Wow Charlie wasn't kidding when he said he had a bag full of hacks ready for this years Pwn2Own. The ZDI just confirmed that Miller (@0xcharlie) successfully hacked the MacBook Pro running OS X via Safari what looks like less than a minutes time. His payload returned a full command shell.
@thezdi Charlie Miller (@0xcharlie) popped the MacBook Pro via Safari. His payload returned a full command shell.
As we reported a few days ago Miller said he was ready to report on no less than 20 zero day exploits that he had discovered within OS X. It looks like he might have know at least a few that are affecting Safari as well ;)
"I can't talk about the details of the vulnerability, but it was a Mac, fully patched, with Safari, fully patched," said Miller on Wednesday, not long after he had won the prize. "It probably took five or 10 seconds." He confirmed that he had researched and written the exploit before he arrived at the challenge.
No comments:
Post a Comment
All comments will be moderate for content, please be patient as your comment will appear as soon as it has been reviewed.
Thank you
Geek-News.Net