Posts tagged: Google Chrome

Jan 26 2014

Google Pwnium 4 Invites Hackers to Attack Chrome OS at CanSecWest

google pwnium 4 Google holds regular competitions to encourage involvement in improving the security of the Chromium project. Contests like Pwnium helps to better patch specific exploits and issues to make Chromium even more secure.

This year Pwnium 4 will once again set sights on Chrome OS, and will be hosted in March at the CanSecWest security conference in Vancouver.

With a total of $2.71828 Million USD in the pot, Pwnium rewards will be issued for eligible Chrome OS exploits at the following levels:

— $110,000 USD: browser or system-level compromise in guest mode or as a logged-in user, delivered via a web page.
— $150,000 USD: compromise with device persistence: guest to guest with interim reboot, delivered via a web page.

Past Pwnium competitions have focused on Intel-based Chrome OS devices, but this year researchers can choose between an ARM-based Chromebook, the HP Chromebook 11 (WiFi), or the Acer C720 Chromebook (2GB WiFi) that is based on the Intel Haswell microarchitecture. The attack must be demonstrated against one of these devices running the then-current stable version of Chrome OS.

Participants need to register in advance for a timeslot. To register, e-mail pwnium4@chromium.org. Registration will close at 5:00 p.m. PST Monday, March 10th, 2014. Only exploits demonstrated on time in this specifically-arranged window will be eligible for a reward.

More Info:
The Chromium Blog : Announcing Pwnium 4 Targeting Chrome OS
Pwnium4@CanSecWest2014 : Official Rules
Chromium OS : Developer Guide

Aug 24 2010

Google Chrome HTTP AUTH Dialog Spoofing through Realm Manipulation

Google Chrome ( 5.0.375.127 and previous versions) suffers from HTTP Auth Dialog spoofing vulnerability due to possible realm manipulation in the HTTP header.

This bug was actually patched. The issue mentioned in this bug was dialog spoofing due to long sub domain names. The patch worked only for that specific case which was outlined in that bug. There are number of tests have been conducted on Google Chrome which verifies the inefficiency of Google Chrome to scrutinize the type of realm value set in the header. It can be tampered with double quotes and single quotes used in a definite manner.

Source: Aditya K Sood’s Blog