Teenager hacks Google Chrome with three 0day vulnerabilities

[nsane.forums]

“Pinkie Pie,” who asked to remain anonymous because he had not been authorized by his employer to participate in the contest, said he chained three different vulnerabilities to build an exploit to escape the Chrome sandbox.

A teenage hacker who goes by the “Pinkie Pie” handle has hacked into Google Chrome using three distinct zero-day vulnerabilities to evade the browser’s protective sandbox.

The exploit was used as part of Google’s Pwnium hacker contest and likely earned the researcher the maximum $60,000 cash prize.

“Pinkie Pie,” who asked to remain anonymous because he had not been authorized by his employer to participate in the contest, said he chained three different vulnerabilities to build an exploit to escape the Chrome sandbox.

A Google spokesman on site said engineers are working to confirm the winning exploit. He said the company’s security response process would kick in immediately to push out a patch.

“We have a team standing by waiting for this. We have three different teams working on putting together the fix, building a patch and releasing it for our customers,” he said.

While “Pinkie Pie” was previously unknown to onlookers here, Googlers described him as a “known and respected security researcher.”

In an interview after successfully launching the drive-by download exploit, Pinkie Pie said he worked for about one-and-a-half weeks to find the vulnerabilities and write a reliable exploit.

The exploit worked on a fully patched Windows 7 machine (64-bit) and did not require any user action beyond normal web browsing.

Pinkie Pie has never submitted a vulnerability report to Google and created this multi-stage attack specially for the Pwnium contest.

He said he never considered selling the vulnerability to third-party brokers. ”I’ve never sold a vulnerability before.”

Strangely, which sandbox escapes are rare, Pinkie Pie said the easiest part of his attack was jumping out of the Chrome sandbox after the initial exploit.

“I got lucky because I found a way [to jump out of the sandbox] very early. I figured it out by looking at it carefully,” he added.

He declined to discuss specifics of the vulnerabilities or the exploit techniques, deferring comments to Google representatives.

View: Original Article

[Shadowx]

Teenagers these day are really fantastic. Hope i can meet him.

[Avitar]

HAHA that's what google gets for challenging someone to hack their browser.

Don't underestimate the kids yo! We the ones keeping the internet running :)