is in the form of advertisements generated by a third party ad network. Those advertisements will be identified as paid advertisements.

The owner(s) of this blog is compensated to provide opinion on products, services, websites and various other topics. Even though the owner(s) of this blog receives compensation for our posts or advertisements, we always give our honest opinions, findings, beliefs, or experiences on those topics or products. The views and opinions expressed on this blog are purely the bloggers' own. Any product claim, statistic, quote or other representation about a product or service should be verified with the manufacturer, provider or party in question.

This blog does contain content which might present a conflict of interest. This content may not always be identified.

View this blog on mobile!

http://tinyurl.com/corruptedpart

Philippines Telecoms 4G Web 2.0 Shortcode SMS MMS WAP Mobile Technology

Monday, July 07, 2008

UZZAP Hack

16 comments:

Related Links

Blog Archive

My Blog List

Do you follow me?

My Projects

My Groups

About Me

About This Blog

Meta