{"id":11950,"date":"2019-11-18T23:35:59","date_gmt":"2019-11-18T22:35:59","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=11950"},"modified":"2022-06-22T09:08:36","modified_gmt":"2022-06-22T07:08:36","slug":"chrome-edge-office-vmware-esxi-beim-tmc-2019-gehackt","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2019\/11\/18\/chrome-edge-office-vmware-esxi-beim-tmc-2019-gehackt\/","title":{"rendered":"Chrome, Edge, Office, VMware ESXi hacked at TMC 2019"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" height=\"47\" align=\"left\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2019\/11\/18\/chrome-edge-office-vmware-esxi-beim-tmc-2019-gehackt\/\" target=\"_blank\" rel=\"noopener noreferrer\">German<\/a>]The TMC 2019 took place in Chengdu, China, on the weekend of 16-17 November 2019. It is a hacker competition (<a href=\"https:\/\/web.archive.org\/web\/20220504002939\/http:\/\/www.tianfucup.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">TifanCup 2019<\/a>), where the best hacker teams of China compete against each other. Once again, there were a lot of hacks on current software such as browsers, office and virtualization solutions.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg01.met.vgwort.de\/na\/436a30da666745dc95c20d915e7a3e5f\" alt=\"\" width=\"1\" height=\"1\" \/>I became aware of the competition, which lasted several days, late on Sunday evening via <a href=\"https:\/\/twitter.com\/TianfuCup\/status\/1195955592453472256\" target=\"_blank\" rel=\"noopener noreferrer\">this tweet<\/a>.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">Some number reviews for the two-day <a href=\"https:\/\/twitter.com\/hashtag\/TFC?src=hash&amp;ref_src=twsrc%5Etfw\">#TFC<\/a> 2019 PWN contest:<br \/>\n17 teams delivered 28 on-site demonstrations with 20 successful and 8 failed<br \/>\n11 teams have gained bonus<br \/>\n8 targets been taken down<br \/>\nTotal bounty of $545,000 awarded!<\/p>\n<p>Thanks everyone for participating! <a href=\"https:\/\/t.co\/k9voEyNHlg\">pic.twitter.com\/k9voEyNHlg<\/a><\/p>\n<p>\u2014 TianfuCup (@TianfuCup) <a href=\"https:\/\/twitter.com\/TianfuCup\/status\/1195955592453472256?ref_src=twsrc%5Etfw\">November 17, 2019<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<h2>The TFC Competition<\/h2>\n<p>The \"<a href=\"https:\/\/web.archive.org\/web\/20220504002939\/http:\/\/www.tianfucup.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">Tianfu Cup<\/a>\", TFC (International Cracking Competition) aims to build China's own \"Pwn2Own\" community. The background: In spring 2018, the Chinese government banned its own security researchers from participating in hacker competitions organized abroad, such as Pwn2Own.<\/p>\n<p>A few months later, the TianfuCup was launched in response to the ban to give researchers the opportunity to improve their skills. The first TFC Cup took place in autumn 2018 with great success. The security researchers successfully hacked Edge, Chrome, Safari, iOS, Xiaomi, Vivo, VirtualBox and other products.<\/p>\n<p>At the TMC Cup, three independent and parallel competitions will be held. In order to be successful in the competition, teams must repeatedly exploit previously unknown security gaps in products, software and operating systems. The total prize money this year was 1 million US dollars.<\/p>\n<h2>Successful hacks, hacks, hacks<\/h2>\n<p>During the two-day competition there were successful hack to outbreak from virtual machines into the host operating system under VMware EXSi &#8211; whereby the hackers of 360Vulcan needed only 24 seconds for the hack.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">Verified to be a success! Congrats to 360Vulcan <a href=\"https:\/\/twitter.com\/xiaowei__?ref_src=twsrc%5Etfw\">@XiaoWei__<\/a> on wining $200,000 &#8211; the highest bonus of <a href=\"https:\/\/twitter.com\/hashtag\/TFC?src=hash&amp;ref_src=twsrc%5Etfw\">#TFC<\/a> 2019! <a href=\"https:\/\/t.co\/xYqlhMJj7W\">https:\/\/t.co\/xYqlhMJj7W<\/a><\/p>\n<p>\u2014 TianfuCup (@TianfuCup) <a href=\"https:\/\/twitter.com\/TianfuCup\/status\/1195910677241532416?ref_src=twsrc%5Etfw\">November 17, 2019<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>That earned the hacker $200,000 in bonus. But two teams had to break off the attempts to hack Ubuntu 19.10\/CentOS 8 and Windows Server 2019.<\/p>\n<p>There were two <a href=\"https:\/\/twitter.com\/TianfuCup\/status\/1195887668472602624\" target=\"_blank\" rel=\"noopener noreferrer\">successful attacks on PDF readers<\/a>. Of 20 demonstrations, 13 were very successful and could hack browsers such as Chrome, Edge and Safari. Among them the mentioned Adobe PDF-Reader.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">Brief review for <a href=\"https:\/\/twitter.com\/hashtag\/TFC?src=hash&amp;ref_src=twsrc%5Etfw\">#TFC<\/a> Day 1:<br \/>\n20 demonstrations, with 13 being successful, 5 teams gained bonus.<br \/>\n6 targets were taken down <a href=\"https:\/\/twitter.com\/hashtag\/Edge?src=hash&amp;ref_src=twsrc%5Etfw\">#Edge<\/a>, <a href=\"https:\/\/twitter.com\/hashtag\/Chrome?src=hash&amp;ref_src=twsrc%5Etfw\">#Chrome<\/a>, <a href=\"https:\/\/twitter.com\/hashtag\/Safari?src=hash&amp;ref_src=twsrc%5Etfw\">#Safari<\/a>, <a href=\"https:\/\/twitter.com\/hashtag\/Adobe?src=hash&amp;ref_src=twsrc%5Etfw\">#Adobe<\/a> PDF Reader, <a href=\"https:\/\/twitter.com\/hashtag\/Office365?src=hash&amp;ref_src=twsrc%5Etfw\">#Office365<\/a>, <a href=\"https:\/\/twitter.com\/hashtag\/DLink?src=hash&amp;ref_src=twsrc%5Etfw\">#DLink<\/a>, <a href=\"https:\/\/twitter.com\/hashtag\/Ubuntu?src=hash&amp;ref_src=twsrc%5Etfw\">#Ubuntu<\/a> + qemu-kvm<br \/>\nCome back tomorrow at 9am! <a href=\"https:\/\/t.co\/LVYjPxilpX\">pic.twitter.com\/LVYjPxilpX<\/a><\/p>\n<p>\u2014 TianfuCup (@TianfuCup) <a href=\"https:\/\/twitter.com\/TianfuCup\/status\/1195640358111076352?ref_src=twsrc%5Etfw\">November 16, 2019<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Microsoft Office and dLink products were also hacked. Catalin Cimpanu has summarized the whole thing in <a href=\"https:\/\/twitter.com\/campuscodi\/status\/1195860339809771523\" target=\"_blank\" rel=\"noopener noreferrer\">this tweet<\/a>. The winner is the team from 360Vulcan, who earned a lot of money with the VMware-hack (200.000 US $) and Qemu under Ubuntu (80.000 US $).<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">Chrome, Edge, Safari hacked at Tianfu Cup, China's elite hacking competition<\/p>\n<p>&#8211; (old) Edge hacked 3 times<br \/>\n&#8211; Chrome twice<br \/>\n&#8211; Safari once<br \/>\n&#8211; Office 365 hacked in 16 seconds<br \/>\n&#8211; 32 sessions announced: 13 successful, 7 failed, 12 abandoned<a href=\"https:\/\/t.co\/0aA8C06xxx\">https:\/\/t.co\/0aA8C06xxx<\/a> <a href=\"https:\/\/t.co\/ltD1SnH4tt\">pic.twitter.com\/ltD1SnH4tt<\/a><\/p>\n<p>\u2014 Catalin Cimpanu (@campuscodi) <a href=\"https:\/\/twitter.com\/campuscodi\/status\/1195860339809771523?ref_src=twsrc%5Etfw\">November 17, 2019<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Catalin Cimpanu has collected more details in <a href=\"https:\/\/www.zdnet.com\/article\/chrome-edge-safari-hacked-at-elite-chinese-hacking-contest\/\" target=\"_blank\" rel=\"noopener noreferrer\">this ZDNet article<\/a>, but nothing about the vulnerabilities was known.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]The TMC 2019 took place in Chengdu, China, on the weekend of 16-17 November 2019. It is a hacker competition (TifanCup 2019), where the best hacker teams of China compete against each other. Once again, there were a lot of &hellip; <a href=\"https:\/\/borncity.com\/win\/2019\/11\/18\/chrome-edge-office-vmware-esxi-beim-tmc-2019-gehackt\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[872,580,1547],"tags":[2186,69],"class_list":["post-11950","post","type-post","status-publish","format-standard","hentry","category-browser","category-security","category-software","tag-hacks","tag-security"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/11950","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=11950"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/11950\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=11950"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=11950"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=11950"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}