2016 Pwnie Award Nominees

Best Backdoor

AMX (Harmon Professional) Audio/Video Products

Juniper ScreenOS: 哈哈哈哈哈哈 (CVE-2015-7755 & CVE-2015-7756)

No Name Ransomware

PoC||GTFO 0x08: Deniable Backdoors via Compiler Bugs

Quanta LTE Routers: Shells All The Way Down

Best Branding

Badlock samba bug (CVE-2016-2118)

Mousejack wireless keystroke injection bug

MySQL crypto downgrade (CVE-2015-3152)

SSLv2 Cryto attack (CVE-2016-0800)

Best Client-Side Bug

MS15-078 OpenType Font Driver Vulnerability (CVE-2015-2426)

MS15-131 Microsoft Office RCE Vulnerability (BadWinmail) (CVE-2015-6172)

MS16-006 Silverlight BinaryReader Out-Of-Bounds Write RCE (CVE-2016-0034)

Stagefright via Web Browser (CVE-2015-1538)

glibc getaddrinfo stack-based buffer overflow (CVE-2015-7547)

Best Cryptographic Attack

BlueCoat’s Intermediate CA Certificate

Dancing on the Lip of the Volcano: Chosen Ciphertext Attacks on Apple iMessage

Got HW crypto? On the (in)security of a Self-Encrypting Drives series

Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS

OpenSSL Key Recovery Attack on DH small subgroups (CVE-2016-0701)

SSLv2 Crypto attack (CVE-2016-0800)

Best Junk or Stunt Hack

“60 Minutes” Hacking Your Phone with a Hacked Phone

Hacking a Linux-Powered Rifle

Remotely Killing a Jeep on the Highway

Security Analysis of Emerging Smart Home Applications

WhatsApp Message Hacked By John McAfee And Crew

Best Privilege Escalation Bug

AMD Piledriver Microcode VM Ring 3 to Host Ring 0

Apple Mac OS X WindowServer Use-After-Free (CVE-2016-1804)

Linux iovec overrun memory corruption (CVE-2015-1805)

SETFKEY FreeBSD Kernel Vulnerability (CVE-2016-1886)

Widevine QSEE TrustZone Privilege Escalation (CVE-2015-6639)

Best Server-Side Bug

Apache Commons Collections Java Object Deserialization RCE in WebLogic and Everything Else In the World (CVE-2015-4852)

Cisco ASA IKEv1/IKEv2 Fragmentation Heap Buffer Overflow (CVE-2016-1287)

ImageTragick (CVE-2016–3714)

Samsung Galaxy Edge Baseband Stack Overflow (CVE-2015-8546)

Stagefright via MMS (CVE-2015-1538)

glibc getaddrinfo stack-based buffer overflow (CVE-2015-7547)

Best Song

“Accepted the Risk”

“Cyberlier”

“Root Rights are a Grrl’s Best Friend”

“The Geek Song”

Epic 0wnage

RansomWare

Stealth Falcon

The DAO Heist

The Juniper Backdoor

Ubiquiti “Mother Fucker” worm

Weev PrinterGate

Epic Achievement

Department of Defence Bug Bounty

Mr. Robot

Never Giving Up and Never Letting Us Down (CVE-2000-A-BUNCH-OF-THEM)

Patching the Tesla Model S Without a Recall

Threatbutt Danger Zone Incident Retort 2016 (CVE-20*-*)

Lamest Vendor Response

“PatchDoor”

“WD MyPassword Drive”

MissingPoint

Lifetime Achievement Award

Alex Ionescu

Elias Levy

Felix ‘FX’ Lindner

James “Myrcurial” Arlen

Jayson Street

Marc Rogers aka CJunky

Mudge

The Grugq

Most Innovative Research

A2: Analog Malicious Hardware

Blinded random corruption attacks

Dedup Est Machina: Memory Deduplication as an Advanced Exploitation Vector

Exceptions in Exceptions – Abusing Special Cases in System Exception Handling to Achieve Unbelievable Vulnerability Exploitation

RAP

Most Over-Hyped Bug

Badlock (CVE-2016-0128)

Linux Keyring Reference Leak (CVE-2016-0728)

Stagefright (CVE-2015-1538)