Major Pakistani Mobile Site Hacked by zer0Freak &VipVince
A mobile site from Pakistan has been hacked by two web hackers, zer0Freak and VipVince, revealing almost 30,000+ personal phone numbers and countless personal messages from almost 27,000 users.
The website had 7000 users active everyday constantly sending SMS and socializing causing a 16000+ visits per day
The admin panel of the website recently had 3000 un-confirmed SMS and the administrator was to have had 10000+ contacts in his list.
VipVince and zer0Freak didn’t put too much effort into hacking the site, in fact, it took them less than 10 min to bypass and extract the databases
Website was http://www.smsfree.pk
Vulnerability Status:
Type: Union Based WAF Bypassing SQL Injection
Website: www.smsfree.pk
Status: Unfixed
Researcher: VipVince& zer0Freak
The website had 7000 users active everyday constantly sending SMS and socializing causing a 16000+ visits per day
The admin panel of the website recently had 3000 un-confirmed SMS and the administrator was to have had 10000+ contacts in his list.
VipVince and zer0Freak didn’t put too much effort into hacking the site, in fact, it took them less than 10 min to bypass and extract the databases
Website was http://www.smsfree.pk
Vulnerability Status:
Type: Union Based WAF Bypassing SQL Injection
Website: www.smsfree.pk
Status: Unfixed
Researcher: VipVince& zer0Freak
Screenshots:
Current Contacts of Administrator:
Personal Messages and Contact Numbers Exposed:
Shoutouts:
Team Intra, Zer0Lulz
Submitted by:
Zer0Freak
CodeName: z3r0fr34k
VipVince ( Team Intra)
CodeName: VipVince
Source: AV Blog
Team Intra, Zer0Lulz
Submitted by:
Zer0Freak
CodeName: z3r0fr34k
VipVince ( Team Intra)
CodeName: VipVince
Source: AV Blog