Winners of Pwnie Awards 2012
Pwnie for Best Client-Side Bug
Awarded to the person who discovered or exploited the most technically sophisticated and interesting client-side bug. These days, ‘client’ is pretty much synonymous with ‘web browser’, but don't forget about all the media player integer overflows!
Pinkie Pie's Pwnium Exploit
The Pwnie Award judges were the original bronies. In a blatant attempt at currying their favor, Pinkie Pie chose a handle near and dear to their hearts. How did he know that Pinkie Pie was our favorite? Just slightly less impressive than this feat of clairvoyance was Pinkie Pie's exploit chain of six bugs that got him full remote code execution in Chrome to win Google's Pwnium competition at CanSecWest.
Sergey Glazunov's Pwnium Exploit
Not to be outdone by Pinkie Pie, Sergey's Pwnium exploit took advantage of at least 14 bugs (The Chrome security team apparently lost count after that -- numbers are hard). In another show of one-upmanship, he chose a handle of an extremely obscure My Little Pony.
Pwnie for Best Server-Side Bug
Awarded to the person who discovered or exploited the most technically sophisticated and interesting server-side bug. This includes any software that is accessible remotely without using user interaction.
"Are we there yet?" MySQL Authentication Bypass (CVE-2012-2122)
On vulnerable versions of MySQL simply asking to authenticate repeatedly enough times is enough to bypass authentication: "Can I log in as root now?"
"How about now?"
For actual details, check out Pwnie Judge extraordinaire HD Moore's blog post.
Pwnie for Best Privilege Escalation Bug
Awarded to the person who discovered or exploited the most technically sophisticated and interesting privilege escalation vulnerability. As more defense-in-depth systems like Mandatory Access Control and Virtualization are deployed, privilege escalation vulnerabilities are becoming more important. These vulnerabilities can include local operating system privilege escalations, operating system sandbox escapes, and virtual machine guest breakout vulnerabilities.
MS11-098: Windows Kernel Exception Handler Vulnerability (CVE-2011-2018)
j00ru owned Windows. All of them. Ok, well just all of the 32-bit versions of Windows from NT through the Windows 8 Developer Preview. What have you done lately? And to top it off, he wrote a clear paper on it with some of the nicest boxy diagrams we have ever seen in a LaTeX paper.
Pwnie for Most Innovative Research
Awarded to the person who published the most interesting and innovative research in the form of a paper, presentation, tool or even a mailing list post.
Yo dawg, Travis heard you like packets, so he put packets in packets so that he could inject packets into your internal network from all the way across the Internet. Doesn't sound very neighborly to us, but it's still way cool.
Pwnie for Best Song
What kind of awards ceremony does not have an award for best song? There is strangely enough a long tradition of hacker-written songs and raps (parodies and originals). And in Pwnies past, we somehow coerced HD and Halvar to rap some of these. And rather then let it become anyone else's turn, we have a new rule. Nominations for 'Best Song' must actually have audio. For your listening pleasure, the nominees are:
Written for the Social Engineering Podcast, this song satisfies your corporate social engineering training requirement and you get CISSP points just by listening to it. Just tell your boss that we said so.
Pwnie for Most Epic FAIL
Sometimes giving 110% just makes your FAIL that much more epic. And what use would the Internet be if it wasn't there to document this FAIL for all time?
This award is to honor a person or company's spectacularly epic FAIL. And the nominees are:
Including a SSH authentication public key for root on all F5 devices is nice, putting the private key for it in the firmware where it can be found and then used against any other F5 device is even better. For FAIL, press F5.
Pwnie for Epic 0wnage
0wnage, measured in owws, can be delivered in mass quantities to a single organization or distributed across the wider Internet population. The Epic 0wnage award goes to the hackers responsible for delivering the most damaging, widely publicized, or hilarious 0wnage. This award can also be awarded to the researcher responsible for disclosing the vulnerability or exploit that resulted in delivering the most owws across the Internet.
"Flame" Windows Update MD5 Collision Attack
Any attack that requires a breakthrough in cryptography to pull off is pretty cool in our book. And being able to pwn any Windows machine through Windows Update is pretty mass 0wnage.