Zimperium team has publicly released the CVE-2015-1538 Stagefright Exploit, demonstrating the process of Remote Code Execution (RCE) by an attacker.
The released exploit is a python code creating an MP4 exploiting the 'stsc' vulnerability dubbed Stagefright.
The purpose behind the release is to put penetration testers and security researchers to test and check the vulnerability of the code and analyze the results.
Considered as the most critical flaw among all the existing vulnerabilities; the Stagefright flaw is capable of revealing user's information remotely by injecting malicious code, even without any involvements of the user.
Two months ago, Zimperium Labs uncovered multiple vulnerabilities in 'libstagefright,' a service attached with the software-based codecs natively in Android smartphones for media playback.
The vulnerability allowed booby-trapped MP4 videos that supplied variables with 64-bit lengths to overflow the buffer and crash the smartphone when trying to open that multimedia message.
The list of vulnerabilities extend to:
- CVE-2015-1538, P0006, Google Stagefright 'stsc' MP4 Atom Integer Overflow Remote Code Execution
- CVE-2015-1538, P0004, Google Stagefright 'ctts' MP4 Atom Integer Overflow Remote Code Execution
- CVE-2015-1538, P0004, Google Stagefright 'stts' MP4 Atom Integer Overflow Remote Code Execution
- CVE-2015-1538, P0004, Google Stagefright 'stss' MP4 Atom Integer Overflow Remote Code Execution
- CVE-2015-1539, P0007, Google Stagefright 'esds' MP4 Atom Integer Underflow Remote Code Execution
- CVE-2015-3827, P0008, Google Stagefright 'covr' MP4 Atom Integer Underflow Remote Code Execution
- CVE-2015-3826, P0009, Google Stagefright 3GPP Metadata Buffer Overread
- CVE-2015-3828, P0010, Google Stagefright 3GPP Integer Underflow Remote Code Execution
- CVE-2015-3824, P0011, Google Stagefright 'tx3g' MP4 Atom Integer Overflow Remote Code Execution
- CVE-2015-3829, P0012, Google Stagefright 'covr' MP4 Atom Integer Overflow Remote Code Execution
The vulnerability was affecting Android operating system version 2.2 (Froyo) and before version 5.1.1_r9 (Lollipop).
To access the exploit go to Stagefright_CVE-2015-1538-1_Exploit.py (raw file) explaining the conditions that come along and everything you need to know.
To know further, visit US-CERT/CC advisory where they posted the details regarding the announcement.