Metaphor’s source code is now released! The source include a PoC that generates MP4 exploits in real-time and bypassing ASLR. The PoC includes lookup tables for Nexus 5 Build LRX22C with Android 5.0.1. Server-side of the PoC include simple PHP scripts that run the exploit generator – we using XAMPP to serve gzipped MP4 files. The attack page is index.php.
The exploit generator is written in Python and used by the PHP code.
Usage:
git clone https://github.com/NorthBit/Metaphor && cd Metaphor cd metaphor/exploit python metaphor.py (to generate exploit) or right click metaphor.sln the open with your visual studio
Source: https://github.com/NorthBit