In April of this year, I compiled relevant reports on Pwn2Own 2021. In April, hackers won over 1.21 million US dollars in bonuses in three days. A few days ago, shortly after the end of the Tianfu Cup, I was still chatting with a friend about the PWN2OWN in November. The two-day Ocean Across the sea event is underway. Let’s take a look at their results on the third day.
For the general situation in April this year, please see the link below!
PWN2OWN 2021-The first day hackers invade Microsoft products and earn US$440,000
PWN2OWN 2021-the next day hackers received $490,000 in the bag
PWN2OWN 2021- Hackers won over 1.21 million USD in prizes in three days
According to its official report, there were 58 entries from 22 different contestants in this competition. As always, start the game with a random draw to determine the order of attempts. In addition, this event will extend the competition to four days, compared to three days in previous years. Thursday is the third day. Let’s take a look at the results of the world’s top hackers in Thursday’s top hacking event.
Thursday, November 4
1000 – Martin Rakhmanov (@mrakhmanov) for the Western Digital My Cloud Pro series PR4100 in the NAS category
Success-Martin used a unique chain of two errors, including a command injection to destroy the NAS device. He earned $40,000 and 4 points for himself, and obtained the Master of Pwn.
1030-Synacktiv (@Synacktiv) team aimed at the LAN interface of Cisco RV340 in the router category
Conflict-The three exploit chain used by the Synacktiv team contains some known vulnerabilities. They can still earn $7,500 and 1 master point.
1100 – Alexander Bolshev (@dark_k3y), Timo Hirvonen (@TimoHirvonen) and Dmitry Janushkevich (@InfoSecDJ) of F-Secure Labs (@fsecurelabs) target HP Color LaserJet Pro MFP M283fdw in the printer category
Success-The team at F-Secure Labs used a single stack-based buffer overflow to take over the printer and turn it into a jukebox. They earn $20,000 and 2 Master of Pwn points.
1200 – The goal of the STARLabs team is the 3TB My Cloud Home Personal Cloud beta version of WD in the NAS category
Success-Nguy?n Hoàng Th?ch (@hi_im_d4rkn3ss) and Billy Jheng Bing-Jhong (@st424204)’s STARLabs team combined OOB reading and heap-based buffer overflow to take advantage of WD’s 3TB My Cloud Home personal cloud test Version. They earn $45,000 and 5 master points.
1230 – Stephen Lesser (@stephenfewer) of Relyze Software Limited (www.relyze.com) for the LAN interface of Cisco RV340 in the router category
Conflict-The four exploit chain used by Stephen includes some known vulnerabilities. His successful presentation still earned him $10,000 and 1.5 Master of Pwn points.
1300-Sam Thomas (@_s_n_t) from Pentest Limited (@pentestltd) team aimed at Samsung Galaxy S21 in the mobile phone category
Success-Sam uses a three-error chain to execute code on Sumsung Galaxt S21. This successful demonstration earned him US$50,000 and 5 Pwn master points.
1400 – Synacktiv (@Synacktiv) team targeted WD’s 3TB My Cloud Home Personal Cloud in the NAS category
Conflict-The Synacktiv team used two vulnerability chains to disrupt the 3TB My Cloud Home personal cloud, but one of the vulnerabilities had been used before the competition. Their demo still earned them US$20,000 and 2 Pwn points.
1500-Chris Anastasio (@mufinnnnnnn) for Lexmark MC3224i in the printer category
Conflict-Chris used a four-vulnerability chain to compromise the Lexmark printer, but one of the vulnerabilities has already been used in the competition. His efforts still earned him $17,500 and 1.75 Master of Pwn points.
1600-STARLabs team for LAN interface of NETGEAR R6700v3 in the router category
Failure-Unfortunately, the STARLabs team was unable to make their vulnerability work within the allotted time.
1700 – Relyze Software Limited (www.relyze.com) Stephen Lesser (@stephenfewer) LAN interface for NETGEAR R6700v3 in the router category
Success-Stephen uses uninitialized variables to obtain a root shell through the LAN interface of the NETGEAR R6700v3 router. He earned $5,000 and 1 master point.
Due to time constraints and resource constraints, the following attempts will be conducted outside of the evening live broadcast. The results of these attempts will still be reported here and on Twitter.
— Synacktiv (@Synacktiv) team aimed at the WAN interface of NETGEAR R6700v3 in the router category
Success-The Synactiv team used incorrect certificate verification and stack-based buffer overflow to compromise the NETGEAR router through the WAN interface. They received 20,000 USD and 2 key Pwn points.
— Pedro Ribeiro (@pedrib1337) && Radek Domanski (@RabbitPro)’s flashback team aimed at the LAN interface of NETGEAR R6700v3 in the router category
Conflict-Pedro and Radek used 2 vulnerabilities to exploit the NETGEAR R6700 router through the LAN interface, but the path they chose to traverse was N days. This still earned them 3,750 USD and 0.75 Pwn Master points.
The Links: 2MBI300U2B-060 MG300M1FK1 IGBTMODULE