---

Google之前舉辦了一場邀請各路駭客來破解他們的瀏覽器的比賽
http://www.ettoday.net/news/20120310/30726.htm


這場比賽還有個插曲
一個暱稱叫Pinkie Pie的駭客藉由三個漏洞自行破解了Chrome
不過因為他沒有經過雇主的同意參賽
所以他的本名沒被公布

不過對於一個能打破第四道牆的人物而言
打破個瀏覽器沙箱也不奇怪
是吧?

http://www.zdnet.com/blog/security/te...ree-0day-vulnerabilities/10649
http://zd.net/wHT3eY

============================================================================
翻得有點糟請見諒
Teenager hacks Google Chrome with three 0day vulnerabilities
少年駭客破解了Google Chrome的三個零時漏洞

A teenage hacker who goes by the “Pinkie Pie” handle has hacked into Google
Chrome using three distinct zero-day vulnerabilities to evade the browser’s
protective sandbox.

一個青少年駭客PinkiePie駭入了Google瀏覽器Chrome，透過三個零時漏洞跳過了瀏覽器
自保沙盒.

The exploit was used as part of Google’s Pwnium hacker contest and earned
the researcher the maximum $60,000 cash prize.

入侵程式被作為Google的Pwnium大賽的一部份，且研發者能獲得了60000刀的最高獎金

A Google spokesman on site confirmed the winning exploit.

一個Google發言人公開證實了這個壯舉

“We have a team standing by waiting for this.We have three different teams
 working on putting together the fix, building a patch and releasing it for
our customers,” he said.

"我們有個團隊正為此待命，我們有三個小組正在合力製作補丁並提供給我們的用戶"他說

While “Pinkie Pie” was previously unknown to onlookers here, Googlers
described him as a “known and respected security researcher.”

雖然 "Pinkie Pie"在此之前是默默無聞，Googler卻形容他是個"知名且可敬的安全研究員

In an interview after successfully launching the drive-by download exploit,
Pinkie Pie said he worked for about one-and-a-half weeks to find the
vulnerabilities and write a reliable exploit.

在成功啟動漏洞攻擊程式後的採訪中，PinkiePie說他花上一個半星期去找出漏洞,並寫出一
個可用的漏洞攻擊程式

The exploit worked on a fully patched Windows 7 machine (64-bit) and did not
require any user action beyond normal web browsing.

這個程式運作在一個有全面補丁的Windows7下,且沒有超出任何正常的網路瀏覽器的操作行
為

Pinkie Pie has never submitted a vulnerability report to Google and created
this multi-stage attack specially for the Pwnium contest.

Pinkie Pie之前從來沒有向Google提過漏洞提報或是專門為了參加這比賽而預先設計這項
多段攻擊程序

He said he never considered selling the vulnerability to third-party brokers.
”I've never sold a vulnerability before.”

他說他從未考慮透過第三者出售這項漏洞。"我從未賣出漏洞"

Strangely, which sandbox escapes are rare, Pinkie Pie said the easiest part
of his attack was jumping out of the Chrome sandbox after the initial exploit.

稀奇的是,這是一項很罕見的跳過沙箱行動，Pinkie Pie說最簡單的部分就是在第一次攻擊
後跳過沙箱

“I got lucky because I found a way [to jump out of the sandbox] very early.
I figured it out by looking at it carefully,” he added.

"我運氣不錯，我很早就發現了這個方法(指跳過沙箱),我想通這部分並仔細的觀查"他補充

He declined to discuss specifics of the vulnerabilities or the exploit
techniques, deferring comments to Google representatives.

他拒絕討論漏洞及攻擊手法的細節，延期到Google的代表提出意見



--
ψ πετροσ


--
--
※ 發信站: 批踢踢實業坊(ptt.cc)
◆ From: 111.242.7.139

※ 發信站: 批踢踢實業坊(ptt.cc)
※ 轉錄者: Pietro (111.242.7.139), 時間: 03/11/2012 01:11:27
※ 編輯: Pietro          來自: 111.242.7.139        (03/11 01:14)
※ 編輯: Pietro          來自: 111.242.0.186        (03/11 08:24)

--