ProHoster > Блог > ozi ịntanetị > E gosipụtara hacks nke Ubuntu, Windows, macOS na VirtualBox na asọmpi Pwn2Own 2020

E gosipụtara hacks nke Ubuntu, Windows, macOS na VirtualBox na asọmpi Pwn2Own 2020

Wetuo nsonaazụ ụbọchị abụọ nke asọmpi Pwn2Own 2020, a na-eme kwa afọ dịka akụkụ nke ogbako CanSecWest. N'afọ a, a na-eme asọmpi ahụ ihe fọrọ nke nta ka ọ bụrụ na e gosipụtara mwakpo ahụ n'ịntanetị. Asọmpi a gosipụtara usoro ọrụ maka irigbu adịghị ike amaghi ama na Ubuntu Desktop (Linux kernel), Windows, macOS, Safari, VirtualBox na Adobe Reader. Ngụkọta ego ịkwụ ụgwọ bụ puku dollar 270 (ego ihe nrite ruru ihe karịrị nde US dollar anọ).

  • Mmụbawanye ohere nke mpaghara na Desktọpụ Ubuntu site na iji adịghị ike na Linux kernel jikọtara ya na nkwenye na-ezighi ezi nke ụkpụrụ ntinye (ihe nrite $ 30);
  • Ngosipụta nke ịpụ na gburugburu ebe obibi ndị ọbịa na VirtualBox na ime koodu na ikike hypervisor, na-erigbu adịghị ike abụọ - ikike ịgụ data sitere na mpaghara na-abụghị ihe nchekwa ekenyela na njehie mgbe ị na-arụ ọrụ na mgbanwe ndị na-enweghị isi (ihe nrite 40 puku dollar). N'èzí asọmpi ahụ, ndị nnọchiteanya nke Zero Day Initiative gosikwara ọzọ mbanye anataghị ikike VirtualBox, nke na-enye ohere ịnweta usoro nnabata site na iji aghụghọ na gburugburu ebe obibi ọbịa;



  • Ịbanye Safari na ohere dị elu na ọkwa kernel macOS ma na-agba mgbako dị ka mgbọrọgwụ. Maka nrigbu, a na-eji eriri nke njehie 6 mee ihe (ihe nrite 70 puku dollar);
  • Ngosipụta abụọ nke ihe ùgwù mpaghara na-abawanye na Windows site na nrigbu nke adịghị ike nke na-eduga na ịnweta ebe nchekwa ebe a tọhapụrụlarị (ihe nrite abụọ nke 40 puku dollar ọ bụla);
  • Inweta onye nchịkwa ohere na Windows mgbe imepe akwụkwọ PDF ahaziri ahazi na Adobe Reader. Mwakpo a gụnyere adịghị ike na Acrobat na Windows kernel metụtara ịnweta ebe nchekwa ahapụlarị (ihe nrite $ 50).

Nhọpụta maka hacking Chrome, Firefox, Edge, Microsoft Hyper-V Client, Microsoft Office na Microsoft Windows RDP ka enwetaghị akwụkwọ. Emere mgbalị ịwakpo VMware Workstation, mana ọ gaghị aga nke ọma.
Dị ka afọ gara aga, ụdị ihe nrite agụnyeghị mbanye anataghị ikike nke ọtụtụ ọrụ mepere emepe (nginx, OpenSSL, Apache httpd).

Iche iche, anyị nwere ike mara isiokwu nke hacking ozi usoro nke ụgbọ ala Tesla. Enweghị mgbalị ọ bụla iji mebie Tesla na asọmpi ahụ, n'agbanyeghị ihe nrite kachasị nke $ 700 puku, mana iche iche. оявилась информация banyere njirimara nke adịghị ike DoS (CVE-2020-10558) na Tesla Model 3, nke na-enye ohere, mgbe ị na-emepe ibe a haziri ahazi na ihe nchọgharị arụnyere, iji gbanyụọ ngosi sitere na autopilot ma mebie ọrụ nke akụrụngwa dịka. Igwe ọsọ ọsọ, ihe nchọgharị, ntụ oyi, sistemu igodo, wdg.

isi: opennet.ru

Tinye a comment