What are some Recommended Hacking Contests
Hacker competition Pwn2Own: Firefox, Edge and Safari are falling like flies
In two days, hackers from many parts of the world attacked various applications, browsers, virtual machines and Windows and achieved some success. At the annual Pwn2Own competition, hackers exploit zero-day vulnerabilities under time pressure for a good cause. If that works, the participants collect rewards. The developers of the cracked software then have 90 days to close the loopholes.
This year the pot was filled to the brim with two million US dollars. The organizer Trend Micro distributed "only" 267,000 US dollars. One of the reasons for this could be that the Chinese government has recently banned security researchers from its own country from participating in hacking competitions. In the past, Chinese security researchers have often dominated the competition.
Last second hack
The winner this year was by far the security researcher Richard Zhu. He has successfully attacked and taken over Microsoft's Edge and Mozilla's Firefox. For the Firefox attack, Zhu combined two memory errors. First it provoked an out-of-bounds error in the web browser and then it triggered a memory error (integer overflow) in the Windows kernel. Then Firefox was at his feet. This challenging combination earned him $ 50,000.
Edge fell victim to Zhu extremely narrowly: It was only in the third and last attempt that he was able to successfully obtain higher rights and break the web browser 37 seconds before the clock ran out. However, he bit his teeth on Safari. Here his competitor Samuel Groß was successful. Zhu has pocketed a total of US $ 120,000. If a hack works, the participant can keep the hacked device. The main winner can also decorate himself with the Master-of-Pwn jacket.
Overall, this year's Pwn2Own hackers successfully exploited five Apple bugs, four Microsoft vulnerabilities, two Oracle vulnerabilities and one Mozilla bug. With 250,000 US dollars, the highest prize money was announced for breaking out of the sandbox of Microsoft's Hyper-V virtualization solution. However, that didn't work out this year.
Participants have three attempts and 30 minutes to complete their hacks. The organizer states that it will also pay premiums if an attack was only partially successful. The Pwn2Own competition takes place as part of the CanSecWest security conference in Vancouver, Canada.
There is now also a mobile offshoot of the competition. Hackers use the latest smartphones there.
[UPDATE March 19, 2018 11:10 am]
Details on attacks added in the body text. (of)Read comments (47) Go to homepage
- How can I install Android Oreo
- What great ideas for online courses
- What are the books on metamaterials
- What are the dimensions of international politics
- What do we get from childhood memories
- Dish has high speed internet
- Can we make petroleum
- What are nonlinear transformations
- How are cement concrete tiles classified
- Why do elements have electrons and protons
- Chromebook is a successful product
- What determines whether a substance can burn
- What is an abstract noun for different
- What can I bring from Dubai
- What references are UC schools looking for
- Where can I find the oil dipstick
- What god is hungry for more believers?
- What are the different types of constants
- What is your erotic confession
- What courses do you offer
- There is both God and the Devil
- How many animals are there in Africa
- Are there any positives to playing PUBG
- Don't you trust everything you see