Essentially, I'd like to provide a model for comprehending the Internet as it stands, that prevents harm to it (how much could we have used EC2 if SSH was illegal) while providing the useful resources to promote its continued operation. Every successful submission provided remote code execution as the super user (SYSTEM/root) via the browser or a default browser plugin.In most cases, these privileges were attained by exploiting the Microsoft Windows or Apple OS X kernel.Examples of hacking various aspects of the system are presented, including how to bypass encrypted bootloaders to read sensitive information.Details on the firmware in multiple versions of the Philips Hue smart lamps and bridges are discussed.The same principles can be applied to attack web applications running JNDI lookups on names controlled by attackers.As we will demo during the talk, attackers will be able to use different techniques to run arbitrary code on the server performing JNDI lookups.The initial objective of the protocol was specific: it serves the authorization needs for websites.However, the protocol has been significantly repurposed and re-targeted over the years: (1) all major identity providers, e.g., Facebook, Google and Microsoft, have re-purposed OAuth for user authentication; (2) developers have re-targeted OAuth to the mobile platforms, in addition to the traditional web platform.
OAuth has become a highly influential protocol due to its swift and wide adoption in the industry.Kernel exploitation using the browser as an initial vector was a rare sight in previous contests.This presentation will detail the eight winning browser to super user exploitation chains (21 total vulnerabilities) demonstrated at this year's Pwn2Own contest.What we call the Internet, was not our first attempt at making a global data network that spanned the globe. It's increasingly likely that there will be attempts to *change* the principles of the net, and the reality is that widespread hacking is the exact sort of force that brought us this working-ish system in the first place.
In this talk, I'll lay out what I see as how the Internet actually works.
We then show several representative cases to concretely explain how real implementations fell into these pitfalls.