NorthBit/Metaphor NorthBit/Metaphor

  • Stars
    star
    314
  • Rank 129,633 (Top 3 %)
  • Language
    Python
  • License
    GNU General Publi...
  • Created about 8 years ago
  • Updated about 8 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
NorthBit/Metaphor
github

NorthBit

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Metaphor - Stagefright with ASLR bypass

Metaphor

Metaphor - Stagefright with ASLR bypass By Hanan Be'er from NorthBit Ltd.

Link to whitepaper: https://raw.githubusercontent.com/NorthBit/Public/master/NorthBit-Metaphor.pdf

Twitter: https://twitter.com/High_Byte

Metaphor's source code is now released! The source include a PoC that generates MP4 exploits in real-time and bypassing ASLR. The PoC includes lookup tables for Nexus 5 Build LRX22C with Android 5.0.1. Server-side of the PoC include simple PHP scripts that run the exploit generator - I'm using XAMPP to serve gzipped MP4 files. The attack page is index.php.

The exploit generator is written in Python and used by the PHP code.

usage: metaphor.py [-h] [-c CONFIG] -o OUTPUT {leak,rce,suicide} ...

positional arguments:
  {leak,rce,suicide}    Type of exploit to generate

optional arguments:
  -h, --help            show this help message and exit
  -c CONFIG, --config CONFIG
                        Override exploit configuration
  -o OUTPUT, --output OUTPUT

Credits: To the NorthBit team E.P. - My shining paladin, for assisting in boosting this project to achieve all the goals.

More Repositories

1

bulletin-scraper

Download all of Microsoft's security updates and symbols
Python
42
star
2

Public

Public resources NB shares
18
star