CVE-2015-3864 PoC — Android mediaserver组件数字错误漏洞

Source

https://github.com/Bhathiya404/Exploiting-Stagefright-Vulnerability-CVE-2015-3864

Associated Vulnerability

Title:Android mediaserver组件数字错误漏洞 (CVE-2015-3864)
Description:Google Chrome是美国谷歌（Google）公司开发的一款Web浏览器。Android是美国谷歌（Google）公司和开放手持设备联盟（简称OHA）共同开发的一套以Linux为基础的开源操作系统。Mediaserver是其中的一个多媒体服务组件。 Android 5.1及之前版本的mediaserver组件的libstagefright中的MPEG4Extractor.cpp文件中的‘MPEG4Extractor::parseChunk’函数存在整数溢出漏洞。远程攻击者可借助特制的MPEG-4数据

Readme

# Exploiting-Stagefright-Vulnerability-CVE-2015-3864

Stagefright refers to a set of software flaws in Android versions 2.2 "Froyo" through 5.1.1 "Lollipop," which affected 95% of all Android phones still. If the vulnerability is exploited, an attacker can use remote code execution and privilege escalation to do arbitrary actions on the victim's device. So, in this project, I'm going to use this vulnerability to exploit Android 5.1.1 " Lollipop." 


Keywords: Android hacking, mobile phone hacking, Metasploit Framework.

File Snapshot


 [4.0K]  /data/pocs/a2080c7f18ec07ae0f4b99d196944389574c7e87
├── [ 525]  README.md
└── [810K]  Report.pdf

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!