Hackers infect Pentagon admin by exploiting XSS vulnerability

Recently, EHN received a news report from Tunisian Cyber Army and Al Qaida Electronic Army in which the hackers claimed to have infected the Pentagon administrator, as part of their on going operation called "#opBlackSummer".

The attack was happened after hackers identified a reflected cross site scripting(XSS) vulnerability in one of the sub domain of Pentagon (g1arng.army.pentagon.mil).

POC:
g1arng.army.pentagon.mil/Programs/Pages/Default.aspx?Category="><script>alert("xss by tca and AQECA on pentagon")</script>

xss vulnerability

The hacker managed to exploit this vulnerability for sending malicious payload to the admin of Pentagon. Hackers claims that they got success in infecting them.

Hackers said they compromised  some important file and steal cookies from the pentagon mail. The security breach was done with collaboration with Chinese hackers.

At the time of writing, the vulnerability is not fixed. If the TCA claim is true, then this one will be the best example that demonstrate the severity of simple reflected xss. Yesterday, i have sent notification to Pentagon team about the vulnerability but there is no response from them.

In another mail, the team said the have hacked the state.gov with SQL injection vulnerability. 
Category: / / / / / /

Share this with Your friends: