Overview
Syllabus
Intro
About Joshua J. Drake akajduck
Motivations
Sponsors
What is Stagefright?
Why Stagefright?
Related Work
Androld Architecture
Process Architecture
Process Privileges (Nexus 5)
Privilege Survey Results II
Architecture Recap
Locating the Attack Surface
What do you find?
Vector Enumeration Methodology
Modularity Complicates Matters
Enter the Media Scanner
Tons of Attack Vectors!
The Scariest Part - MMS
Where does this work?
Triggers Virally
Discovery Methodology
First Round Specifics
First Round Results
Enter American Fuzzy Lop
Second Round Results
Bug Summary
Details for a FAIL
Embarrassing, but Educational
Exploitability Analysis
mediaserver Recap
New in Android 5.0
Mitigation Summary
Address Space Layout Randomization
Disclosure process review
Update Deployment
Taught by
Black Hat