Pwn2Own Tokyo Day 2 and Day 3

[steven36]

Pwn2Own Tokyo Day two: TP-Link router and Synology NAS hacked

 

 

On the second day of the Pwn2Own Tokyo 2020 hacking competition, bug bounty hunters hacked a TP-Link router and a Synology NAS.

 

The Pwn2Own Tokyo is actually coordinated by Zero Day Initiative from Toronto, Canada, and white hat hackers taking part in the competition have to demonstrate their ability to find and exploit vulnerabilities in a broad range of devices.

 

On day one of the competition, bug bounty hunters have successfully hacked a vulnerability a NETGEAR router and a Western Digital NAS devices.

 

On Day 2, the Flashback team successfully chained three bugs to get code execution through the WAN interface on the TP-Link AC1750 Smart WiFi router. The group of bug bounty hunters won another $20,000 and 2 more Master of Pwn points.

 

The Syacktiv team successfully hacked the TP-Link AC1750 Smart WiFi router targeting the LAN interface with an exploit triggering three unique bugs to get code execution. The team earned $5,000 and 1 point towards Master of Pwn for this exploit.

 

The DEVCORE team hacked a Synology DiskStation DS418Play NAS exploiting a heap overflow to get arbitrary code execution. The team earned him $20,000 and 2 points twowards Master of Pwn.

 

In Day 2 there were also the following partial success:

• Team Bugscale targeting the Western Digital My Cloud Pro Series PR4100
• 84c0 targeting the LAN interface on the NETGEAR Nighthawk R7800 router
• F-Secure Labs targeting the Samsung Q60T television
• Sam Thomas of Pentest Ltd targeting the Western Digital My Cloud Pro Series PR4100

 

 

 

Info on day one  found here

 

Source

[steven36]

Pwn2Own Tokyo Day 3: Team Flashback crowned Master of Pwn

 

 

On the third day of the Pwn2Own Tokyo 2020 bug bounty hunters hacked a Synology NAS and had multiple partial successes.

 

The Pwn2Own Tokyo is actually coordinated by Zero Day Initiative from Toronto, Canada, and white hat hackers taking part in the competition have to demonstrate their ability to find and exploit vulnerabilities in a broad range of devices.

 

Let’s start with the only success of day 3 obtained by the STARLabs team targeting the Synology DiskStation DS418Play NAS.

 

The team of experts exploited a race condition and an OOB Read to get a root shell on the NAS. They earned $20,000 and 2 points towards Master of Pwn.

 

 

Day three has seen multiple partial successes, below the details of the attempts:

• DEVCORE team targeting the Western Digital My Cloud Pro Series PR4100 – The team chained 6 bugs to gain code execution, but 2 flaws had previously been reported. They won $17,500 and 1.5 Master of Pwn points.
• Gaurav Baruah targeting the Western Digital My Cloud Pro Series PR4100 – The expert was able to successfully get a root shell on the device exploiting a flaw that had been previously submitted. He earned 1 point towards Master of Pwn.
• The Viettel Cyber Security team targeting the Sony X800 television – The team got a partial win because he was able to read sensitive files from a fully patched Sony X800 smart TV by using a bug that was publicly known. The team only earned 1 point towards Master of Pwn.

The only failure of the day was for an attampt of the Team Bugscale targeting the LAN interface on the NETGEAR Nighthawk R7800 router. The team failed in getting their exploit to work within the allotted timeframe.

 

The Master Pwn winner of Pwn2Own Tokyo is the Team Flashback, Congrats.

 

 

 

 

 

Source