Website to get into LG OLED service menu.

Archaea

Archaea

[H]F Junkie
Joined
Oct 19, 2004
Messages
11,825
Saw this thread on Reddit. It uses a website to get into the LG service menu. It works. Not sure if it’s safe since it appears to be using an exploit? Normally you need a special service remote to get I to the service menu.

https://www.reddit.com/r/OLED_Gamin...o_access_lg_service_menu_without_the_service/

I’m curious if I I should be concern that I just compromised my LG C2 TV. Anyone know how to read and understand what that link’s code does? I’m not a developer but I’d like to see and understand the code.
 
Last edited:
The remote costs $7 or so shipped on eBay or Amazon. I wouldn't risk using the exploit from some random people on reddit, myself. :)
 
Disclaimer: I don't know a ton about WebOS. I know it uses basically web applications as the name implies. Javascript, HTML and a WebOS SDK JS library.
For credentials, I am a web developer with about 15 years of experience doing web services as a freelancer and consultant. However I am not a web security expert.

For the following I am omitting any full URLs and links to avoid having people navigate to them by accident.

So I looked into the code of the website a bit and this is what it seems to do:

It goes to /apps/dd.html on the website from the instart address. The main script here seems to try to set dev mode on WebOS to on or off when you press the onscreen buttons.

It uses the TV browser download features in appinstaller.js to download an app from website's folder ipk/vplay/vPlay_v2.0.5.ipk. It then installs this app, deletes the downloaded installer file and and seems to somehow elevate its permissions by downloading a .json file from another url in the same domain and installing it to
/var/luna-service2-dev/client-permissions.d/com.vplay.tv.app.json. I could not download this file, it gives a 404 error so maybe this file is no longer available.

The .ipk file is nothing more than an archive and can be unpacked by renaming to .zip and decompressing. Inside is an app called "com.vplay.tv". Its description just says "vPlay service". The code for the app itself seems to be mainly to open up a website inside the app which redirects from web.vplay.one to deeplex.cc which seems to be some sort of online video service?

I don't know if this is for example some old app that allows for a permission exploit. It seems that using WebOS apps for hacking the WebOS system is a pretty common approach and by hacking here I don't mean for nefarious purposes but just to e.g install apps outside the LG app store.

That's as far as I got with it. I cannot say if some portion of this is malicious or not and don't know why the app install is needed. None of the code I read directly pointed to e.g contacting some shady websites or sending data from the TV out.

You could try looking for the com.vplay.tv or vplay app from the installed apps and see if it exists there then delete it.

I'd probably reset the TV to factory settings just in case.
 
You must log in or register to reply here.
Back
Top