• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • About Darknet
  • Hacking Tools
  • Popular Posts
  • Darknet Archives
  • Contact Darknet
    • Advertise
    • Submit a Tool
Darknet – Hacking Tools, Hacker News & Cyber Security

Darknet - Hacking Tools, Hacker News & Cyber Security

Darknet is your best source for the latest hacking tools, hacker news, cyber security best practices, ethical hacking & pen-testing.

Day One At Pwn2Own Takes Out Microsoft Internet Explorer and Apple Safari

March 10, 2011

Views: 9,264

Well it’s March again and well we love March because it’s Pwn2Own time! Every year around this time we get some goodies to discuss way back since:

  • 2008 – Mac owned on 2nd day of Pwn2Own hack contest
  • 2009 – Charlie Miller Does It Again At PWN2OWN
  • 2010 – Mozilla Beats Apple & Microsoft to Pwn2Own Patch For Firefox

It took Microsoft till June last year to fix the Pwn2Own bug – Microsoft Patches At Least 34 Bugs Including Pwn2Own Vulnerability.

This time both Internet Explorer and Safari fell on the first day!

Contestants in a high-stakes hacking contest had no trouble toppling the Apple Safari and Microsoft Internet Explorer browsers, proving for a fifth year in a row that no software or application is safe from people with the expertise and motivation to exploit them.

The attacks came on Day One of the Pwn2Own contest, which pays more than $15,000 apiece for exploits that successfully give the attacker full remote access of the targeted machine. Wednesday’s event saw hackers take complete control of a fully patched Sony Vaio and MacBook Air by compromising IE and Safari respectively. Google’s Chrome browser was also up for grabs, but no one stepped forward to try hacking it.

“Every browser, every operating system, has its own vulnerabilities,” said Chaouki Bekrar, CEO of Vupen Security and the contestant who successfully hacked Safari. “This is what we wanted to demonstrate – that we can create a very reliable exploit for Apple Mac OS and Safari without even crashing the browser.”

Contest rules forbid him from disclosing most technical details behind the vulnerability, but he was permitted to say that it involved what’s known as a use-after-free flaw in the Apple browser. He said the exploit used a technique known as return-oriented programming to bypass a security protection known as data execution prevention that is built into many Apple programs.

There have been a barrage of patches recently too with Microsoft patching some very serious bugs in the March 2011 Black Tuesday, Apple patches critical Mac bugs with Java updates, Apple patching 62 bugs in Safari and Jon Oberheide killing his own Android bug by reporting it to Google.

Also sadly one of the Pwn2Own champions Geohot wasn’t present most likely to to the shit storm Sony is throwing at him.

It’ll be interesting to what else comes out of Pwn2Own this year.

After building the tools from scratch, it took him about two weeks to find the bug and set out to exploit it. The result was an attack that reliably commandeers a Mac when Safari visits a website that hosts the malicious code.

“Just after visiting the webpage with the affected version of Safari, we can, for example, launch the calculator or open a shell or do anything else we want,” he said a minute or two after demonstrating the exploit at the contest, which was attended by members of Apple’s security team. “We have the same privileges as the user who visited the webpage.”

He said users would have no way of knowing their machines have been compromised. There is no prompt asking for a password. The only way to thwart the attack is to run Safari from an account that has been configured to have limited privileges.

Under competition rules, contestants drew a lottery to determine who was the first to attempt hacking a particular browser. Once a browser was compromised, it was eliminated from the running. Both IE and Safari were hacked on the first try.

“I have an exploit all ready to go, and now it’s just sitting in my bag,” said Charlie Miller, a three-time Pwn2Own winner, shortly after Bekrar took this year’s prize. “You’d think Apple would be concerned about it.”

Miller said he’s had the working attack for more than nine months now. Even after Apple patched a whopping 62 Safari security bugs just hours before the contest started, Miller’s exploit still worked, he said.

Charlie Miller has a working exploit sitting in his back too after Bekrar already took the prize. It seems like it’s really quite worth developing a reliable, working 0-day exploit for $15,000!

The new sandbox in IE got pwned pretty easily too, which shows..slapping on some tonka toy security controls isn’t ever going to stop a dedicated attacker. There was one contestant who stepped up to the plate to take down Google’s Chrome, but perhaps the exploit didn’t work as there’s no reports on that.

Day two of Pwn2Own will see attacks on Smart-phone platforms – Windows 7 Mobile, an iPhone 4, a BlackBerry Torch 9800, and a Nexus S running Google’s Android. There are multiple contestants signed up for each platform!

Source: The Register

Share
Tweet30
Share7
Buffer
WhatsApp
Email
37 Shares

Filed Under: Apple, Exploits/Vulnerabilities, Windows Hacking Tagged With: apple, charlie miller, hacking apple, IE, internet-explorer, pwn2own, safari, safari-exploit, safari-security, vulnerability



Reader Interactions

Comments

  1. Bogwitch says

    March 10, 2011 at 10:33 am

    Always good fun to see which browser falls first. I’m suprised there’s no mention of Firefox – do you know of any reason for that?
    I also note that Safari fell too. As I have been saying for several years, Apple offerings are NOT completely secure as some Apple zealots wouls have us believe and as their popularity increases, so will the vulnerabilities.
    Kudos to Google for Chrome. Although no exploit at pwn2own does not mean no vulnerabilities!

    • Darknet says

      March 11, 2011 at 6:10 am

      Yah I found that interesting, perhaps no one even submitted a challenge for Firefox. Well Apple has never really been secure, the users of Macs just tend to be an unusually arrogant bunch and due to the small amount of users – there was no real point targeting them.

  2. Bogwitch says

    March 11, 2011 at 9:31 am

    According to The Register, Firefox was not attempted. http://www.theregister.co.uk/2011/03/11/iphone_blackberry_hacked/

    As for Apple, there was no real point in targetting them but given the high saturation of Iphones, this will now change. I see a distinct move towards malware for mobile devices, much the way the shift from ‘hack because I can’ moved to ‘hack for cash’ with the early profit-driven malware changing the host computer to dial premium rate numbers, the early malware for mobile devices will also be configured to dial or text premium numbers.

  3. window says

    March 16, 2011 at 11:33 am

    What about Firefox? Didn’t try it or didn’t succeed?

Primary Sidebar

Search Darknet

  • Email
  • Facebook
  • LinkedIn
  • RSS
  • Twitter

Advertise on Darknet

Latest Posts

AI-Powered Malware - The Next Evolution in Cyber Threats

AI-Powered Malware – The Next Evolution in Cyber Threats

Views: 241

Introduction Artificial Intelligence (AI) is reshaping cybersecurity on both sides of the … ...More about AI-Powered Malware – The Next Evolution in Cyber Threats

Falco - Real-Time Threat Detection for Linux and Containers

Falco – Real-Time Threat Detection for Linux and Containers

Views: 369

Security visibility inside containers, Kubernetes, and cloud workloads remains among the hardest … ...More about Falco – Real-Time Threat Detection for Linux and Containers

Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance

Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance

Views: 676

As threat surfaces grow and attack sophistication increases, many security teams face the same … ...More about Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance

Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked)

Views: 597

With more businesses running Linux in production—whether in bare metal, VMs, or containers—the need … ...More about Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked)

SUDO_KILLER - Auditing Sudo Configurations for Privilege Escalation Paths

SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths

Views: 638

sudo is a powerful utility in Unix-like systems that allows permitted users to execute commands with … ...More about SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths

Bantam - Advanced PHP Backdoor Management Tool For Post Exploitation

Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

Views: 482

Bantam is a lightweight post-exploitation utility written in C# that includes advanced payload … ...More about Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

Topics

  • Advertorial (28)
  • Apple (46)
  • Countermeasures (228)
  • Cryptography (82)
  • Database Hacking (89)
  • Events/Cons (7)
  • Exploits/Vulnerabilities (431)
  • Forensics (65)
  • GenAI (3)
  • Hacker Culture (8)
  • Hacking News (230)
  • Hacking Tools (684)
  • Hardware Hacking (82)
  • Legal Issues (179)
  • Linux Hacking (74)
  • Malware (238)
  • Networking Hacking Tools (352)
  • Password Cracking Tools (104)
  • Phishing (41)
  • Privacy (219)
  • Secure Coding (118)
  • Security Software (235)
  • Site News (51)
    • Authors (6)
  • Social Engineering (37)
  • Spammers & Scammers (76)
  • Stupid E-mails (6)
  • Telecomms Hacking (6)
  • UNIX Hacking (6)
  • Virology (6)
  • Web Hacking (384)
  • Windows Hacking (169)
  • Wireless Hacking (45)

Security Blogs

  • Dancho Danchev
  • F-Secure Weblog
  • Google Online Security
  • Graham Cluley
  • Internet Storm Center
  • Krebs on Security
  • Schneier on Security
  • TaoSecurity
  • Troy Hunt

Security Links

  • Exploits Database
  • Linux Security
  • Register – Security
  • SANS
  • Sec Lists
  • US CERT

Footer

Most Viewed Posts

  • Brutus Password Cracker – Download brutus-aet2.zip AET2 (2,299,297)
  • Darknet – Hacking Tools, Hacker News & Cyber Security (2,173,111)
  • Top 15 Security Utilities & Download Hacking Tools (2,096,648)
  • 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) (1,199,694)
  • Password List Download Best Word List – Most Common Passwords (933,536)
  • wwwhack 1.9 – wwwhack19.zip Web Hacking Software Free Download (776,176)
  • Hack Tools/Exploits (673,304)
  • Wep0ff – Wireless WEP Key Cracker Tool (530,194)

Search

Recent Posts

  • AI-Powered Malware – The Next Evolution in Cyber Threats May 21, 2025
  • Falco – Real-Time Threat Detection for Linux and Containers May 19, 2025
  • Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance May 16, 2025
  • Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked) May 14, 2025
  • SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths May 12, 2025
  • Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation May 9, 2025

Tags

apple botnets computer-security darknet Database Hacking ddos dos exploits fuzzing google hacking-networks hacking-websites hacking-windows hacking tool Information-Security information gathering Legal Issues malware microsoft network-security Network Hacking Password Cracking pen-testing penetration-testing Phishing Privacy Python scammers Security Security Software spam spammers sql-injection trojan trojans virus viruses vulnerabilities web-application-security web-security windows windows-security Windows Hacking worms XSS

Copyright © 1999–2025 Darknet All Rights Reserved · Privacy Policy