Project Zero blog: Android StageFright ASLR bruteforce exploit via Chrome by Mark Brand - http://goo.gl/YBQBLs
-
-
Replying to @aaronportnoy
@aaronportnoy@benhawkes what?! no mention of SELinux and how the payload can't execute a shell?!1 reply 1 retweet 1 like -
Replying to @jduck
@jduck@aaronportnoy Thanks! We might explore the practical impact of mediaserver compromise a bit more in an upcoming post.1 reply 1 retweet 1 like -
Replying to @benhawkes
@benhawkes@aaronportnoy cool! did you see this one:https://gist.github.com/jduck/9e6d944d9e53a164c5f7 …1 reply 1 retweet 7 likes
Replying to @jduck
@jduck @aaronportnoy Cool. We have a few upcoming kernel bugs that can be chained with StageFright bugs (nothing as nice as Keen's though!)
0 replies
1 retweet
5 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.