Chinese students break 10 Google mobile phone! Earn 1 million 450 thousand popkart

Chinese students break 10 Google mobile phone! Made 1 million 450 thousand days ago, the world’s top hacking contest Mobile Pwn2Own 2016 in Tokyo ended in japan. Tencent Cohen laboratory won the title with 45 points and 215000 dollar prize, and won the title of "The Master of Pwn" (crack master). Two of the leading members of the champion team are from the school of computer science, Zhejiang University, where he is a graduate of Zhejiang University. He is currently at the Tencent Cohen laboratory. Liu Gengming is a senior student, aiming at the direction of information security. The title was announced, Zhejiang University cc98 forum presented a 10 page post, alumni of the two "hackers" Daniel endless worship. Pwn2Own is the world famous hacker contest, held by Trend Micro’s famous safety project Zero Day Initiative. The Mobile Pwn2Own in Tokyo focuses on the security issues of mobile operating systems, mobile browsers and mobile applications APP. The purpose of the competition is to hope that competitors will invade all kinds of mobile devices through some unknown vulnerabilities, and then report them to the corresponding equipment manufacturers so that they can repair and repair these vulnerabilities. These do good "hackers" also known as "white hat hacker". Because the focus of the game is the mobile terminal, so competitors aim at smart phones. They will take iPhone 6S, Google Nexus 6P and Galaxy S7 as hardware targets, complete the acquisition of sensitive information inside the phone, install malicious applications to the mobile phone, firmware and crack three attacks. The Tencent Cohen lab first took the Google Nexus 6P. They succeeded in installing malicious apps on Nexus 6P, which earned them 102500 dollars and 29 points. Later, the team installed malicious apps on iPhone 6S. But it doesn’t carry the most common trick of repairing a cell phone – reboot. So it was half a success, with a $60000 bonus, but no points. The last one, they attacked iPhone 6S again, leading to cell phone photos leaked. In this way, the Tencent Cohen laboratory eventually scored 45 points and 215000 dollars bonus, became the competition "The Master of Pwn"". In the game, there was a data that was talked about by outsiders. It took only ten seconds for teams to break Nexus 6P remotely. That sounds like an impossible task. But in fact, the attack code is already ready before the game, play is to operate. Someone likens it to the idea that you write PPT at home first, and then give a speech on the spot. Winning or losing depends on the quality of your PPT, not on how many seconds it takes to speak PPT. Tencent Cohen laboratory was founded in January 2016, and its members are mainly from the famous security research team Keen Team. A set of data on the official website of the lab explains him.

中国大学生10秒攻破谷歌手机!赚了145万日前,世界顶级黑客大赛Mobile Pwn2Own 2016在日本东京落幕。腾讯科恩实验室以45个积分和215000美元奖金摘得桂冠,获得了“The Master of Pwn”(破解大师)的称号。这支冠军队伍的主力队员中,有两位来自浙江大学计算机学院——何淇丹是浙大毕业生,目前供职于腾讯科恩实验室;刘耕铭是一名大四学生,主攻信息安全方向。夺冠消息公布后,浙大cc98论坛出现了一个长达10页的帖子,学弟学妹们对这两个“黑客”大牛膜拜不已。Pwn2Own是世界著名的黑客大赛,由Trend Micro旗下的著名安全项目Zero Day Initiative举办。此次在东京举办的Mobile Pwn2Own重点关注移动操作系统、手机浏览器和手机应用APP的安全性问题。比赛的目的,是希望参赛者通过某些此前未知的漏洞来侵入各种移动设备,然后将之汇报给相应的设备制造商,以便它们对这些漏洞进行修补和修复。这些做好事的“黑客”也被称为“白帽黑客”。由于比赛关注点是移动端,所以参赛者瞄准的目标是智能手机。他们将以iPhone 6S、Google Nexus 6P和Galaxy S7为硬件目标,完成获取手机内部敏感信息、给手机安装恶意应用程序、固件及破解三个攻击项目。腾讯科恩实验室第一个拿下的是Google Nexus 6P。他们成功在Nexus 6P安装了恶意应用软件,这为他们赢得102500美元奖金和29个积分。随后,团队又在iPhone 6S安装了恶意应用软件。但它没能扛得住大家修手机最常用的一招——重启。所以,这只算半个成功,有60000美元奖金,但没有积分。最后一项,他们再次攻击iPhone 6S,导致手机照片泄露。这样,腾讯科恩实验室最终以45个积分和215000美元奖金的成绩,成为本次比赛的“The Master of Pwn”。比赛中,有一个数据被外人津津乐道。团队在远程攻破Nexus 6P时,仅仅花了十秒钟的时间。这听起来简直是不可完成的任务。但其实,攻击代码是赛前早已经准备好的,上场就是操作一下。有人把它比喻成,你先在家写好PPT,然后到现场演讲。胜负取决于你PPT的质量,而不是花多少秒去演讲PPT。腾讯科恩实验室成立于2016年1月,其成员主要来自于大名鼎鼎的安全研究团队Keen Team。实验室官网上的一组数据能说明他们有多牛。据不完全统计,自成立到2016年5月,科恩一共发现主流操作系统、浏览器、应用软件高危漏洞152枚。成员连续4年参加Pwn2Own并获得8个单项冠军。正在浙大读大四的刘耕铭,当年以丽水市庆元县第一名考入杭州外国语学校,随后进入浙大。在浙大,他加入了一个重要的神秘组织——浙大AAA战队。AAA是Azure Assassin Alliance的缩写,中文意思是蓝色刺客联盟。何淇丹毕业前,也是AAA战队的成员。别看着名字挺中二,这个联盟可是聚集了整个浙大最厉害的“黑客”们。团员共有十几人,不全是计算机学院的学生,有些来自数学、生物、电子等专业,全是信息安全的爱好者。为了保证团员的质量,AAA战队专门设置了一定的准入门槛。他们在网站上放了题目,只有做对一道题,才能获取战队的联系方式,加入组织。昨天记者联系刘耕铭同学,他的手机依然未通,老师说他还在东京未回杭。浙大计算机学院白洪欢老师平时和刘耕铭交往密切,他说,刘耕铭可以算得上是AAA战队的灵魂人物。AAA战队经常南征北战,参加各种信息安全类的比赛。很多比赛要求选手在规定的几十个小时内完成指定任务,由于刘耕铭能力突出,承担了重要的任务,所以常常要熬夜打比赛。在白洪欢看来,刘耕铭的性格特别适合当一个黑客。他有个性,有耐心,对热爱的事情非常执着。所以还没毕业,他就已经被腾讯科恩实验室挑中,成为其中一员。师兄何淇丹的经历就更丰富了,除了跟随科恩团队参加国际顶尖赛事,他还于8月份受邀在顶级安全会议BlackHat USA和DEFCON上发表演讲。他把那次拉斯维加斯之行记录在《白帽赌城演讲记》一文里,称两场演讲“解锁了两项人生成就”。相关的主题文章: