Jump to content

Can you crack FlexiSPY?

Architect

By Architect
in General Questions

 Share

Recommended Posts

Architect Newbie

Architect

Posted
Posted

Its a measure of a companies sucess that sooner or later, hackers willl try to crack products. FlexiSPY is no diffrent.

There are people out there who have attempted to offer cracks and hacks, but as yet,we have not come across anything that actually works. Sure, you see FlexiSPY on torrents and so on, but just examine the file extensions and file size, and you will soon see that that whats being offered is a trojan virus that installs on your PC. If you are vile enough to try to steal our products, then we have no sympathy if your computer is turned into a spam automaton for Viagra retailers ;-)

However, nothing is impossible, so if anyone actually knows of a working crack that can be used by the masses, please let us know, and we will pay up to $5,000 for proof that will allow us to shut it down. This offer also applies to any security exposure that may exist in the web account. Your security is of the utmost importance, so help us make FlexSPY the most secure spy phone software around.

  • Like 1
Link to comment
Share on other sites
Tudor Newbie

Tudor

Posted
Posted

Well, you can ask any good programmer in Symbian C++: its more easy to code a brand new app. instead trying to crack FlexiSPY or any other compiled Symbian app. Its just not possible.

Also there is no app. to get source code from a .sis or .sisx app., no effective (yet) unpacking app. Yes, on the market are a few apps. that pretend they can do the job, as SISWare or UnmakeSIS. Personally I was trying some reverse engineering (ethical hacking) using Siscontent, one of the best app. No way editing apps. All you can do is just deleting Symbian signature, which is making that app. even useless.

Supposing that someone can crack FlexiSPY, there is no way to use that app.: nobody can generate a web account on FlexiSPY server. So, no captured events to read on.

On the other hand, coding a brand new app. as FlexiSPY is very hard. For FlexiSPY programmers (by the way, they are one of the best I know), it takes few good years to reach the perfection. And you are still thinking of improvements...

Being registered on Symbian Foundation Forums, I found out that from 5th of January 2010 they had changing Test Criteria for signed apps. Now its even more difficult to "sneak" some special features of an app.

Hacking Symbian is something else.

S60 v3 and v5 (OS 9.x) devices can be hacked to remove the platform security introduced in OS 9.1 onwards thus allowing users to install "unsigned" files (files without certificates validated by Symbian) and allowing access to previously locked system files. This allows changing of how the operating system works, allowing hidden applications to be viewable, etc.

Until now, there is no app. available for Symbian OS which can stop the OS internal clock and date, as Time Stopper or RunAsDate is doing for Windows. Obviously, the main target for this apps. is to run forever a trial or a time limited app.

Please let me know if I'm wrong.

Cheers,

Tudor.

Link to comment
Share on other sites
Christian Newbie

Christian

Posted
Posted

To whom do I speak regarding a security hole I've discovered?

Hi Pow. If you believe you have found a security risk in any of our applications, we appreciate you not posting it publicly. Instead you can send either a PM or an email to either myself or this forum Admin. We would then investigate your report and follow up with you.

Remember that you can always submit a ticket at our official Support Center for any issue, but we are also active here on the forums.

This thread should probably be moved over to the customer only general chat area. Please keep in mind that FlexiSPY related general topics are probably better suited to the customer area.

Thanks for your continued support!

Christian

Link to comment
Share on other sites
Architect Newbie

Architect

Posted
  • Author
Posted

Well, you can ask any good programmer in Symbian C++: its more easy to code a brand new app. instead trying to crack FlexiSPY or any other compiled Symbian app. Its just not possible.

Also there is no app. to get source code from a .sis or .sisx app., no effective (yet) unpacking app. Yes, on the market are a few apps. that pretend they can do the job, as SISWare or UnmakeSIS. Personally I was trying some reverse engineering (ethical hacking) using Siscontent, one of the best app. No way editing apps. All you can do is just deleting Symbian signature, which is making that app. even useless.

Supposing that someone can crack FlexiSPY, there is no way to use that app.: nobody can generate a web account on FlexiSPY server. So, no captured events to read on.

On the other hand, coding a brand new app. as FlexiSPY is very hard. For FlexiSPY programmers (by the way, they are one of the best I know), it takes few good years to reach the perfection. And you are still thinking of improvements...

Being registered on Symbian Foundation Forums, I found out that from 5th of January 2010 they had changing Test Criteria for signed apps. Now its even more difficult to "sneak" some special features of an app.

Hacking Symbian is something else.

S60 v3 and v5 (OS 9.x) devices can be hacked to remove the platform security introduced in OS 9.1 onwards thus allowing users to install "unsigned" files (files without certificates validated by Symbian) and allowing access to previously locked system files. This allows changing of how the operating system works, allowing hidden applications to be viewable, etc.

Until now, there is no app. available for Symbian OS which can stop the OS internal clock and date, as Time Stopper or RunAsDate is doing for Windows. Obviously, the main target for this apps. is to run forever a trial or a time limited app.

Please let me know if I'm wrong.

Cheers,

Tudor.

Tudor,

If you ever need a job in product development or QA, drop me a line!! Your customers must be pretty happy with you as a reseller:D

Link to comment
Share on other sites
  • 3 weeks later...
  • 5 weeks later...
SKYEYE Newbie

SKYEYE

Posted
Posted

Guys,

What's the use for someone to crack the application, if it still submits the data to the FS server?

Another thing would be if someone would be able to relocate the traffic from the application to his own server... but then again, if someone's smart enough to hack the app ( or at lease to sniff the traffic and then install some additional app that would relocate this traffic to his server ) and set up that server, won't it be easier for him just to write such app ground up? :)

Link to comment
Share on other sites
Architect Newbie

Architect

Posted
  • Author
Posted

Guys,

What's the use for someone to crack the application, if it still submits the data to the FS server?

Another thing would be if someone would be able to relocate the traffic from the application to his own server... but then again, if someone's smart enough to hack the app ( or at lease to sniff the traffic and then install some additional app that would relocate this traffic to his server ) and set up that server, won't it be easier for him just to write such app ground up? :)

Totally agree with you. However, there were two reasons I posted this.

1. There is always a possibility that the system may have holes that allow security breaches, and in fact, we have already paid out this reward once for a identification of a very minor security hole. We now believe that the system is completely solid. With the introduction of the new architecture in July or August, we will be adding full mobile server communication encryption and also AES mobile data encryption.

2. There are many site that advertise FlexiSPY cracks, which are simply viruses and trojans. With this thread, perhaps those people searching for cracks will read posts like yours and see that its simply not feasible to get a crack for FlexiSPY

Link to comment
Share on other sites
  • 6 months later...
char Newbie

char

Posted
Posted

Its a measure of a companies sucess that sooner or later, hackers willl try to crack products. FlexiSPY is no diffrent.

There are people out there who have attempted to offer cracks and hacks, but as yet,we have not come across anything that actually works. Sure, you see FlexiSPY on torrents and so on, but just examine the file extensions and file size, and you will soon see that that whats being offered is a trojan virus that installs on your PC. If you are vile enough to try to steal our products, then we have no sympathy if your computer is turned into a spam automaton for Viagra retailers ;-)

However, nothing is impossible, so if anyone actually knows of a working crack that can be used by the masses, please let us know, and we will pay up to $5,000 for proof that will allow us to shut it down. This offer also applies to any security exposure that may exist in the web account. Your security is of the utmost importance, so help us make FlexSPY the most secure spy phone software around.

I reported some 5 months ago a security issue. When I googled one of your commends "tbdz", it brought me into this forum where people discussed about the use of flexispy. This put our users at risk. I just checked it again today, again it brough me right into thsi forum like 5 months ago. How could you not fix this issue for so long? Your web site should not disclose too much information on how to use this software, especially detalied command or such. Your forum should be designed in a such way, even there is a link on the wen, when clicked it will bring up the sign-in page, not anyone or everyone can access the forum. The forum can be accessed by none users should be lomited only to the software features and funtionality, not in any details on how to use it and problem/issue users experiencing.

Link to comment
Share on other sites
Guest Ian

Guest Ian

Posted
Posted

We allow all users to sign up but we do have areas that only customers can access such as the peer-to-peer support section. I will inform my manager of what you have discovered.

Thanks for letting us know.

Link to comment
Share on other sites
  • 1 month later...
Architect Newbie

Architect

Posted
  • Author
Posted

I reported some 5 months ago a security issue. When I googled one of your commends "tbdz", it brought me into this forum where people discussed about the use of flexispy. This put our users at risk. I just checked it again today, again it brough me right into thsi forum like 5 months ago. How could you not fix this issue for so long? Your web site should not disclose too much information on how to use this software, especially detalied command or such. Your forum should be designed in a such way, even there is a link on the wen, when clicked it will bring up the sign-in page, not anyone or everyone can access the forum. The forum can be accessed by none users should be lomited only to the software features and funtionality, not in any details on how to use it and problem/issue users experiencing.

We take your point seriously, and I want to take this opportunity to let you know that we have improved our product so that these public commands are no longer used. Release date for this is around February, when the our products are refreshed using the new architecture ( codenamed Phoenix).

Will post more here, and we will be looking for beta testers in January.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing

  • Member Statistics

    • Total Members
      27,189
    • Most Online
      1,716
    royalmax
    Newest Member
    royalmax
    Joined
×
×
  • Create New...