The site uses mysql version 4 so no information_schema. So I just did bruteforcing by coding small script in PHP to find the valid username/password combination but they are pretty guessable. I didn't think of defacing because it is an organization and defacing such organizations totally would be wrong thing but I posted a news in the site.
Below is the screenshot:
Absolutely no offense to indian embassy. But we hope you will be securing yourself after this pwnage.
Regards
good find, go on. Post more haxx0rings
ReplyDeleteWho is the main leader of this Group ? I make Worms (and Trojans) and I would like to join this Group.
ReplyDeletestill Suckers won't listening
ReplyDeleteindianembassy:147f9d55b079a76d6ec6f36b61f4cf1a