Slashdot Mirror

← Back to Stories (view on slashdot.org)

First Pwn2Own 2009 Contest Winners Emerge

Posted by timothy on from the good-work-if-you-can-get-it dept.

mellowdonkey writes "Last year's CanSecWest hacking contest winner, Charlie Miller, does it again this year in the 2009 Pwn2Own contest. Charlie was the first to compromise Safari this year to win a brand spankin new Macbook. Nils, the other winner, was able to use three separate zero day exploits to whack IE8, Firefox, and Safari as well. Full detail and pictures are available from the sponsor, TippingPoint, who acquired all of the exploits through their Zero Day Initiative program."

4 of 98 comments (clear)

  1. Re:Hmmm.... by Anonymous Coward · · Score: 5, Funny

    But Safari was created by the Gods at Apple....

  2. Re:Hmmm.... by ijakings · · Score: 5, Funny

    Firefox Three for the Elven-kings under the sky,
    IE Seven for the Dwarf-lords in their halls of stone,
    Netscape Nine for Mortal Men doomed to die,
    One Safari for the Dark Lord on his dark throne
    In the Land of Apple where the Shadows lie.
    One Browser to rule them all, One Browser to find them,
    One Browser to bring them all and in the darkness bind them
    In the Land of Apple where the Shadows lie.

  3. Re:Let me be the first to say by tonywong · · Score: 5, Informative

    Since no one has placed what 'owned' means, here's the rules from the canwest site:

    2009-03-18-01:00:00 PWN2OWN Final Rules

    Well after much discussion and deliberation here is the final cut at scenarios for the PWN2OWN competitions.

    Browsers and Associated Test PAltform

    Vaio - Windows 7

            * IE8
            * Firefox
            * Chrome

    Macintosh

            * Safari
            * Firefox

    Day 1: Default install no additional plugins. User goes to link.
    Day 2: flash, java, .net, quicktime. User goes to link.
    Day 3: popular apps such as acrobat reader ... User goes to link

    What is owned? - code execution within context of application

    =====

    I'm presuming that code execution is the first step towards owning the whole box, which may or may not be trivial once you got code execution happening within the app.

  4. Re:No details? by ld+a,b · · Score: 5, Interesting

    >"we had the user click a link and all hell broke loose"

    That is exactly what happened with Safari on MacOS, in seconds. I guess the others fell just as easily, but with a bit more crude exploits.

    We don't get to know the details because vendors get to fix the hole before anything is published, which is long after all of us have forgotten about the contest.

    What really is misleading is that Windows 7 and MacOS are implied pwned when it appears that only the browsers were taken.

    With IE8 purportedly running in a "sandbox", breaking out of that was interesting by itself and hopefully a bit more difficult than just escalating privileges in MacOS.

    I miss Linux too. A hole in firefox means being just one local exploit away from pwning your box.

    --
    10 little-endian boys went out to dine, a big-endian carp ate one, and then there were -246.