Did Google plan something ahead of the Pwn2Own so that they can find out what exactly theÂ VUPEN Â team was using to hack in to Chrome?
Okay, to understand the story completely, I need to remind you all about this post. Security research group at VUPEN posted a video of their exploit breaking Chrome’s sandbox.
When the news came out, Chrome team claimed that the flawed code came from Adobe, one of the plugins used by Chrome, but it comes pre-installed with the browser. To confirm this, Google needed access toÂ the exploit,Â pwnium helped.
On March 5, the protection wasÂ addedÂ toÂ Google Chrome 17.0.963.65. Â When the protection triggers, it generates a very unique signature â€” 0xABAD1DEA â€” which is hexidecimal that spells out â€œa bad idea.â€Â The protection was meant to make the browser resilient to certain attacks but in a bit of cat-and-mouse, it was left in there to see if anyone would find it and make a public comment.
The VUPEN team arrived at CanSecWest and during testing of its exploits for Pwn2Own, they stumbled into the exception. Â VUPEN exploit writer confirmed on Twitter:
So, that gave Google a confirmation that VUPEN is using Adobe’s flawed code to gain access to Chrome’s sandbox.
VUPEN co-founder Chaouki Bekrar, an outspoken exploit writer who insisted the team deliberately targeted Chrome to prove a point, wasÂ uncharacteristically coy when asked if the faulty Chrome code came from Adobe.
â€It was a use-after-free vulnerability in theÂ default installationÂ of Chrome,â€ he said. â€œOur exploit
Got the story?