TheStagefright bugsare a critical vulnerability which affect almost a billion+ Android smartphones from all manufacturers.
Zimperium had reported vulnerabilities in April and May and they were publicly disclosed inJuly 2015.
He had called these flaws Mother of all Android Vulnerabilities.
But on Wednesday, thecompany finally published it.
The python script generates an MP4 media file that exploits CVE-2015-1538 and gives the attacker a reverse command shell.
The attacker is then able to take pictures and remotely listen to audio within earshot of the microphone.
The exploit doesnt work against Android versions 5.0 and above thanks to new integer overflow mitigations.
source: www.techworm.net
