Flash, Reader, Firefox and IE Fall on Pwn2Own Day 1

Discussion in 'other software & services' started by AutoCascade, Mar 19, 2015.

  1. 142395

    142395 Guest

    1) You can't use just 1 example to see how vendor is fast/slow to patch as it also depends how it is easy to patch. Both Google and Mozilla are basically quick, but in general Google tend to be bit more fast to patch.

    2) As wat0114 said, any scirpt blocking have same effect, and actually uMatrix gives more granular control and wider coverage. You don't need ABE as uMatrix include XHR blocking. Also note, while Fx can be hardend much via many configuration, Chrome also can be. Recently Chrome added some interesting settings in flags and switches.
     
  2. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    7,980
    Pwn2Own: Nothing is safe
    By: Avira in Technology / March 24, 2015
    http://blog.avira.com/pwn2own-nothing-is-safe/

    :isay:
     
  3. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,342
    Location:
    Italy
    Hi Yuki.
    The website below is opening a pop-up advertising encoded at line 126 of the source web page.
    I use to lock ABE.
    With Umatrix can block it?

    http://film-stream.org/

    (Condition for the test)

    Script film stream.org (on)

    Click with the mouse on the link to the right:

    >>> vedi tutti gli aggiornamenti >>>

    After opening the popup to a new test must close and reopen the browser.
    Good luck.


    Immagine.jpg
     
    Last edited by a moderator: Mar 24, 2015
  4. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    Forgive me for misunderstanding this step, but what should happen here? No pop-ups occur for me. Am I supposed to click on something else?
     
  5. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,342
    Location:
    Italy
    Hi wat0114.
    Go to the website and click with the mouse on the link that I highlighted.
    Try using some other browser.
     
  6. 142395

    142395 Guest

    Went, clicked some link, no popup on Chrome + uMatrix + some others like Kiss Privacy, or even just Chrome + uBlock with some filter.

    IE11 with script disabled + some TPL also didn't get any popup.

    If you don't have any counter measure, this site will show popup as you can see in line 126.
    It seems this site change what it shows to user in popup by recognizing UA, mobile user get malicious message that your Android is infected with scary its UA info. This site you linked and popup site are blacklisted in some AV and other source.

    Android Firefox with Noscript Anywhere: no popup.
    Android Chrome: malicious popup.
     
    Last edited by a moderator: Mar 25, 2015
  7. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    Okay thanks, Sampei. I clicked with Chromium + uMatrix + https everywhere and got same results as Yuki; no pop-up. I haven't tried another browser yet, as this is my Linux setup.
     
  8. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,342
    Location:
    Italy
    It is not possible..............or outside of Italy is different:

    Immagine.JPG
     
  9. 142395

    142395 Guest

    I rather think it is matter of filter. As I noted, those domains are blacklisted, and some ad filter blocks popup.
    Sorry, it turned out it is actually not uBlock which blocked popup, but other addon! After disabling all other addons, I got popup. Currently not sure what addon blocked this.
     
    Last edited by a moderator: Mar 25, 2015
  10. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,342
    Location:
    Italy
    My filters list:

    1.JPG

    2.JPG

    Your conclusion it is not possible.
     
  11. 142395

    142395 Guest

    After further test, I confirmed I get popup for this profile even with original addon set. Maybe I did sth wrong in initial test, or mistook sth.
    But at least for the profile uMatrix is installed and IE, it's sure there's no popup, I confirmed again just in case.
     
  12. 142395

    142395 Guest

  13. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,342
    Location:
    Italy
  14. 142395

    142395 Guest

    Thanks;), I actually know Tampermonkey. But this profile is not for me, but for my girl friend and I simplified and loosened its restriction as much as possible within acceptable security level. Some popups are useful, at least for her (and most of sites listed seems to be nearly no relevant to where she will visit due to language).
    But maybe we should stop here, as this thread is about Pwn2Own.
     
    Last edited by a moderator: Mar 25, 2015
  15. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,342
    Location:
    Italy
    OK.
    We can continue here.
     
  16. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,867
    Location:
    Outer space
    Huh, Firefox released fixes on March 20, but still no fixes for Chrome?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.