Search This Blog

Showing posts with label Indian Anonymous. Show all posts

Security flaw in India Post server revealed by researcher

French security researcher Robert Baptiste who goes by Elliot Anderson on Twitter has been revealing cybersecurity flaws in the Indian scene for a while now. This time, he has reported a vulnerability on the India Post server that allows remote code execution.

Baptiste has in fact reported this flaw in place of an Indian researcher who chose to remain anonymous because of legal implications in face of Indian law.

The subdomain of India Post — digitization.indiapost.gov.in — was vulnerable to an Apache vulnerability i.e. CVE 2017-5638. It meant that the attacker would be able to run code on India Post server, as shown below:




The flaws led to exposed bank details of employees as well as databases of sensitive information. He posted several screenshots of the files he was able to access by exploiting the flaw.


He also revealed that he was not the first person to exploit these flaws and posted screenshots that show activity from almost a year ago on 14th April, 2017.


The vulnerability has since been fixed, leading to Elliot Anderson tweeting out the details of this recent hack.



Once again, Kapil Sibal's official website hacked by Anonymous India

Indian Anonymous hacktivists

Once again, Indian Anonymous hacker group has breached the official website of India's Communication and Information Technology Minister Kapil Sibal(www.kapilsibalmp.com).

On August 2012, they break into the website and published a number of screenshots on the social media website Facebook to demonstrate that they gained access to the site’s backend.

Now, they have defaced the website and left the following message:

Kapil Sibal is the world’s biggest retard. Born with a below 60 IQ he thought he could mess with the Internet and let the elite of his party suppress freedom of speech. Although a retard, he somehow formed the rules in such a way, that everyone can censor everyone there by hiding behind everyone to be able to censor when really hurt him and his party. Confusing isnt?

The hack was announced via the Anonymous India twitter account @opindia_revenge. The hackers said they hacked the website because "He (Sibal) had used the words 'Victims of freedom of Expression'. He is hiding the fact that #66A is breaking the internet media."

Besides the hack of Minister website, they have also hacked into the official website of Government of Mizoram, India and defaced the site with a protest message.