Google’s Chromium blog – which offers “news and developments from the open source browser project” – tells a fascinating tale of how the Chrome browser was penetrated and pwned at CanSecWest 2012.
Breaking into a browser isn’t as easy as it was a few years ago.
Back then, many browsers ran as a single monolithic process which could be taken over by finding and exploiting a single vulnerability.
That’s unusual these days, so this is an hacking story of considerable derring-do.
For those of you not up to speed on modern hackerspeak, the verb to pwn is a needlessly deliberate misspelling of to own. Pwning a system means penetrating it with an exploit or hack to the point that you acquire sufficient privilege to do pretty much what you want. It’s pronounced pone, and rhymes with hone, drone, clone and, of course, own.
5 comments on “Anatomy of an exploit – six, in fact – as Google reveals details of Pwnium hack against Chrome”
According to the blog post, "Pinkie Pie" is a boy, probably a "brony" (male fan of My Little Pony: Friendship Is Magic of about middle-school age or older).
Yupp, he's a guy. I don't think he'd identify as a… "brony…" however.
The new Chrome Renderer sandbox is running at an Untrusted integrity level, which restricts the hacker even more. Still breakable, of course, but definitely harder to get out of.
Small error, pwn2own did not require them to hand over the sandbox escape on Chrome, not the vulnerability used in conjunction with the escape.
Do these exploits apply just to Chrome running on Windows, or to Chrome on either Windows or OS X?