Tag Archive | Hacking

Pwn2Own (2013) Contest a Blast – FULL Results

CanSecWest is a conference, and 2013’s conference once again involved the Pwn2Own contest for hackers, an elite (1337) competition. The concept remained simple and will always that if you pwn a fully-patched browser running on a fully-patched laptop, you get to keep the laptop.

However, different rules applied this year. It involved successfully demonstrating the exploit, providing the sponsor (HP) the fully functioning exploit, and all details involved with the vulnerability used in the attack. If there were many vulnerabilities, multiple reports are needed, etc.

The work couldn’t be sold to anyone else, and proof of concept would belong to HP once sold. Basically, HP buys the winning exploits for own use. Their idea of reward money was the following:

  • Google Chrome on Windows 7 = $100,000
  • IE10 on Windows 8 = $100,000 or IE9 on Windows 7 = $75,000.
  • Mozilla Firefox on Windows 7 = $60,000
  • Apple Safari on Mac OS X Mountain Lion = $65,000
  • Adobe Reader XI and Flash Player = $70,000
  • Oracle Java = $20,000

It was assuredly a blast at the competition, no doubt about it.

DAY ONE: Java, Chrome, IE10, and Firefox PWNED!!!

(Where’s Safari, right? It survived!)

The idea behind each attack is the ability to browse to an untrusted website where you’re able to inject and run arbitrary code outside of the browsing environment.

Of course, one of the rules is: “A successful attack … must require little or no user interaction and must demonstrate code execution… If a sandbox is present, a full sandbox escape is required to win.”

ie-ff-chrIn addition to Chrome, Firefox, and IE10 being pwned, Java was pwned three times on the first day. Once by James Forshaw, Joshua Drake, and VUPEN Security. VUPEN Security also led a lot of the pack of issues by successfully exploiting IE10 and Firefox as well.

The only other exploit was by Nils & Jon, where both successfully exploited Chrome.

The day after the first day of Pwn2Own, Mozilla and Google patched the exploits that were pushed out. Amazingly fast, Firefox went on to version 19.0.2 (which you should’ve been updated automatically), and Chrome went on to version 25.0.1364.160 (effectively patching 10 vulnerabilities).

“We received the technical details on Wednesday evening and within less than 24 hours diagnosed the issue, built a patch, validated the fix and the resulting builds, and deployed the patch to users,” said Michael Coates, Mozilla’s director of security assurance, in a Thursday blog.

Microsoft has decided to wait until next week’s Patch Tuesday run of updates to push out the fix for the Internet Explorer exploit on IE10.

DAY TWO: Adobe Reader and Flash Player PWNED!!! Java PWNED AGAIN!!!

The last day of Pwn2Own 2013 went with a BANG!fl-ar-ja

Flash Player…exploited by VUPEN Security (any surprise?). Adobe Reader PWNED by George Hotz. Java once again was exploited, this time proxied by Ben Murphy.

Who’re the overall prize winners?

  • James Forshaw, Ben Murphy, and Joshua Drake for Java – each $20,000
  • VUPEN Security for IE10 + Firefox + Java + Flash – $250,000
  • Nils & Jon for Google Chrome – $100,000
  • George Hotz for Adobe Reader – $70,000

Of course, George Hotz is best known for jailbreaking the iPhone and PlayStation 3. He’s still in progress with a lawsuit with Sony over the issue for PS3.

It’s amazing to see that Java was PWNED 4 times in just two days, but is it any surprise based on the number of vulnerabilities Oracle has dealt with for Java?

Now in its eighth year, Pwn2Own contest had $480,000 in payouts, a record year. Amazing!

Got any vibe on this issue? Post comment below! 🙂

FBI Report: Hacker Blackmailed over 350 Women to Strip on Webcam

The FBI has taken into custody a 27-year-old man, claiming that he hacked the accounts of Facebook users coaxing hundreds of women to strip on their webcams, while watching on Skype.

The man identified by the FBI as Karen (“Gary”) Kazaryan of Glendale, CA, was arrested yesterday on federal computer hacking charges.

According to a US Department of Justice press release, Kazaryan is claimed to have broken into victims’ Facebook and email accounts, changing their passwords, and searching for naked and half-naked photographs. He also gathered personally-identifiable information from the users, including passwords, personal details, names of friends, etc.

The report details also that Karen threatened the users who did not comply to his demands of stripping, that he would post nude photos of them on their own Facebook pages. It is also reported that approximately 3,000 photos were seized from the man’s computer. The FBI believes 350 women were lead in to “sextortion”.

The FBI is urging all women who believe they might be a victim to contact the Los Angeles Field Office at +1-(310) 477-6565.

Software exploit code released for solar plant management devices

The US Department of Homeland Security is warning about vulnerabilities in a common SCADA (supervisory control and data acquisition) package that is used to remotely monitor and manage solar energy-generating power plants.

The DHS’s ICS-CERT issued an advisory on Wednesday that exploit code was circulating on the internet for security holes affecting the Italian vendor Sinapsi’s eSolar Light Photovoltaic System Monitor.

The eSolar Light Photovoltaic System Monitor is a SCADA product that allows solar power stations to simultaneously monitor different components of photovoltaic arrays, such as photovoltaic inverters, energy meters, gauges and so on.

ICS-CERT said in its advisory that the vulnerabilities, if successfully exploited, could allow attackers to remotely connect to the management server, “executing remote code, possibly affecting the availability and integrity of the device.”

General information pulled from the blog on Naked Security:

Avoid exploits on your computer with:

%d bloggers like this: