Pwn2Own Austin 2021 - Schedule and Live Results
2021-11-02 10:53:01 Author: www.thezdi.com(查看原文) 阅读量:67 收藏

Welcome to Pwn2Own Austin 2021! This year’s consumer-focused event is our largest ever with 58 total entries from 22 different contestants. As with all of our contests now, you can follow along live on YouTube and Twitch. With attempts going every 30 minutes, is should be an exciting few days.

As always, we started the contest with a random drawing to determine the order of attempts. You can view the results here. Our schedule is so packed, we’ve extended to contest to a fourth day. The complete schedule for the contest is below (all times Eastern [GMT -4:00]). We will update this schedule with results as they become available.

Note: All times subject to change

Tuesday, November 2

1000 - Sam Thomas (@_s_n_t) from team Pentest Limited (@pentestltd) targeting the Western Digital My Cloud Pro Series PR4100 in the NAS category

1030 - Bien Pham (@bienpnn) from Team Orca of Sea Security (security.sea.com) targeting the WAN interface of the Cisco RV340 in the router category

1100 - The Synactkiv team targeting the Canon ImageCLASS MF644Cdw in the printer category

1130 - trichimtrich and nyancat0131 targeting the LAN interface of the TP-Link AC1750 Smart Wi-Fi in the router category

1200 - The THEORI Team targeting the Western Digital My Cloud Pro Series PR4100 in the NAS category

1230 - Bien Pham (@bienpnn) from Team Orca of Sea Security (security.sea.com) targeting the LAN interface of the Cisco RV340 in the router category

1300 - Ken Gannon of F-Secure Labs targeting the Samsung Galaxy S21 in the Mobile Phone category

1400 - Bugscale targeting the Western Digital My Cloud Pro Series PR4100 in the NAS category

1430 - Benjamin Grap, Hanno Heinrichs and Lukas Kupczyk of CrowdStrike Intelligence targeting the LAN interface of the Cisco RV340 in the router category

1500 - Orange Tsai (@orange_8361), Angelboy (@scwuaptx) and Meh Chang (@mehqq_) from the [DEVCORE] (http://devco.re/) Research Team targeting the Canon ImageCLASS MF644Cdw in the printer category

1530 - Bien Pham (@bienpnn) from Team Orca of Sea Security (security.sea.com) targeting the LAN interface of the TP-Link AC1750 Smart Wi-Fi Router in the router category

1630 - Orange Tsai (@orange_8361), Angelboy (@scwuaptx) and Meh Chang (@mehqq_) from the [DEVCORE] (http://devco.re/) Research Team targeting the Sonos One Speaker in the home automation category

1700 - Gaurav Baruah targeting the WAN interface of the Cisco RV340 in the router category

1730 - The THEORI Team targeting the 3TB My Cloud Home Personal Cloud from WD in the NAS category

1800 - Orange Tsai (@orange_8361), Angelboy (@scwuaptx) and Meh Chang (@mehqq_) from the [DEVCORE] (http://devco.re/) Research Team targeting the HP Color LaserJet Pro MFP M283fdw in the printer category

Due to time limitations and resource constraints, the following attempts will occur off the live stream during the evening. Results of these attempts will still be reported here and on Twitter.

— trichimtrich and nyancat0131 targeting the LAN interface of the NETGEAR R6700v3 in the router category

— Flashback Team of Pedro Ribeiro (@pedrib1337) && Radek Domanski (@RabbitPro) targeting the WAN interface of the NETGEAR R6700v3 in the router category

— Bugscale targeting the LAN interface of the NETGEAR R6700v3 in the router category

— Mofoffensive Research Team targeting the LAN interface of the NETGEAR R6700v3 in the router category

Wednesday, November 3

1000 - NCC Group EDG (Alex Plaskett, Cedric Halbronn, Aaron Adams) targeting the Western Digital My Cloud Pro Series PR4100 in the NAS category

1030 - Flashback Team of Pedro Ribeiro (@pedrib1337) && Radek Domanski (@RabbitPro) targeting the WAN interface of the Cisco RV340 in the router category

1100 - Nicolas Devillers (@nikaiw), Jean-Romain Garnier, and Raphael Rigo (@_trou_) targeting the Canon ImageCLASS MF644Cdw in the printer category

1130 - Mofoffensive Research Team targeting the LAN interface of the TP-Link AC1750 Smart Wi-Fi Router in the router category

1200 - The Synacktiv team targeting the Western Digital My Cloud Pro Series PR4100 in the NAS category

1230 - Q. Kaiser & T. Shiomitsu from IoT Inspector Research Lab targeting the LAN interface of the Cisco RV340 in the router category

1300 - The STARLabs Team targeting the Samsung Galaxy S21 in the mobile phone category

1400 - The Synacktiv team targeting the Sonos One Speaker in the home automation category

1430 - trichimtrich and nyancat0131 targeting the WAN interface of the Cisco RV340 in the router category

1500 - Orange Tsai (@orange_8361), Angelboy (@scwuaptx) and Meh Chang (@mehqq_) from the [DEVCORE] (http://devco.re/) Research Team targeting the Western Digital My Cloud Pro Series PR4100 in the NAS category

1530 - The STARLabs Team targeting the LAN interface of the TP-Link AC1750 Smart Wi-Fi Router in the router category

1600 - The Synacktiv team targeting the Lexmark MC3224i in the printer category

1700 - The STARLabs Team targeting the Western Digital My Cloud Pro Series PR4100 in the NAS category

1745 - The Synacktiv team targeting the HP Color LaserJet Pro MFP M283fdw in the printer category

Due to time limitations and resource constraints, the following attempts will occur off the live stream during the evening. Results of these attempts will still be reported here and on Twitter.

Q. Kaiser & T. Shiomitsu from IoT Inspector Research Lab targeting the Western Digital My Cloud Pro Series PR4100 in the NAS category

— The STARLabs Team targeting the 3TB My Cloud Home Personal Cloud from WD in the NAS category

— Diffence, Inc. targeting the Western Digital My Cloud Pro Series PR4100 in the NAS category

— Orange Tsai (@orange_8361), Angelboy (@scwuaptx) and Meh Chang (@mehqq_) from the [DEVCORE] (http://devco.re/) Research Team targeting the Lexmark MC3224i in the printer category

— NCC Group EDG (Alex Plaskett, Cedric Halbronn, Aaron Adams) targeting the Lexmark MC3224i in the printer category in the printer category

— Bien Pham (@bienpnn) from Team Orca of Sea Security (security.sea.com) targeting the WAN interface of the NETGEAR R6700v3 in the router category

— Bien Pham (@bienpnn) from Team Orca of Sea Security (security.sea.com) targeting the LAN interface of the NETGEAR R6700v3 in the router category

— Q. Kaiser & T. Shiomitsu from IoT Inspector Research Lab targeting the WAN interface of the NETGEAR R6700v3 in the router category

— Diffence, Inc. targeting the LAN interface of the NETGEAR R6700v3 in the router category

Thursday, November 4

1000 - Martin Rakhmanov targeting the Western Digital My Cloud Pro Series PR4100 in the NAS category

1030 - The Synacktiv team targeting the LAN interface of the Cisco RV340 in the router category

1100 - Alexander Bolshev (@dark_k3y), Timo Hirvonen (@TimoHirvonen), and Dmitry Janushkevich (@InfoSecDJ) of F-Secure Labs targeting the HP Color LaserJet Pro MFP M283fdw in the printer category

1200 - The STARLabs Team targeting the beta version of the 3TB My Cloud Home Personal Cloud from WD in the NAS category

1230 - Stephen Fewer of Relyze Software Limited targeting the LAN interface of the Cisco RV340 in the router category

1300 - Sam Thomas (@_s_n_t) from team Pentest Limited (@pentestltd) targeting the Samsung Galaxy S21 in the mobile phone category

1400 - The Synacktiv team targeting the 3TB My Cloud Home Personal Cloud from WD in the NAS category

1500 - Chris Anastasio (@mufinnnnnnn) targeting the Lexmark MC3224i in the printer category

1600 - The STARLabs Team targeting the LAN interface of the NETGEAR R6700v3 in the router category

1700 - Stephen Fewer of Relyze Software Limited targeting the LAN interface of the NETGEAR R6700v3 in the router category

Due to time limitations and resource constraints, the following attempts will occur off the live stream during the evening. Results of these attempts will still be reported here and on Twitter.

The Synactiv team targeting the WAN interface of the NETGEAR R6700v3 in the router category

— Flashback Team of Pedro Ribeiro (@pedrib1337) && Radek Domanski (@RabbitPro) targeting the LAN interface of the NETGEAR R6700v3 in the router category

Friday, November 5

1000 - Orange Tsai (@orange_8361), Angelboy (@scwuaptx) and Meh Chang (@mehqq_) from the [DEVCORE] (http://devco.re/) Research Team targeting the 3TB My Cloud Home Personal Cloud from WD in the NAS category

1030 - Diffence, Inc. targeting the LAN interface of the Cisco RV340 in the router category

1100 - Benjamin Grap, Hanno Heinrichs, and Lukas Kupczyk of CrowdStrike Intelligence targeting the Lexmark MC3224i in the printer category

1200 - The NullRiver team of Xin’an Zhou, Xiaochen Zou, Zhiyun Qian targeting the LAN interface of the NETGEAR R6700v3 in the router category

1230 - Final wrap-up and the crowning of the Master of Pwn

Thanks again to our partners Western Digital as well as our sponsor Synology. Thanks also to the researchers who participate and to the vendors for providing fixes for what’s discovered during the contest. As a reminder, vendors have 120 days to produce a fix for all vulnerabilities reported.


文章来源: https://www.thezdi.com/blog/2021/11/1/pwn2ownaustin
如有侵权请联系:admin#unsafe.sh