Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Safari exploit successfully demonstrated at Pwn2Own 2018

Source: Zero Day Initiative via Twitter

Trend Micro's Zero Day Initiative kicked off its annual Pwn2Own hacking competition on Wednesday with two attempts to exploit Apple's Safari web browser, one of which was successful.

Samuel Groß of phoenhex hacked Safari with a three bug chain containing a macOS elevation of privilege vulnerability, according to the convention's blog.

A press release provided additional detail, saying the exploit modified text on a MacBook Pro's touchbar. Groß received $65,000 for his efforts and six points toward the coveted Master of Pwn title.

A separate Safari exploit was attempted by Richard Zhu, who bypassed iPhone 7 security protocols using two Safari bugs at the Mobile Pwn2Own event in November. At Pwn2Own 2018, Zhu was unable to get his sandbox escape up and running within the allotted 30 minute time limit.

Zhu did, however, successfully target Microsoft Edge with a Windows kernel EoP, specifically two use after free (UAF) vulnerabilities and an integer overflow in the kernel.

Groß's phoenhex teammate Niklas Baumstark also saw partial success in a bug targeting Oracle VirtualBox.

Started in 2007, Pwn2Own is an annual hacking contest that encourages security researchers to find, share and demonstrate zero-day vulnerabilities impacting a range of modern software and hardware. Those successful get to keep the hacked device — hence "pwn to own" — receive a cash prize and, if they rack up enough points, a "masters" jacket, while vendors are given information about vulnerabilities and a chance to patch them.

This year, ZDI partnered with Microsoft and sponsor VMWare to offer $2 million in cash and prizes to hackers targeting virtualization, web browsers, enterprise applications, servers and a special Windows Insider Preview Challenge. Five contestants were selected at random take part in the two-day competition, which covers two of the target categories.

Day two of Pwn2Own commences on Thursday and will include two more attempts at Safari, including a macOS kernel EoP exploit and a sandbox escape.



17 Comments

chasm 3621 comments · 10 Years

These contests are very valuable in helping Apple (and the others) identify exploits and patch them. The Apple ones get all the press because, well, hacking other platforms is so easy and common I notice they don't even seem to have a category for Android hacks because you just call those ... wait for it ... "Android." (mic drop)

welshdog 1898 comments · 22 Years

More concerning is the organization's continued use of leetspeak in their name.  So childish.

payeco 581 comments · 17 Years

welshdog said:
More concerning is the organization's continued use of leetspeak in their name.  So childish.

If the name of a hacking contest is causing you concern you should probably seek therapy.