On the second day at Pwn2Own 2011, Apple’s iPhone 4 and BlackBerry Torch 9800 were successfully compromised. Charlie Miller, who has hacked Safari for the past 3 years, has successfully exploited the iPhone 4.
Miller used an exploit to run arbitrary code on the iPhone after visiting a specific website on the hugely popular Apple device. The flaw has now been patched with the iOS 4.3 release, which was issued ahead of schedule this week.
It was the fourth year in a row Miller had won a contest at Pwn2Own.
BlackBerry Torch 9800 was hacked by a team consisting of Willem Pinckaers, Vincenzo Iozzo and Ralf-Philipp Weinmann. The trio successfully managed to crash the WebKit Browser.
“It was all trial and error. We didn’t have a debugger, so it crashes or it doesn’t crash or it takes a long time to respond. Those are the three options,” Pinckaers said.
The team set up a specially rigged web page that fired the exploit at the BlackBerry browser. They were able to successfully pull the contacts and images database from the Torch and even write a file to it for demonstrating full code execution. The team described that the process to exploit the BlackBerry browser was by trial and error and that it was bit easier since the new WebKit is based off Apple’s open source browser. Although, current BlackBerrys lack ASLR or DEP security features that have been implemented into the iPhone.
For each hack, the winners received $15,000. Pwn2Own is still up for one day. Stay tuned via Email or Twitter for more updates.