Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3275
Views
0
Helpful
3
Replies

How to factory reset a phone remotely?

Go to solution
Adan Zuniga
Level 1
Level 1

‎04-07-2017 08:23 AM - edited ‎03-19-2019 12:18 PM

All,

 besides the third party applications is there anything that one can develop natively on CUCM to remotely factory reset a phone or erase CTL/ITL files?

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jonathan Schulenberg
Hall of Fame
Hall of Fame

‎04-08-2017 11:07 AM

The third-party apps exploit a hole in the ITL logic to do this: the phone will continue using the most recent XML file it saved to flash that was digitally signed by a member of the ITL it also has saved in flash memory. That XML file has the IP/DNS FQDN of the CUCM nodes it was supposed to register to. After it rejects the newer XML file for failing the digital signature check, it attempts to register to the CUCM nodes defined in the local file.

IF it can register successful then there is an opening for the third-party apps to exploit: you can pass XML SDK commands over CTI to CUCM (assuming the Application User of the CTI-connected application has control over the phone). CTI Manager will relay these commands to the phone, which bypasses the Authentication URL and ITL/TVS. Same commands, just a different approach vector.

The caveat of this approach is that the phone must register to CUCM using the IP/DNS FQDN in it's local flash. If it cannot do this then you have no method to do this remotely.

This is where I pass you off to DevNet as Jaime suggested. You would need to write a program that leverages CTI and the phone XML SDK. Good luck!

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Jaime Valencia
Cisco Employee
Cisco Employee

‎04-07-2017 08:58 AM

Might want to ask in DevNet

HTH

java

if this helps, please rate
0 Helpful

Go to solution
Jonathan Schulenberg
Hall of Fame
Hall of Fame

‎04-08-2017 11:07 AM

The third-party apps exploit a hole in the ITL logic to do this: the phone will continue using the most recent XML file it saved to flash that was digitally signed by a member of the ITL it also has saved in flash memory. That XML file has the IP/DNS FQDN of the CUCM nodes it was supposed to register to. After it rejects the newer XML file for failing the digital signature check, it attempts to register to the CUCM nodes defined in the local file.

IF it can register successful then there is an opening for the third-party apps to exploit: you can pass XML SDK commands over CTI to CUCM (assuming the Application User of the CTI-connected application has control over the phone). CTI Manager will relay these commands to the phone, which bypasses the Authentication URL and ITL/TVS. Same commands, just a different approach vector.

The caveat of this approach is that the phone must register to CUCM using the IP/DNS FQDN in it's local flash. If it cannot do this then you have no method to do this remotely.

This is where I pass you off to DevNet as Jaime suggested. You would need to write a program that leverages CTI and the phone XML SDK. Good luck!

0 Helpful

Go to solution
Adan Zuniga
Level 1
Level 1
In response to Jonathan Schulenberg

‎04-12-2017 10:46 AM

Very thorough response Jonathan, thank you!

0 Helpful
Customers Also Viewed These Support Documents