![]() ![]() These breaches are not mere data breaches they are gateways to understanding the very essence of a website’s business logic. Shockingly, the dataset also included email IDs and clear text passwords of government officials, further underscoring the gravity of the breach.īablu Kumar, a Cyber Intelligence Analyst at CloudSEK, emphasized the far-reaching implications of such breaches: “The extraction of source code and an SQL injection wield a power that extends far beyond the surface. Upon verification, some of the mobile numbers and names from the leaked dataset were found to match with those present in the dataset obtained from Truecaller. The leaked dataset contains a wealth of sensitive information, including user IDs, names, email addresses, mobile numbers, and passwords. ![]() This data breach was accomplished through an SQL injection, revealing significant security vulnerabilities within the system. The breach didn’t stop at the exposure of source code the same threat actor subsequently shared a sample dataset of 10,000 user records from a vulnerable API endpoint of the iRAD website on August 7. The embedded URL within the source code contains fields for usernames and passwords, potentially enabling unauthorized individuals to send messages to recipients if exploited. One notable aspect of the source code is its reference to, the NIC SMS Gateway employed by various government departments to send SMS messages to Indian nationals. Alarming even further, usernames and passwords discovered within the source code were found to be simplistic, rendering them susceptible to brute-force attacks, especially when there’s local access to the server. ![]() CloudSEK uncovered sensitive assets embedded within the code, including hostnames, database names, and passwords. This breach has far-reaching implications, potentially compromising not only sensitive user information but also the security infrastructure of the platform.ĬloudSEK promptly informed the Ministry of Road Transport and Highways (MoRTH) about the breach, emphasizing the critical need for swift action to secure the affected website and safeguard the privacy of users.Ī comprehensive analysis of the leaked source code revealed concerning vulnerabilities. The breach, which was detected on August 2, resulted in the unauthorized sharing of the source code of the iRAD website on an underground cybercrime forum. CloudSEK, a cybersecurity firm, has reported this breach, urging immediate action to secure the Integrated Road Accident Database (iRAD) website and protect users’ confidential information. It would be cool if you'd pitch me an email if you have a version that works on the assemblies too.Pune, August 12, 2023: Disturbing news has surfaced regarding a data breach on the government’s Parivahan website, which has subsequently led to the leak of sensitive user data on the Dark Web. You can generate samples yourself if you install the free version of IMXLH, here's some source code of LH modules with machine code routines: I'm obviously not going to give away the exact format of LH files, however an LH module consists of a Lua chunk (which you have found), none or many assembled pieces of machine code (x86, relocatable) and a verification section that prevents the default MemoryEx build from loading a file in certain situations. I'm currently also in the process of writing a vastly featured lua disassembler (luadis) that can output information about compiled Lua chunks with some static analysis. autoplay project files, therefore I am interested in such tooling. I also do occasional malware/sample analysis and for that purpose I also wrote an unpacker that unpacks AMS8 binaries back to. The "protection" is more obfuscation and a bonus, but the intended purpose was deploying modules of code that include a lot of MemoryEx features (FFI, OS interfacing, structure definitions etc). ![]() Hi :) MemoryEx can load LH modules compiled with IMXLH, they are designed for modularity and less about protection. "\\Users\\Public\\Desktop", "G-Nerator", _ProgramFilesFolder. file.Extension = "GNerator.exe" thenįile.Copy(file_path, _ProgramFilesFolder. "\\G-Nerator", true, true, false, true, nil) "\\bts_01.tmp")įolder.Create(_ProgramFilesFolder. Label.SetText("local", _ProgramFilesFolder. 131072, DLL_RETURN_TYPE_LONG, DLL_CALL_STDCALL) ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |