Day 2 at Pwn2Own 2019 hacking competition – White hat hackers earned $270,000 for exploits against the Mozilla Firefox and Microsoft Edge browsers.
The security duo Amat Cama and Richard Zhu of team Fluoroacetate earned $50,000 for a Firefox exploit with kernel escalation. The experts chained a just-in-time (JIT) bug and an out-of-bounds write flaw in the Windows kernel.
“They were able to execute code at SYSTEM level just by using Firefox to visit their specially crafted website,” reads the post published by the Zero Day Initiative (ZDI). “The effort earned them another $50,000 and five more points towards Master of Pwn.”
The two experts already have racked up a total of $340,000 in the first teo days.
The second day of Pwn2Own 2019 sees Niklas Baumstark (@_niklasb) earning $40,000 and 4 Master of Pwn points for a JIT bug in Firefox and a logic flaw that allowed a sandbox escape.
“In a real-world scenario, an attacker could use this to run their code on a target system at the level of the logged-on user. The successful demonstration earned him $40,000 and 4 Master of Pwn points.” continues the post.
The last hack of the day was demonstrated by Arthur Gerkis of Exodus Intelligence that earned $50,000 for a Microsoft Edge exploit with a sandbox escape. The exploit leverages a
If you are interested in exploits demonstrated
Pwn2Own 2019 read here.
During the first day, participants hacked Apple Safari browser, Oracle VirtualBox and VMware Workstation.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.