0day.today - Dunyanin En Buyuk Exploit Veritabani
![](/img/logo_green.jpg)
Biz sadece bir adet ana domain kullaniyoruz DOMAIN_LINK
Eger exploit satin alacaksaniz ve ya hizmet icin odeme yapacaksaniz, altin almaniz gerekmekte. Biz sitemizi hack amacli kullanmak istemiyoruz, yani her turlu dogru olmayan, kanunsuz ve illegal yapilan eylemler diger hesaplari olumsuz yonde etkileyebilir ve sonrasinda buna yol acan/lar, web sitelerimize ve verilere erisimi tamamen kesilir, banlanir ve hesabini tarafimizca yok edilir.
Sadece bu sitenin yonetimine itibar edin. Sahtelere Dikkat!
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
Please, beware of scammers!
- Oku [ anlasma ]
- Oku [ Gonder ] kurallar
- Ziyaret et [ SSS ] page
- [ Uye Ol ] profil
- [ FIYAT ]
- Eger istiyorsaniz [ satmak ]
- Eger istiyorsaniz [ almak ]
- Eger kaybederseniz [ Hesap ]
- Herhangi bir sorunuz [ [email protected] ]
- Yetkili sayfa
- Uyelik sayfasi
- Hesap sayfasini geri yukle
- SSS sayfasi
- Iletisim sayfasi
- Paylasim kurallari
- Anlasma sayfasi
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Bize ulasabilirsiniz:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Android Stagefright MP4 tx3g Integer Overflow Exploit
[ 0Day-ID-24861 ]
Full Baslik
Android Stagefright MP4 tx3g Integer Overflow Exploit
[ Highlight ]
Highlight - is paid service, that can help to get more visitors to your material.
Price:
Price:
![](/img/gold.gif)
Eklenme Tarihi
Kategori
Platform
Dogrulanma
![](/img/check.png)
Fiyat
Ucretsiz
Risk
![](/img/risk/critlow_3.gif)
Security Risk High
]Rel. releases
Tanim
This Metasploit module exploits a integer overflow vulnerability in the Stagefright Library (libstagefright.so). The vulnerability occurs when parsing specially crafted MP4 files. While a wide variety of remote attack vectors exist, this particular exploit is designed to work within an HTML5 compliant browser. Exploitation is done by supplying a specially crafted MP4 file with two tx3g atoms that, when their sizes are summed, cause an integer overflow when processing the second atom. As a result, a temporary buffer is allocated with insufficient size and a memcpy call leads to a heap overflow. This version of the exploit uses a two-stage information leak based on corrupting the MetaData that the browser reads from mediaserver. This method is based on a technique published in NorthBit's Metaphor paper. First, we use a variant of their technique to read the address of a heap buffer located adjacent to a SampleIterator object as the video HTML element's videoHeight. Next, we read the vtable pointer from an empty Vector within the SampleIterator object using the video element's duration. This gives us a code address that we can use to determine the base address of libstagefright and construct a ROP chain dynamically. NOTE: the mediaserver process on many Android devices (Nexus, for example) is constrained by SELinux and thus cannot use the execve system call. To avoid this problem, the original exploit uses a kernel exploit payload that disables SELinux and spawns a shell as root. Work is underway to make the framework more amenable to these types of situations. Until that work is complete, this exploit will only yield a shell on devices without SELinux or with SELinux in permissive mode.
CVE
CVE-2015-3864
Other Information
Abuses
0
Yorumlar
0
Goruntulemeler
6 570
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
Ucretsiz
Open Exploit
You can open this source code for free
You can open this source code for free
![](/img/check_16.png)
Verified by
This material is checked by Administration and absolutely workable.
This material is checked by Administration and absolutely workable.
[ Yorumlar: 0 ]
Terms of use of comments:
- Users are forbidden to exchange personal contact details
- Haggle on other sites\projects is forbidden
- Reselling is forbidden
Yorum yazabilmek icin giris yapin ve ya uye olun
Yorum yazabilmek icin giris yapin ve ya uye olun