I want to tell a story. I have a techie friend, let's call her Gwen. This incident was a few months ago. She has her IELTS exam scheduled for the day after tomorrow and she was unable to log in to the IDP Portal, she forgot her password. She tried to reset the password but she wasn't successful. The test center and IDP both were clueless.
They said they couldn't help and that she should've contacted them earlier. She came crying to me, not expecting me to solve her problem, just to rant as a friend but I wanted to give it a try.
The IDP reset password portal required a Passport Number, Date of Birth, and her full name. She received emails from IELTS mentioning her full name and I personally verified the passport number so I realised the issue was with her Date of Birth. That's clue number 1.
There's no way I would've tried breaking into the portal so I was coming up with ideas. Selenium based bruteforce with a rotating IP was my first thought but, I wanted to save that idea for the worst case. I asked to forward all mails she received from IELTS.
Nothing mentioned her Date of Birth. But I got lucky again. There was an appointment pdf that was password protected, and had the password in FIRSTNAME + DOB format. She wasn't able to open that either. Confirmation to clue 1. Bingo. Clue Number 2.
So I downloaded Jack The Ripper and generated a hash for the password protected pdf. Made a python script that generated all valid dates from 1900 to that day when she asked. Gave the output as a password list to JTR and let the tool crack the hash. Turns out that you could open the PDF with her DoB as 1/1/1950.
Logged into her account, changed her DoB back to her actual one, and asked her to try a password that I created. It worked. I told her I hacked into the IDP "mainframe" and changed the password.
She's kinda scared of me since then and I don't have the heart to tell her what I actually did. So yes, title.
[link] [comments]
from hacking: security in practice https://ift.tt/vamGqSr
Comments
Post a Comment