Pinkie Pie pwns Google’s Pwnium 2 challenge
- Security researcher Pinkie Pie nets US$60,000 for Chrome take advantage of
- Google says a patch ultimate the take advantage of become released much less than 10 hours after Pwnium 2 concluded
WHEN a submission for Pwnium 2 got here in, Chris Evans (p.c), who leads the Chrome safety team, was status on the Google booth with a pal who works at Adobe.
“The idea in his head turned into ‘please don’t permit it be Flash’,” said Evans, talking over the past convention slot at the final day of the HITB Security Conference hosted at Intercontinental Hotel in Kuala Lumpur.
It wasn’t Flash, however it became certainly a valid make the most with the aid of returning ‘pwner’ Pinkie Pie. The exploit was confirmed at nighttime (Oct nine) by way of Google’s domestic crew again within the United States.
“Since this take advantage of depends absolutely on bugs within Chrome to attain code execution, it qualifies for our highest award level as a ‘full Chrome exploit’ a US$60,000 prize and unfastened Chromebook,” said Evans in his weblog reporting the discover.
The exploit involved a WebKit Scalable Vector Graphics (SVG) compromise to make the most the renderer method and a 2nd trojan horse inside the inter-method communique (IPC) layer to get away the Chrome sandbox.
“Pinkie Pie pwned Chrome quite tough, however we’re very happy to have him enter once more,” said Evans.
Pwn is a slang term within the cyber network to mean “taking up one’s pc or compromising a PC" for the only purpose of controlling the tool.
During his HITB presentation, Evans additionally shared that again in Sept 2010, a safety researcher called ncspz published the following message: “The SVG module will make Google move bankrupt.”
“Guess he changed into a visionary and Google is ready US$a hundred and twenty,000 in the direction of his prediction,” stated Evans. To date, Google below its Chromiun software has paid out 489 rewards totaling US$650,000.
This is the second one time; Pinkie Pie has captured pinnacle honors from Google’s Pwnium undertaking.
In March of this 12 months on the Pwnium contest which happened throughout the Pwn2Own opposition at CanSecWest, he was rewarded for vulnerabilities he used to break out of the browser's sandbox and execute code.
He had to combine a complete of six vulnerabilities, for you to get his code to execute on the test device at the time; the holes had been later closed with the release of Chrome 18.
“We’re additionally quite thrilled with the time it took to launch the patch for this exploit. We beat our document from the first Pwnium project,” stated Evans.
“We started out studying the take advantage of as soon as it become submitted, and in fewer than 10 hours after Pwnium 2 concluded we were updating customers with a freshly patched version of Chrome,” he introduced.
Only an extra access, a formerly undiscovered kernel driver vulnerability, changed into unveiled for the Pwnium 2 mission, by way of a security researcher known as Nikita Tarakanov (@NTarakanov), which dispels the “no-one entered” myth. However, it did no longer paintings within the sandbox and turned into taken into consideration a “non-entry.”
Related Story:
Google offers US$2 million in bug hunt competition to be hosted in KL
Chris Evans: Google Chrome's Captain Security