If anyone remembers the Stagefright exploit (CVE-2015-1538 I think) you would remember that it could potentially achieve root access by sending a corrupt video file to an android device running an un-patched version, with no user interaction required.
My question is, has anyone actually ever replicated this exploit, or has it ever been used in a crime that we know of? I can't even try to replicate it because I don't have an android device and you can't send MMS on the android VM.
1 Response
From what I understand, the issue is that the exploit only get you remote code execution but then you still have the problem of finding the correct place in the stack to run your code. This is rendered harder by the factor that many of the newer model of android have "anti-stack corrupting" measure, making harder to reliably run your code.
Pair this with the fact that there are 100's of different kinds of android devices that all works differently. To make an exploit that can reliably be used would be hard to say the least.
All that to say that it would take a fairly skilled and dedicated hacker to make something of it.
Cheers,
Washu
Share Your Thoughts