On March 15-16, the 2018 Pwn2Own game came to a close. As of now, the organizer Zero Day Initiative has provided the winner with a prize of 267,000 US dollars and a 26-point bonus, and won 5 Apple vulnerabilities, 2 Oracle vulnerabilities, 4 Microsoft vulnerabilities and one Mozilla vulnerability.
The first player on the stage was Richard Zhu, but his start was unfavorable. He did not use the loophole to break the Safari browser within the specified time. However, in the Pwn2Own arena is the lack of surprises and reversals, Richard Zhu challenged the Microsoft Edge browser in the subsequent challenge, using the Microsoft kernel EoP to successfully escalate through the two UAF and run the execution code, obtained $70000 award and 7 Pwn points. In the second day of the challenge, Richard Zhu became more and braver. He successfully exploited the EoP vulnerabilities of the Windows kernel to successfully break the Mozilla Firefox browser, winning $50,000 in rewards and five Pwn points.
Next on the stage was Niklas Baumstark from the phoenhex team who launched an attack against Oracle VirtualBox and eventually successfully exploited some of the vulnerabilities, earning $27,000 in rewards and 3 Pwn points.
The last challenge on the first day was Samuel Groß, who successfully exploited the MacOS kernel Eop vulnerabilities to crack the Apple Safari browser, winning $65,000 in rewards and six Pwn points.
In the second day of the competition, three researchers from Ret2 Systems, Markus Gaasedele, Nick Burnett, and Patrick Biernat, demonstrated that they used the macOS kernel to raise privilege vulnerabilities to attack Safari. However, there were some accidents in the middle of the demonstration. It was not until the fourth attempt to actually use the loopholes to crack. According to the rules of the game, only three attempts were allowed, so this counted as a failure.
Another cracking team came from the MWR lab. Three researchers Alex Plaskett, Georgi Geshev, and Fabi Beterke took the stage to demonstrate that two flaws broke the sandbox mode of the Safari browser. One was a heap buffer overflow vulnerability in the browser. Another is the macOS uninitialized stack variable vulnerability. They received $55,000 and 5 Pwn points.
The two-day Pwn2own has both the pride and joy of cracking success and regrets and sighs of failure. The following is the final ranking for the Pwn2Own 2018 contest. Richard Zhu won a $120,000 prize and 12 Pwn points in a two-day match and was the king of cracks.
Source: thezdi
