Ua hōʻuluʻulu ʻia nā hopena o nā lā ʻekolu o ka hoʻokūkū Pwn2Own 2021, i mālama ʻia i kēlā me kēia makahiki ma ke ʻano o ka hālāwai CanSecWest. E like me ka makahiki i hala, ua mālama ʻia ka hoʻokūkū a ua hōʻike ʻia nā hoʻouka kaua ma ka pūnaewele. ʻO nā 23 i manaʻo ʻia, ua hōʻike ʻia nā ʻenehana hana no ka hoʻohana ʻana i nā nāwaliwali i ʻike ʻole ʻia no ka Ubuntu Desktop, Windows 10, Chrome, Safari, Parallels Desktop, Microsoft Exchange, Microsoft Teams a me Zoom. I nā hihia a pau, ua hoʻāʻo ʻia nā mana hou o nā polokalamu, me nā mea hou i loaʻa. ʻO ka huina o nā uku he hoʻokahi miliona ʻelua haneli kaukani ʻAmelika (ʻo ka huina kālā he hoʻokahi a me ka hapa miliona kālā).
I ka hoʻokūkū, ʻekolu mau hoʻāʻo ʻana e hoʻohana i nā nāwaliwali ma Ubuntu Desktop. Ua kūpono nā ho'āʻo mua a me ka lua a ua hiki i nā mea hoʻouka ke hōʻike i ka piʻi ʻana o nā pono kūloko ma o ka hoʻohana ʻana i nā nāwaliwali i ʻike mua ʻole ʻia e pili ana i ka buffer overflow a me ka hoʻomanaʻo manuahi pālua (ʻaʻole i hōʻike ʻia nā ʻāpana o ka pilikia; hāʻawi ʻia nā mea hoʻomohala i nā lā 90 e hoʻoponopono ai. hewa ma mua o ka hōʻike ʻana i ka ʻikepili). Ua uku ʻia nā bonus o $30 no kēia mau nāwaliwali.
ʻO ke kolu o ka hoʻāʻo ʻana, i hana ʻia e kahi hui ʻē aʻe i ka ʻāpana hoʻomāinoino kuleana kūloko, ua kūleʻa wale nō - ua hana ka hana a hiki ke loaʻa i ke aʻa, akā ʻaʻole i hōʻoia ʻia ka hoʻouka ʻana, no ka mea, ua ʻike mua ʻia ka hewa e pili ana i ka nāwaliwali. i nā mea hoʻomohala ʻo Ubuntu a ua hoʻomākaukau ʻia kahi mea hou me kahi hoʻoponopono.
Ua hōʻike pū ʻia kahi hoʻouka kūleʻa no nā mākaʻikaʻi e pili ana i ka mīkini Chromium - Google Chrome a me Microsoft Edge. No ka hana ʻana i kahi hoʻohana e hiki ai iā ʻoe ke hoʻokō i kāu code i ka wā e wehe ai i kahi ʻaoʻao i hoʻolālā ʻia ma Chrome a me Edge (ua hana ʻia hoʻokahi hoʻohana honua no ʻelua mau polokalamu kele pūnaewele), ua uku ʻia kahi makana o 100 tausani kālā. Hoʻolālā ʻia ka hoʻoponopono e paʻi ʻia i nā hola e hiki mai ana, a hiki i kēia manawa, ʻo nā mea āpau i ʻike ʻia aia ka nāwaliwali i ke kaʻina hana no ka hoʻoili ʻana i ka ʻike pūnaewele (renderer).
Nā hoouka holomua ʻē aʻe:
- $200 tausani no ka hacking i ka noi Zoom (hoʻokō i kāna code ma ka hoʻouna ʻana i kahi leka i kahi mea hoʻohana ʻē aʻe, me ka ʻole o ka pono o kekahi hana ma ka ʻaoʻao o ka mea loaʻa). Ua hoʻohana ka hoʻouka ʻana i ʻekolu mau nāwaliwali ma Zoom a hoʻokahi ma ka ʻōnaehana hana Windows.
- $200 tausani no ka hacking Microsoft Exchange (bypassing authentication and local escalating privileges on the server to load admin rights). Ua hōʻike ʻia kekahi hana hana maikaʻi i kahi hui ʻē aʻe, akā ʻaʻole i uku ʻia ka makana ʻelua, no ka mea, ua hoʻohana mua ʻia nā hewa like ʻole e ka hui mua.
- $200 tausani no ka hacking Microsoft Teams (hoʻokō code ma ke kikowaena).
- $100 no ka hoʻohana ʻana iā Apple Safari (integer overflow in Safari and buffer overflow in the macOS kernel to bypass sandbox and execute code at the kernel level).
- $140 tausani no ka hacking Parallels Desktop (e puka ana i ka mīkini virtual a me ka hoʻokō code ma ka ʻōnaehana nui). Ua hoʻokō ʻia ka hoʻouka ʻana ma o ka hoʻohana ʻana i ʻekolu mau nāwaliwali ʻokoʻa - uninitialized memory leaak, stack overflow and integer overflow.
- ʻElua mau makana o 40 tausani kālā i kēlā me kēia no ka hacking Parallels Desktop (he kuhi hewa a me ka hoʻoheheʻe ʻana o ka pale i hiki ke hoʻokō ʻia ke code i loko o kahi OS waho ma o nā hana i loko o kahi mīkini virtual).
- ʻEkolu mau makana o 40 tausani kālā no ʻekolu hana kūleʻa o Windows 10 (integer overflow, loaʻa i ka hoʻomanaʻo i hoʻokuʻu ʻia a me kahi kūlana lāhui e hiki ai ke loaʻa nā pono SYSTEM).
Ua hoʻāʻo ʻia, akā ʻaʻole i kūleʻa, e hack Oracle VirtualBox. ʻAʻole i koi ʻia nā koho no ka hacking Firefox, VMware ESXi, Hyper-V client, MS Office 365, MS SharePoint, MS RDP a me Adobe Reader. ʻAʻohe mea i makemake e hōʻike i ka hacking o ka ʻōnaehana ʻike o kahi kaʻa Tesla, ʻoiai ka makana o 600 tausani kālā me kahi kaʻa Tesla Model 3.
Source: opennet.ru