Last week there was a big event for hackers from across the world, called Pwn2Own. Pwn2Own was held in Vancouver and teams of hackers and security professionals participated in order to show their hacking skills when it comes to internet browsers. One of the most amazing accomplishments at Pwn2Own came from 360Vulcan, the 360Safeguard team, who managed to tear down Internet Explorer 11 in just 17 seconds, through exploitation, and of course preparedness. Because Geek Reply is always interested in how these feats are accomplished and because we know that our readers want to get to know the people that are behind such accomplishments, we’ve brought you a surprise.
The 360Vulcan Team, lead by Mr. Wenbin Zheng, agreed to answer a few of our questions about the proud team and the Pwn2Own competition. Below, you’ll find the few questions I’ve asked the team and their responses, unedited. Although we would have liked to get more dirt on IE and the other browsers that the 360Vulcan Team works on, we did manage to find out that the young team from China is excellent at what they do: hacking. Congratulations to the team and we’re looking forward to their future accomplishments! Find out how they did it and what else they’re doing from the answers they gave below.
As for a little background, the 360Vulcan Team who took to Pwn2Own are from 360Safeguard, which is a security software kit that offers up mobile security, as well as desktop, browser and any other type of antivirus, antimalware and anti-threat software you can think of. Most everything they offer is free, so if you think having software designed by professionals who can hack IE 11 in 17 seconds is a good thing, you can go ahead and try out what they’re offering and let us know what you think about it.
Charlotte: What were your goals and aims when entering the Pwn2Own hacking competition?
Wenbin Zheng: By participating in Pwn2Own, we hope to do deep research on the browser security protection and vulnerabilities exploitation. We hope to hone our skills by taking part in this high difficulty challenge. And it is also an opportunity for reflecting technical capabilities of our team, and have chance to communicate with other International security teams.
Ch: How did you manage to hack Internet Explorer 11 so fast and what were the things that you exploited?
Wenbin Zheng: In the competition, we use the prepared exploit page, and took down IE browser in only 17 seconds. Though the time of exploiting target is short, but behind the success was a long-term process of accumulation and research. In order to take down IE 11 browser, we needed to exploit multiple 0day vulnerabilities, also we needed to defeat many security mitigations such as DEP, ALSR, Control Flow Guard, Isolated Heap, Protected Free and EPM. What’s more, as required in this contest, we had to use the 64-bit process (present in non-default configuration), and it was also an obstacle that forbidden to implement the attack by log off or restarting system.
Ch: What do you think about Microsoft’s Project Spartan replacing Internet Explorer in Windows 10?
Wenbin Zheng: Judging from current news, Microsoft may recommend users to use the Spartan browser. Because of its redesign, Spartan browser has significant improvements in its browser security. But IE browser will not be entirely replaced, since it is still the preferred choice for enterprise users. So the security of Internet Explorer is still critical. For ordinary users, it is a good thing, but it means a new challenge for researchers who work on vulnerabilities exploitation. However even the best security defense can be compromised by security professionals, Spartan is no exception.
Ch: How can you describe the 360Vulcan team and their relationship with 360Safeguard?
Wenbin Zheng: 360Vulcan Team is from 360 Safeguard team, usually works in different groups, major members from 360 Safeguard vulnerabilities research and defense team.
Ch: How have you been collaborating with Microsoft, Google and others over the years regarding browser security?
Wenbin Zheng: We have been working closely with Microsoft, Google and other vendors while working on their browsers or systems security, and provided lots of 0day vulnerabilities or patches before. In the past five years, we have received 68 official acknowledgements from Microsoft for reporting IE security vulnerabilities or Kernel vulnerabilities.
Ch: Why would you recommend 360Safeguard for internet users?
Wenbin Zheng: We bring our experiences, technologies and wisdom on security defense together to 360 Safeguard, we hope that more people can use our products, and better use our abilities to protect their network security.
Ch: What projects is 360Vulcan and 360Safeguard working on for the future that would interest our readers and internet users?
Wenbin Zheng: In the future, 360Vulcan Team will still focus on the security vulnerabilities exploitation and defense technologies of software and system, to seek new technologies and challenges. 360Safeguard Team will better use and combine our research achievements, to better applying into our security products.
Ch: How do you think hacking as a skill benefits security professionals and software developers?
Wenbin Zheng: Hacking as a skill benefits the software vendors and security companies to constantly improving and perfecting the defense technology. Only with a deeper understanding of attack techniques can make security professionals and software developers know how to avoid security problems, design better security products in depth.