stagefright

Introduction:

介绍:

 If you keep this figure in mind then there are billions of users using android OS. These figures show just how popular android is right now. People like this OS very much. But due to increase of users, security concerns are rising.
 

www.statista.com ]www.statista.com ]

The global market share of android devices is more than 82% worldwide. That means most of the smartphone users are using android OS. But with this increase of users, now mobile security is also at risk - a bug called StageFright has been detected, which places the mobile security of billions of android users at risk. This article describes all about StageFright.
android设备的全球市场份额在全球超过82%。 这意味着大多数智能手机用户都在使用Android OS。 但是随着用户数量的增加,现在移动安全也处于危险之中-已检测到一个名为StageFright的错误,这使数十亿android用户的移动安全受到威胁。 本文介绍了有关StageFright的所有内容。

www.statista.com ]www.statista.com ]

What is StageFright ?

什么是StageFright?

Who discovered StageFright?

谁发现了StageFright?

A top Android researcher Joshua Drake (@jduck), who works in Zimperium’s zLabs team, discovered the most vulnerable hole in Android OS, which was publicly announced for the first time on July 27, 2015. ‘Stagefright’. Zimperium’s team also calling it ‘Mother of all Android Vulnerabilities’, as it impacts 95% or 950 million of all Android devices and does not require any interaction with the victim.
Zimperium的zLabs团队中的一名顶级Android研究人员Joshua Drake(@jduck)发现了Android OS中最脆弱的漏洞,该漏洞于2015年7月27日首次公开发布。“ Stagefright”。 Zimperium的团队还称其为“所有Android漏洞之母”,因为它影响了所有Android设备的95%或9.5亿,并且不需要与受害者进行任何互动。

Why does StageFright make Android users so vulnerable ?

为什么StageFright使Android用户如此脆弱?

See StageFright Demo Video观看StageFright演示视频

StageFright Versions:

StageFright版本:

There are two versions that exploit Android devices:

有两个版本可以利用Android设备:

StageFright 1.0

StageFright 1.0

StageFright 2.0

StageFright 2.0

StageFright 1.0

StageFright 1.0

A patch for StageFright 1.0 has been released from Google. StageFright 1.0 used auto retrieval mms option of messaging app s& chat apps to send malicious files into your Android device and silently get into it through the libStageFright mechanism (thus the "StageFright" name), which helps Android process mms files. Many text messaging apps — Google's Hangouts app was specifically mentioned — automatically process that video so it's ready for viewing as soon as you open the message, and so the attack theoretically could happen without you even knowing it. Google is saying that StageFright 1.0 is fixed. If I talk about my own smartphone (which is a Motorola G), I  got an update that includeda StageFright 1.0 patch to fix it. You can get an idea about StrageFright 1.0 from the below link:
Google已发布StageFright 1.0的修补程序。 StageFright 1.0使用消息传递应用程序和聊天应用程序的自动检索mms选项将恶意文件发送到您的Android设备,并通过libStageFright机制(因此称为“ StageFright”名称)以无提示的方式进入该设备,该机制可帮助Android处理mms文件。 许多短信应用程序(特别提到了Google的环聊应用程序)会自动处理该视频,以便您在打开消息后就可以立即观看,因此从理论上讲,攻击甚至可能在您不知情的情况下发生。 Google表示StageFright 1.0已修复。 如果我谈论自己的智能手机(摩托罗拉G),则会得到一个包含StageFright 1.0补丁的更新程序来修复它。 您可以从以下链接中获得有关StrageFright 1.0的想法:

Avast blog for StageFright 1.0StageFright 1.0的Avast博客

StageFright 2.0

StageFright 2.0

Zimperium, a pair of recently discovered vulnerabilities make it possible for an hacker or attacker to get into Android device with a MP3 or MP4 like file, so when the metadata for that file is previewed by the OS, that file could execute malicious code via website or a human being in the middle of an attack built specifically for delivering these malformed files, this code could be executed without user interaction.Zimperium称 ,最近发现的一对漏洞使黑客或攻击者可以通过MP3或MP4之类的文件进入Android设备,因此,当操作系统预览该文件的元数据时,该文件可能会执行恶意代码。通过专门针对传递这些格式错误的文件而进行的攻击的网站或人员,无需用户交互即可执行此代码。
 

Zimperium claims to have confirmed remote execution, and brought this to Google's attention on August 15. In response, Google assigned CVE-2015-3876 and CVE-2015-6602 to the pair of reported issues and started working on a fix.

Is your Android device affected by StageFright 2.0

您的Android设备是否受StageFright 2.0的影响

According to Zimperium
根据Zimperium
In one way or another, yes. CVE-2015-6602 refers to a vulnerability in libutils, and as Zimperium points out in their post announcing the discovery of this vulnerability it impacts every Android phone and tablet going back as far as Android 1.0. CVE-2015-3876 affects every Android 5.0 and higher phone or tablet, and could theoretically be delivered via website or man in the middle attack.

What CVE is ?

什么是CVE?

CVE stands for Common Vulnerabilities and Exposures (CVE) system which provides a reference-method for publicly known information-security vulnerabilities and exposures.

CVE代表“ 常见漏洞和披露 (CVE)”系统,它为公众已知的信息安全提供参考方法 ul 城市和 曝光。

CVE-ID Syntax

CVE-ID语法

There was an old version of CVE syntax also which is little bit different from below defined syntax.

还有一个旧版本的CVE语法 ,与下面定义的语法有点不同。

CVE prefix + Year + Arbitrary Digits [] New syntax implemented from Jan 1st, 2014 ]

CVE前缀+年+任意数字[]从2014年1月1 日开始实施新语法]

www.cvedetails.com you can get more information, resources and links for the particular CVE. I hope that now CVE-YYYY-NNNN is not a new thing for you. You are aware and you can answer if someone asks. www.cvedetails.com您可以获取有关特定CVE的更多信息,资源和链接。 我希望现在CVE-YYYY-NNNN对您来说不是新事物。 您知道,如果有人问,您可以回答。

The following figure is clearly showing the difference between old CVE syntax and new CVE syntax which is taken from www.mitre.org

下图清楚地显示了旧的CVE语法和新的CVE语法之间的区别,该区别来自www.mitre.org

How to know if your Android device is affected by StageFright 2.0 vulnerability

如何知道您的Android设备是否受StageFright 2.0漏洞影响

Google Play Store. Google Play商店下载他们的应用。

My own experience about StageFright:

我对StageFright的经验:

I was the victim of StageFright 1.0 prior to when the patch had arrived. I had frustrating experiences from StageFright, but it took me a while to realize that my smartphone get hacked by a smart hacker. I noticed that the behavior of my smartphone was changing -  it was behaving like there was some problem, so I took precautions like cleaning the mobile, changing the passwords, locking the screen etc. All these things were troubling me and I was trying to get these things rectified. After some days I read an article about StageFright where symptoms and precautions both were explained. At this point I realized that I was the victim of StageFright 1.0
在补丁发布之前,我是StageFright 1.0的受害者。 我从StageFright获得了令人沮丧的经历,但是花了一段时间我才意识到我的智能手机遭到了聪明的黑客的攻击。 我注意到我的智能手机的行为正在发生变化-行为似乎有问题,因此我采取了预防措施,例如清洁手机,更改密码,锁定屏幕等。所有这些事情困扰着我,我试图这些事情纠正了。 几天后,我阅读了一篇有关StageFright的文章,其中对症状和注意事项进行了解释。 此时,我意识到自己是StageFright 1.0的受害者

You can’t believe the things which I noticed then:

您无法相信我当时注意到的事情:

1) When I was using my wifi a file which was just 100-200 KB automatically downloaded and I didn’t find it on the phone, but it was showing when I took a backup using CM Backup app. This is the first incident, where I suspected something was wrong but I ignored it.
1)当我使用wifi时,会自动下载一个只有100-200 KB的文件,但我在手机上找不到该文件,但是当我使用CM Backup应用程序进行备份时,该文件正在显示。 这是第一起事件,我怀疑有问题,但我忽略了它。
4) Generally in my home I always leave my wifi-enabled phone on. After a night when I woke up early in the morning I found that my battery drained almost to 19% and in night it was 59%.
4)通常,在家里,我总是将启用wifi的手机保持打开状态。 在一个清晨醒来的夜晚之后,我发现我的电池电量几乎耗尽了19%,而晚上则是59%。
avast mobile security. I formatted my mobile changes all passwords from mail to wifi to screen lock and applock and I followed all steps which was described in avast blog. avast mobile security的文章。 我格式化了手机,将所有密码从邮件更改为wifi,然后将其更改为屏幕锁定和applock,然后按照avast博客中介绍的所有步骤进行操作。

Unfortunately, now StageFright 2.0 has arrived, so be aware. Keep yourself from being a victim, follow the precautions which are given below under the heading “How to fight with StageFright 2.0 until the patch arrives.“ I had a very frustrating and annoying experience with StageFright 1.0.

不幸的是,现在StageFright 2.0已经到货,请注意。 避免自己成为受害者,请遵循下面标题为“如何与StageFright 2.0战斗直到补丁发布之前”的预防措施。我对StageFright 1.0感到非常沮丧和烦恼。

Android was my favorite flavor for smartphones but after this incident I am losing my interest in Android devices.

Android是我最喜欢的智能手机版本,但是在此事件之后,我对Android设备失去了兴趣。

How to fight with StageFright 2.0 until the patch arrives:

在补丁发布之前,如何与StageFright 2.0战斗:

1) Try to not download mp3 or mp4 from your web browsers.

1)尝试不要从网络浏览器下载mp3或mp4。

2) Avoid public networks.

2)避免使用公共网络。

3) Secure your wi-fi connection with strong passwords.

3)使用强密码保护您的Wi-Fi连接。

4) Pay attention to where you are browsing and what you are browsing.

4)注意您正在浏览的位置以及正在浏览的内容。

5) Don't open mp3 or mp4 files from anyone you don't know.

5)请勿打开您不认识的人的mp3或mp4文件。

OS which have fixed StageFright 2.0

固定了StageFright 2.0的操作系统

Blackphone 2, is a smartphone in which the phone is fully encrypted to tighten the security. The company calls it Silent OS, which is derived from Android (which is open source).Blackphone 2是一种智能手机,其中电话已完全加密以加强安全性。 该公司将其称为Silent OS,它是从Android(开源)衍生而来的。 Cyanogenmod OS have patched for StageFright 2.0Cyanogenmod OS已针对StageFright 2.0进行了修补

I am surprised by how little Google is doing, is Google seriously doing something to secure their OS like iPhone doing? iOS is much more secure than Android. iOS releases updates in timely fashion to make it secure and for better performance and keeping an eye on their store. I read the news 10-20 days ago that a Chinese app in iOS was trying to fetch information. Apple quickly blocked that app from their store. This is called secure environment with quick action.
Google所做的工作让我感到惊讶,Google是否真的在做一些事情来保护自己的操作系统(如iPhone)? iOS比Android安全得多。 iOS会及时发布更新,以确保其安全性和更好的性能,并密切关注其商店。 我读了10到20天前的新闻,说iOS中的一个中文应用程序正试图获取信息。 苹果很快从商店中屏蔽了该应用。 这被称为快速行动的安全环境。

References:

参考文献:

1) www.wikipedia.com

1) www.wikipedia.com

2) www.bgr.com

2) www.bgr.com

3) www.pcworld.com

3) www.pcworld.com

4) www.androidcentral.com

4) www.androidcentral.com

5) www.statista.com

5) www.statista.com

6) www.cvedetails.com

6) www.cvedetails.com

7) www.mitre.org

7) www.mitre.org

Final Words:

最后的话:

Happy reading. Please share your views via comments.

祝您阅读愉快。 请通过评论分享您的观点。

翻译自: https://www.experts-exchange.com/articles/21599/StageFright-The-most-vulnerable-bug-in-Android-OS.html

stagefright

stagefright_StageFright:Android操作系统中最易受攻击的错误相关推荐

  1. 在Android手机上使用Wardrive来映射易受攻击的网络(免root)

    在Android手机上使用Wardrive来映射易受攻击的网络 将带有不错电池的旧Android智能手机放入您的黑客工具包中,可以让您通过步行或驾驶来快速映射您所在地区的数百个易受攻击的网络. war ...

  2. 微软反向 RDP 漏洞补丁不当,第三方 RDP 客户端易受攻击

     聚焦源代码安全,网罗国内外最新资讯! 作者:Ravie Lakshmanan 编译:奇安信代码卫士团队 还记得反向 RDP 攻击吗?易受路径遍历漏洞影响的客户端系统通过微软远程桌面协议远程访问服务器 ...

  3. 【web-攻击web服务器】(13.2)易受攻击的服务器软件、Web 应用程序防火墙

    目录 一.易受攻击的服务器软件 1.1.简介: 1.2.应用程序框架缺陷 简述: .NET填充提示 1.3.内存管理漏洞 简述: 1.4.编码与规范化漏洞 简述: 1.5.查找Web服务器漏洞 简述: ...

  4. 机器学习算法易受攻击?阿里“安全基建”这样应对AI的不安全

    出品 | AI科技大本营(ID:rgznai100) 数字基建的浪潮之下,诸多行业领域都在加速融合5G.大数据中心.AI等新技术,向数字化转型.近日,多位全国政协委员.院士和安全行业专家提出,应尽快出 ...

  5. 分段显示 linux_ArchAudit:一款在 Arch Linux 上检查易受攻击的软件包的工具 | Linux 中国...

    Arch-audit 是一个类似于 Arch Linux 的 pkg-audit 工具.它使用了令人称赞的 Arch 安全小组收集的数据.-- Prakash Subramanian 我们必须经常更新 ...

  6. C/C++ 最易受攻击、70% 漏洞无效,揭秘全球开源组件安全现状

    开源是一种精神,更是一种合作共赢的模式.不过如今的开源生态虽然得以让诸多的程序员.技术人们学习.修改以及以任何目的向任何人分发开源软件,但是这并不意味着足够的安全.在本文中,我们将从最新发布的< ...

  7. 第三方依赖关系的风险:利用数十个易受攻击的 NuGet包瞄准 .NET 平台

     聚焦源代码安全,网罗国内外最新资讯! 编译:奇安信代码卫士 研究人员分析NuGet 仓库上托管的现成可用软件包后指出,51个唯一的软件组件易受多个可活跃利用高危漏洞的影响,再次说明了第三方依赖关系对 ...

  8. SoftPAC 虚拟控制器漏洞使 OT 网络易受攻击

     聚焦源代码安全,网罗国内外最新资讯! 编译:奇安信代码卫士团队 工业网络安全公司 Claroty 的一名研究员在 Opto 22 的 SoftPAC 虚拟可编程自动控制器 (PAC) 中发现了多个漏 ...

  9. 内存完整性已关闭,你的设备可能易受攻击已解决之处理方法

    最近有用户在打开安全中心内存完整性的时候提示内存完整性已关闭,你的设备可能易受攻击,这是有些驱动的兼容问题确实会导致内存完整性不能开启,那么该怎么解决呢?下面来看看解决方法吧!内存完整性是 Windo ...

  10. 十大最易受攻击的软件 Java第一Adobe第三

    本文讲的是十大最易受攻击的软件 Java第一Adobe第三,一份最近的区域性调查报告显示,美国个人电脑上安装的软件中,甲骨文公司的Java,苹果公司的QuickTime,以及Adobe公司的PDF阅读 ...

最新文章

  1. vue.js快速入门
  2. Elasticsearch深入11 运维
  3. 030_jdbc-mysql事务
  4. [转载] 七龙珠第一部——第070话 五人战士大突击
  5. Python类的多态
  6. 在页面中隐藏数据库某信息并显示该信息对应的字典编码名称(后台ssh框架,前台extjs)
  7. 深度学习入门初步——MNIST数据格式如何使用
  8. h5应用 vue 钉钉_uniapp开发一个小视频应用(一)
  9. EntityFramework中的DbContext使用疑点说明
  10. linux下完全删除mysql
  11. vc++HOOK详细讲解
  12. php 跨域 json,php跨域调用json的例子
  13. photoshop Mac版本安装
  14. 服务器状态错误是怎么回事,内部服务器错误500是什么?该如何解决?
  15. 【遥感】常见国产卫星载荷分辨率汇总
  16. 站在物联网风口 中兴着力构建GIA 的IoT新生态
  17. 酱香科技不在YYDS了,市盈率50倍的白酒,要回调到25倍的市盈率?泡沫要破灭了
  18. systemd 服务使用
  19. 名茶事典——【贡(寿)眉】
  20. SwiftUI iOS 精品完成项目之宠物展示与领养App MVVM(教程含源码)

热门文章

  1. 规则引擎groovy
  2. MybatisCodeHelperPro的使用
  3. 多店进销存管理系统源码本源码亲测可用
  4. 有关并联机器人动力学的学习
  5. 远程控制客户端使用教程-multiDesk
  6. 项目管理中如何应对用户频繁的需求变更?
  7. myBatis约束文档
  8. 数据结构 | 哈希表与哈希冲突的解决(一)
  9. MagicDraw-序列图
  10. 2021-11-03