Search Results for 'pwn2own'

Pwn2Own 2014: All Browsers Defeated

By | March 19, 2014 | 0 Comments

Pwn2Own 2014: All Browsers DefeatedIt looks like this year’s Pwn2Own hacking contest was pretty eventful and all web browsers got their asses kicked.

On the first day, a team from France has successfully hacked Internet Explorer 11, Firefox and Adobe Flash Player. The very same research firm also managed to find a vulnerability in Google Chrome, which affects both WebKit and Blink rendering engines.

Next day Sebastian Apelt and Andreas Schmidt have demonstrated a browser based exploit against Microsoft’s web browser, followed by a Chinese team that managed to bypass Safari’s sandbox and run remote code execution through it.
Continue Reading

Pwn2Own 2013: All Browsers Fail

By | March 8, 2013 | 17 Comments

Pwn2Own 2013: All Browsers FailNo one cared about Safari.

With the Pwn2Own hacking contest coming to an end, it was revealed that every major web browser was hacked.

Google Chrome exploit allowed for a full breakout from its invincible sandbox resulting in a $100,000 reward, while both Firefox and Internet Explorer were exploited by a security firm VUPEN, resulting in a total of $160,000 in bounty payments ($60,000 and $100,000 respectively).

What about Safari? As it turns out, no one even pre-registered for Apple’s web browser this year despite the $75,000 prize.
Continue Reading

Google Chrome Pwn2Own Vulnerability Patched

By | March 9, 2012 | 2 Comments
Google Chrome Pwn2Own Vulnerability Patched

From left to right Jim Hebert, Cris Necker, Justin Schuh

Just 24 hours after reporting the critical vulnerability in Google’s Chrome web browser, the search giant has already released a patch to address the issue.

Identified as a bug CVE-2011-3046, discovered vulnerability is described as “UXSS and bad history navigation”, with no additional details revealed.
Continue Reading

Pwn2Own 2012 Is Coming

By | February 20, 2012 | 23 Comments

Pwn2Own 2012 Is ComingPwn2Own, a computer hacking contest, which will begin on March 7th in Vancouver, British Columbia, has slightly modified its concept, according to sources.

First of all, smartphone hacks have been dropped completely in favor of the web browser exploits against Internet Explorer, Firefox, Google Chrome and Safari running on both Windows and Mac operating systems.
Continue Reading

IE8 and Safari Fall on First Day of Pwn2own

By | March 11, 2011 | 13 Comments

Red Font Pwn

Pwn2Own, the yearly hacking contest held as part of the CanSecWest security conference, saw the successful hijacking of fully patched versions of Safari and Internet Explorer 8 this year. Ars Technica described Pwn2Own as the following:

If a researcher can pwn the browser—that is, make it run arbitrary code—then they get to own the hardware the browser runs on. This year, not only did they have to run arbitrary code, they also had to escape any sandboxes—restricted environments with reduced access to data and the operating system—that are imposed.

Continue Reading

19 Chrome Bugs Fixed in Preparation for Pwn2Own Hacking Contest

By | March 2, 2011 | 3 Comments

Nine researchers were paid a total of $14,000 in bug bounties for bringing the Chrome bugs to Google’s attention. The company then promptly patched them last Monday.

Pwn2Own, an annual hacking contest that takes place at the CanSecWest security conference in Vancouver, British Columbia, was most likely the trigger for the updates, for Google fixed security flaws a week before last year’s Pwn2Own contest as well.
Continue Reading

Pwn2Own: Google to Give Away CR-48 Laptop and $20,000

By | February 3, 2011 | 7 Comments

Pwn2Own: Google to Give Away CR-48 Laptop and $20,000The 5th Pwn2Own contest is here and there are some special treats for all you exploiters.

In addition to already offered prizes by Zero Day Initiative (ZDI) (a total is $105,000), Google Inc. will also be giving away a CR-48 laptop running Google Chrome OS and $20,000 to one lucky hacker who will exploit a security hole in Google Chrome web browser.

Contestants are welcomed to hack the following browsers:

Microsoft Internet Explorer
Apple Safari
Mozilla Firefox
Google Chrome

All of them will be running on a 64-bit, Windows 7 or OS X machines.

As for Opera inclusion, it’s still the same “low market share” argument.

Pwn2Own: Internet Explorer 8, Firefox and Safari Hacked

By | March 25, 2010 | 20 Comments

Pwn2Own: Internet Explorer 8, Firefox and Safari HackedAs first day at Pwn2Own hacking contest nears its end, web browser results are in.

Just like last year, Apple’s Safari 4 on Snow Leopard 10.6 was hacked first, as Charlie Miller set up a remove exploit.

Interment Explorer 8 has fallen next, after a successful Peter Vreugdenhil four layer attack on Windows 7. Continue Reading

Pwn2Own: Internet Explorer 8, 7 vs. Firefox 3 vs. Chrome 4 vs. Safari 4

By | February 18, 2010 | 21 Comments

Pwn2Own: Internet Explorer 8 vs. Firefox 3 vs. Chrome 4 vs. Safari 4In the upcoming Pwn2Own contest, hackers will be trying to “pwn” Microsoft Internet Explorer, Mozilla Firefox, Google Chrome and Apple Safari web browsers. Competition will be active for three days, with a total cash prize pool of $40 000, where each target is worth $10 000.

Contestants will be trying to exploit:

Day 1
Microsoft Internet Explorer 8 on Windows 7 Continue Reading

Pwn2Own: Hacker Exploits IE8, Firefox, Safari

By | March 19, 2009 | 8 Comments

From ZDNet

“He won a cash prize and got to keep the hardware. Details of the vulnerability, which was described by contest sponsor TippingPoint ZDI as a “brilliant IE8 bug!” are being kept under wraps.

“Nils” also scored a clean hit against Apple’s Safari (he was the second hacker to exploit Safari) and, later in the afternoon, he exploited a Firefox zero-day flaw to claim the trifecta.”

In case you are interested, Mac was hacked in 10 seconds.

Nothing about Opera or Chrome yet.

[digg-reddit-me]