lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 10 Aug 2009 22:50:40 +0300
From: webDEViL <w3bd3vil@...il.com>
To: Sky <whitematrix@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Hindustan Times epaper Server Hacked

Maa Ki Kirkiri
Congrats to Sky for finding "architectural flaws" in a paper which costs Rs
2.50. Wow, thanks! you saved me $1.5 per month. I owe you one! ;) Btw, my
local area library will get me HT papers dated before 2004.

If you are against HT "looting" people, why the hell ask them to contact you
to correct the "flaws"? Hypocrite

"I would like to dedicate this hack towards Club Calvin @
http://www.clubcalv.in and all cute kids"
Very Pedo...hahaha



wD


On Sun, Aug 9, 2009 at 8:56 AM, Sky <whitematrix@...il.com> wrote:

> Hindustan Times epaper Server Hacked
> http://sky.net.in/hindustan-times-epaper-server-hacked/
>
> Hindustan Times (HT) is India’s leading newspaper, published since 1924
> with roots in the independence movement. In 2008, the newspaper reported
> that with a (circulation of over 1.14 million) ranking them as the third
> largest circulatory daily English Newspaper in India. The Mumbai edition was
> launched on 14 July 2005. HT has a readership of (6.6 million) ranking them
> as the second most widely read English Newspaper after Times of India.
> (Source: Wikipedia article on Hindustan Times) -
> http://en.wikipedia.org/wiki/Hindustan_Times
>
> HindustanTimes + Hindustan epaper Server Hacked
>
> http://lh4.ggpht.com/_gbWPSul_tCM/Sn5UNhLLVYI/AAAAAAAAASM/JY9bc67HV14/s800/hindustan_times_hacked.jpg
>
> Why was Hindustan Times (HT) epaper Server Hacked ?
>
> Many people think that Hindustan Times (HT) (English Edition) + Hindustan
> (Hindi Edition) is available on the internet free of cost, HT Media has made
> it compulsory to register on their website in order to read the daily online
> edition of their published newspapers, on completion of registration HT
> Media provides you instant access to read daily edition, the CATCH is – you
> can only read the daily edition + past seven days editions (from the current
> date) as a free user, whileas if you wanna read any edition beyond seven
> days, you will have to pay a huge (rip off) amount to HT Media (in the name
> of digital archive subscription)
>
>
> Registration Information Collected by HindustanTimes
>
> http://lh6.ggpht.com/_gbWPSul_tCM/Sn5WIrsZxcI/AAAAAAAAASs/Lc6NaQzxEfk/s800/HT_registration.jpg
>
> Free HindustanTimes Editions
>
> http://lh6.ggpht.com/_gbWPSul_tCM/Sn5UN35Yx5I/AAAAAAAAASU/6THfLaMu00M/s800/HT_free_editions.jpg
>
> Restricted Access to HindustanTimes epaper Archives
>
> http://lh4.ggpht.com/_gbWPSul_tCM/Sn5UN5umsJI/AAAAAAAAASY/5_SfNzOEm7w/s800/HT_newspaper_subscribe.jpg
>
> Archive Subscription Charges for HindustanTimes is a total Rip Off
>
> http://lh4.ggpht.com/_gbWPSul_tCM/Sn5ViIwx2aI/AAAAAAAAASo/6TMgKDuc6Vg/s800/HT_archive_charges.jpg
>
>
> As a hacker, i think its not fair (for anyone) to loot common people and
> sell (publicly gained) information in such a way, so i decided to peek
> inside the server and find some bugs / architectural flaws which would allow
> me to access past newspaper (Images / PDF) editions for free
>
> Within a couple of hours, i managed to find some bugs / architectural flaws
> (& vulnerabilities) which gave out free access to the past (Images / PDF)
> newspaper editions
>
> Calvin and Hobbes publishing error
>
> I used to search the newspaper (HT hard copy) every morning for technology
> related news (hoping any Indian journalist must have written some piece)
> that went on for like weeks and then i started reading Calvin and Hobbes
> (the comic strip) every day published in HT Cafe
>
> On 2nd / 4th / 9th June, Hindustan Times (HT) published the same Calvin and
> Hobbes strip, how should i react against this publishing error by Hindustan
> Times, as a fan of Calvin and Hobbes, i expect new comic strip every day
>
> Checkout the exact same Calvin and Hobbes strip published thrice on various
> days in the single month of June (2009)
>
>     2nd June
>
> http://epaper.hindustantimes.com/Web/HTMumbai/Article/2009/06/02/538/02_06_2009_538_013.jpg
>
>     9th June
>
> http://epaper.hindustantimes.com/Web/HTMumbai/Article/2009/06/09/538/09_06_2009_538_002.jpg
>
>     4th June
>
> http://epaper.hindustantimes.com/Web/HTMumbai/Article/2009/06/04/538/04_06_2009_538_006.jpg
>
> Informing the privileged authorities
>
> On 10th July 2009, i informed the editor and other top most authorities @
> HindustanTimes via email regarding the serious bugs / flaws (&
> vulnerabilities) on their ePaper Server which can be exploited to compromise
> data and cause financial losses for HT Media
>
> My email to HindustanTimes
>
> http://lh5.ggpht.com/_gbWPSul_tCM/Sn5WJt3UKGI/AAAAAAAAAS0/KOnhjTtBNnk/s800/my_email_hindustan_times.jpg
>
> Rashmi Chugh's reply to me
>
> http://lh4.ggpht.com/_gbWPSul_tCM/Sn5W9mSD0pI/AAAAAAAAATI/O5hazb5IIY4/s800/rashmi_livemint_reply.jpg
>
> Although i received a reply from Rashmi Chugh (Business Head and Publisher,
> LIVEMINT) within 3 minutes, i waited for 24 hours to receive other
> recipients reply (as i wanted to know what they thought about the issue) but
> sadly no one replied back except Rashmi Chugh, so i sent her a reply the
> other day
>
> My reply to Rashmi Chugh, LIVEMINT
>
> http://lh3.ggpht.com/_gbWPSul_tCM/Sn5WNEiwmRI/AAAAAAAAAS8/F4K3XhMWLyc/s800/my_reply_rashmi_chugh.jpg
>
> After sending my reply to to Rashmi Chugh, i haven’t received any responses
> (since 29 days) from any of the authorities / employees working for
> HindustanTimes
>
> I have been using these architectural flaws for sometime to gain access to
> past editions of newspapers / magazines / supplements published by HT Media,
> i believe information taken from the people (especially newspapers) should
> be free and accessible to everyone
>
> The bugs / architectural flaws (& vulnerabilities) found by me still exists
> and works actively when used on the server, this shows that they are not
> interested (or don’t care) anymore to fix it, which makes me post the full
> disclosure information on my blog for (free access to previous epaper
> editions)
>
> Follow the below steps to gain free access to past (online) editions
> without subscribing to the archives
>
>     * Proceed to the HindustanTimes – ePaper Registration URL @
> http://epaper.hindustantimes.com/registernew.aspx
>
>     * Fill in only the essential fields required (for registration) such as
> (any) email ID, name, password, address, city, state, zip
>
>     By default the country (field) option value (txtCntry) is set to
> Albania, whileas it should be India – at least show some patriotism towards
> our country
>
>     * After you complete the registration, you will be presented with
>
>     Registration Approval without Verification is a Vulnerability in
> HindustanTimes
>
> http://lh6.ggpht.com/_gbWPSul_tCM/Sn5UN8jQlYI/AAAAAAAAASc/boEUb_YSzkg/s800/HT_reg_success.jpg
>
>     Once the registration process is completed, the email ID (used during
> registration) will be activated instantly by Pressmart (the automated system
> used by HT Media) without any welcome / verification email to the inbox,
> which would allow anyone to use any email ID (during registration) without
> being detected by the real email ID owner, which in itself poses a security
> risk (making it a vulnerability)
>
>     The implementation / usage of verifying the email ID (used during the
> registration) with a random activation link to the inbox should resolve this
> issue (which HT Media currently doesn’t)
>
>     Its possible that such facilities might be already existing within
> Pressmart (the automated system used by HT Media) and the Webmaster didn’t
> feel like activating it to save time and increase more registrations on
> their epaper website in order to retrieve the users information (filled
> during the registration) for their internal marketing / research purposes or
> to increase their newspaper ranking
>
>     * Proceed to the Login Page @
> http://epaper.hindustantimes.com/Login.aspx
>
>     * Enter the email ID and password, select any edition from below and
> paste the URL into your address bar (to view the past editions in Image /
> PDF format for free)
>
>     In the URLs below, after the text (pg2=) first value is the date /
> second is the month / third is the year / fourth is the page number
>
> English Editions – Hindustan Times (PDF Format)
>
>     * Mumbai Edition
>
>
> http://epaper.hindustantimes.com/PDFHandler.ashx?p1=Web/HTMumbai&p2=12_06_2009_001.pdf
>
>     * Delhi Edition
>
>
> http://epaper.hindustantimes.com/PDFHandler.ashx?p1=Web&p2=21_05_2009_001.pdf
>
>     * Chandigarh Edition
>
>
> http://epaper.hindustantimes.com/PDFHandler.ashx?p1=Web/HTPunjab&p2=19_06_2009_001.pdf
>
> Hindi Editions – Hindustan (PDF Format)
>
>     * Delhi Edition
>
>
> http://epaper.hindustandainik.com/PDFHandler.ashx?p1=Web&p2=29_05_2009_001.pdf
>
>     * Kanpur Edition
>
>
> http://epaper.hindustandainik.com/PDFHandler.ashx?p1=Web/HTKanpur&p2=21_06_2009_001.pdf
>
>     * Patna Edition
>
>
> http://epaper.hindustandainik.com/PDFHandler.ashx?p1=Web/HTPatna&p2=26_05_2009_001.pdf
>
>     * Lucknow Edition
>
>
> http://epaper.hindustandainik.com/PDFHandler.ashx?p1=Web/HTLucknow&p2=24_05_2009_001.pdf
>
> Hindustan Times (HT) Brunch Magazine (English) (PDF Format)
>
>     * Mumbai Edition (Published Only On Sundays)
>
>
> http://epaper.hindustantimes.com/PDFHandler.ashx?p1=Web/HTMumbai&p2=31_05_2009_321.pdf
>
> Hindustan Times (HT) Cafe (English) (PDF Format)
>
>     * Mumbai Edition (Daily Supplement with HT Mumbai – English Edition)
>
>
> http://epaper.hindustantimes.com/PDFHandler.ashx?p1=Web/HTMumbai&p2=26_05_2009_531.pdf
>
> Accessing the past ePapers in Image Format
>
> If you would like to browse the past newspapers in image edition, then
> simply change the values according to your choice in the below URL and
> retrieve it from the server
>
> The variable format is
>
>     / Page / year / month / date / date_month_year_pageno.jpg
>
>     / Page / year / month / date / date_month_year_pageno_part.jpg
>
>     Hindustan Times – 31st December 2008 – Main Edition (English) – Mumbai
>
> http://epaper.hindustantimes.com/Web/HTMumbai/Page/2008/12/31/31_12_2008_001.jpg
>
>     HT Cafe (English) – 26th January 2009 – Hindustan Times – Mumbai
>
> http://epaper.hindustantimes.com/Web/HTMumbai/Page/2009/01/26/26_01_2009_531.jpg
>
>     HT Brunch – Magazine (English) – 31st May 2009 – Hindustan Times –
> Mumbai
>
> http://epaper.hindustantimes.com/Web/HTMumbai/Page/2009/05/31/31_05_2009_321.jpg
>
> The automated system
>
> Hackable Magazine Publishing Software
>
> http://lh6.ggpht.com/_gbWPSul_tCM/Sn5W9ujFvkI/AAAAAAAAATE/Xg54_u9W2vQ/s800/pressmart.jpg
>
> Hindustan Times epaper webportal is powered by Pressmart, which provides
> electronic publishing software (& digital publishing solutions) to various
> newspaper publishers across the world, if i had more time to work then i
> would have surely dug out more bugs / architectural flaws (&
> vulnerabilities) within Pressmart softwares but the fact is (i don’t find
> them interesting enough)
>
>     Pressmart is a digital publishing service for newspapers, magazines,
> journals, catalogs and practically any print publication. We help
> publications deliver their print content on the new media – covering the
> entire breadth of web, mobile, podcast, RSS, social networking sites and
> search engines, with integrated revenue and cost-saving capabilities.
>
>     Beyond delivery, Pressmart help publications monetize their digital
> edition through subscriptions and advertisements. Our service platform is
> eCommerce and advertising ready to generate revenue streams instantly. It
> includes all the components up to the monetization stage after the pre-press
> pages are prepared. All the publication has to do is supply their pre-press
> pages and Pressmart takes care of the rest.
>
>     Source: Pressmart Official Website -
> http://www.pressmart.com/eedition.html
>
> Internet explorer sucks
>
> HindustanTimes is coded for Internet Explorer Compatibility which Sucks
>
> http://lh5.ggpht.com/_gbWPSul_tCM/Sn5WJHT68wI/AAAAAAAAASw/pvOSLmr6UeQ/s800/internet_explorer_sucks.jpg
>
> Hindustan Times website + ePaper portal says
>
>     (Site best viewed in Microsoft Internet Explorer 5.5+ SP1 in 800×600 &
> 1024×768 resolution)
>     Click here to download the latest version of internet explorer
>
> I would advise Hindustan Times to download / use Firefox and some other
> open source tools / codings for their website + ePaper portal instead of
> stuffing it with junk / heavy / unwanted codings, try to keep it clean /
> clear / simple
>
> Internet Explorer Sucks
>
> http://lh3.ggpht.com/_gbWPSul_tCM/Sn5dF1sxLtI/AAAAAAAAATs/g93iLoFd-3I/s800/internet_explorer_sucks.jpg
>
> Dedications
>
> I would like to dedicate this hack towards Club Calvin @
> http://www.clubcalv.in and all cute kids
>
> I love you Firefox <3 / thank you (Firefox) for being my companion during
> my pen tests………
>
> I love Mozilla FireFox
>
> http://lh3.ggpht.com/_gbWPSul_tCM/Sn5X-A8gyWI/AAAAAAAAATQ/5kI9IeHLexA/s800/i_love_mozilla_firefox.jpg
>
> --
> Sky
> http://sky.net.in
> http://twitter.com/skycu
> =============================
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ