Stagefright: An Android Exploitation Case Study

DerbyCon 6.0 - Recharge

Presented by: Joshua Drake
Date: Friday September 23, 2016
Time: 13:00 - 13:50
Location: Regency South
Track: Teach Me

Last year, Joshua disclosed multiple vulnerabilities in Android's multimedia processing library libstagefright. This disclosure went viral under the moniker "Stagefright," garnered national press, and ultimately helped spur widespread change throughout the mobile ecosystem. Since initial disclosure, a multitude of additional vulnerabilities have been disclosed affecting the library. In the course of his research, Joshua developed and shared multiple exploits for the issues he disclosed with Google. In response to Joshua and others' findings, the Android Security Team made many security improvements. Some changes went effective immediately, some later, and others still are set to ship with the next version of Android—Nougat. Joshua will discuss the culmination of knowledge gained from the body of research that made these exploits possible despite exploit mitigations present in Android. He will divulge details of how his latest exploit, a Metasploit module for CVE-2015-3864, works and explore remaining challenges that leave the Android operating system vulnerable to attack. Joshua will release the Metasploit module to the public at DerbyCon

Joshua Drake

Joshua J. Drake is the VP of Platform Research and Exploitation at Zimperium Enterprise Mobile Security and lead author of the Android Hacker's Handbook. Joshua has been doing vulnerability research on a wide range of applications and operating systems for over 20 years with a focus on Android since early 2012. His professional experience began in 2005 and includes roles at VeriSign/iDefense, Rapid7/Metasploit, and Accuvant LABS.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats