Metaphor - Stagefright with ASLR bypass
Metaphor - Stagefright with ASLR bypass By Hanan Be'er from NorthBit Ltd.
Link to whitepaper: https://raw.githubusercontent.com/NorthBit/Public/master/NorthBit-Metaphor.pdf
Metaphor's source code is now released! The source include a PoC that generates MP4 exploits in real-time and bypassing ASLR. The PoC includes lookup tables for Nexus 5 Build LRX22C with Android 5.0.1. Server-side of the PoC include simple PHP scripts that run the exploit generator - I'm using XAMPP to serve gzipped MP4 files. The attack page is index.php.
The exploit generator is written in Python and used by the PHP code.
usage: metaphor.py [-h] [-c CONFIG] -o OUTPUT {leak,rce,suicide} ...
positional arguments:
{leak,rce,suicide} Type of exploit to generate
optional arguments:
-h, --help show this help message and exit
-c CONFIG, --config CONFIG
Override exploit configuration
-o OUTPUT, --output OUTPUT
Metaphor - Stagefright with ASLR bypass
Reviewed by Zion3R
on
5:13 PM
Rating:
![Metaphor - Stagefright with ASLR bypass](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNglNo2CDI1waq4x_Rk-tf1NdjGRNT0MxDRwBWboC5VKi5bpHEBuu8vpq0H6Og_WLeY40LuOMC-Gbsvs9zBF3XbL9bjY1rNY5ErP6BzdPEgpVa7YwzN3qcmUorgpfCWqwFIAm7HqqvASE/s72-c/Metaphor.png)