The post hereafter will explain in detail every step that took place during the exploitation phase and how we came to this solution. So before we dive into the details, now that the vulnerabilities have been fixed, below you can see a full run of the exploit (now fixed) in action. #Pwn2Own /qpw7yIEQLS- Zero Day Initiative April 7, 2021 They're off to the disclosure room for details. Wow - with just 10 seconds left of their 2nd attempt, Daan Keuper and Thijs Alkemade were able to demonstrate their code execution via Zoom messenger. So during this project we had a lot to learn about the Windows internals. While we had profound experience with exploiting memory corruption vulnerabilities on many platforms, both of us had zero experience with this on Windows. We hope that detailing our process helps others with similar research in the future. In this blog post, we wanted to not only explain the bugs and our exploit, but provide a log of our entire process. Now that related bugs have been fixed for all users (see ZDI-21-971 and ZSB-22003) we can safely detail the bugs we exploited and how we found them.
On April 7 2021, Thijs Alkemade and Daan Keuper demonstrated a zero-click remote code execution exploit in the Zoom video client during Pwn2Own 2021.
0 kommentar(er)
