A mobile site from Pakistan has been hacked by two web
hackers, zer0Freak and VipVince, revealing almost 30,000+ personal phone
numbers and countless personal messages from almost 27,000 users.
The website had 7000 users active everyday constantly
sending SMS and socializing causing a 16000+ visits per day
The admin panel of the website recently had 3000 un-confirmed SMS and the administrator was to have had 10000+ contacts in his list.
The admin panel of the website recently had 3000 un-confirmed SMS and the administrator was to have had 10000+ contacts in his list.
VipVince and zer0Freak didn’t put too much effort into
hacking the site, in fact, it took them less than 10 min to bypass and extract
the databases
Website was http://www.smsfree.pk
Vulnerability Status:
- Type: Union Based WAF Bypassing SQL Injection
- Website: www.smsfree.pk
- Status: Unfixed
- Researcher: VipVince& zer0Freak
Screenshots:
Admin Panel:
Admin Panel:
Current Contacts of Administrator
Personal Messages and
Contact Numbers Exposed:
Shoutouts:
Team Intra, Zer0Lulz
Submitted by:
Zer0Freak (http://www.zerofreak.blogspot.com)
CodeName: z3r0fr34k
VipVince ( Team Intra)
CodeName: VipVince
Source:- z3r0fr34k
CodeName: z3r0fr34k
VipVince ( Team Intra)
CodeName: VipVince
Source:- z3r0fr34k
About Admin
0 comments:
Post a Comment