In the Tianfu Cup Hacking Competition, white hat hackers gained the highest control rights of iPhone 13

introduce:

"Tianfu Cup" Internationalcyber securityThe competition strives to become the world's No. 1 cracking competition and openly solicits contestants and projects for all security practitioners. Competitors register for events based on target event settings, and the competition sets awards for champion, runner-up, and third runner-up. The competition has a total prize fund of US$1.5 million, including three major categories: PC, mobile and server, as well as virtualization software, operating system software, browser software, office software, mobile smart terminals, Web services and application software, and DNS services. Software, shared management service software and other eight categories.

Details:

From October 16th to 17th, the Tianfu Cup was held in Chengdu. During the game, white hathackerSuccessfully cracked the 0day remote code execution vulnerability (patched) of iOS 15 on iPhone 13, completed the world's first public remote jailbreak of iPhone 13, and obtained the highest control authority of the phone. By discovering and "cracking" this vulnerability, it created a breakthrough in the history of the competition. The winner of the highest single prize of US$300,000.

The entire competition included 16 possible targets, and contestants successfully attacked 13 of them.

Windows 10 – hacked 5 times
Adobe PDF Reader – 4 times
Ubuntu 20– 4 times
Parallels VM – 3 times
iOS 15– 3 times
Apple Safari – 2 times
Google Chrome – 2 times
ASUS AX56U Router – 2 times
Docker CE – 1 time
VMWare ESXi – 1 time
VMWare Workstation – 1 time
qemu VM – 1 time
Microsoft Exchange – 1 time

In addition, the contestants demonstrated for the first time a remote code execution vulnerability exploit chain targeting Google Chrome.

This year, white hat hackers are given three five-minute opportunities to demonstrate their discovery of vulnerabilities in popular software. A total of $1.88 million in awards was generated.

In the end, Kunlun Lab received a total of US$654,500 in prize money and became the champion. After the game, the CEO of Kunlun Labs, the former CTO of Qihoo 360 and the founder of the 360Vulcan team posted on Twitter to share his joy.