Black hats and White hats that is how hackers are differentiated from crackers in the internet community. The good vs. the bad. Setting up a website in Nepal is catching on these days it seems. But web developers/administrators are not putting extra effort by researching about the security part. I don't really blame it to them though. Ask a science bachelor student in his third year in Nepal's TU and you will get an idea about Research in Nepal. The biggest joke about "research" for him/her is that the only way of passing it as a subject is to completely get the whole book in his/her mind word by word sentence by sentence paragraph by paragraph. Oh what an irony!!!. What a mockery of the word "Research".
They seem to be turning blind eyes over growing the trend of hostile website takeovers around the world. And not holding their diapers properly as put by Bipin from nepsecure. This has many implications. For example companies like Nepal Telecom may lose in millions of rupees in revenue if their insecure server systems are somehow taken over by the bad guys. Several penetration tests done by various internet security people have already indicated that this is within the realm of possibility.
Well I seriously think that all the so called government service providers be it Drinking water corperation or Electricity authority or Telecom for that matter are dacoits looting the poor Nepali people And The Grand Leader of This Clan is undoubtedly Nepal Telecom. (डाँकुको सरदार). I am itching to write few words in Nepali here.
नेपाल टेलिकमले क्यान इन्फोटेक २००८ मा आजकल दुई कुरा बाँड्दै छ।
१) नेपाल टेलिकम लेखिएको डटपेन
२) र संबिधान सभाको निर्बाचनको मिति सरे जस्तै lunching date सरी रहने ADSL2+ internet को खोक्रो आश्वासन ।
३ दिन अघि सम्म फेब्रवरी मध्य सम्ममा त पक्का भन्दै गरेको टेलिकमले त्यसलाई बढाएर अप्रिल फूलको दिन पुर्याएको छ।
coming back to the point
Case studies Black Hats Vs. White ones in nepali context
1)http://www.nepalgov.gov.np/ (Nepal government's web site hacked (defaced))
see it here http://www.meroguff.com/2007/12/nepalese-government-site-hacked-by.html
2) http://www.nepalpost.gov.np/ Nepal post offices web site hacked (defaced)
see it here http://calima.serapis.net/blogs/index.php?/archives/143-Department-of-Postal-service-in-nepal-Defaced.html
What we have seen in recent months in the above mentioned site are the perfect example of work by Black hat hackers doing damage. Imagine what would happen to NTC if this happens to them. Well in the worst case scenario communication lines across all Nepal would come in Stand still. Or redirection of landline calls combined with the spoofing of caller id number can damage anybodies personal life. I don't think NTC engineers would even accept that serious holes in the system exist let alone fixing them. Oh and hiding your error message or the version or apache installation page is not equal to securing a server.
Now about some penetration testing done by some Afnai Bari ko(आफ्नै बारीको) White Hat Internet Security enthusiast com pen tester com Hacker.
Some dorks included
1) http://web.ird.gov.np/ (Gov of Nepal Inland Revenue Department security breached)
2) http://websms.ntc.net.np/websmss/login.jsp (Nepal Telecoms web sms service password brute forced)
3) http://ksl.edu.np/ (Kathmandu School Of Law Website sql injected )
4) http://www.cybersansar.com/ (One Of the most popular web entertainment portal of Nepal's xss vulnerability )
5) http://www.kec.edu.np/ (Kantipur engineering college sql injection )
.The main diffenence between this guy and Iranian Hackers is that he is doing it for good. Informing the site admins about these issues.Read this guy here
http://hamrosecurity.blogspot.com/
Thanks to Bipin from nepsecure for making me aware.
I have a small suggestion for this guy though
plz change this "यो बल्ग मा नेपाली websites हरूमा रहेको सेक्युरितिका बारेमा लाखिने छन्। " to this "यो ब्लगमा नेपाली websites हरुमा रहेका सेक्युरीटि issues का बारेमा लेखिने छ।
It takes a little bit of getting used with this Unicode thing I must admit। Just trying to help . Don't take it otherwise.
some update: looks like another site http://www.thikthak.com too is
vulnerable to XSS thing
click Here to see for yourself this will fire up an alert box.
This will load back2mangalman inside thikthak website
And finally This will redirect you to this blog.
Well i did not find it by myself this was from some baabal forum