Search This Blog

Showing posts with label Indian Hacker. Show all posts

XSS in Photobucket fixed

Recently a 15 year old tech blogger and security researcher named Indrajeet bhuyan found and helped fix a XSS vulnerability in Photobucket.







He had previously found vulnerabilities in Samsung, Disqus, NDTV, Jabong, IIT Bombay and many others. 

Editor's Note: It is good to see that such young hackers are acting responsibly and reporting vulnerabilities instead of simply defacing the site or using the vulnerabilities for malicious motives.I hope that Mr.Indrajeet bhuyan continues this.

Pakistan goverment site again hacked via SQL Injection vulnerability


Indian hacker Godzilla has once again hacked a very important Pakistani site  www.pakistan.gov.pk .

He took down lots of Pakistani sites just a few days ago. http://www.ehackingnews.com/2013/03/indian-hacker-godzilla-leaked-pakistan.html

Then he told the reason behind the attacks that "Pakistan is a country which is currently supporting terrorist activities through ISI, and if they regret Pakistan army and Ministry of Defense mail server backups are enough to proof how closely the are related to terrorism. Pakistan stop these activities before its too late."

The attack seems to be done via SQL injection.





He finally noted that "No matter how hard you try we will get inside in no time." 

Speaking to EHN the hacker said "Admins and Governments takes website security lightly thinking that they are hosted outside  gets treated through your inside network. Thats enough to get inside your network"

Indian Hacker Godzilla leaked Pakistan Government website's Database details


We reported yesterday that the Pakistani Government websites suffers cyber attack from the Indian Hacker 'Godzilla' aka G.O.D , today he has completed the cyber attack against the Pakistan.

He has managed to compromise details from the databases of Pakistan government websites and leaked earlier today in a paste (pastebin.com/ZWdxE8CW)

The hacker found there are three admins is managing the whole stuff of important Pakistan Cyberspace and common database structure is used for all the websites. He also mentioned that all websites are vulnerable to SQL injection.

In the dump, the hacker leaked the database information such as username, password(plain-text format), database name, table name and other details.

After analyzing the dump, we found the same password is being used for all database and is very weak password.   

"I must say without you it would have been difficult for us to penetrate into the system and your common password "111111" was like a magical stick for us." Hacker criticized the admin for their poor password.

"Pakistan is a country which is currently supporting terrorist activities through ISI, and if they regret Pakistan army and Ministry of Defense mail server backups are enough to proof how closely the are related to terrorism. Pakistan stop these activities before its too late." Hacker noted.

Pakistani Government under cyber attack from hacker 'Godzilla'



It is third day since the Indian hacker "Godzilla" took control of the Proxy used by Pakistan Government websites, Pakistan temporarily lost access to their proxy network.

Today, the hacker claimed to have got access of the back up server and found the back up server is also saved in the same network. 

He also found that the pakistan.gov.pk is not running but just pretending that they are up.

"One thing is true Pakistan is good at pretending like nothing happened, let it be a cyber attack or a TERRORIST attack. " The hacker said.

We have also checked the Pakistan.gov.pk website by clicking the login button, it just redirects to an IP address(202.83.164.27/wps/portal) that was used by Pakistan government when they didn't have proxy system.

The IP address is down now because the govt have made it down long time when they shifted to proxy network.

Hacker also said he is extracting the data from the Database.  Once he finished the extracted the data, he will take down the rest of IPs .

*Update*:
Pakistan Datatbase dumped :
http://www.ehackingnews.com/2013/03/indian-hacker-godzilla-leaked-pakistan.html