
The Tianfu Cup 2019 International Cyber Security Competition has started, in two days white hat hackers will attempt to exploit flaws in major software.
The Tianfu Cup 2019 International Cyber Security Competition has started, white hat hackers will attempt to devise working
Each working exploit receives a cash prize and points that are assigned to the team that devised it, like the popular Pwn2Own hacking contest.
Chinese white hat hackers have a long story of success, they won several international hacking contests in the past, but in 2018 the Chinese government prohibited Chinese experts in participating this kind of competition abroad.
Since the decision of the Chinese Government, the TianfuCup was set up for the first time in the fall of 2018. Last year, white hat hackers earned more than $1 million for zero-day exploits disclosed at the Tianfu Cup PWN competition.
According to the
During the Day1 of the Tianfu Cup 2019 contest 13 hacking attempts out of a total of 32 were successful, 13 attempts failed and in 12 cases the researchers abandoned the attempts.
Below the list of successful attempts:
- Researchers from the ddd @ExpSky and 360vulcan @mj0011sec teams achieved remote code execution and sandbox escape on the version of Microsoft Edge based on the EdgeHTML engine. Each exploit was paid $55,000, the team
. (dot ) get $10,000 with RCE.
The Team 0x34567a61 (@Xbalien29, @leonwxqian) and Team ddd @ExpSky earned $20,000 for two Chrome exploits.
- Researcher @
codecolorist got a partially successful entry on Safari and earned $30,000.
- The teams HAC, team StackLeader (@yuzhou6666
, @ppdonow) and team NoTrace Security Lab @NoTrace24657171 successfully hacked DLink DIR-878.
- 360Vulcan @guhe120 controlled Office365 by downloading an RTF document via Edge. It partially bypassed the #ProtectionView to gain control. The researcher received a bonus of $40,000.
- The researchers from Bit-
STARLabs @PTDuy and StackLeader @0x140ce@Jdddong@ppdonow achieved RCE on Adobe PDF Reader.
- The researcher 360Vulcan @Xiaowei__ received the highest bounty in a single exploit in Day1, he devised an exploit on Ubuntu + #qemu- and achieved partial control of the host. He received a bonus of $80,000.
Let’s wait for new success attempts for Day2.
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(
[adrotate banner=”5″]
[adrotate banner=”13″]



