This morning, I stumbled upon this link via FirstPost. It got me thinking how vulnerable sites are and how we, as the users are at risk. A few months ago, I happened to find out a similar vulnerability in TNEB's online payment portal.
Disclaimer: I am not a hacker and I don't go around snooping HTTP requests. I don't spend my time trying to break firewalls. All I do is, I look around. I observe how people build sites. I make a mental note of what I would do if I were asked to build the same site. That is all I do. More than anything, I am bored and these are the things that keeps my boat afloat. ;-)
Anyways, here are my findings.
- Easy access to the script which validates user login. Right click + view source + look for login_validate.js. I don't see any reason for NOT minifying resources. Markups, I can understand. But .js and .css can be minified right?
- On submit, if you look at the form closely, you’ll find that the password is encrypted before its been sent over the wire.You'll see the increase in the no. of characters.
- Pretty naïve way to encrypt the password. Very old school.
- Even worse, sending the password as a plain text in the post request. Although, the HTTPS secures the communication to an extent, leaving the encryption logic open makes it kind of moot.
- This piece of code works for most of the passwords. And it took under 10 mins. A professional hacker might even crack this just by taking a look.
What do you think? I would love to hear from you guys?
Happy Coding :)