After exploiting six different Chrome vulnerabilities, a hacker named Pinkie Pie was able to display this image on his target machine and get the $60000 bounty. (via Chromium Blog: A Tale of Two Pwnies (Part 1), at)
- “It’s interesting to see the bugs listed this way because when writing the exploit I only counted three bugs, not six,” he wrote. “117417, 117715, and 117736 are all hardening measures that enforce security boundaries that don’t strictly need to exist, which I guess is a good thing.”
- He went on to say he wasn’t sure if he could break out of Chrome’s sandbox a second time.
- “Finding vulnerabilities is very luck based, and a new exploit would likely use a totally different code path,” he explained. “But keep in mind that to be eligible for the $60,000, I had to use only bugs in Chrome itself, not the operating system, which is a fairly severe restriction compared to a real attack.”
- He also noted that the successful attack of Sergey Glazunov, the other Pwnium contestant to take home a $60,000 prize, “relied on roughly 10 distinct bugs,” according to the Google blog post. An upcoming post will contain the details, Google promised.
- The exploit underscores the hacking truism that it can take a single teenager days to break what hundreds of highly paid professionals have spent years to build. While Pinkie Pie’s journey was painstaking, he said at the time that it took him only about 10 days to plan and execute it. The episode also explains why Google to date has awarded more than $500,000 to hackers who privately report vulnerabilities in its software and services. Sometimes, the only way to erect an impenetrable castle is to occasionally watch it come crashing down.