Printed from http://www.electronista.com

Hackers attack Safari on MacBook to win Pwn2Own

updated 10:05 pm EST, Wed March 9, 2011

Team exploits WebKit vulnerability

Security researches from the French company Vupen hacked a MacBook running Safari to win the recent Pwn2Own hacking contest this week at the CanSecWest security conference. The group discovered and exploited an unpatched vulnerability in Safari's WebKit engine. The browser was directed to a website designed to take advantage of the flaw, enabling the hackers to remotely launch the calculator application and write a file to the disk.

The team of three researchers claimed to have spent several weeks to hone in on the potential vulnerability and build an exploit, according to a ZDNet report. Despite the apparent ease in which the group compromised the system, Vupen co-founder Chaouki Bekrar suggests it was a "somewhat difficult" challenge to create an exploit for the 64-bit version of Mac OS X.

"There are many WebKit vulnerabilities. You can run a fuzzer and get lots of good results," Bekrar said. "But it's much more difficult to exploit it on x64 and to make your exploit very reliable."

The successful hackers were awarded with $15,000 in cash, along with a 13-inch MacBook Air.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. Fast iBook

    Fresh-Faced Recruit

    Joined: Mar 2003

    -1

    Headline should read.....

    Headline should read "another one off stunt shows a vulnerability in mac os, which in a few weeks will be patched".

    - A

  1. PRoth

    Fresh-Faced Recruit

    Joined: Aug 2008

    +7

    The message, not the presentation

    While I don't really appreciate the atmosphere in which these security exploits are "showcased", I think the results are valuable whether they're one-off or not. I also think it's great, that there are folks out there dedicated enough to throw everything they've got at OS X and Safari (well WebKit, really) for an innocuous prize instead of for all the wrong reasons.

  1. Bobfozz

    Fresh-Faced Recruit

    Joined: Jul 2008

    +4

    not impressed

    and when will MacNN get it right about "hone in" and "home in?" Missiles home, axes hone.

    Don't feel bad, the internet bozos have this one wrong most of the time. The ones with "class," they get it right.

  1. MadGoat

    Fresh-Faced Recruit

    Joined: Feb 2008

    +4

    comment title

    Were these processes and files launched or written with admin/root privileges.

    If not, this isn't a big deal at all. Without root access, you're going nowhere fast.

  1. Paradise Pete

    Fresh-Faced Recruit

    Joined: Nov 2007

    +3

    The prize is good

    The prize and the corresponding peer respect is what makes them work hard to find the weaknesses. And these are people you want to find them, not the crooks.

  1. prl99

    Dedicated MacNNer

    Joined: Mar 2009

    +1

    before or after Safari update?

    Did they use the version of Safari that was updated yesterday (5.0.4) or a previous version? In other words, is this vulnerability already patched?

  1. testudo

    Forum Regular

    Joined: Aug 2001

    +1

    Re: Headline should read.....

    Headline should read "another one off stunt shows a vulnerability in mac os, which in a few weeks will be patched".

    Yes, which is exactly what you probably say every time there's some vulnerability in the Mac OS that's announced or released.

  1. testudo

    Forum Regular

    Joined: Aug 2001

    0

    root privileges

    Were these processes and files launched or written with admin/root privileges.

    If not, this isn't a big deal at all. Without root access, you're going nowhere fast.


    What do you mean "You're going nowhere fast?" I guess if you think people want to hack your computer so they can get root access so they can, I don't know, install some kernel extension or wipe the applications folder, you're right.

    However, considering that 'user' access would let them run a program on your computer, which, in turn, could run other tasks, install a login item, access your files, delete your entire home directory.

    But, right, that stuff is all who cares stuff. We need only worry about having our System Fonts protected!

  1. testudo

    Forum Regular

    Joined: Aug 2001

    +3

    BTW

    According to the report, they were able to write a file to the disk and launch an app. If the file they launched was the file they wrote, they basically would have the capability to do whatever they wanted with your data.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Adesso Compagno X Bluetooth keyboard

The shift from typing on physical keyboards to digital versions on smartphones and tablets hasn't been an easy for many consumers. Fro ...

Polk Audio 4 Shot headset

Sound quality and design are two of the biggest areas of focus for manufacturers when coming up with a new gaming headset. Depending o ...

Patriot Supersonic Phoenix USB 3.0 drive

USB thumb drives aren't the end all solutions for data transfer and traveling needs. Sometimes people want something with a little mor ...

Sponsor

toggle

Most Commented

 
toggle

Popular News