Welcome to Day Three of our first ever Pwn2Own Ireland competition! We’ve already awarded $874,875, and we have 15 attempts left to go. Will we hit the $1,000,000 mark or will all remaining attempts end up in bug collisions? Stay tuned to find out. All times are Irish Standard Time (GMT +1:00).
SUCCESS – Ha The Long with Ha Anh Hoang of Viettel Cyber Security (@vcslab) used a single command injection bug to exploit the QNAP TS-464 NAS. Their fourth-round win nets them $10,000 and 4 Master of Pwn points.
View fullsize
.jpeg)
FAILURE – Unfortunately, Sina Kheirkhah (@SinSinology) and Enrique Castillo (@hyprdude) of Summoning Team (@SummoningTeam) could not get their exploit of the Ubiquiti AI Bullet working within the time allotted.
SUCCESS – Pumpkin Chang (@u1f383) and Orange Tsai (@orange_8361) from the DEVCORE Research Team combined a CRLF Injection, an Auth Bypass, and a SQL Injection to exploit the Synology BeeStation. They earn $20,000 and 4 Master of Pwn points.
.jpeg)
SUCCESS – PHP Hooligans / Midnight Blue (@midnightbluelab) used an OOB Write and a memory corruption bug to go from the QNAP QHora-322 to the Lexmark printer, which they demonstrated by printing their own “cash”. Their successful SOHO Smashup earns them $25,000 and 10 Master of Pwn points.
.jpeg)
SUCCESS – The Viettel Cyber Security (@vcslab) used a single type confusion bug to exploit the Lexmark CX331adwe printer. In the process, they earn $20,000 and 2 Master of Pwn points.
COLLISION – Our first collision of Day Three: the group from STEALIEN Inc. successfully popped the Lorex camera, but the bug they used had already been demonstrated in the contest. They still earn $3,750 and 1.5 Master of Pwn points.