PDA

View Full Version : Anatomy of a hack: 6 separate bugs needed to bring down Google browser


News
05-22-12, 07:40 PM
http://cdn.arstechnica.net/wp-content/uploads/2012/05/pink_pony_new-4f5b15f-intro.jpg After exploiting six different Chrome vulnerabilities, a hacker named Pinkie Pie was able to display this image on his target machine.
Dan Goodin


An exploit that fetched a teenage hacker a $60,000 bounty targeted six different security bugs to break out of the security sandbox fortifying Google's Chrome browser.

The extreme lengths taken in March by a hacker identified only as Pinkie Pie (http://arstechnica.com/business/2012/03/googles-chrome-browser-on-friday/) underscore the difficulty of piercing this safety perimeter. Google developers have erected their sandbox to separate Web content from sensitive operating-system functions, such as the ability to read and write files to a hard drive. Such sandboxes are designed to minimize the damage that can be done when attackers identify and exploit buffer overflows and other types of software bugs that inevitably find their way into complex bodies of code.

Pinkie Pie's attack came during Pwnium, a contest that awarded $60,000 prizes (http://arstechnica.com/business/2012/02/google-pledges-1-million-in-cash-to-hackers-who-exploit-chrome/) to hackers who successfully broke out of the protective barrier by exploiting only vulnerabilities residing in code that is native to the Google browser. The teenager was one of only two contestants to win the top prize. He did it after executing a custom-written Netscape Plugin Application Programming Interface (https://developer.mozilla.org/en/Plugins) directly on a Dell Inspiron laptop that ran a fully patched version of Chrome on a fully patched version of Microsoft's Windows 7 operating system. Google patched the severest of the vulnerabilities within 24 hours of them being exploited.

Read more (http://arstechnica.com/security/2012/05/anatomy-of-a-hack-6-separate-bugs-needed-to-bring-down-google-browser/) | Comments (http://arstechnica.com/security/2012/05/anatomy-of-a-hack-6-separate-bugs-needed-to-bring-down-google-browser/?comments=1#comments-bar)

http://feedads.g.doubleclick.net/~at/DiWNj5CGGiyuzDVBQaAO26JVOYg/0/di (http://feedads.g.doubleclick.net/~at/DiWNj5CGGiyuzDVBQaAO26JVOYg/0/da)
http://feedads.g.doubleclick.net/~at/DiWNj5CGGiyuzDVBQaAO26JVOYg/1/di (http://feedads.g.doubleclick.net/~at/DiWNj5CGGiyuzDVBQaAO26JVOYg/1/da)

http://feeds.feedburner.com/~ff/arstechnica/index?i=obzm8xMbgGk:Cp6kXu9MOnY:V_sGLiPBpWU (http://feeds.arstechnica.com/~ff/arstechnica/index?a=obzm8xMbgGk:Cp6kXu9MOnY:V_sGLiPBpWU) http://feeds.feedburner.com/~ff/arstechnica/index?i=obzm8xMbgGk:Cp6kXu9MOnY:F7zBnMyn0Lo (http://feeds.arstechnica.com/~ff/arstechnica/index?a=obzm8xMbgGk:Cp6kXu9MOnY:F7zBnMyn0Lo) http://feeds.feedburner.com/~ff/arstechnica/index?d=qj6IDK7rITs (http://feeds.arstechnica.com/~ff/arstechnica/index?a=obzm8xMbgGk:Cp6kXu9MOnY:qj6IDK7rITs) http://feeds.feedburner.com/~ff/arstechnica/index?d=yIl2AUoC8zA (http://feeds.arstechnica.com/~ff/arstechnica/index?a=obzm8xMbgGk:Cp6kXu9MOnY:yIl2AUoC8zA)
http://feeds.feedburner.com/~r/arstechnica/index/~4/obzm8xMbgGk

More... (http://feeds.arstechnica.com/~r/arstechnica/index/~3/obzm8xMbgGk/)