Chrome cracked at Pwn2Own

Powered by SC Magazine
 

Google's browser first to fall at CanSecWest.

Google's Chrome browser was the first to fall at the annual Pwn2Own exploit contest at the CanSecWest conference.

Chrome was compromised by  researchers from French security firm Vupen after it was earlier compromised as part of Google's own Pwnium contest.

Google awarded $60,000 to the researchers for their work. The company offered $1 million in prizes and a Chromebook to those who successfully exploit its browser in a Chrome-specific hacking contest this year.

A change in the rules at Pwn2Own "to make it less like a lottery" and give all competitors an opportunity to prove their skills on-site (or remotely) has proved to be controversial.

Google's security team said that it withdrew its sponsorship when it discovered that contestants were permitted to enter Pwn2Own without having to reveal full exploits (or even all of the bugs used) to vendors.

Threatpost claimed that in previous years, contestants needed to pre-register and the organisers from TippingPoint's Zero Day Initiative knew how many participants there would be.

Vupen was the only team to begin the competition this year.

According to The Verge, Vupen's method took advantage of two zero-day exploits and a baited website set up during the hack. Once the computer visited the site, the exploit ran and opened up the Chrome calculator extension outside of the browser's sandbox, demonstrating complete control of the up-to-date 64-bit Windows 7 box.

Vupen's team was led by co-founder and head of research Chaouki Bekrar.

Bekrar told ZDNet said his team worked for about six weeks to find and write the two vulnerabilities, one which bypassed DEP and ASLR on Windows and the other to break out of the Chrome sandbox.

He declined to say if any of the exploits targeted third-party code in the browser, saying that it was "a use-after-free vulnerability in the default installation of Chrome".

Bekrar also said that his team came equipped for zero-day flaws for all the four major browsers – Google Chrome, Microsoft Internet Explorer, Apple Safari and Mozilla Firefox – but it decided to go after Chrome first after it was left uncracked last year.

“We wanted to show that Chrome was not unbreakable. Last year, we saw a lot of headlines that no one could hack Chrome. We wanted to make sure it was the first to fall this year,” he said.

He also said that it will sell the rights to the DEP and ASLR Windows bypass, but it will not give up the sandbox escape.

“We are keeping that private, keeping it for our customers.”

The conference is taking place in Vancouver, Canada.

This article originally appeared at scmagazineuk.com

Copyright © SC Magazine, UK edition


Chrome cracked at Pwn2Own
 
 
 
Top Stories
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  4%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  3%
 
A Federal Government agency (ATO, Centrelink etc)
  19%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1880

Vote
Do you support the abolition of the Office of the Information Commissioner?