What's new
DroidForums.net | Android Forum & News

This is a sample guest message. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

StageFright Detector App Lets You Know If Your Device Is Vulnerable

D

DroidModderX

Super Moderator
Staff member
Premium Member
stagefright-detection-tool-galaxy-s6.jpg

If you are shaking in your boots over stagefright you probably shouldn't be. Google has said that the exploit has not been used much, and most modern phones have a protocol which would make it incredibly difficult to hack a phone in this way. If you are worried that your phone might be vulnerable you can know for sure thanks to a new app on the Google Play Store called the "StageFright Detector App". I know very original name. To use the app just click the "Begin Analysis" button. Once analysis has finished you will know whether or not your phone is vulnerable. If it is you can protect yourself by disabling your stock messaging app and using an app like Textra which has the stagefright patch built in. Head to the link below to grab the detector app.

via Play Store
 
Even though I have been patched by Google (via Tmobile) this app still shows me as being vulnerable. That leads to the inevitable question of whom I should believe...Google or Zimperium.

Screenshot_2015-08-07-23-26-45.webp
 
Neither. Google doesn't want you to know if there software is vulnerable and Zimperium want to sell you some security software. :D
 
My Verizon S5, showing as up to date in my Verizon "update list", shows as Vulnerable as well, then wants me to send my info to their sales department... Sounds fishy to me.
 
Here are the explanations for the code that they are checking against:

1. CVE-2015-1538, P0006, Google Stagefright ‘stsc’ MP4 Atom Integer Overflow Remote Code Execution

2. CVE-2015-1538, P0004, Google Stagefright ‘ctts’ MP4 Atom Integer Overflow Remote Code Execution

3. CVE-2015-1538, P0004, Google Stagefright ‘stts’ MP4 Atom Integer Overflow Remote Code Execution

4. CVE-2015-1538, P0004, Google Stagefright ‘stss’ MP4 Atom Integer Overflow Remote Code Execution

5. CVE-2015-1539, P0007, Google Stagefright ‘esds’ MP4 Atom Integer Underflow Remote Code Execution

6. CVE-2015-3827, P0008, Google Stagefright ‘covr’ MP4 Atom Integer Underflow Remote Code Execution

7. CVE-2015-3826, P0009, Google Stagefright 3GPP Metadata Buffer Overread

8. CVE-2015-3828, P0010, Google Stagefright 3GPP Integer Underflow Remote Code Execution

9. CVE-2015-3824, P0011, Google Stagefright ‘tx3g’ MP4 Atom Integer Overflow Remote Code Execution

10. CVE-2015-3829, P0012, Google Stagefright ‘covr’ MP4 Atom Integer Overflow Remote Code Execution
 
You must log in or register to reply here.

Similar threads

D
StageFright 2.0 Bug Leaves More Than 1 Billion Android Phones Vulnerable
Replies
0
Views
2K
DroidModderX
D
D
Scary Vulnerability: One Text Can Hack 95% of Android Phones
3 4 5
Replies
69
Views
16K
Jonny Kansas
J
D
StageFright Fix Available For Mediatek Devices Finally!
Replies
0
Views
2K
DroidModderX
D
D
Stagefright Patch Pushing Out to Various Androids: Nexus 6, Nexus 5 & Several Sprint Galaxy Devices
Replies
2
Views
2K
Ollie
O
D
OTA StageFright Patch Images Available For Nexus Devices
Replies
2
Views
1K
SquireSCA
S
Back
Top